Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- STM32 MCUs
- STM32 MCUs Security
- Re: SBSFU not detecting Active Slot Image
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SBSFU not detecting Active Slot Image
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-12 06:20 AM
I'm working on integrating the latest SBSFU (v2.6.2) onto an STM32L4A6 platform. I've reviewed both the user manual and application note for the SBSFU, as well as the examples provided.
In my use case:
- I have an external attached MMC flash
- I'm not planning to use the internal MCU flash dual-bank capability (so I can have an image larger than half the 1MB flash size)
- I don't need rollback/swap capability
- For OTA updates, my user application will download the encrypted image to a location in the external MMC flash. The SBSFU on boot will check for a valid image in that location, and if so, it will copy it to the MCU flash active slot.
I was able to get the B-L475E-IOT01A 2_Images_ExtFlash example to boot and run on my board, and it executes the UserApp.
For porting the SBSFU to integrate with my custom UserApp I have:
- Started from the B-L475E-IOT01A 2_Images_ExtFlash example because it seemed like the closest for what I needed.
- Replaced the example QSPI driver with an MMC flash driver
- Modified the various linker files how I think they should be modified based on the user manual/app note.
- Temporarily disabled all security protections in the SBSFU and enabled verbose debugging
- The example I started from with external flash was putting the FIREWALL NVDATA section in the middle of the MCU flash (0x8080000) as if we were using dual-bank internal flash, so I changed that by referencing the NUCLEO-L432KC 1_Image example which uses the Firewall but places the NVDATA section at the start of the first active slot (0x8020000).
- I'm able to build the SECoreBin, SBSFU, and custom UserApp successfuly.
- When I try to use STMCubeProgrammer to flash the resulting combined binary in to the MCU, it loads but it fails to detect a valid image in Active Slot 1 (the master slot), and then it erases that slot because no valid image was found.
- I'm having trouble figuring out why it's not seeing a valid image in that location, since it should be part of the combined binary produced by the SBSFU scripts.
- I've added some trace statements to the when SFU_IMG_DetectFW() is called and more specifically for the SFU_LL_FLASH_INT_Read() function.
- I can see that when it's searching inside the header region, the se_status returns SE_KO, and the se_ret_status returns SE_ERROR, but I'm not sure how to troubleshoot this further.
- Here's a console output from some trace logging I've added in this region:
SFU_IMG_DetectFW -> slot 1
SFU_LL_FLASH_Read internal
Looking in header
pSource: 0x0x8020000, Length: 320 -> pdest: 0x0x20017e78
DoubleECC_Error_Counter: 0
se_status: 1245757
se_ret_status: 100249
SFU_IMG_DetectFW -> slot 1
SFU_LL_FLASH_Read internal
Looking in header
pSource: 0x0x8020000, Length: 320 -> pdest: 0x0x20017e78
DoubleECC_Error_Counter: 0
se_status: 1245757
se_ret_status: 100249
Slot SLOT_ACTIVE_1 not empty : erasing ...
Trying to figure out what my next steps should be to determine why the SBSFU is not finding a valid image in active slot 1.
Thanks!
Labels:
- Labels:
-
SBSFU
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-22 11:08 AM
Hello @jmcoreymv ,
I tried changing the L475 configuration to align to your requierements.
I faced an issue, maybe the same as yours.
The crypto used is mbedTLS on this example. It is consuming lots of memory.
The SE_SP_SMUGGLE is the entry leads to se_callgate. You should have entered inside.
By debugging, I could see that signature verification returned -16 meaning lack of memory.
So, I increased the heap size of the secure engine, adapted the mapping_sbsfu.ld to provide more memory to secure engine. And it passed.
Now, I disabled firewall for now just to check things are working.
Here are the changes I made:
In mapping_fwimg.ld:
__ICFEDIT_SLOT_Active_1_header__ = 0x08014000;
__ICFEDIT_SLOT_Active_1_start__ = 0x08015000;
__ICFEDIT_SLOT_Active_1_end__ = 0x080FFFFF;
/* Dwl slot #1 (472 kbytes) */
__ICFEDIT_SLOT_Dwl_1_start__ = 0x90000000;
__ICFEDIT_SLOT_Dwl_1_end__ = 0x900EAFFF;
Header is just after the SBSFU
in sfu_low_level_security.h
#define SFU_PROTECT_FWALL_NVDATA_ADDR_START ((uint32_t)(SB_REGION_ROM_END + 1))/*!< Firewall protection NVDATA
area START address*/
#define SFU_PROTECT_FWALL_NVDATA_SIZE (SLOT_ACTIVE_1_HEADER)/*!< Firewall protection NVDATA area
Add more side for SE Heap
_Min_Heap_Size = 0x1800;
And in mapping_sbsfu.ld
__ICFEDIT_SE_region_RAM_end__ = 0x20003DFF;
I could make an update from external flash.
Now, I will need to reactivate firewall protection. May need to change some mappings.
Best regards
Jocelyn
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-22 01:12 PM - edited 2024-11-22 01:13 PM
Thank you for looking into this further.
I didn't have a preference for mbedtls vs the ST_Crypto library, so I swapped over to the ST_Crypto library instead. That seems to have actually resolved the inconsistent failure issue I was having with SE_SP_SMUGGLE mentioned in this thread: https://community.st.com/t5/stm32-mcus-security/inconsistent-sbsfu-error-for-header-fw-signature-verification/m-p/746094#M7800
However, I did also make the changes you mentioned above to increase the amount of available UserApp space. I'm still seeing SE_SP_SMUGGLE error out when I make those changes:
- Increase heap size: I tried 0x1800 first, then 0x4000, and updated the __ICFEDIT_SE_region_RAM_end__ accordingly.
- Moved the active slot header and start to 0x08014000 and 0x08015000, respectively.
- Updated SFU_PROTECT_FWALL_NVDATA_ADDR_START
- Updated SFU_PROTECT_FWALL_NVDATA_SIZE: I tried setting it to SLOT_ACTIVE_1_HEADER as shown above, but this seems incorrect to me, so I changed it to be (SLOT_ACTIVE_1_START - SLOT_ACTIVE_1_HEADER).
After all these changes, it still fails to detect the FW in the new location:
= [SBOOT] SECURE ENGINE INITIALIZATION SUCCESSFUL
= [SBOOT] STATE: CHECK STATUS ON RESET
WARNING: A Reboot has been triggered by an Unknown reset source!
= [SBOOT] STATE: CHECK NEW FIRMWARE TO DOWNLOAD
= [SBOOT] STATE: CHECK USER FW STATUS
No resume required : TRAILER_HDR_TEST not valid!
Slot SLOT_ACTIVE_1 not empty : erasing ...
No valid FW found in the active slots nor new FW to be installed
Waiting for the local download to start...
= [SBOOT] STATE: DOWNLOAD NEW USER FIRMWARE
File> Transfer> YMODEM> Send
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-25 09:35 AM
Hello @jmcoreymv ,
I join a zip file of the the L475 project from SBSFU package version 2.6.2
Projects\B-L475E-IOT01A\Applications\2_Images_ExtFlash\
It may help you finding where your issue is located
Best regards
Jocelyn
- « Previous
-
- 1
- 2
- Next »
Related Content
- Inconsistent SBSFU error for Header FW signature verification failure in STM32 MCUs Security
- SBSFU not detecting Active Slot Image in STM32 MCUs Security
- STM32U0 Attempting to reach RDP level 1, stuck at RDP level 0 with OPTVERR bit HIGH in STM32 MCUs Security
- stm32 GPIO input from mcp23017 interrupt in STM32 MCUs Products
- STM32H743 SDRAM issues with LTDC + DMA2D in STM32 MCUs Products