FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Bootlader running on STM32WL55 fails to jump to to application when HDP is enabled

Go to solution
Dimitrios Bako
Associate II

‎2021-12-23 09:22 AM

Hello,

I am developing a project that includes a bootloader and an application to jump to.

Both binaries execute on the M0+ core in order to take advantage of the security features offered only for this core.

The idea is as follows:

The bootloader verifies the integrity/authenticity of the application and then jumps in it.

I am trying though to enable the hide protection (HDP) feature to allow the execution of the bootloader after a reset or power cycle and then protect the flash area where it is located.

In other words, I need the bootloader to be in a secure area and protected from potential read or write actions.

Based on the RF0453 I must call the RSSLIB_PFUNC->CloseExitHDP funtion from my bootloader to close the HDP area and then jump to my application.

Without enabling the HDP I can verify that the bootloader jumps to my application by using the RSSLIB function above.

When I enable the HDP, though, it seems as if the RSSLIB_PFUNC->CloseExitHDP funtion never jumps to my application.

The bootloader is located in flash offset 0x08020000.

My application is located in flash offset 0x08001800.

So, based on that I enable the HDP as follows:

  • Set the SFSA value to 0x40
  • Uncheck the FSD
  • Set the HDPSA to 0x40
  • Uncheck the HDPAD

To jump to my application I call the following line in my bootloader:

RSSLIB_PFUNC->CloseExitHDP(RSSLIB_HDP_AREA1, 0x08001800);

I keep trying to read any related documentation such the the reference manual but it seems as if I miss somthing.

Please, let me know if you need further information to make things more clear!

Thank you!

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Dimitrios Bako
Associate II

‎2022-01-10 02:11 AM

I found the solution to my problem so I share it in case it is useful to anyone:

At page 68 of RM0453 Rev 2 it states the following:

"The secure area of the memories have exclusively read, write, execute access only from the secure CPU2 and secure DMA channels"

At the same page it, also, states:

"CPU2 has only read and write access to the non-secure areas. CPU2 is prevented from executing from non-secure areas"

So, my mistake was that when I enabled the security I set as secure area the one starting from page 0x40 (0x8020000) which is the area where ONLY the secure bootloader is stored.

The application was stored in flash starting at page 0x3 (0x8001800) which is not part of the secure area, so, since security was enabled CPU2 could not jump and execute in this non-secure area.

So, what must be done to make it working is:

  • Set the SFSA value to 0x3
  • Uncheck the FSD

In this way the security is enabled and the secure flash area includes both the secure bootloader and the application.

Additionally as previously:

  • Set the HDPSA to 0x40
  • Uncheck the HDPAD

This enables the hide protection feature ONLY for the secure bootloader area which is executed at a device reset or device startup and then when jumping to the application this area is no longer accessible (hidden).

View solution in original post

0 Kudos
1 REPLY 1
Go to solution
Dimitrios Bako
Associate II

‎2022-01-10 02:11 AM

I found the solution to my problem so I share it in case it is useful to anyone:

At page 68 of RM0453 Rev 2 it states the following:

"The secure area of the memories have exclusively read, write, execute access only from the secure CPU2 and secure DMA channels"

At the same page it, also, states:

"CPU2 has only read and write access to the non-secure areas. CPU2 is prevented from executing from non-secure areas"

So, my mistake was that when I enabled the security I set as secure area the one starting from page 0x40 (0x8020000) which is the area where ONLY the secure bootloader is stored.

The application was stored in flash starting at page 0x3 (0x8001800) which is not part of the secure area, so, since security was enabled CPU2 could not jump and execute in this non-secure area.

So, what must be done to make it working is:

  • Set the SFSA value to 0x3
  • Uncheck the FSD

In this way the security is enabled and the secure flash area includes both the secure bootloader and the application.

Additionally as previously:

  • Set the HDPSA to 0x40
  • Uncheck the HDPAD

This enables the hide protection feature ONLY for the secure bootloader area which is executed at a device reset or device startup and then when jumping to the application this area is no longer accessible (hidden).

0 Kudos
Top