Good morning everyone,
I need to apply the "Closed" product state to my device using the STM32H573VI.
I don't need TrustZone enabled and want to use a password for debug authentication.
I wanted to perform the operation via "code" using the HALs, but once I set the state to "Provisioning(0x17)" from "Open(0xED)," my firmware won't boot, and I can't even provision the *.obk file using the STM32CubeProgrammer.
bool ProductState::set(states newState)
{
FLASH_OBProgramInitTypeDef flashOptionBytes= {0};
HAL_StatusTypeDef ret {HAL_ERROR};
if(newState == states::Unknown) {
Log::msg("Invalid product state\n");
return false;
}
Log::msg("Setting product state to %s ...\n", toString(newState).c_str());
HAL_FLASH_Unlock();
HAL_FLASH_OB_Unlock();
flashOptionBytes.OptionType = OPTIONBYTE_PROD_STATE;
flashOptionBytes.ProductState = (static_cast<uint32_t>(newState) << FLASH_OPTSR_PRODUCT_STATE_Pos);
Log::msg("Program state ...\n");
ret = HAL_FLASHEx_OBProgram(&flashOptionBytes);
if (ret == HAL_OK)
{
Log::msg("OB Launch ...\n");
ret = HAL_FLASH_OB_Launch();
if (ret != HAL_OK)
{
Log::msg("Error while execution OB_Launch : %d\n", ret);
}
}
else {
Log::msg("Error while setting OB Bank1 config state %s : %d\n", toString(newState).c_str(), ret);
}
HAL_FLASH_OB_Lock();
HAL_FLASH_Lock();
return (ret == HAL_OK) ? true : false;
}I then tried to do the entire process using the STM32CubeProgrammer on another board.
I'we followed the video: STM32H5:Product state
- I flashed my application (a simple blinking LED) with IAR
- I changed the product state from "Open" to "Provisioning"
But no luck. Once the Provisioning state is set, I can't provide the *.obk file using the PROV dropdown.
Product state is 0x17 as correctly expected:
So both behaviours are equals using directly HALs drivers or STM32CubeProgrammer.
Can anyone please help me figure out what I'm doing wrong?
Thanks in advance for your help.
1 ACCEPTED SOLUTION
Accepted Solutions
Hi @Jocelyn RICARD,
Also in hotplug mode I'm not able to provide the OBKey:
The STM32CubeProgrammer is the last downloadable:
Good morning @Jocelyn RICARD,
Thank you — provisioning is now working.
I have two follow-up questions:
How can i test the regression in provisioning staate like you mentioned in the previous post?
From the FW application, is it possible to:
- set the provisioning state without rebooting,
- set the OBKey password
- set the state to Closed
This is necessary because, in production, we want the tool itself to apply the protection, rather than relying on an operator to activate it manually via the programmer.
Thanks in advance, and please let me know if you need additional details.
Thank you for the response @Jocelyn RICARD,
I powered the board, navigated to the "shield" icon, and pressed Discover.
Unfortunately, the discovery process failed.
Unfortunately, the discovery process failed.
When connecting to the target, I can see that it has clearly remained in the provisioning state.
I am not sure why the discovery fails. Do you have any idea what might be causing this?
I am not sure why the discovery fails. Do you have any idea what might be causing this?
Thank you again for your patience and the support you are providing. I look forward to your feedback.
Hi @Jocelyn RICARD,
if you mean the NJTRST it's connected to the STMLink probe as follows:
If you mean NRST, it is NOT connected to the STLink probe:
Let me know if it's correct.
