Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- STM32 MCUs
- STM32 MCUs Security
- OSPI_NOR usage with SBSFU (B-U585I-IOT02A)
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
OSPI_NOR usage with SBSFU (B-U585I-IOT02A)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-07-13 09:37 AM
Hi, I've decided to create a new post based on the similar one (https://community.st.com/t5/stm32-mcus-security/solved-stm32u5-tfm-example-b-u585i-iot02a-memory-mapped-psram/td-p/108722) which has been solved but doesn't work for me.
The problem is as follows:
- I want to run my application on the B-U585I-IOT02A board that uses the BSP_OSPI_NOR (OSPI2) with the external flash memory with the following parameters:
BSP_OSPI_NOR_Init_t init_params = {
.InterfaceMode = BSP_OSPI_NOR_OPI_MODE,
.TransferRate = BSP_OSPI_NOR_STR_TRANSFER
};
BSP_OSPI_NOR_Init(0, &init_params);
- When using the standard application (TZEN=0, no SBSFU), everything works correctly - the BSP_OSPI_NOR_Init returns 0 and writes/reads works correctly
- When using the SBSFU application (https://github.com/STMicroelectronics/STM32CubeU5/tree/v1.0.2/Projects/B-U585I-IOT02A/Applications/SBSFU version 1.0.2) I can't initialize the OSPI in the NonSecure application. I always get the "-5" return value (BSP_ERROR_COMPONENT_FAILURE) and read/writes don't work (but no HardFault happens)
- My changes to the "Projects/B-U585I-IOT02A/SBSFU_Boot/Src/low_level_security.c" file (inspired by the mentioned post) are listed below:
const struct mpu_armv8m_region_cfg_t region_cfg_init_ns[] = {
/* forbid execution on non secure FLASH /RAM in case of jump in non secure */
/* Non Secure MPU background all access in priviligied */
/* reduced execution to all flash during control */
{
0,
FLASH_BASE_NS + NS_IMAGE_PRIMARY_PARTITION_OFFSET,
FLASH_BASE_NS + NS_IMAGE_PRIMARY_PARTITION_OFFSET + FLASH_NS_PARTITION_SIZE - 1,
MPU_ARMV8M_MAIR_ATTR_DATANOCACHE_IDX,
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_ONLY,
MPU_ARMV8M_SH_NONE,
#ifdef FLOW_CONTROL
FLOW_STEP_MPU_NS_I_EN_R0,
FLOW_CTRL_MPU_NS_I_EN_R0,
FLOW_STEP_MPU_NS_I_CH_R0,
FLOW_CTRL_MPU_NS_I_CH_R0,
#endif /* FLOW_CONTROL */
},
// CHANGE START ////////////////////////////////////////////////////////
{
1,
OCTOSPI2_BASE,
OCTOSPI2_BASE + (32 * 1024 * 1024) - 1,
MPU_ARMV8M_MAIR_ATTR_DATANOCACHE_IDX,
MPU_ARMV8M_XN_EXEC_OK,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE,
#ifdef FLOW_CONTROL
FLOW_STEP_MPU_NS_I_EN_R1,
FLOW_CTRL_MPU_NS_I_EN_R1,
FLOW_STEP_MPU_NS_I_CH_R1,
FLOW_CTRL_MPU_NS_I_CH_R1,
#endif /* FLOW_CONTROL */
// CHANGE END ////////////////////////////////////////////////////////
},
/* Forbid execution on full SRAM area */
{
2,
#ifdef TFM_ERROR_HANDLER_NON_SECURE
SRAM1_BASE_NS + (~MPU_RBAR_BASE_Msk) + 1,
#else
SRAM1_BASE_NS,
#endif /* TFM_ERROR_HANDLER_NON_SECURE */
SRAM4_BASE_NS + _SRAM4_SIZE_MAX - 1,
MPU_ARMV8M_MAIR_ATTR_DATA_IDX,
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_ONLY,
MPU_ARMV8M_SH_NONE,
#ifdef FLOW_CONTROL
FLOW_STEP_MPU_NS_I_EN_R2,
FLOW_CTRL_MPU_NS_I_EN_R2,
FLOW_STEP_MPU_NS_I_CH_R2,
FLOW_CTRL_MPU_NS_I_CH_R2,
#endif /* FLOW_CONTROL */
},
/* forbid secure peripheral execution */
{
3,
PERIPH_BASE_NS,
PERIPH_BASE_NS + 0xFFFFFFF,
MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX,
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_ONLY,
MPU_ARMV8M_SH_NONE,
#ifdef FLOW_CONTROL
FLOW_STEP_MPU_NS_I_EN_R3,
FLOW_CTRL_MPU_NS_I_EN_R3,
FLOW_STEP_MPU_NS_I_CH_R3,
FLOW_CTRL_MPU_NS_I_CH_R3,
#endif /* FLOW_CONTROL */
}
};
...
static void sau_and_idau_cfg(void)
{
uint32_t i;
uint32_t rnr;
uint32_t rbar;
uint32_t rlar;
uint32_t rnr_reg;
uint32_t rbar_reg;
uint32_t rlar_reg;
uint32_t ctrl_reg;
/* configuration stage */
if (uFlowStage == FLOW_STAGE_CFG)
{
/* Disable SAU */
TZ_SAU_Disable();
for (i = 0; i < ARRAY_SIZE(sau_init_cfg); i++)
{
SAU->RNR = sau_init_cfg[i].RNR;
SAU->RBAR = sau_init_cfg[i].RBAR & SAU_RBAR_BADDR_Msk;
SAU->RLAR = (sau_init_cfg[i].RLAR & SAU_RLAR_LADDR_Msk) |
(sau_init_cfg[i].nsc ? SAU_RLAR_NSC_Msk : 0U) |
SAU_RLAR_ENABLE_Msk;
/* Execution stopped if flow control failed */
FLOW_CONTROL_STEP(uFlowProtectValue, sau_init_cfg[i].flow_step_enable,
sau_init_cfg[i].flow_ctrl_enable);
}
// CHANGE START ////////////////////////////////////////////////////////
SAU->RNR = (6 & SAU_RNR_REGION_Msk);
SAU->RBAR = (OCTOSPI1_BASE & SAU_RBAR_BADDR_Msk);
SAU->RLAR = ( ((OCTOSPI1_BASE + (8 * 1024 * 1024) - 1) & SAU_RLAR_LADDR_Msk)
| ((0 << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk)
| 1U);
SAU->RNR = (7 & SAU_RNR_REGION_Msk);
SAU->RBAR = (OCTOSPI2_BASE & SAU_RBAR_BADDR_Msk);
SAU->RLAR = ( ((OCTOSPI2_BASE + (32 * 1024 * 1024) - 1) & SAU_RLAR_LADDR_Msk)
| ((0 << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk)
| 1U);
MPCWM_ConfigTypeDef MPCWM_Desc =
{
.AreaId = GTZC_TZSC_MPCWM_ID1,
.AreaStatus = 1,
.Offset = 0,
.Attribute = GTZC_TZSC_MPCWM_REGION_NSEC | GTZC_TZSC_MPCWM_REGION_NPRIV,
.Length = (8 * 1024 * 1024),
.Lock = GTZC_TZSC_MPCWM_LOCK_ON,
};
HAL_GTZC_TZSC_MPCWM_ConfigMemAttributes(OCTOSPI1_BASE, &MPCWM_Desc);
MPCWM_Desc.Offset = 0;
MPCWM_Desc.Length = (32 * 1024 * 1024);
HAL_GTZC_TZSC_MPCWM_ConfigMemAttributes(OCTOSPI2_BASE, &MPCWM_Desc);
// CHANGE END ////////////////////////////////////////////////////////
/* Force memory writes before continuing */
__DSB();
/* Flush and refill pipeline with updated permissions */
...
}
- But I still can't get my BSP_OPSI to work. Probably some additional configuration needs to be performed, but I don't know where to look for them.
Are there any tips you can give me to make my OSPI_NOR working?
Labels:
- Labels:
-
SBSFU
-
STM32 Security
0 REPLIES 0
