FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Secure firmware update at secure zone with SBSFU

Istillaga
Senior

‎2024-11-29 01:05 AM

Hello,

I am programming with the STM32U575ZIT6 microcontroller, and I am trying to update the firmware in the secure zone. However, when I try to update the firmware in the secure zone, the function ret_arm=LOADER_FLASH_DEV_NAME.EraseSector(sector_address) in FW_UPDATE_DownloadNewFirmware(&fw_image_dwl_area) returns a value less than 0, which causes the update to fail. Performing the update in the non-secure zone works without any issues. I suspect the problem might be that LOADER_FLASH_DEV_NAME does not work properly in the secure zone, or that the firmware image area cannot be read correctly in the secure zone. Is there anything specific that needs to be enabled or configured for the secure firmware update to work?

Labels:
0 Kudos
2 REPLIES 2
Jocelyn RICARD
ST Employee

‎2024-11-29 02:18 AM

Hello @Istillaga ,

if you are in a single slot configuration, you need to use the secure part of the loader to be able to write in secure area. If you use the example provided you will see that in such case the loader non secure will call a service of the loader secure.

Best regards

Jocelyn

0 Kudos
Istillaga
Senior
In response to Jocelyn RICARD

‎2024-11-29 03:16 AM

Hello @Jocelyn RICARD,

I suppose you are referring to this part of the code in the loader:

 

#if defined(MCUBOOT_PRIMARY_ONLY)
    if (sector_address < NS_IMAGE_PRIMARY_PARTITION_OFFSET)
    {
        ret_arm = SECURE_Flash_EraseSector(sector_address);
    }
    else
    {
        ret_arm = LOADER_FLASH_DEV_NAME.EraseSector(sector_address);
    }
#else
    ret_arm = LOADER_FLASH_DEV_NAME.EraseSector(sector_address);
#endif

 

Where SECURE_Flash_EraseSector is defined as:

 

CMSE_NS_ENTRY int32_t SECURE_Flash_EraseSector(uint32_t addr)
{
    return LOADER_FLASH_DEV_NAME.EraseSector(addr);
}

 

As you can see, the same function is used in both cases. So I don't know what I should change.

However, I am not trying to implement this in the loader project. I am trying to update the application firmware in the secure application project using the firmware configurations with the overwrite method and using both the primary and secondary image slots.

 
0 Kudos
Top