Skip to main content
milkylainen
milkylainen
Associate III
October 17, 2022
Question

Close the device, fuse under op-tee?

  • October 17, 2022
  • 8 replies
  • 5402 views

I'm having trouble closing a device as per the recommended method.

STM32MP> fuse read 0 0                                                         

Reading bank 0:                                                                

Word 0x00000000: 00000017                                                      

STM32MP> fuse prog 0 0x0 0x40                                                  

Programming bank 0 word 0x00000000 to 0x00000040...                            

Warning: Programming fuses is an irreversible operation!                       

        This may brick your system.                                           

        Use this command only if you are sure of what you are doing!          

Really perform this fuse programming? <y/N>                                    

y                                                                              

stm32_smc: Failed to exec svc=82001003 op=2 in secure mode (err = -2)          

ERROR

This is TF-A 2.4-r1. Previously I was using sp_min and now I'm using op-tee, 3.12-r1.

Can't remember having issues with closing under sp_min?

This topic has been closed for replies.

8 replies

Olivier GALLIEN
Olivier GALLIEN
Technical Moderator
October 17, 2022

Hi @milkylainen​ ,

Where did you read it's the recommanded method?

Now it's recommended to use the command "stm32key close".

cf https://wiki.st.com/stm32mpu/wiki/How_to_use_U-Boot_stm32key_command#Closing_the_device

Hope it help

Olivier

Olivier GALLIEN In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
milkylainen
milkylainenAuthor
Associate III
October 18, 2022

I thought it was obvious that this was an early ecosystem 3.x version,

esp. since I stated TF-A 2.4-r1 and optee 3.12-r1. Apparently not. My bad.

So. Ecosystem 3.0. You don't have stm32key close in < 3.1.

https://wiki.st.com/stm32mpu-ecosystem-v3/wiki/How_to_update_OTP_with_U-Boot

https://wiki.st.com/stm32mpu-ecosystem-v3/wiki/STM32MP15_ROM_code_secure_boot#Closing_the_device

Not that any of this answers why I can't write the bit or what the error means.

I can't remember closing the device, or touching the close bit.

Can you close the device to a unclosed state?

Ie. Lock the bit to an unclosed state?

milkylainen
milkylainenAuthor
Associate III
October 19, 2022

So. Tried 3.1 with stm32key close.

Didn't do any difference. Same error.

Olivier GALLIEN
Olivier GALLIEN
Technical Moderator
October 20, 2022

Hi @milkylainen​ ,

Sorry, I anwered too fast. My bad.

I guess I found the problem

By default op-tee disable the access to fuse.

You have to enable it by compiling with CFG_STM32_BSEC_WRITE=1

see :

How to configure OP-TEE - stm32mpu-ecosystem-v3

Hope it help

Olivier

Olivier GALLIEN In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
milkylainen
milkylainenAuthor
Associate III
October 24, 2022

Oh.

That would explain a lot.

But I can't find any documentation about it.

Seems pretty critical...

If your intention was that OTP programming is disabled,

that would mean two different op-tee variants.

One for factory and one for runtime?

Olivier GALLIEN
Olivier GALLIEN
Technical Moderator
October 24, 2022

Hi @milkylainen​ ,

Our intention to not enable it by default is to prevent unwanted operation by a non-advertised user.

I agree that a specific warning need to be added in Wiki to better communicate on it.

Else, I don't see any restriction or security issue to keep the factory version which allow key provisioning and closure of the device inside the final product .. since all is then lock by HW.

Do you see one ?

Olivier

Olivier GALLIEN In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
milkylainen
milkylainenAuthor
Associate III
October 25, 2022

Hi @Community member​,

No I don't really see an issue. It's just surprising.

I came from sp_min without such restrictions.

I didn't look at the code because I was pretty sure I was doing something wrong.

And available documentation did not imply any restrictions in writing.

Now that I have them, they imply that I _must_ use a factory production image to write OTPs.

But it isn't a big problem really.

Lack of documentation was, however. :)

We can close this now.

Thanks!

Olivier GALLIEN
Olivier GALLIEN
Technical Moderator
October 25, 2022

Hi @milkylainen​ ,

Thanks for feedback and sorry for the inconvenience for you of this ST's choice.

I will escalate your comment and for sure we will enhance the communication on this.

Olivier

Olivier GALLIEN In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
Terms & ConditionsAccessibility statement