FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Persistent application data erased upon firmware update using Secure Manager

Go to solution
CRE
Associate II

‎2025-01-02 01:24 AM - last edited on ‎2025-01-02 01:42 AM by

Hi support team and developper community. Happy new year to all.

I have a project including Secure Manager and a Non-Secure application on a STM32H573 platform.

My non-secure app is modeled after the SMAK_Appli app provided within STM32Cube. I used  HAL_FLASH API to bring flash storage capability to it. 

My application data is stored in a code-free sector at the top of the non-secure flash area, but I could not find any way to notify the Secure Manager about it. Not even in CubeMX. As you would expect, my data persists after reset or power cycle, but it gets erased upon an update of the NS app.

I am aware of the possibility for the Secure Manager to provision data for the sake of the NS application, but this does not fit the bill: my application needs to update the persistent data.

 

So, in a nutshell, how can I implement a persistent storage which survives firmware upgrades ? 

 

Thanks in advance for your support.

CRE

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
CRE
Associate II
In response to Jocelyn RICARD

‎2025-01-02 07:19 AM

Hi Jocelyn,

 

please ignore my previous post. I mixed up files from various project directories. I need to sort everything out before I come back to you.

 

The sure thing is that I did not configure the NS reserved area in the first place.

 

CRE

View solution in original post

0 Kudos
5 REPLIES 5
Go to solution
Jocelyn RICARD
ST Employee

‎2025-01-02 02:03 AM

Hello @CRE ,

from your description of your setup, I'm not 100% sure where you are locating these data.

"code-free sector at the top of the non-secure flash area" does not look right though.

In the secure manager configuration, you have this NS reserved area that is made for this purpose. Here below an example where I setup 16KB (2 flash sectors).

JocelynRICARD_0-1735811916284.png

These sectors are actually located at end of flash bank1, beginning of flash bank 2.

You can find the details in UM3254 Rev5 chapter 7: Flash memory mapping:

JocelynRICARD_1-1735812119635.png

 

So, are you using this NS reserved area ?

Best regards

Jocelyn

 

Go to solution
CRE
Associate II
In response to Jocelyn RICARD

‎2025-01-02 06:58 AM

Hi Jocelyn,

Thanks for your quick answer. I definitely failed to configure this NS reserved area, and consequently, I was storing my data in the NS code area.

However, I do configure it now, as per your example, and I went through all the steps of the How to start with Secure Manager (customized configuration) on STM32H5 wiki. But I keep loosing my data after every firmware update.

In my understanding, my linker config file (STM32H573IIKXQ_FLASH.ld) should automatically be updated by the prebuild script, according to my NS reserved flash area configuration:

 

CODE_SIZE = 0x53*SECTOR_SIZE; /* This define is updated automatically by prebuild command */

RESERVED_AREA_OFFSET = 0x80*SECTOR_SIZE; /* This define is updated automatically by prebuild command */

RESERVED_AREA_SIZE = 0x00*SECTOR_SIZE; /* This define is updated automatically by prebuild command */

 

I would expect RESERVED_AREA_SIZE to increase by 1 (or 2 ?) sectors. and CODE_SIZE to shrink accordingly, as stated by the comment in the file.

but nothing such happens.

And if I manually edit the file and rebuild, I keep erasing my data when updating the app with the YMODEM and image swapping mechanism..

 

FYI, I am using STM32CubeIDE.

Christian

 

 

 

0 Kudos
Go to solution
CRE
Associate II
In response to Jocelyn RICARD

‎2025-01-02 07:19 AM

Hi Jocelyn,

 

please ignore my previous post. I mixed up files from various project directories. I need to sort everything out before I come back to you.

 

The sure thing is that I did not configure the NS reserved area in the first place.

 

CRE

0 Kudos
Go to solution
CRE
Associate II
In response to Jocelyn RICARD

‎2025-01-02 07:41 AM

Hi Jocelyn,

All is right now. All I had to do was to declare my NS reserved area, as you suggested. It just did not seem to work because I was doing it in the wrong project ! Sorry for the confusion.

 

Thank you again

Christian

 

 

0 Kudos
Go to solution
Jocelyn RICARD
ST Employee
In response to CRE

‎2025-01-03 02:38 AM

Hello Christian,

OK no problem. Thank you for your feedback.

Best regards

Jocelyn

0 Kudos
Top