Error when writing secure firmware image to STM32U535

Marcelo Barros · ‎2024-02-03

I followed the secure image tutorials as can be seen in AN4992/AN5054 or in videos made available by ST. The process takes place without errors, as can be seen in the images below (start address is 0x08000000).

Smart card is valid and working:

However, when trying to burn the image, either via stm32cubeprogrammer or via command line I get the following error:

Error: Execution of RSS CMD failed, returned value = 0x1

Has anyone experienced this problem? Any recommendations ?

Addtional information:

STM32 Trusted Package Creator v2.15.0
STM32CubeProgrammer v2.15.0
Before programming, I followed the ST recomendation (AN5054)
- The flash memory is erased.
- No WRP zone is active, otherwise destroy it.
- The chip supports security (a security bit must be present in the option bytes).
- If the security is activated, disable it
I used scripts provided by ST and I am attaching a complete log and option bytes (some info were ommited by security reasons).
TZM is not enabled and RDP is AA (ok, I know it means no protection and I will change them later despite that both are changed by programmer).

Thanks a lot.

Jocelyn RICARD · ‎2024-02-06

Hello Marcelo,

Here is how you get the license from the chip.

You connect with STM32CubeProgrammer and select the shield on the left icons. Then SFI tab, on the right side of the panel you get this Get License from HSM button.

To get this you must be connected to your STM32U5 target

This will open a dialog windows asking for license file name.

That's it.

Regarding TrustZone activation impact on your application, you have 2 solutions:

1) Rebuild your application as secure application using secure memory aliases

2) Keep your non secure application as it is, built where it is and add a secure application in the last sector of the flash that is usually not used. Change the secboot address option byte to boot on this secure application and also the secure watermark.

I attach a secure project that is made as simple as possible to address this second case.

It is built to run at the end of the flash and to use the last 512 bytes of the RAM which is the minimum possible.

For option bytes you need to

1) set secure area watermark for bank 2 SECWM2 begin and end to 0x7F

2) set secure area for bank to with begin > end to have everything secure. Typically start=0x7F , end = 0

3) set the SECBOOTADD0 to 0x081FE000

Translated in STM32CubeProgrammer_CLI commands:

STM32_Programmer_CLI.exe -c port=SWD mode=HOTPLUG -ob TZEN=1 -rst
STM32_Programmer_CLI.exe -c port=SWD mode=HOTPLUG -ob SECBOOTADD0=0x183fc0 SECWM1_PSTRT=0x7F SECWM1_PEND=0 SECWM2_PSTRT=0x7F SECWM2_PEND=0x7F

This is to test your application is still working fine in this TrustZone environment.

Then once working you can setup SFI to do the same.

Best regards

Jocelyn

View solution in original post

Jocelyn RICARD · ‎2024-02-05

Hello @Marcelo Barros ,

in the option bytes csv you have set the RDP to 0xAA which means RDP Level 0.

Also, you are set TZEN to 0

This is not possible to have such setup.

SFI is a secure firmware installation, so it requires at least TrustZone to be enabled and also RDP Level 0.5 which provides the flash protection for secure flash sectors.

Besides I advise you make your tests using the license in the file instead of reading it from the smartcard.

For this, you need to ask for the license related to the chip you are using for testing: This will consume one license in the smart card; but you have the license file binary in a file that you can reusing as many times as you want as long as you use the same chip.

Best regards

Jocelyn

Marcelo Barros · ‎2024-02-06

Hi Jocelyn,

I will try with TZ and RDP 0.5 and provide feedback later.

About requesting a specific license to my chip, do you how to proceed ?

Thanks

Marcelo

Marcelo Barros · ‎2024-02-06

Hi Jocelyn,

One more question: my project do not use trust zone (it was created without TZ).

Even not using TZ I need to recreate the project with TZ active or it is enough just enable TZ in option bytes ?

Thanks again !

Marcelo

Jocelyn RICARD · ‎2024-02-06

Hello Marcelo,

Here is how you get the license from the chip.

You connect with STM32CubeProgrammer and select the shield on the left icons. Then SFI tab, on the right side of the panel you get this Get License from HSM button.

To get this you must be connected to your STM32U5 target

This will open a dialog windows asking for license file name.

That's it.

Regarding TrustZone activation impact on your application, you have 2 solutions:

1) Rebuild your application as secure application using secure memory aliases

2) Keep your non secure application as it is, built where it is and add a secure application in the last sector of the flash that is usually not used. Change the secboot address option byte to boot on this secure application and also the secure watermark.

I attach a secure project that is made as simple as possible to address this second case.

It is built to run at the end of the flash and to use the last 512 bytes of the RAM which is the minimum possible.

For option bytes you need to

1) set secure area watermark for bank 2 SECWM2 begin and end to 0x7F

2) set secure area for bank to with begin > end to have everything secure. Typically start=0x7F , end = 0

3) set the SECBOOTADD0 to 0x081FE000

Translated in STM32CubeProgrammer_CLI commands:

STM32_Programmer_CLI.exe -c port=SWD mode=HOTPLUG -ob TZEN=1 -rst
STM32_Programmer_CLI.exe -c port=SWD mode=HOTPLUG -ob SECBOOTADD0=0x183fc0 SECWM1_PSTRT=0x7F SECWM1_PEND=0 SECWM2_PSTRT=0x7F SECWM2_PEND=0x7F

This is to test your application is still working fine in this TrustZone environment.

Then once working you can setup SFI to do the same.

Best regards

Jocelyn