2021-11-07 07:45 AM
Hello,
I have a simple application running on STM32L55 Secure World, but I would like to debug it step by step using an IDE.
I am able to debug using the Keil IDE, but it seems the TZEN bit is zero. It must be about the defaults state of the STM32L55 which is TZEN is disabled.
As TZEN is zero by default I assume I need to set the bit, but when I try to set this bit, getting a Hard-Fault.
Question 1: can we set the TZEN bit during the Debugging session. (I may need proper RDP level during the debugging to set TZEN)
Question 2: What RDP levels does Keil use? There is no UI to see RDP in Keil?
I thought I might be missing something, and I found an example in STM32CubeL5: FreeRTOS_SecureIOToggle_TrustZone
There are two projects, one is a tiny application in secure world, one is in FreeRTOS app running in non-secure world.
I am running the debugging section on secure world application but the TZEN bit is also zero in this example so the secure app does not run in the secure state?
Is it something about the debugging session?
Can we run debugging session in the secure world?
Does debugging automatically disable TZEN bit?
How do we observe non-secure/secure transitions during the debug?
Solved! Go to Solution.
2021-11-09 02:58 AM
Hello @Community member ,
debugger cannot manipulate the TZEN. The transition should be visible based on the PC. When the PC points to secure address, it's executing in secure context. The TZEN can be modified for example using STM32CubeProgrammer, I'm not aware of any Keil function that would support OB programming.
Regarding RDP, debugging of the secure application is only possible in RDP=0.
BR,
J
To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
2021-11-09 02:58 AM
Hello @Community member ,
debugger cannot manipulate the TZEN. The transition should be visible based on the PC. When the PC points to secure address, it's executing in secure context. The TZEN can be modified for example using STM32CubeProgrammer, I'm not aware of any Keil function that would support OB programming.
Regarding RDP, debugging of the secure application is only possible in RDP=0.
BR,
J
To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
2021-11-16 02:10 AM
Hi @JHOUD,
Thank you for the details.
The question would be that is ST-Link capable of Secure World Debugging on Keil?
In Keil, there is another debugger option called "Models ARMv8-M Debugger", if I run the debug section using this debugger, I can see all partitioned Secure/Non-Secure CM33 Core Registers in debug windows, and I am seeing a label in the Keil status bar, says "CPU:Secure".
So, it seems it is about ST-Link; with ST-Link Debugger I cannot see Secure World details in the Keil IDE.
I am using the built-in ST-Link programmer on the "nucleo-l552ze-q" EVK.
Is there any debugger that I could see Secure World options on Keil, maybe CMSiS-DAP, or what is the wrong with ST-Link?
Thank you.
Murat
2021-12-10 12:40 AM
Hi @Community member ,
sorry I missed your reply.
In debugging, there are 3 basic entities. The MCU, the probe interface and the PC SW used for debugging. Each has a set of capabilities supported. And for the functionality to be usable all 3 must support it, obviously. J-link debug probe is native to Keil and better suited for it than ST-Link.
I'm not sure about secure world details in specific, but there are for example some live watch features that Keil can do with J-Link, but not with ST-Link.
The tools documentation should have a list of the debug capabilities.
BR,
J
To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
2021-12-10 02:01 AM
Hi @JHOUD sorry also from me. If I set the TZEN bit using STMCubeProgrammer as you recommended, I was able to use the Partitioned Registers and Secure Mode on the Keil IDE.
Just, I would expect Keil or STLink interface to handle or ask me. Anyway, it is sorted out. Thank you for the help.