FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Erase non secure page from secure domain

alessandro morniroli
Associate III

‎2023-06-19 03:30 AM

Hi,

we are developing a firmware on the STM32U575QG MCU. Trustzone is enabled and configured as follows (DBANK active).

alessandromorniroli_0-1687169218695.png
Flash memory size is 1MB, with DBANK active. So, from my understanding, it should be two different bank, each one composed by 64 pages of 8kB.

BANK1:
- secure from page 0 to page 63 (all bank is secure, 512kB);

BANK2:
- secure from page 0 to page 31 (256kB secure). From 32 to 63 unsecure flash;

We are now trying to erase NS pages from secure domain using interrupts. For instance:

 

 

FLASH_EraseInitTypeDef EraseInitStruct;

HAL_FLASH_Unlock ();

__HAL_FLASH_ENABLE_IT_NS (FLASH_IT_EOP);
__HAL_FLASH_ENABLE_IT_NS (FLASH_IT_OPERR);

HAL_NVIC_EnableIRQ (FLASH_IRQn);

__HAL_FLASH_CLEAR_FLAG_NS(FLASH_FLAG_EOP | FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR | FLASH_FLAG_PGSERR);


EraseInitStruct.TypeErase = FLASH_TYPEERASE_PAGES_NS;
EraseInitStruct.Banks = FLASH_BANK_2;
EraseInitStruct.Page = 32;
EraseInitStruct.NbPages = NbOfPages;

HAL_FLASHEx_Erase_IT(&EraseInitStruct);

 

 

NS IRQ is triggering as expected, but NSSR register is reporting PGSERR.

I've read the datasheet and it says:

alessandromorniroli_1-1687170571072.png

Is it possible to erase NS pages from secure domain? Am I doing something wrong?

Thanks.

Alessandro

 

0 Kudos
5 REPLIES 5
Billy OWEN
ST Employee

‎2023-09-15 07:46 AM

Hi @alessandro morniroli 

 

The forum moderator had marked your post as needing a little more investigation and direct support. An online support case has been created on your behalf, please stand by for just a moment and you will hear from us.

 

Regards,

Billy

0 Kudos
declan
Associate

‎2023-10-24 10:03 AM

Hi @Billy OWEN ,

I was wondering if this question was ever resolved, since I have the same issue. In my case, I'm working with the STM32H5, but as with the U5, PGSERR is set if the nonsecure STRT is set from the secure domain. Is it possible to perform flash erase on nonsecure sectors from the secure domain, or is it recommended to only perform firmware updates of nonsecure flash from the nonsecure domain?

Thanks,

Declan

0 Kudos
Amel NASRI
ST Employee
In response to declan

‎2023-10-25 06:37 AM

Hi @declan ,

Could you please submit a new conversation where you describe with more details your case under STM32 MCUs Security?

-Amel

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
alessandro morniroli
Associate III
In response to declan

‎2023-10-25 07:58 AM

Hi @declan ,

I was able to resolve the problem, but right now I don't remember full details (no code under my nose at the moment).
It was something related to TZ_SAU_Setup: you should enable the SAU_INIT_REGION3 regarding the address space of non secure peripherals if I remember correctly.

0 Kudos
declan
Associate

‎2023-10-25 09:49 AM

Thanks @alessandro morniroli, I'll look into the SAU setup and see if I can fix things there.

If I'm not able to resolve it I'll start a new conversation.

0 Kudos
Top