Hello! I want to implement secure boot / secure firmware install on my STM32u5A9 custom board. I am starting by trying to modify the SBSFU example code from B-U585I-IOT02A example project to run on my board. I followed the instructions in the README to tailor the project for STM32U5A9. I also made the following changes:
- My debug terminal is connected to UART5 so I modified the com.h file (attached snippet below)
- I also changed TFM_TAMPER_ENABLE in boot_hal_cfg.h to NO_TAMPER as I was initially having trouble with that engaging during my testing.
- I uncommented the MCUBOOT_EXT_LOADER in Linker/flash_layout.h as our custom board has an external flash chip but its pinout is different than the standard dev boards and I have not gotten any of my attempts at a custom loader to work. I’m trying to get secure boot working without an external loader first.
Running SBSFU_Update.sh (as is from the B-U585I-IOT02A project) results in successful programming and verification of sbsfu_app_init.bin and SBSFU_Boot.bin, but after resetting the board I get nothing in my serial terminal. Is there something I missed or set up incorrectly when modifying the project to use with the STM32u5A9? Any ideas on what could be causing nothing to print to to the terminal? Appreciate any thoughts or feedback!
#define COM_UART UART5
#define COM_UART_CLK_ENABLE() __HAL_RCC_UART5_CLK_ENABLE()
#define COM_UART_CLK_DISABLE() __HAL_RCC_UART5_CLK_DISABLE()
#define COM_UART_TX_AF GPIO_AF8_UART5
#define COM_UART_TX_GPIO_PORT GPIOF
#define COM_UART_TX_PIN GPIO_PIN_3
#define COM_UART_TX_GPIO_CLK_ENABLE() __HAL_RCC_GPIOF_CLK_ENABLE()
#define COM_UART_TX_GPIO_CLK_DISABLE() __HAL_RCC_GPIOF_CLK_DISABLE()
#define COM_UART_RX_AF GPIO_AF8_UART5
#define COM_UART_RX_GPIO_PORT GPIOF
#define COM_UART_RX_PIN GPIO_PIN_4
#define COM_UART_RX_GPIO_CLK_ENABLE() __HAL_RCC_GPIOF_CLK_ENABLE()
#define COM_UART_RX_GPIO_CLK_DISABLE() __HAL_RCC_GPIOF_CLK_DISABLE()
/* Maximum Timeout values for flags waiting loops.
You may modify these timeout values depending on CPU frequency and application
conditions (interrupts routines ...). */
#define COM_UART_TIMEOUT_MAX 1000U
Also here is my current configuration of the option bytes. When I tried running the regression.sh script in the SBSFU example I believe it would set the RDP level to 2 and both prevent me from erasing the chip and fail verification when running SBSFU_Update.sh.
{
"deviceId" : 1153,
"bitNameToValue" : {
"RDP" : 170,
"BOR_LEV" : 0,
"TZEN" : 1,
"nRST_STOP" : 1,
"nRST_STDBY" : 1,
"nRST_SHDW" : 1,
"SRAM_RST" : 1,
"IWDG_SW" : 1,
"IWDG_STOP" : 1,
"IWDG_STDBY" : 1,
"WWDG_SW" : 1,
"SWAP_BANK" : 0,
"SRAM2_RST" : 0,
"nSWBOOT0" : 1,
"nBOOT0" : 1,
"PA15_PUPEN" : 1,
"BKPRAM_ECC" : 1,
"SRAM3_ECC" : 1,
"SRAM2_ECC" : 1,
"IO_VDD_HSLV" : 0,
"IO_VDDIO2_HSLV" : 0,
"NSBOOTADD0" : 1048576,
"NSBOOTADD1" : 1569280,
"SECBOOTADD0" : 1572864,
"BOOT_LOCK" : 0,
"SECWM1_PSTRT" : 0,
"SECWM1_PEND" : 255,
"HDP1_PEND" : 0,
"HDP1EN" : 0,
"WRP1A_PSTRT" : 255,
"WRP1A_PEND" : 0,
"UNLOCK_1A" : 1,
"WRP1B_PSTRT" : 255,
"WRP1B_PEND" : 0,
"UNLOCK_1B" : 1,
"SECWM2_PSTRT" : 0,
"SECWM2_PEND" : 255,
"HDP2_PEND" : 0,
"HDP2EN" : 0,
"WRP2A_PSTRT" : 255,
"WRP2A_PEND" : 0,
"UNLOCK_2A" : 1,
"WRP2B_PSTRT" : 255,
"WRP2B_PEND" : 0,
"UNLOCK_2B" : 1
}
}
