cancel
Showing results for 
Search instead for 
Did you mean: 

PCROP code calls to HAL functions

mromani
Associate

Hi,

 

I have a firmware I wan't to give already flashed protected by PCROP to a customer. Insidie my firmware I use some standart library functions line strlen(), vsprintf and some HAL functions to manage peripherals.

What is the best way to call these functions from pcrop area?

Should I include all needed functions in the pcrop area? 

Regards,

Miguel

 

1 REPLY 1
CMYL
ST Employee

Hello @mromani 

The purpose of PcROP feature is a mean to prevent code/data dumping from internal malicious firmware. Direct read or write on the PcROP area, from internal firmware or debugger is not allowed, while only execution of this code is allowed.

Including all necessary functions within the PCROP area prevents any code access outside the protected area, ensuring that your firmware operates correctly and securely. However, this approach might not be practical due to size limitations and the complexity of managing all dependencies within the PCROP area. 

As best practices: 

  • It is recommended to place only the critical parts of your firmware that need protection in the PCROP area. This typically includes sensitive code that you want to protect from being read or modified by third parties.
  • Standard library functions and HAL functions, which are generally not sensitive, can remain outside the PCROP area.  

For more details refer to this AN4758 on pcrop :  and to x-cube-pcrop page.  

Let me know if you have any questions on tampering risk ?

Best regards