SAM D21 Peripheral Access Controller (PAC) Overview
Module Overview
The SAM devices are fitted with a Peripheral Access Controller (PAC) that can be used to lock and unlock write access to a peripheral's registers. Locking a peripheral minimizes the risk of unintended configuration changes to a peripheral as a consequence of Run-away Code or the use of a Faulty Module Pointer.
Physically, the PAC restricts write access through the Advanced High-performance Bus (AHB) to registers used by the peripheral, making the register non-writable. PAC locking of modules should be implemented in configuration-critical applications where avoiding unintended peripheral configuration changes are to be regarded as the highest of priorities.
All interrupts must be disabled while a peripheral is unlocked to make sure the correct lock/unlock scheme is upheld.
Locking Scheme
The module has a built-in safety feature requiring that an already locked peripheral is not relocked and that already unlocked peripherals are not unlocked again. Attempting to unlock an already unlocked peripheral or attempting to lock a peripheral that is currently locked will generate a CPU exception. This implies that the implementer must keep strict control over the peripheral's lock state before modifying them. With this added safety, the probability of stopping runaway code increases as the program pointer can be caught inside the exception handler, and necessary countermeasures can be initiated. The implementer should also consider using sanity checks after an unlock has been performed to further increase security. A recommended implementation of the PAC can be seen in the figure.