FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable to program User Option Bytes SECWM1_PSTRT/SECWM1_PEND

Shaffi
Associate II

‎2024-10-22 11:49 AM

Hello ST,

I am using stm32u575 board for secure flash access, When TZEN is enabled i am able read and write to Secure flash(0x0C00 8000), but unable to read/write to non secure area(0x08100 0000). Then I used User Option Bytes
SECWM1_PSTRT/SECWM1_PEND to set the secure area SECWM1_PSTRT = 0x02 and SECWM1_PEND =0x02 but value of SECWM1R1 isn't  setting to 0xFF02FF02 but value remains to it 0xFFFF FF80 below is a snippet of my code, Not sure what I am doing wrong to set the SECWM1_PSTRT/SECWM1_PEND. Any help will highly be appreciated.

Shaffi_1-1729622447406.png

Regards,

Shafi

 

Labels:
0 Kudos
5 REPLIES 5
Shaffi
Associate II

‎2024-10-23 10:58 AM

I am know able to edit SECWM1_PSTRT/SECWM1_PEND after TZEN is set and the board is power cycled, but still  unable to access the non secure area(0x08100 0000). @Jocelyn RICARD 

Regards,

Shafi

0 Kudos
Jocelyn RICARD
ST Employee

‎2024-10-24 02:44 AM

Hello @Shaffi,

if you want to write non secure flash from secure you need to request FLASH_TYPEPROGRAM_QUADWORD_NS.

You can check examples

STM32Cube_FW_U5_V1.6.0\Projects\NUCLEO-U575ZI-Q\Examples\FLASH\FLASH_EraseProgram_TrustZone\

STM32Cube_FW_U5_V1.6.0\Projects\NUCLEO-U575ZI-Q\Examples\FLASH\FLASH_ChangeOptionBytes\

Also, you can see how to set secure watermarks here

STM32Cube_FW_U5_V1.6.0\Projects\B-U585I-IOT02A\Applications\SBSFU\SBSFU_Boot\Src\low_level_security.c

Best regards

Jocelyn

0 Kudos
Shaffi
Associate II
In response to Jocelyn RICARD

‎2024-11-04 05:57 AM

Hello @Jocelyn RICARD ,

Thanks for the response.

  1. To configure security attributes i tried to add partition_stm32u575xx.h in my project which sets page 0 to page 7 as non secure and page 8 - page 9 as secure, I am able to write and read from secure flash with no error and able to write/read only once from non secure flash with PGSERR bit set in NSSR register this is set after erase page routine is called. Not sure what I am doing wrong. 
  2. Do we have an example to change the linker script to specify pg0--g 7 as non secure to match with partition_stm32u575xx.h 
  3. Can we change range of flash address as secure and non secure in same region ex pg0 to pg7 as non secure and pg8 to pg9 as secure in same region(1)

Can you please help me in resolving the issue.

Regards,

Shafi

0 Kudos
Jocelyn RICARD
ST Employee
In response to Shaffi

‎2024-11-04 10:40 AM

Hello @Shaffi,

I would suggest first starting from an example that you can have working properly and then add your code to modify flash that is non secure in this example. Then you can change the mapping and do thing incrementaly.

Best regards

Jocelyn

0 Kudos
Shaffi
Associate II
In response to Jocelyn RICARD

‎2024-11-11 02:18 AM

Hello @Jocelyn RICARD ,

Thank you for the response.

 

In my case PGSERR is set when STRT is set by secure access, To solve this I need to jump into non secure memory from secure memory. Can you please help me with code snippet to jump from secure to non secure area without PGSERR bit set to 1.

Regards,

Shafi

0 Kudos
Top