flash/stm32l4x: STM32L5 support programming when TZEN=1 and RDP=0x55

when RDP level is 0.5 the provided work-area should reside in non-secure RAM
to ensure that:
 - add a hint in the driver level
 - reduce the usage of secure RAM only when TZEN=1 and RDP is not 0.5
   (check the target configuration file)

Change-Id: Idbf2325e609b84ef8480eefdb49a176fdf7e07c7
Signed-off-by: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Reviewed-on: https://review.openocd.org/c/openocd/+/6035
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
Reviewed-by: Oleksij Rempel <linux@rempel-privat.de>
Tested-by: jenkins

src/flash/nor/stm32l4x.c

@@ -1434,6 +1434,13 @@ static int stm32l4_write(struct flash_bank *bank, const uint8_t *buffer,
 	if (retval != ERROR_OK)
 		goto err_lock;
 
+	/* For TrustZone enabled devices, when TZEN is set and RDP level is 0.5,
+	 * the debug is possible only in non-secure state.
+	 * Thus means the flashloader will run in non-secure mode,
+	 * and the workarea need to be in non-secure RAM */
+	if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0_5))
+		LOG_INFO("RDP level is 0.5, the work-area should reside in non-secure RAM");
+
 	retval = stm32l4_write_block(bank, buffer, offset, count / 8);
 
 err_lock:

tcl/target/stm32l5x.cfg

@@ -173,7 +173,11 @@ $_TARGETNAME configure -event gdb-flash-erase-start {
 	} {
 		ahb_ap_secure_access
 		echo "TZEN option bit enabled"
-		set use_secure_workarea 1
+
+		# check if FLASH_OPTR.RDP is not Level 0.5
+		if {[expr {$FLASH_OPTR & 0xFF}] != 0x55} {
+			set use_secure_workarea 1
+		}
 	}
 
 	set workarea_addr [$_TARGETNAME cget -work-area-phys]