FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue in PACKED image if code execute in ITCM but load in FLASH .

Go to solution
tercelcn
Associate II

‎2023-03-27 06:12 PM

I complie STM32F769I-Discovery 2_Images demo (SBSFU\Projects\STM32F769I-Discovery\Applications\2_Images\2_Images_UserApp\MDK-ARM) with MDK KEIL 3.37.

If I link project using default UserApp.sct, the packed image is right, and output.txt show below:

block size =16
Magic: b'SFU1'!!
Magic: b'SFU1'!!
number of segment :2
0x8084cb8
number of segment :3
0x80001f8
0x80062e0
Merging
SBSFU Base = 0x8000000
Writing header = 0x8080000
APPLI Base = 0x8080400
Writing to .\\..\\Binary\\\\SBSFU_UserApp.bin 543952

But if I modify UserApp.sct to let fw_update_app execute in ITCM

#! armclang --target=arm-arm-none-eabi  -mcpu=cortex-m7 -E -xc
; *************************************************************
; *** Scatter-Loading Description File generated by uVision ***
; *************************************************************
#include "..\..\Linker_Common\MDK-ARM\mapping_sbsfu.h"
#include "..\..\Linker_Common\MDK-ARM\mapping_fwimg.h"
 
 
LR_ROM (SLOT_ACTIVE_1_START + 0x400) {                      ; Cortex-M7: align the init vectors on 0x400
  vector_start (SLOT_ACTIVE_1_START + 0x400) FIXED VECTOR_SIZE {
  *.o (RESET, +First)
  }
  ROM_region +0 {
  *(InRoot$$Sections)
  .ANY (+RO)
  }
 
 ;ITCM 16k
  ITCMRAM_region 0x00000200 0x00004000
  {
    fw_update_app.o (+RO-CODE)
  }
 
  SB_RAM_region (SE_REGION_RAM_END + 1) {
  .ANY (STACK)
  .ANY (HEAP)
  .ANY (+RW +ZI)
  }
}
 
; extra ROM region to make sure the binary size is a multiple of the AES block size (16 bytes) and F7 flash writing unit (4 bytes)
LR_ROM1(+0) ALIGN(16) {
  ForAlignment +0 {
    startup_stm32f769xx.o (ALIGNTOAESBLOCK,+Last)
  }
}

 the packed image is wrong, the output.txt below show that both Writing header and APPLI Base is wrong address.

block size =16
Magic: b'SFU1'!!
Magic: b'SFU1'!!
number of segment :2
0x4b60
number of segment :3
0x80001f8
0x80062e0
Merging
SBSFU Base = 0x8000000
Writing header = -0x200
APPLI Base = 0x200
Writing to .\\..\\Binary\\\\SBSFU_UserApp.bin 134828304

1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Fred
ST Employee

‎2023-04-16 10:02 PM

Ok, I see thanks.

But, I think that the ITCM is disabled by SBSFU at boot and not mapped with the Memory Protection Unit.

#ifdef SFU_MPU_PROTECT_ENABLE
 
/**
  * @brief  Apply MPU protection
  * @param  uStep Configuration step : SFU_INITIAL_CONFIGURATION, SFU_SECOND_CONFIGURATION, SFU_THIRD_CONFIGURATION
  * @retval SFU_ErrorStatus SFU_SUCCESS if successful, SFU_ERROR otherwise.
  */
SFU_ErrorStatus SFU_LL_SECU_SetProtectionMPU(uint8_t uStep)
{
  SFU_ErrorStatus e_ret_status = SFU_ERROR;
  uint8_t mpu_region_num; /* id of the MPU region being configured */
  MPU_Region_InitTypeDef MPU_InitStruct;
 
  /*  ITCM address are not mapped by MPU :
   *  Since an ITCM access can allow a read to SE area
   *  The ITCM is disabled */
  SCB->ITCMCR &= ~SCB_ITCMCR_EN_Msk;

So, I think that anyway you will not be able to leverage the ITCM with SBSFU as the secure bootloader unfortunately (as this would break the MPU isolation of the critical bootloader assets).

View solution in original post

0 Kudos
5 REPLIES 5
Go to solution
tercelcn
Associate II

‎2023-04-10 01:43 AM

Does someone get this issue?

0 Kudos
Go to solution
Fred
ST Employee

‎2023-04-12 01:49 AM

Hi @tercelcn​,

can you clarify your use-case?

It seems you want to place the active slot and the active header in ITCM RAM, is this correct?

So, you would:

  • store the firmware in FLASH
  • but load it in ITCM RAM to execute it

First, the active image header is a critical asset, I would recommend not exposing it in ITCM RAM as it might be modified in a malicious way.

Secondly, the packed image preparation script expects slots in FLASH.

I think it is confused by the fact that you provide ITCM addresses.

Can you please explain further your needs ?

Thanks & Regards,

Fred

0 Kudos
Go to solution
tercelcn
Associate II
In response to Fred

‎2023-04-16 08:57 PM

I only want to execute CMSIS-2 CODE in ITCM SRAM, not active header. Code below demonstrate that code in fw_update_app will execute in ITCM .

 ;ITCM 16k
  ITCMRAM_region 0x00000200 0x00004000
  {
    fw_update_app.o (+RO-CODE)
  }

0 Kudos
Go to solution
Fred
ST Employee

‎2023-04-16 10:02 PM

Ok, I see thanks.

But, I think that the ITCM is disabled by SBSFU at boot and not mapped with the Memory Protection Unit.

#ifdef SFU_MPU_PROTECT_ENABLE
 
/**
  * @brief  Apply MPU protection
  * @param  uStep Configuration step : SFU_INITIAL_CONFIGURATION, SFU_SECOND_CONFIGURATION, SFU_THIRD_CONFIGURATION
  * @retval SFU_ErrorStatus SFU_SUCCESS if successful, SFU_ERROR otherwise.
  */
SFU_ErrorStatus SFU_LL_SECU_SetProtectionMPU(uint8_t uStep)
{
  SFU_ErrorStatus e_ret_status = SFU_ERROR;
  uint8_t mpu_region_num; /* id of the MPU region being configured */
  MPU_Region_InitTypeDef MPU_InitStruct;
 
  /*  ITCM address are not mapped by MPU :
   *  Since an ITCM access can allow a read to SE area
   *  The ITCM is disabled */
  SCB->ITCMCR &= ~SCB_ITCMCR_EN_Msk;

So, I think that anyway you will not be able to leverage the ITCM with SBSFU as the secure bootloader unfortunately (as this would break the MPU isolation of the critical bootloader assets).

0 Kudos
Go to solution
tercelcn
Associate II
In response to Fred

‎2023-04-17 05:47 AM

Thanks!

0 Kudos
Top