Application Compilation Process; Figure 6. Stm32Cubeide Tfm Projects - ST STM32CubeL5 User Manual

3.3.2

Application compilation process

With STM32CubeIDE IDE, build the 3 TFM related projects (refer to
provided in the STM32Cube_FW_L5_V1.1.0 SW package (strictly following the order described hereafter):
• TFM_SBSFU project compilation: \Projects\STM32L562E-DK\Applications\TFM\TFM_SBSFU\
In the context of security certification, TFM_SBSFU project shall be compiled in "production mode"
(TFM_DEV_MODE compilation switch shall be deactivated in file "main.h" of TFM_SBSFU project) in order
to control STM32L5 Option Bytes values at the very beginning of the secure boot procedure:
#define TFM_OB_RDP_LEVEL_VALUE OB_RDP_LEVEL_1 /*!< secure JTAG debug forbidden,
protected memory access forbidden (Flash, SRAM2 and back-up registers). Non secure
debug allowed on non-secure SRAM1&3&4 and all non-secure peripheral registers */
#define TFM_WRP_PROTECT_ENABLE
#define TFM_SECURE_USER_PROTECT_ENABLE /*!< HDP protection
#define TFM_USE_RSS_SERVICE
#define TFM_OB_SEC_PROTECT_ENABLE /*!< Secure Area for Flash
#define TFM_OB_BOOT_SEC_ENABLE /*!< Secure Boot address
#define TFM_SECURE_USER_SRAM2_ERASE_AT_RESET /*!< SRAM2 clear at Reset
#define TFM_OB_BOOT_LOCK 1 /*!< Entry point fixed to SECBOOTADD0 Option Byte value */
#define TFM_FLASH_PRIVONLY_ENABLE
#define TFM_WRP_BL2_SHARED_DATA
protected before jumping in TFM_Appli secure
#define TFM_SBSFU_MPU_PROTECTION
outside of TFM_SBSFU code
When "production mode" is used the procedure to re-initialize a product to virgin state is only possible by
doing a hot plug JTAG attach when STM32L5 CPU executes code in a non-secure SRAMs (except
protected SRAM2). In case, Integrator want to keep this flexibility in its product, then Integrator has to
implement this specific function in its own non-secure application. Nevertheless, to ease the Integrator
product development phase, TFM_SBSFU project can be compiled in "development mode"
(TFM_DEV_MODE compilation switch activated – default configuration of the TFM_SBSFU project delivered
in STM32Cube_FW_L5_V1.1.0 SW package). This mode does not fix the Boot Entry Point so that it is
always possible (by changing SMT32L5 boot pin values as explained in [RM0438]) to select standard
bootloader booting mode to do a RDP regression. Moreover, this mode allows also to simplify the dev
process as TFM_SBSFU code will automatically configure the Option bytes in case Option Bytes are not at
the expected values (i.e Step 4 not correctly done or not done at all):
#define TFM_DEV_MODE
#define TFM_OB_RDP_LEVEL_VALUE OB_RDP_LEVEL_1 /*!< secure JTAG debug forbidden,
protected memory access forbidden (Flash, SRAM2 and back-up registers). Non secure
debug allowed on non-secure SRAM1 and all non-secure peripheral registers */
#define TFM_WRP_PROTECT_ENABLE
#define TFM_SECURE_USER_PROTECT_ENABLE /*!< HDP protection
#define TFM_USE_RSS_SERVICE
#define TFM_OB_SEC_PROTECT_ENABLE /*!< Secure Area for Flash
#define TFM_OB_BOOT_SEC_ENABLE /*!< Secure Boot address
#define TFM_SECURE_USER_SRAM2_ERASE_AT_RESET /*!< SRAM2 clear at Reset
#define TFM_OB_BOOT_LOCK 0 /*!< Boot entry point not fixed to SECBOOTADD0 – Boot entry
point can be changed to standard Bootloader code by SMT32L5 boot pin values -
SECBOOTADD0 can be reprogrammed by secure debug or SW. */
#define TFM_FLASH_PRIVONLY_ENABLE
#define TFM_WRP_BL2_SHARED_DATA
protected before jumping in TFM_Appli secure
#define TFM_SBSFU_MPU_PROTECTION
outside of TFM_SBSFU code
#define TFM_ENABLE_SET_OB /*!< Option bytes are set by TFM_SBSFU when not correctly
set */
#define TFM_ERROR_HANDLER_NON_SECURE /*!< Error handler is in Non Secure , this allows
regression without jumping
– Build \TFM_SBSFU\STM32CubeIDE\ Project.uvprojx
– Check TFM_SBSFU binary is generated (\TFM_SBSFU\STM32CubeIDE\STM32L562E-
DISCO_TFM_SBSFU\Debug\STM32L562E-DISCO_TFM_SBSFU.bin)
– TFM_SBSFU binary file contains TFM Personalization data and TFM_SBSFU code.
UM2745 - Rev 1
/*!< Write Protection
/*!< Flash Command in Privileged only
/*!< TFM_SBSFU set BL2 shared Area
*/
/*!< TFM_SBSFU uses MPU to prevent execution
*/
/*!< Write Protection
/*!< Flash Command in Privileged only
/*!< TFM_SBSFU set BL2 shared Area
*/
/*!< TFM_SBSFU uses MPU to prevent execution
*/
*/
Secure installation
Figure 6. STM32CubeIDE TFM
*/
*/
*/
*/
*/
*/
as write
*/
*/
*/
*/
*/
*/
as write
UM2745
projects)
page 11/36