FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32U585 DOES NOT RETURN TO RDP=0.

Go to solution
Istillaga
Associate III

‎2024-04-15 06:05 AM - edited ‎2024-04-15 08:01 AM

Hello,

I've added the OEM2KEY AND OEM1KEY to the RDP Level 2 protection in order to perform the same steps as in the 'Getting started with STM32CubeU5 TFM application' for enabling Production Mode.

Following the steps and executing the HARDENING.SH file, I'm no longer able to modify the board or revert to RDP level 0. It's showing me the following error: Error: ST-LINK error (DEV_TARGET_NOT_HALTED)

If I enter Hotplug mode, it shows me the following: Error: Uploading Option Bytes bank: 0 failed Error: Initializing the Option Bytes failed.

 

Any help?

Istillaga_0-1713193265654.png

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
CMYL
ST Employee

‎2024-04-23 04:03 AM

Hi @Istillaga,

If TZ is enabled we need to boot from the RSS as follow:

- STEP1: Ensure the switch SW1 (BOOT0 pin) on B-U585I-IOT02A board is on position 1 to boot from RSS (see below the yellow arrow).

CMYL_2-1713869675261.png

 

- STEP2: Connect TAMP_IN8 (PE4 on CN3 pin 11) and TAMP_OUT8 (PE5 on CN3 pin 14) on the B-U585I-IOT02A board (as follow) 

CMYL_0-1713868339807.png

 

- STEP3:

/* Unlock RDP level 2 with your OEM2Key */
/* be sure we need OEM2KEY here not OEM1key !!! */

STM32_Programmer_CLI.exe -c port=swd mode=UR -unlockrdp2 0x12345678 0xABCDEFAB
(You can try also " mode=hotplug")


/* RDP2 to RDP1 regression*/
STM32_Programmer_CLI.exe -c port=swd mode=hotplug -ob rdp=0xDC
(You can try many times or check with " mode=UR")

 

View solution in original post

0 Kudos
5 REPLIES 5
Go to solution
CMYL
ST Employee

‎2024-04-22 07:15 AM

Hello @Istillaga 

- Can you check that the tamper pines are connected before running the regression script ?

It is needed to connect TAMP_IN8 (PE4 on CN3 pin 11) and TAMP_OUT8 (PE5 on CN3 pin 14) on the B-U585I-IOT02A board, to allow the application to run.

 

- If not working, I suggest to refer to the AN5347 (Arm® TrustZone® features for STM32L5 and STM32U5 Series - Application note) using the STM32CubeProgrammer CLI commands. As RDP2 level is set in your board you need to start from step6 (10.6 Step 6 - Unlock RDP level 2 with OEM2Key pp 26).

>STM32_Programmer_CLI.exe -c port=swd mode=UR -unlockrdp2 <pswd>

If some issues occur:
• Check that the system boots from the RSS and that PH3-BOOT0 PIN of the board is connected to VDD.
• Check that DBGMCU is accessible on RDP level 2 (DBGMCU_CR @0xE0044000) with the following command:


>STM32_Programmer_CLI.exe -c port=swd mode=hotplug -r32 0xE0044104 4

Then check the regression to RDP1 (10.7 Step 7 - Set RDP to level 1)



> STM32_Programmer_CLI.exe -c port=swd mode=hotplug -ob rdp=0xDC

 

best regards

0 Kudos
Go to solution
Istillaga
Associate III
In response to CMYL

‎2024-04-22 07:27 AM - edited ‎2024-04-22 07:28 AM

Hi  @CMYL 

I have executed the commands and obtained these results:

 

 

$ STM32_Programmer_CLI.exe -c port=swd mode=UR -unlockrdp2 0x12345678 0xABCDEFAB -------------------------------------------------------------------
STM32CubeProgrammer v2.16.0
-------------------------------------------------------------------

ST-LINK SN : 000D001F4D46501120383832
ST-LINK FW : V3J13M4
Board : B-U585I-IOT02A
Voltage : 3.28V
Error: ST-LINK error (DEV_TARGET_NOT_HALTED)
ST-LINK SN : 000D001F4D46501120383832
ST-LINK FW : V3J13M4
Board : B-U585I-IOT02A
Voltage : 3.28V
Unlock RDP2 password succefully done!
Error: ST-LINK error (DEV_TARGET_NOT_HALTED)​

 

 

 

 

 

$ STM32_Programmer_CLI.exe -c port=swd mode=hotplug -r32 0xE0044104 4
-------------------------------------------------------------------
STM32CubeProgrammer v2.16.0
-------------------------------------------------------------------

ST-LINK SN : 000D001F4D46501120383832
ST-LINK FW : V3J13M4
Board : B-U585I-IOT02A
Voltage : 3.28V
SWD freq : 8000 KHz
Connect mode: Hot Plug
Reset mode : Software reset
Device ID : 0x482
Revision ID : Rev X
Device name : STM32U575/STM32U585
Flash size : 2 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU : Cortex-M33
BL Version : 0x0
Debug in Low Power mode enabled


Reading 32-bit memory content
Size : 4 Bytes
Address: : 0xE0044104

0xE0044104 : CC0C0F68
$ STM32_Programmer_CLI.exe -c port=swd mode=hotplug -ob rdp=0xDC
      -------------------------------------------------------------------
                       STM32CubeProgrammer v2.16.0
      -------------------------------------------------------------------

ST-LINK SN  : 000D001F4D46501120383832
ST-LINK FW  : V3J13M4
Board       : B-U585I-IOT02A
Voltage     : 3.28V
SWD freq    : 8000 KHz
Connect mode: Hot Plug
Reset mode  : Software reset
Device ID   : 0x482
Revision ID : Rev X
Device name : STM32U575/STM32U585
Flash size  : 2 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU  : Cortex-M33
BL Version  : 0x0
Debug in Low Power mode enabled


UPLOADING OPTION BYTES DATA ...

  Bank          : 0x00
  Address       : 0x40022040
  Size          : 36 Bytes

▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Error: Uploading Option Bytes bank: 0 failed
Error: Initializing the Option Bytes failed

 

 

 

 

 

 



0 Kudos
Go to solution
CMYL
ST Employee

‎2024-04-22 07:58 AM

hi @Istillaga 

can you check that:

- OEM2LOCK and OEM1LOCK bits in the FLASH_NSSR register are set to be sure that OEM1KEY/OEM2KEY are already provisioned

> STM32_Programmer_CLI.exe -c port=swd mode=hotplug -r32 0x40022020 4

the result should be as follows:

CMYL_0-1713797868303.png

 

- Are you sure that the OEM2KEY password is 0x12345678 0xABCDEFAB ?

 

Check that PH3-BOOT0 PIN of the board is connected to VDD.

 

best regards

0 Kudos
Go to solution
Istillaga
Associate III
In response to CMYL

‎2024-04-22 11:34 PM

Hi @CMYL 

 

I am sure my password is 0x12345678 0xABCDEFAB.

I have executed the command and I obtained the following result:

STM32_Programmer_CLI.exe -c port=swd mode=hotplug -r32 0x40022020 4
      -------------------------------------------------------------------
                       STM32CubeProgrammer v2.16.0
      -------------------------------------------------------------------

ST-LINK SN  : 000D001F4D46501120383832
ST-LINK FW  : V3J13M4
Board       : B-U585I-IOT02A
Voltage     : 3.28V
SWD freq    : 8000 KHz
Connect mode: Hot Plug
Reset mode  : Software reset
Device ID   : 0x482
Revision ID : Rev X
Device name : STM32U575/STM32U585
Flash size  : 2 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU  : Cortex-M33
BL Version  : 0x0
Debug in Low Power mode enabled


Reading 32-bit memory content
  Size          : 4 Bytes
  Address:      : 0x40022020

Error: failed to read the requested memory content
0 Kudos
Go to solution
CMYL
ST Employee

‎2024-04-23 04:03 AM

Hi @Istillaga,

If TZ is enabled we need to boot from the RSS as follow:

- STEP1: Ensure the switch SW1 (BOOT0 pin) on B-U585I-IOT02A board is on position 1 to boot from RSS (see below the yellow arrow).

CMYL_2-1713869675261.png

 

- STEP2: Connect TAMP_IN8 (PE4 on CN3 pin 11) and TAMP_OUT8 (PE5 on CN3 pin 14) on the B-U585I-IOT02A board (as follow) 

CMYL_0-1713868339807.png

 

- STEP3:

/* Unlock RDP level 2 with your OEM2Key */
/* be sure we need OEM2KEY here not OEM1key !!! */

STM32_Programmer_CLI.exe -c port=swd mode=UR -unlockrdp2 0x12345678 0xABCDEFAB
(You can try also " mode=hotplug")


/* RDP2 to RDP1 regression*/
STM32_Programmer_CLI.exe -c port=swd mode=hotplug -ob rdp=0xDC
(You can try many times or check with " mode=UR")

 

0 Kudos
Top