 Firewall hands-on, propose we isolate a LED blinking function behind the firewall. Step 1, we will create a basic project with STM32 QBDO and integrate the firewall HL. Step 2, we will modify the linker script to define our security enclave location. So we will define a secure flash area and also a RAM data protected area. Step 3, we will configure the firewall. So we will define the different address where we want to protect the code segment, the non-volatile data segment and the volatile data segment. Then we will create a secure code uncalled SanctiCore gates. Let's switch to the STM32 QBDO. So let's start this hands-on. So we will use the Nucleo L7476RG. So the first step will be to create the project, MT1. We will add the firewall HL inside it because it's not configurable thanks to graphical interfaces. The next step will be to modify the linker script to create a different region and then to implement the code. So let's start. New project. I take the board selector and I select my Nucleo firewall and finished. We initialize all the peripherals with a default mode. For the moment, the firewall activation is not possible from these graphical interfaces. So I will need to add in the STM32 L4 HL driver as you can see here. You only have imported what is needed for this configuration. So I need to add the firewall to the include file and the source file. So for this, I will need just to go in my cube firmware L4. If I go in the drivers, the STM32 L4 HL driver include file. I've got the firewall header file here. I drag and drop in the project folder. So I propose to copy the file in the project. Perfect. Now I've got it. And the same thing for the sources. So here I go to take the sources. I take the HL firewall.c and I put it in the sources of my project. And I copy the file. Okay. So now the HL file are here. We need also to, I will say configured or to activate this module in the project. To do that, let's go to the HL Conf file. And to find it, you go through the main.h which open the STM32 L4 XX at the score HL. You open it and then you've got the STM32 L4 XX at the score HL on the score Conf.h. This one, you've got the activation of the different HL module. So here you will need to uncomment line 63, the define of the firewall module enable. Then you save it. And that once that's done, you can call the HL API of the firewall. So the second step now is to define the region where we will put our thingment in our linker script or linker file. So to have in this file, here we've got the memory definition and we had some secure flash. Execute origin would be 8 and 0 FC 0 04. I choose the 0 0 4 because I will start my protected segment at FC 0 0 0. And the code gate will be located at 0 0 4. So we can ease the declaration of the function. And let's take a length. So let's decrease the previous one to avoid to have an issue 0 0 8. Okay. For example, we can also configure a volatil data 1. So secure SRAM. So it will be located in the SRAM 1 for sure. So execute right. Depending on what we configured, it will be correct. Let's take the origin also somewhere in the SRAM 1. Take this, for example, with a short line 5 and 12, for example. So if we need some volatil data, we can put in this segment. Okay. So here we've defined the memory and the range of it. Now we need to add the section. Okay. So for the code, I can put it there. So my section. So I have to remind this name because it will be used in the code to declare where I want to put a function. It's open and closed. First, it's better to align. Okay. So then I will take whatever is in my section. Okay. And then I will just realign after just for properties. And my section will be my code protected and I will put it in the secure flash. Okay. So here I just say all this section will be located at the secure flash. And when I declare my first function, which will be declared in my section, it will be located exactly at this one. So if I protect FC000 in flash, then I've got my code gates that is ready. Okay. So that is for secure flash. And we can also protect the RAM or the SRAM. So here I can just, I would say that protected secured data. Okay. I can just do such kind of declaration here. It's a bit simpler to secure data. Secure data. Okay. I have to locate this in my SRAM that is protected in the secure SRAM. Let's try to compile this just to check that the syntax is correct in this file. Okay. So I've got a neural line 77. My section align. I think it could be sensitive to such kind of things. Yes. Okay. Compilation is okay. So now we've got the linker script. We have defined the different region and we can protect them. So now let's switch to the main. We will add the configuration of the firewall. So let's open the main.t. I prefer to close all those tab first. So classical main init system clock initialization of the peripheral. So I propose to put now the initialization of our firewall here. Define a block. Okay. So first I will need to have the firewall structure that is needed by our hash L. Okay. So firewall. And we've got the type def firewall type def init type def. So it's exactly what we need. And we've got firmware.init. We can have a look to the structure. So basically the code segment address, the code segment length, non-volatile data segment start address, non-volatile data segment length, volatile data segment start address. Then the volatile data execution and shared the additional attributes that we have seen in the theory before. So not so painful to configure, I would say. So let's start with scoring it. Good segment start address first. Okay. So you remember in our linker, we have selected this. It's to ease the location of the code gates. So what I propose is to start my code segments at this location. Okay. Then firmware init dot code segment size or length, sorry. So here we can take 2,000 for example. So non-volatile data segment address. So this one put this. Okay. Let's put it just after if we need so. So here where we can put the constant if we have some. Length. Let's say I don't know. Why not? I would say something should let's load that segment. Okay. No, that should not be this. Don't remember. Okay. So as V data, sorry about this V data, V data start address. So here we'll put the one we have defined here. Here we need this. Sorry. Firmware underscore init dot V data length address also. Okay. And do we need some additional attribute? No, I don't want to set it at the executable. So here I would say we've got main configuration of the firmware init. So we just need to call the function the asher primitive firewall. So we want to do the configuration of the firewall. Time the structures firmware init, but it will be a pointer on this one. And I think that's it. Let's compile this. So here we have written, written sorry the configuration of our firewall. We have not activated the firewall yet. Okay. So what I propose to do before activated the firewall is to define the code we want to protect. My unsecured code is executing just here in the wild. What I would like to do, I would like to call some protected code. So I will code protected function, which be avoid protected function. And this should be the code gate. Okay. So let's define this protected function. So it could be done in the user code here. So it would be avoid nothing other argument. Okay. So this function should be the code gate of our firewall. Okay. And remember it was a second world just after I will say the definition of this address. So it should be located in 80FC004. And it's exactly what I've defined as original address for my secure flash. So here we've got the syntax to put this in the good section. So we have to play with attribute. And then we say that it should be located in a section. And the name of this section is my section. Okay. I should not miss anyone. So this name should be exactly the same that is defined here. Okay. Doing this, we located the function at the address 0800FC004. Okay. So here we are, I will say in the code gate. So here we are in the code gate. And now whatever is executed, I would say is inside or the firewall is open now. So if you remember, one of the things we have to do is to disable the prearm. You remember the purpose of the prearm? If it's disabled, if you are jumping outside the protected segment, then a reset will be generated. So okay, we've got some HL function to do that. So take care. Here now we are behind the firewall. So we can only access the segment. So we need to prearm disabled. But as you can see, this is a macro. Why it's so important because there is an equivalent, which is HL firewall prearm disabled without the underscore underscore, which is not a micro and which calls some things that is inside the HL. So outside, I would say my protected section. So take care about this. Now we are behind the firewall and every function needed should be in my section. Okay. So I disable, then I would like to call some protected function, which is toggle LED, toggle LED function. So it will be executed securely. When I finish to execute this toggle LED secure, then I will re-enable the prearm and re-enable it. Okay. So now I will define my toggle LED function. But this toggle LED function should be also in this section. Okay. It should be part of the secure segment. Toggle LED. And also here, take care about something. I won't call the HL GPIO toggle pin. Why? In fact, the HL GPIO toggle pin code is not in this section. I could redefine to modify it or such kind of things, but I prefer to have a direct access to the register. That way I will always be in my code segment. Okay. So I go in the GPIO. I've got the toggle pin. If I copy this code, so in the HL GPIO toggle pin, I select this code and I will adapt it. So for us, the LED is in GPIO A5. Okay. So I just put it with the good name here. Let's output it, underscore five. Okay. And it was for the GPIO A. And GPIO A. So we've got the code protected here. This one is a code gate. We disable the prearm. Everything is in place. If I go in my main, I've got the POTATIC function. For the LED blinking, I prefer to have a HL delay. Do you remember something quite important for the firewall? We need to disable all the interrupts before entering in this protected data, in the protected section. Okay. I think we have well seen why before. So now we need to disable all the interrupts. The only way to do it is underscore, underscore, disable, and we can re-enable it just after. Okay. So I will say the code is functional. And we configure the firewall, but we have not yet activated it. So I propose just we text this to test if this is functional before activated the firewall. Okay. So I will debug this one. If I just load the code, my LED is blinking. Okay. So I will say it's functional. If I put a breakpoint here, I can check the PC in the register. FC00A, we are really in the protection segment, sorry. And the same thing for the toggle LED, which is also located in what is protected. So I can hold so here for test purpose, just try to call directly the toggle LED. And as the firewall is not enabled, it should work. Damn it. And reload it. If I check, it was okay. Oh, sorry. Cut. Shutting down. Connection was lost. We just unplug and plug my board. I load it this time. No issue. And we can test that it's functional. So now maybe it's time to activate the firewall. So we've got the hash shell function for that. Enable firewall. Quite simple. And first, let's go through the cool gate to ensure we don't have any issue. Ten minutes and reload. So I'm just launching it. What is the status? My LED is well blinking. So it works, I would say. I would say it's functional. Now let's try to call the toggle LED directly. That means we'll try to call a function that is protected by the firewall without opening the firewall thanks to cool gates. This time, we should make an issue. So if I just go in step by step, maybe it's interesting. The firewall is enabled. I try to disable interrupt. You do optimization. We directly go to the reset handler, in fact. So it's relating to the fact that the firewall fell. So if I just run it and show you the results, I can even reset. It will never toggle. So really here we've violated. We try to enter in the toggle LED, which is behind the firewall without opening the firewall. I just put again my code properly, and then we will see it works. Ten minutes and reload. Ten minutes and reload. We can run it and just check with the camera that the LED is blinking. So we finished this hands-on with a really basic one, and I'll show you how to configure the firewall and manage to, I would say, protect some code. So it's a dynamic protection, so you have to configure it in your code. I hope you like this hands-on.