Hi,
I am trying to work through How to start with OEMiRoT on STM32H573 and 563–Arm® TrustZone® enabled - stm32mcu using a NUCLEO-H563ZI MR1 board but using the latest STM32CubeProgrammer (2.18.0) and ST32Cube_FW_H5 (STM32Cube_FW_H5_V1.4.0).
Section 2.5 is intended to demonstrate booting securely and then dropping into the System flash bootloader from non-secure application and connecting to it via UART. In my case, I use the virtual COM-port provided by the ST-Link provided on the board. I have not dared to go all the way to CLOSED but have chosen to tell the provisioning.sh that I want PROVISIONED state. I have confirmed using the SWD-connection that the TZEN is enabled after this and that PRODUCT_STATE is iROTProvisioned.
I type 1 in the terminal displaying the "UI" of the non-secure app and then disconnect TeraTerm and in ST32CubeProgrammer I select connect method UART and Port = COM20, Baudrate = 115200, Parity = Even, Data bits = 8, Stop
bits = 1.0, Flow control = Off, RTS = Low, DTR = Low. Except for the COM-port-number these are the default settings.
When I click Connect the application talks to MCU and from the log I can see that a number of GetID commands succeeds and then it issues (to my understanding) some Read Memory commands and then does GetID again and now this command times out. After a while it will fail popping 3 dialog boxes with texts
"Error: Initializing the Option Bytes failed"
"Error: Uploading Option Bytes bank: 0 failed"
"Error: RDP is set to level 1 or target is held under reset, try using Read UnProtect (-rdu) command in order to remove the Read Out Protection"
and disconnects.
If I do a regression back to OPEN using certificate-based-DA and launch the bootloader by connecting BOOT0 to VDD and power-on-reset connecting STM32CubeProgrammer works. I have not tried to actually write memory.
I have 2 questions
1) Is this some kind of known issue in the bootloader of STM32H563 and/or STM32CubeProgrammer?
2) Even if connection was possible in PRODUCT_STATE = iROTProvisioned, would updating the non-secure app via this bootloader actually work? My understanding of AN3155 rev 16 table 2 is that the "Write Memory" bootloader command will not be available when protection is active. And reasonably it should be in this scenario unless dropping to the bootloader magically lowers HDPL (but that should not be possible without a reset).
As a side note, I am guessing that the text on page 8 about when Protection is on for STM32H5 is misleading. It should be probably state that TZ is enabled which means that the TZEN option byte is B4. If Write Memory was available here, it would still need to be a no-op if you would try to write the OB Keys or the OEMiROT (replacing it with something that doesn't verify S/NS apps).
The correct way of updating the apps when Secure boot is enabled should be In-app programming as outlined by AN4657 and not the bootloader in System flash, right?
Would be great if someone could tell me if I am correct or if I have misunderstood something here. I am pretty new to both this line of MCUs and Secure boot on embedded in general.
Best regards, Jesper
Log snippet:
16:51:12:979 : UR connection mode is defined with the HWrst reset mode
16:51:12:981 : RTS low
16:51:12:981 : DTR low
16:51:12:991 : Serial Port COM20 is successfully opened.
16:51:12:991 : Port configuration: parity = even, baudrate = 115200, data-bit = 8, stop-bit = 1.0, flow-control = off
16:51:12:991 : No Init bits value is : 0
16:51:12:991 : Sending init command:
16:51:12:991 : #byte 0x7F sent successfully to target
16:51:12:992 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:12:992 : #ack Received response from target: 0x79
16:51:13:001 : Activating device: OK
16:51:13:001 : Board : --
16:51:13:001 : Sending GetID command and its XOR:
16:51:13:001 : #byte 0x02 sent successfully to target
16:51:13:002 : #byte 0xFD sent successfully to target
16:51:13:003 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:003 : #ack Received response from target: 0x79
16:51:13:003 : Received 4 data bytes from target : 0x01048479
16:51:13:004 : Chip ID: 0x484
16:51:13:004 : Sending Get command and its XOR:
16:51:13:005 : #byte 0x00 sent successfully to target
16:51:13:005 : #byte 0xFF sent successfully to target
16:51:13:005 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:005 : #ack Received response from target: 0x79
16:51:13:005 : Received 1 data bytes from target : 0x0a
16:51:13:005 : size of bytes in the response: 10
16:51:13:007 : Received 12 data bytes from target
16:51:13:007 : Full received response: 0a400001021121314450637379
16:51:13:007 : BootLoader protocol version: 4.0
16:51:13:008 : #byte 0x11 sent successfully to target
16:51:13:008 : #byte 0xEE sent successfully to target
16:51:13:110 : #data sent successfully to target: 0x0800000008
16:51:13:110 : #byte 0x00 sent successfully to target
16:51:13:110 : #byte 0xFF sent successfully to target
16:51:13:110 : Sending GetID command and its XOR:
16:51:13:111 : #byte 0x02 sent successfully to target
16:51:13:111 : #byte 0xFD sent successfully to target
16:51:13:111 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:111 : #ack Received response from target: 0x79
16:51:13:111 : Received 4 data bytes from target : 0x01048479
16:51:13:126 : #byte 0x11 sent successfully to target
16:51:13:126 : #byte 0xEE sent successfully to target
16:51:13:226 : #data sent successfully to target: 0x0800000008
16:51:13:226 : #byte 0x00 sent successfully to target
16:51:13:226 : #byte 0xFF sent successfully to target
16:51:13:226 : Sending Read command and its XOR:
16:51:13:226 : #byte 0x11 sent successfully to target
16:51:13:226 : #byte 0xEE sent successfully to target
16:51:13:227 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:227 : #ack Received response from target: 0x79
16:51:13:227 : Sending Read address and its checksum:
16:51:13:227 : #data sent successfully to target: 0x400224284e
16:51:13:230 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:230 : #ack Received response from target: 0x79
16:51:13:230 : Sending number of bytes to be read - 1 and its checksum:
16:51:13:231 : #data sent successfully to target: 0x03fc
16:51:13:232 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:232 : #ack Received response from target: 0x79
16:51:13:232 : Received 4 data bytes from target : 0x3e000000
16:51:13:232 : Sending Read command and its XOR:
16:51:13:232 : #byte 0x11 sent successfully to target
16:51:13:232 : #byte 0xEE sent successfully to target
16:51:13:232 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:232 : #ack Received response from target: 0x79
16:51:13:232 : Sending Read address and its checksum:
16:51:13:232 : #data sent successfully to target: 0x4002207012
16:51:13:233 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:233 : #ack Received response from target: 0x79
16:51:13:233 : Sending number of bytes to be read - 1 and its checksum:
16:51:13:233 : #data sent successfully to target: 0x03fc
16:51:13:233 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:233 : #ack Received response from target: 0x79
16:51:13:233 : Received 4 data bytes from target : 0x340100b4
16:51:13:233 : Database: Config 2 is active.
16:51:13:233 : Sending GetID command and its XOR:
16:51:13:233 : #byte 0x02 sent successfully to target
16:51:13:233 : #byte 0xFD sent successfully to target
16:51:13:234 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:234 : #ack Received response from target: 0x79
16:51:13:234 : Received 4 data bytes from target : 0x01048479
16:51:13:234 : Sending Read command and its XOR:
16:51:13:234 : #byte 0x11 sent successfully to target
16:51:13:235 : #byte 0xEE sent successfully to target
16:51:13:241 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:241 : #ack Received response from target: 0x79
16:51:13:241 : Sending Read address and its checksum:
16:51:13:241 : #data sent successfully to target: 0x08fff80c03
16:51:13:245 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:245 : #ack Received response from target: 0x79
16:51:13:245 : Sending number of bytes to be read - 1 and its checksum:
16:51:13:245 : #data sent successfully to target: 0x03fc
16:51:13:246 : Wait ends after 1 loop, dataready = 1, delay = 0
16:51:13:246 : #ack Received response from target: 0x79
16:51:13:252 : Received 4 data bytes from target : 0x0a5a7a0a
16:52:21:008 : Sending GetID command and its XOR:
16:52:21:008 : #byte 0x02 sent successfully to target
16:52:21:008 : bytesToWrite before send = 1
16:52:21:008 : bFlushRet = 1, bytesToWrite after flush() = 1
16:52:21:008 : waitForBytesWritten Error : The wait operation timed out.
16:52:21:008 : #byte 0xFD sent successfully to target
16:52:21:008 : Wait ends after 2 loop, dataready = 0, delay = 2001
16:52:21:008 : Timeout error occured while waiting for acknowledgement.
16:52:21:008 : No response from target received
16:52:21:008 : Error: GETID command not acknowledged!
16:52:21:008 : Reemission of GetID command
16:52:21:008 : Sending GetID command and its XOR:
16:52:21:008 : #byte 0x02 sent successfully to target
16:52:21:008 : #byte 0xFD sent successfully to target
16:52:21:008 : Wait ends after 2 loop, dataready = 0, delay = 2000
16:52:21:008 : Timeout error occured while waiting for acknowledgement.
16:52:21:008 : No response from target received
16:52:21:008 : Error: GETID command not acknowledged!
16:52:21:008 : Reemission of GetID command
16:52:21:008 : Sending GetID command and its XOR:
16:52:21:008 : #byte 0x02 sent successfully to target
16:52:21:008 : #byte 0xFD sent successfully to target
16:52:21:008 : Wait ends after 1 loop, dataready = 0, delay = 1000
16:52:21:008 : Timeout error occured while waiting for acknowledgement.
16:52:21:008 : No response from target received
16:52:21:009 : Error: GETID command not acknowledged!
16:52:21:009 : #byte 0x11 sent successfully to target
16:52:21:009 : #byte 0xEE sent successfully to target
16:52:21:009 : Error: RDP is set to level 1 or target is held under reset, try using Read UnProtect (-rdu) command in order to remove the Read Out Protection.
16:52:21:023 : UPLOADING OPTION BYTES DATA ...
16:52:21:023 : Bank : 0x00
16:52:21:023 : Address : 0x40022050
16:52:21:024 : Size : 176 Bytes
16:52:21:025 : Sending Read command and its XOR:
16:52:21:025 : #byte 0x11 sent successfully to target
16:52:21:026 : #byte 0xEE sent successfully to target
16:52:21:026 : Wait ends after 2 loop, dataready = 0, delay = 60000
16:52:21:027 : Timeout error occured while waiting for acknowledgement.
16:52:21:027 : No response from target received
16:52:21:027 : Error: READ command not acknowledged at address: 0x40022050
16:52:21:027 : Error: Uploading Option Bytes bank: 0 failed
16:52:21:044 : Error: Initializing the Option Bytes failed
16:52:21:057 : UART PORT CLOSE
16:52:21:057 : Disconnected from device.
16:52:21:057 : Disconnected from device.
