What I want to achieve:
During startup all code is verified, starting with SMiRoT (as root-of-trust) then SMuRoT, then SecureManager then non-secure application.
If the application has been modified (vberification fails) the startup shall end in system bootloader.
Unfortunately, this does not work as our tampered/modified non-secure application is still started/executed instead of jumping into bootloader.
Secure manager is installed with the provisioning script. We have modified the BOOT_UBE setting via TrustedPackageCreator from 0xB4 (OEM-iRoT - user flash) to 0xC3 (ST-iRoT - system flash) and re-generated Option_Bytes.csv
What I see is that when connecting the STM32CubeProgrammer, the value for BOOT_UBE still shows 0xB4.
And in the log during SFI flashing (provisioning.py -v --sfi-flash) it shows this:
DEBUG - Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
DEBUG - Warning: Option Bytes are unchanged, Data won't be downloaded
DEBUG - Time elapsed during option Bytes configuration: 00:00:00.010
So, my question is: what am I missing in order to enable the secure boot chain correctly?
