2024-05-20 10:26 AM
Hello,
I followed this tutorial to add an example secure partition in TF-M ( https://tf-m-user-guide.trustedfirmware.org/integration_guide/services/tfm_secure_partition_addition.html ) and then followed these instructions to flash the application to my Nucleo-L552ZE-Q board ( https://tf-m-user-guide.trustedfirmware.org/platform/stm/common/stm32l5xx/readme.html ). However, the script regression.sh returned the error:
Error: Cannot connect to access port 0!
If you are trying to connect to a device with TrustZone enabled please try to connect with HotPlug mode.
If you are trying to connect to a device which supports Debug Authentication with certificate or password, please open your device using it.
After this, I am unable to connect my board STM32Cube Programmer or to flash any application using Keil MDK ARM, CubeIDE, etc. The same error is returned every time. Before I runned the regression.sh script, the board was working as expected and I was able to flash simple applications (non using TF-M) to the board. Does someone know how can I fix this problem?
Here is the configuration I have in STM32Cube Programmer:
2024-05-20 10:46 AM
Hi,
try connect :
mode : under reset
reset : hardware
Then try to delete your "bad" settings, maybe full flash erase and set option bytes ...
2024-05-20 10:49 AM - edited 2024-05-20 10:49 AM
Thanks for the quick reply. I still can not connect:
2024-05-20 11:05 AM
It tells : try Hot plug mode...try.
And read rm about this trust zone settings ... before playing around with this. :)
2024-05-20 12:24 PM - edited 2024-05-20 12:55 PM
I've made this post because the hot plug mode connection also did not work out :)
I pulled BOOT0 pin to High (connected CN11 pin 5 to 7), connected the board to the PC and then tried to connect to STM32Cube Programmer using the Hot Plug mode. Here is the output:
2024-05-20 01:27 PM
So try to find, what state you set - and what you can do , to get back , if possible...
in rm (H563):
And if you locked the cpu and no way to unlock...replace cpu or board - and next time read first, what you might do and if there is a way back.
I have a H563 here, also with secure..trusted zone etc. , but i am afraid to experiment with something like this, as long as i would be 100% sure and nothing bricks the chip. But when i see the reliability of the IDE, for example, and the debug, that works about 8 out of 10 times starting debug, or tell me some error happened (nucleo-H563 board with st-linkV3 onboard), unable to debug. So try again debug, 2 or three times, then working fine - as it should.
But imagine, this happens on a "secure" access, that might brick the chip...who needs this ?
2024-05-20 11:54 PM
Hello @MCost.4 ,
First, you may have issues running TFM on STM32L5 Nucleo as it is running on stm32l562e_dk
Also, the opeion "--hardRst" at line 24 of regression.sh script is not supported in latest version of STM32CubeProgrammer and associated calls are failing. So, please remove this option.
Also did you update the STLink firmware?
Best regards
Jocelyn
2024-05-21 10:47 AM
Hello @Jocelyn RICARD
As long as I know, the TF-M offers support for the Nucleo-L552ZE-Q platform. The TF-M filesystem have the files for the configuration of this platform under /platform/ext/target/stm/nucleo_l552ze_q and I have specified the platform in the cmake command that compiles my application:
cmake .. -DTFM_PLATFORM=stm/nucleo_l552ze_q -DTFM_PARTITION_PRIVATE_ANN=ON -DCMAKE_BUILD_TYPE=Debug -DCONFIG_TFM_SPM_BACKEND=IPC -DTFM_TOOLCHAIN_FILE=../toolchain_GNUARM.cmake -G"Unix Makefiles"
Regarding the second point, removing the option --hrdRst resulted in a different output.
With the option --hrdRst, the regression.sh script returns:
Without --hrdRst, it returns:
2024-05-22 11:11 AM - edited 2024-05-22 11:12 AM
Hello again @Jocelyn RICARD ,
I've used TF-M in the past with this same board. However, in the past, I've used TF-M v1.7 with the STM32Cube Programmer v2.12 or v2.13 (I'm not sure about the programmer version but I know it was one of these two). I did not have any problems at that time.
The problem I describe in this post occurred with the TF-M v2.1. with the STM32Cube Programmer v2.16. The regression scripts generated by both TF-M versions are quite similar; however, there is still one change that I highlight below (TF-M v2.1 -> left; TF-M v1.7 -> right). Can this be the source of the error?
I have also browsed the release notes of STM32Cube Programmer from versions v2.12 to v2.16. Below I list the main issues fixed that are relevant to the L5 boards:
2024-05-23 07:33 AM
Hello @MCost.4 ,
I don't know what could actually happen.
If you cannot connect to the target even after setting boot 0 to VDD, I would suggest trying to power-on reset the board but I guess you already tried that.
By the way, while setting boot 0 to VDD are you able to connect to the bootloader with UART or USB ?
If yes, you can try regression from there
Best regards
Jocelyn