FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can I Create Logging Functionality Within the Secure App

cgj004
Associate II

‎2025-11-14 11:36 AM

STM32 H573 TrustZone Enabled question.

 
I'm executing the STM32 H573 example for TrustZone Enabled (OEMiROT, Secure, and Non Secure Apps).  I know the OEMiROT and Non Secure App prints out and logs info, but I want to be able to do that in the Secure App for logging purposes - errors and debugging.  I tried to use Gemini to create code that does that, but there appears to be many security hoops to jump through to do that, and I have been unsuccessful.  Do you have an example of what I can do to do this?  
 
Gemini creates the following functions and instructs me to place it under the Non Secure App and call it from a Secure App function, but I keep running into the problem of where I'm getting multiple definition of `NS_putc_utility'  error.
 

/**

* @brief Non-Secure Call-able (NSC) function that returns the pointer

* to the Non-Secure World's _write (UART) function.

*

* The __attribute__ flag ensures the compiler generates the security veneer.

*/

__attribute__((cmse_nonsecure_entry))

int32_t NS_putc_utility(int32_t ch)

{

char buffer[1] = {(char)ch};

 

// Call the actual low-level _write function.

// The security veneer is wrapped around this function entry.

return _write(1, buffer, 1);

}

 

Labels:
0 Kudos
3 REPLIES 3
Pavel A.
Super User

‎2025-11-15 11:07 AM

@cgj004 While you're waiting for more useful replies... note that you can assign hardware components to the secure domain. For example, you can assign some UART and use it for "secure" logs. Define _putc or _write functions in the secure code to output to that UART. 

Sharing more details about your requirements helps receiving useful answers.

 

0 Kudos
cgj004
Associate II

‎2025-11-17 10:02 AM

I just want to be able for the Secure Application to print out info like the Bootloader and the Non Secure App does.The tutorial walks you through all the steps and at the end, you open up a putty terminal, press the reset button on the board, and it prints out info from the Bootloader and Non Secure levels:

 

[INF] TAMPER Activated
[INF] Flash operation: Op=0x0, Area=0x0, Address=0x0
[INF] Starting Bootloader OEMiROT
[INF] Swap type: none
[INF] Swap type: none
[INF] Swap type: none
[INF] Swap type: none
[INF] Starting validation of primary slot(s)
...

etc...

I just want to be able to put logging in the Secure level as well since I want to make some changes there and possibly debug before jumping to Non-Secure Init:

 

0 Kudos
Jocelyn RICARD
ST Employee

‎2025-12-03 2:09 PM

Hello @cgj004 ,

You can initialize UART in secure application and use leaving peripheral and associated GPIO non secure.

When non secure application will start, it will also initialize UART and will work.

Best regards

Jocelyn

Top