ST’s secure service in STM32H750

BEvge.1 · ‎2021-07-12

We are working with STM32H750VBT6. Our project works with an external QSPI flash. We planned to put our bootloader in STM’s internal flash and our firmware in the QSPI flash. We need to protect the internal flash (bootloader) for reading from the external flash’s code.

There are some tools for protection in STM32H750:

RDP helps to protect from external reading and does not protect from the code, which executes from the external flash.
PCROP protects execution only data and requires an additional data section for data and constants which is not protected. We keep crypto keys and other data in the bootloader (the internal flash), which need to be protected from reading too.
Secure access mode. Secure access mode has all the opportunities, which we need.

There are some problems for understanding how secure access mode works:

Can we activate secure access mode in our bootloader directly (without use of STM32CubeProgrammer)?

HAL has functions for it, but we tried it and it does not work in our project. We use HAL and set parameters in FLASH_SCAR_PRG and FLASH_OPTSR_PRG, but these new parameters do not copy to FLASH_SCAR_CUR and FLASH_OPTSR_CUR.

When all operations in our bootloader are finished, it needs to jump to the firmware, which is located in QSPI flash. Can we use exitSecureArea for the jump to the QSPI flash?

Jocelyn RICARD · ‎2021-07-12

Hello,

for you information, the new version of X-CUBE-SBSFU that just came our last week includes an example for the STM32H750 discovery kit that probably directly fits your need.

In the SBSFU, the secure access mode, as well as all other protections can be activated by the code itself.

In this example the application is located in QSPI.

So, I advise you request this package from st.com and use it as base example for your developments.

Best regards

Jocelyn

View solution in original post

Jocelyn RICARD · ‎2021-07-12