Hi,
we have a custom board using STM32MP157C that seems to be bricked and can no longer be flashed with STM32 Cube Programmer over USB (DFU) after fusing the Closed_device bit in OTP.
Before that we verified our image with signed FSBL and FIP with TRUSTED_BOARD_BOOT enabled. Logs suggested that secure boot was working fine.
After programming OTP with STM32PRGFW-UTIL and setting Closed_device bit the device won't boot and can also no longer be flashed successfully. I guess FSBL got overwritten by the one from STM32PRGFW-UTIL which was not signed. However I don't understand why flashing no longer works.
Does STM32 Cube Programmer USB/DFU flashing rely on a signed working FSBL already on the device?
From the documentation here https://www.st.com/resource/en/application_note/an5275-introduction-to-usb-dfuusart-protocols-used-in-stm32mp1-and-stm32mp2-mpu-bootloaders-stmicroelectronics.pdf in 1.7.1 Case 1 – programming from reset it sounds like that Cube Programmer loads FSBL and SSBL directly into RAM. Do I manually need to sign those?
Clarification on how flashing works in Closed_device would be appreciated.
