Missing RSS support for STM32H7

Dimi · ‎2018-10-04

Problem: Missing support for use of the RSS through its PublicAPI on STM32H7

Information:

Reference Manual for STM32H743/753 and 750
- Chapter 4.5.2 Root secure services description
  - RSS_resetAndInitializeSecureAreas - missing
  - RSS_exitSecureArea - missing
  - RSS_resetAndDestroyPCROPArea - missing
Latest STM32H7 Cube package
- Search "RSS_reset*" (0 hits in 0 files)
- Search "RSS*" (0 hits in 0 files)

Goal: We are using STM32H753-EVAL dev kits and want to run our own SecureBootloader, but for this purpose we would need to be able to configure the RSS using the Public API defined in Chapter 4.5.2.

Does anyone has information on the following:

A. Why RSS functionality described in Chapter 4.5.2 is NOT part of the STM32H7 BSP?
B. Is there Demo code for the RSS functionality advertised for ST STM32H7-EVAL kit?
C. Where is the RSS low-level code, which provides the Public API from Chapter 4.5.2?

We would not want to wait for ST to release SBSFU package for H7, because Q4 is just starting, and EoY is far away. Therefore, we would like to have more information about the RSS and just use our internally developed secure bootloader.

I personally hope that either someone has already faced this void of information OR @STOne-32 sheds some light on how to make use of the RSS to run our secure bootloader.

It only looks complicated, in-fact it is rather simple, we just need to call the PublicAPI from Chapter 4.5.2 to get things rolling 🙂

Cheers,

Dimi

Khouloud GARSI · ‎2018-10-05

Hi @Dimi ,

Please contact your FAE or a local ST sales representative from the list indicated at the Link below:

http://www.st.com/content/st_com/en/contact-us.html

Khouloud.

Dimi · ‎2018-10-05

Hi @Khouloud GARSI ,

Thank you for your message, but I am a bit conflicted about what it means - I thought the purpose of the ST Community Forums is to allow the exchange of information and sharing of knowledge. If we take our question to our Sales representative or FAE, then what is the incentive to use this "ST Community" forums?

/Dimi

Dimi · ‎2018-10-05

Just to clarify - Question is about missing key parts from the #STM32H7 BSP.

Chapter 4.5.2 from STM32H7 reference manual clearly describes Public API, but the code to provide this API is completely missing from the H7 #BSP .

At least for Europe the workday is coming to a close, so I doubt we could even get in touch with anyone at this hour of the day. So, the void of information remains at least until next week.

Have a nice weekend,

Dimi

Khouloud GARSI · ‎2018-10-05

Dear @Dimi ,

You're 100% all right! The STM32 MCUs Forum is the voice of our STM32 users and is designed to allow the exchange of information and the sharing of knowledge.

However, some information could not be disclosed without NDA. So, please contact your FAE for further details about your support case.

Khouloud.

Dimi · ‎2018-10-11

Dear @Khouloud GARSI ,

1. What is the proper ST contact for Estonia?

I know only distributors in the area, haven't had the need to use FAE locally.

2. But I am confused, why would Public API code need NDA!?

Dimi

Khouloud GARSI · ‎2018-10-12

Hello @Dimi ,

You may share your request with your local distributor who has his own FAE.
Not all information are public, by contacting the FAE you will have all the details.

Khouloud.

Dimi · ‎2018-10-16

I have just filed official technical inquiry about this. I fear that if we do not receive clarity on this vital topic, we will be most definitely changing platforms.

Dimi · ‎2018-10-16

I am sorry @Khouloud GARSI , but how could a Public API not actually be Public?

If we can not implement Secure Bootloader, because the Public API is not really Public, then ... the Reference manual is misleading and considering the time and resources invested so far, it may be better for us to choose another vendor. I am really surprised by this development. Hopefully ST Tech support will get back to us.