SBSFU stm32h753zi

static void SFU_BOOT_SM_ExecuteUserFw(void)

{

SFU_ErrorStatus e_ret_status = SFU_ERROR;

SE_StatusTypeDef e_se_status = SE_KO;

uint32_t i;

TRACE("\r\n= [SBOOT] STATE: EXECUTE USER FIRMWARE");

/* Reload Watchdog */

(void) SFU_LL_SECU_IWDG_Refresh();

/* Verify if authentication and integrity controls performed at SFU_STATE_VERIFY_USER_FW_SIGNATURE */

FLOW_CONTROL_CHECK(uFlowCryptoValue, FLOW_CTRL_INTEGRITY);

for (i = 0U; i < SFU_NB_MAX_ACTIVE_IMAGE; i++)

{

/* Slot configured ? */

if(SlotStartAdd[SLOT_DWL_1 + i] != 0U) //if(SlotStartAdd[SLOT_ACTIVE_1 + i] != 0U)

{

/* FW installed ? */

if (SFU_SUCCESS == SFU_IMG_DetectFW(SLOT_DWL_1 + i)) //if(SFU_SUCCESS == SFU_IMG_DetectFW(SLOT_ACTIVE_1 + i))

{

/* Initialize Flow control */

FLOW_CONTROL_INIT(uFlowCryptoValue, FLOW_CTRL_INIT_VALUE);

/* Check the header signature */

if (SFU_IMG_VerifyActiveImgMetadata(SLOT_DWL_1 + i) != SFU_SUCCESS) // if (SFU_IMG_VerifyActiveImgMetadata(SLOT_ACTIVE_1 + i) != SFU_SUCCESS)

{

/* Security issue : execution stopped ! */

SFU_EXCPT_Security_Error();

}

/* Check the FW signature */

if (SFU_IMG_ControlActiveImgTag(SLOT_DWL_1 + i) != SFU_SUCCESS) // if (SFU_IMG_ControlActiveImgTag(SLOT_ACTIVE_1 + i) != SFU_SUCCESS)

{

/* Security issue : execution stopped ! */

SFU_EXCPT_Security_Error();

}

#if defined(ENABLE_IMAGE_STATE_HANDLING) && !defined(SFU_NO_SWAP)

/* Move the state to SELFTEST for the new images */

if (SFU_IMG_UpdateImageState(SLOT_ACTIVE_1 + i) != SFU_SUCCESS)

{

/* Image state cannot be changed : What to do ?

==> decision to continue execution */

TRACE("\r\n= [FWIMG] WARNING: IMAGE STATE CANNOT BE CHANGED!");

}

#endif /* ENABLE_IMAGE_STATE_HANDLING && !(SFU_NO_SWAP) */

/* Verify if authentication and integrity controls performed */

FLOW_CONTROL_CHECK(uFlowCryptoValue, FLOW_CTRL_INTEGRITY);

}

}

}

m_ActiveSlotToExecute = SLOT_DWL_1; // Hard coding m_ActiveSlotToExecute variable to boot from download slot

// boot from download slot when new firmware is installed

#endif

/*

* You may decide to implement additional checks before running the Firmware.

* For the time being we launch the FW present in the active slot.

*

* The bootloader must also take care of the security aspects:

* A.configure (if any) the external flash in execution mode with On The Fly DECryption (OTFDEC)

* B.lock the SE services the UserApp is not allowed to call

* C.leave secure boot mode

*/

/* Configure active slot in execution mode with OTFDEC (if any) : required in case of external flash */

TRACE("\r\nActiveSlotToExecute=%u\r\n",m_ActiveSlotToExecute);

e_ret_status = SFU_LL_FLASH_Config_Exe(m_ActiveSlotToExecute);

if (e_ret_status != SFU_SUCCESS)

{

/* Set the error before forcing a reboot, don't care of return value as followed by reboot */

SFU_EXCPT_SetError(SFU_EXCPT_FLASH_CFG_ERR);

/* This is the last operation executed. Force a System Reset */

SFU_BOOT_ForceReboot();

}

if (e_ret_status == SFU_SUCCESS)

{

/* Lock part of Secure Engine services */

if (SE_LockRestrictServices(&e_se_status) == SE_SUCCESS)

{

/* Double instruction to avoid basic fault injection */

if (SE_LockRestrictServices(&e_se_status) == SE_SUCCESS)

{

/* De-initialize the SB_SFU bootloader before launching the UserApp */

(void)SFU_BOOT_DeInit(); /* the return value is not checked, we will always try launching the UserApp */

/* Last flow control : lock service */

FLOW_CONTROL_STEP(uFlowCryptoValue, FLOW_STEP_LOCK_SERVICE, FLOW_CTRL_LOCK_SERVICE);

/* This function should not return */

e_ret_status = SFU_IMG_LaunchActiveImg(m_ActiveSlotToExecute);

}