What to modify in TF-A source code to define BKPSRAM as non-secure?

JRobi.3 · ‎2023-02-07

We're are trying to use BKPSRAM in application code insecurely. According to the stm32mpu BKPSRAM_internal_memory page, we need to "set BKPSRAM as non-secure and degrade low power modes support, removing Standby mode"

Apart from setting the etzpc peripheral in the devicetree to non-secure [DECPROT(STM32MP1_ETZPC_BKPSRAM_ID, DECPROT_NS_RW, DECPROT_UNLOCK)]

what else is necessary in TF-A?

Olivier GALLIEN · ‎2023-02-07

Hi @JRobi.3 ,

Take care of the warning banner :

"Default OpenSTLinux delivery prevents to define BKPSRAM as non-secure. This requires to modify TF-A source code with one of the following strategies:

set BKPSRAM as non-secure and degrade low power modes support, removing Standby mode

This means removing STM32_PM_CSTOP_ALLOW_STANDBY_DDR_SR from the node below :

&pwr_regulators {
	system_suspend_supported_soc_modes = <
		STM32_PM_CSLEEP_RUN
		STM32_PM_CSTOP_ALLOW_LP_STOP
		STM32_PM_CSTOP_ALLOW_LPLV_STOP
		STM32_PM_CSTOP_ALLOW_LPLV_STOP2
		STM32_PM_CSTOP_ALLOW_STANDBY_DDR_SR
	>;
 
	system_off_soc_mode = <STM32_PM_SHUTDOWN>;
	vdd-supply = <&vdd>;
	vdd_3v3_usbfs-supply = <&vdd_usb>;
};

And as said this can imply further modification in TF-A or OP-TEE source code. ( eg : some check of secure state of the BKPSRAM.

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.