2023-06-13 02:44 AM
Hello support team,
Have a Nice day.
I am working on STM32U585ZIT6 Controller and investigating SBSFU for firmware upgrading.
I list our specifications for a custom bootloader below.
I do not find specific this series SBSFU related document
Can you provide me integration document for STM32U5 Series?
Thanks
Hiren R. Thumar
Solved! Go to Solution.
2024-02-13 12:33 PM
Hello Lancelot,
There is no such document.
Reason for this is that if you disable TrustZone, you also lose the temporal isolation (Hide protect memory) that is used to isolate the secure boot from the rest of the application.
Now, I can understand you want a simple secure boot.
If I had to do such porting, I would just remove the TrustZone related configurations (SAU and GTZC configurations mainly), but it may not be that straightforward.
We have a porting of MCU boot on STM32 device without TrustZone on STM32H503. It is called OEMiROT_Boot in the STM32H5Cube. It may help.
Best regards
Jocelyn
2024-02-14 06:37 AM
Hello Jocelyn, thank you for your attention to my message.
Yes. I also decided to continue my development on the base OEMiROT_Boot example. It could be a good way. You have confirmed it for me.
2024-02-21 02:14 AM
@Jocelyn RICARD
Hello Jocelyn, how are you?
I have almost implemented my secure bootloader thanking your link to the OEMiROT_Boot example. Thank you for that. And I have one more little question about it. Could you explain how you set up the including header file in the linker file and the using #defines into? In my project it does not work, so I am just using number values in the linker.
Best regards,
Lancelot
2024-02-21 04:31 AM
Hello Lancelot,
if you check how SBSFU example is built, you will see that the linker file is generated in the prebuild step using the precompiler:
Here is example of secure application prebuild command.
arm-none-eabi-gcc -E -P -xc -DSTM32U585xx -DBL2 -DTFM_PSA_API -I../../../../Linker -o./output.ld ../STM32U585AIIX_FLASH.ld
So, output.ld is becomes your actual linker file.
Best regards
Jocelyn
2024-02-23 03:54 AM
Have a good day, Jocelyn!
Could you answer one more question for me? In the readme file for the SBSFU example about the Image upgrade strategy it says: "In swap-based image upgrade mode, images in primary and secondary slots are swapped. After swap, new image in primary slot has to be confirmed by user application, else at next boot the images will be swapped back."
How to execute confirmation of a new image in the user application? I can find it in "Appli" project example.
Best regards, Lancelot
2024-02-23 05:22 AM
Hello Lancelot,
you can find this ins fw_update_app.c:
Functions used to validate the images are FW_Valid_* functions.
Non secure image validation is done by writing directly in the slot header
Secure image validation goes through a secure service that does the same.
Best regards
Jocelyn