cancel
Showing results for 
Search instead for 
Did you mean: 

How can i enable secure boot in STM32MP157C?

KS.2
Associate III
 
1 ACCEPTED SOLUTION

Accepted Solutions
Olivier GALLIEN
ST Employee

Hi @KS.2​ 

Thanks for you participation in this community !

If one comment answer your question, please close this topic by choosing Select as Best. This will help other users to find that answer faster.

Thx

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

View solution in original post

9 REPLIES 9
Olivier GALLIEN
ST Employee

Hi @KS.2​ ,

Please have a look to https://wiki.st.com/stm32mpu/wiki/STM32MP15_secure_boot .

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

is there a way to switch between the secure and non secure boot modes??

Hi @KS.2​ ,

yes, you can bypass signature check by setting b0=1 in Option flags of header.

See https://wiki.st.com/stm32mpu/wiki/STM32MP15_secure_boot#STM32_Header

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
KS.2
Associate III

Thank You Oliver

Can I switch between secure and non secure boot while device is in operation??

Device boot once... either secure or non secure.

What do you mean by operation here ?

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
KS.2
Associate III

I have designed an SBC and it will be acting as a host for a LoRaWAN gateway.The SBC hence has to simulate the diverse field implementations of an embedded host,so what i meant was can I simulate both secure and non secure boot modes or if i choose either will that become permanent??

KS.2
Associate III

Hi Oliver

I am using STM32Cube IDE so where can i find the header ??

Hi @KS.2​ ,

First I'm not sure to get your need.

"Secure" the boot chain is just a matter to ensure its integrity. There's no functional difference.

So once your software tested non-secure you can then "secure" it without any further need of validation.

The stm32 header is generated by STM32 Signing tool and you can manage Option flag with --option-flags -of

Is this not clear in https://wiki.st.com/stm32mpu/wiki/STM32MP15_secure_boot ?

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
Olivier GALLIEN
ST Employee

Hi @KS.2​ 

Thanks for you participation in this community !

If one comment answer your question, please close this topic by choosing Select as Best. This will help other users to find that answer faster.

Thx

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.