I am using TFM-SBSFU example provided in STM32L5.
Secure Area 1 which is already configured as below.
When I am trying to read 0x8012000 from non-secure application, I am getting secure fault.
I want to add one Partition 0x807d000 of 4KB into secure after the non-secure partition.
I am able to add it by modifying the option byte by following the bootloader code
start = 0x3D000/PAGE_SIZE; //0;
end = (0x3D000+ PUBLIC_KEY_SECTOR_SIZE -1) / PAGE_SIZE;//(S_IMAGE_PRIMARY_PARTITION_OFFSET + FLASH_S_PARTITION_SIZE - 1) / PAGE_SIZE;
printf("\r\n Start = %02x, End = %02x",start,end);
if(end < PAGE_MAX_NUMBER_IN_BANK)
{
if ((start != flash_option_bytes_bank2.WMSecStartPage)
|| (end != flash_option_bytes_bank2.WMSecEndPage))
{
BOOT_LOG_INF("BANK 2 secure flash [%d, %d] : OB [%d, %d]", start, end, flash_option_bytes_bank2.WMSecStartPage,
flash_option_bytes_bank2.WMSecEndPage);
#ifndef TFM_ENABLE_SET_OB
BOOT_LOG_ERR("Unexpected value for secure flash protection");
Error_Handler();
#else
BOOT_LOG_ERR("Unexpected value for secure flash protection : set wmsec2");
flash_option_bytes_bank2.WMSecStartPage = start;
flash_option_bytes_bank2.WMSecEndPage = end;
flash_option_bytes_bank2.OptionType = OPTIONBYTE_WMSEC;
flash_option_bytes_bank2.WMSecConfig |= OB_WMSEC_AREA2 | OB_WMSEC_SECURE_AREA_CONFIG ;
#endif /* TFM_ENABLE_SET_OB */
}
}
When I try to read that partition from the nonsecure application, It reads 0x00 but does not create a secure fault. Is it expected behavior? is there any other configuration required besides it?
@Frantz LEFRERE , Can you please help me with it?
