2024-01-09 02:26 PM
Hello,
I would like to start working on SBSFU. I have B-L4S5I-IOT01 board which has STSAFE device I'm interested on.
What I have read so far and particularly UM2262 document indicate I have to:
- build SECoreBin
- build SBSFU
- build UserApp
I have opened the project of the X-CUBE-SBSFU package in "STM32CubeExpansion_SBSFU_V2.6.2/Projects/B-L4S5I-IOT01A/Applications/2_Images_STSAFE" with STM32CubeIDE and trying to follow this procedure.
First of all I would like to indicate it fails on Windows but I don't understand the reason and I have not investigated. I moved on ubuntu. Here We have all the *.sh files missing execution right so initially building fails for this reason. Add +x to all *.sh files looks good.
Now I'm building the SECoreBin firmware and I get the following error:
23:19:06 **** Build of configuration Debug for project B-L4S5I-IOT01_2_Images_SECoreBin ****
make all
"../prebuild.sh" "../"
prepareimage with python script
python /home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Secure_Engine/Utilities/KeysAndImages/prepareimage.py conf ..//../Inc/se_crypto_config.h
SECBOOT_X509_ECDSA_WITHOUT_ENCRYPT_SHA256 selected
python /home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Secure_Engine/Utilities/KeysAndImages/prepareimage.py inject -k ..//../../2_Images_KMS_Blob/Binary/ECCKEY.txt -f ..//../Inc/kms_platf_objects_config.h.pattern -p @ECDSA_BLOB_KEY@ ../\..\Inc\kms_platf_objects_config.h.tmp
python /home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Secure_Engine/Utilities/KeysAndImages/prepareimage.py inject -k ..//../../2_Images_KMS_Blob/Binary/OEM_KEY_COMPANY1_key_AES_CBC.bin -f ../\..\Inc\kms_platf_objects_config.h.tmp -p @aes_BLOB_KEY@ ../\..\Inc\kms_platf_objects_config.h
python /home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Secure_Engine/Utilities/KeysAndImages/prepareimage.py trans -a GNU -k ..//../../STSAFE_Provisioning/Binary/STSAFE_PAIRING_keys.bin -f SE_ReadKey_Pairing -v V7M
create symbolic link postbuild.sh to SECBOOT_X509_ECDSA_WITHOUT_ENCRYPT_SHA256.sh
arm-none-eabi-gcc "/home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Key_Management_Services/Modules/kms_dyn_obj.c" -mcpu=cortex-m4 -std=gnu11 -g3 -DSTM32L4S5xx '-DMBEDTLS_CONFIG_FILE=<mbed_crypto_config.h>' -DUSE_HAL_DRIVER -DUSE_STM32L4S5I_IOT01 -DKMS_ENABLED -DSTSAFE_A110 -DENABLE_IMAGE_STATE_HANDLING -c -I../../Inc -I../../../../../../../Drivers/CMSIS/Device/ST/STM32L4xx/Include -I../../../../../../../Drivers/STM32L4xx_HAL_Driver/Inc -I../../../../../../../Drivers/BSP/B-L4S5I-IOT01A -I../../../../../../../Drivers/BSP/Components/Common -I../../../../../../../Middlewares/ST/STM32_Secure_Engine/Core -I../../../../../../../Middlewares/ST/STM32_Secure_Engine/Key -I../../../../../../../Middlewares/ST/STM32_Key_Management_Services/Core -I../../../../../../../Middlewares/ST/STM32_Key_Management_Services/Interface -I../../../../../../../Middlewares/ST/STM32_Key_Management_Services/Modules -I../../../../../../../Middlewares/ST/STSAFE_A1xx/CoreModules/Inc -I../../../2_Images_SBSFU/SBSFU/App -I../../../2_Images_SBSFU/SBSFU/Target -I../../../Linker_Common/STM32CubeIDE -I../../../../../../../Drivers/CMSIS/Include -I../ -I../../../../../../../Middlewares/Third_Party/mbed-crypto/include -Os -ffunction-sections -Wall -fstack-usage -fcyclomatic-complexity -MMD -MP -MF"Middlewares/STM32_Key_Management_Services/kms_dyn_obj.d" -MT"Middlewares/STM32_Key_Management_Services/kms_dyn_obj.o" --specs=nano.specs -mfpu=fpv4-sp-d16 -mfloat-abi=hard -mthumb -o "Middlewares/STM32_Key_Management_Services/kms_dyn_obj.o"
/home/ubuntu/st/STM32CubeExpansion_SBSFU_V2.6.2/Middlewares/ST/STM32_Key_Management_Services/Modules/kms_dyn_obj.c:32:10: fatal error: kms_platf_objects_config.h: No such file or directory
32 | #include "kms_platf_objects_config.h" /* KMS embedded objects definitions */
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[1]: *** [Middlewares/STM32_Key_Management_Services/subdir.mk:64: Middlewares/STM32_Key_Management_Services/kms_dyn_obj.o] Error 1
make: *** [makefile:65: all] Error 2
"make all" terminated with exit code 2. Build might be incomplete.
23:19:08 Build Failed. 3 errors, 0 warnings. (took 2s.451ms)
Can someone point the correct procedure I have to follow, as it seems maybe a step is missing here ? My goal at the moment is just to load the UserApp example and do an update using the serial Ymodem interface for example, so I can evaluate how it works.
Thanks !
Joel
2024-01-09 02:33 PM
PS : I have build for the NUCLEO L476 board successfully this way. I suppose the issue is specific to STSAFE usage so my concern is really to understand the procedure for the B-L4S5I-IOT01 board.
2024-01-10 10:40 AM
Hello @JGUIT.1 ,
I checked the build of STSAFE project and I confirm it fails.
Now I could find a way to recover.
1) For some reason, the official version of SBSFU 6.2.0 includes a new version of KMS middleware 1.9.0 instead of 1.8.0 referred in the release notes. I guess this is related to an issue tool used to create the official delivery. I reported this internally.
The way to recover this is to get previous SBSFU 6.1.0 and replace the content STM32CubeExpansion_SBSFU_V2.6.2\Middlewares\ST\STM32_Key_Management_Services\ by the one from 6.1.0
2) if you use STM32CubeIDE, the gcc tools update introduced some regressions. Please use STM32CubeIDE 1.12.1 to build the project, it should be ok : I tested successfully the compilation of all projects under windows 10
Sorry of the invonvenience
Best regards
Jocelyn
2024-01-10 12:41 PM
Hello @Jocelyn RICARD
Thanks for the quick reply to this, ok so I'm no totally wrong :p
Will try soon as you indicated. Do you know what is the reactivity internally to fix this kind of issues and publish an update ?
Joel
2024-01-15 10:36 AM
Hello @JGUIT.1 ,
Regarding first issue you have a very simple workaround. It will be fixed in next SBSFU release but this one is not planned yet.
Regarding STM32CubeIDE issue, the fix was delivered today in st.com: You can download the STM32CubeIDE 1.14.1 and the build will go through.
You may see a linker warning in some project like this:
C:/ST/STM32CubeIDE_1.14.1/STM32CubeIDE/plugins/com.st.stm32cube.ide.mcu.externaltools.gnu-tools-for-stm32.11.3.rel1.win32_1.1.100.202309141235/tools/bin/../lib/gcc/arm-none-eabi/11.3.1/../../../../arm-none-eabi/bin/ld.exe: C:/ST/STM32CubeIDE_1.14.1/STM32CubeIDE/plugins/com.st.stm32cube.ide.mcu.externaltools.gnu-tools-for-stm32.11.3.rel1.win32_1.1.100.202309141235/tools/bin/../lib/gcc/arm-none-eabi/11.3.1/../../../../arm-none-eabi/lib/thumb/v7e-m+fp/hard\libc_nano.a(libc_a-closer.o): in function `_close_r':
(.text._close_r+0xc): warning: _close is not implemented and will always fail
This issue cannot be fixed in STM32CubeIDE because it is related to gcc tools.
Easy fix is to add the file syscall.c in the project
This file can be found in UserApp project for instance.
Best regards
Jocelyn