search

STMicroelectronics / STM32CubeU5

Full Firmware Package for the STM32U5 series: HAL+LL drivers, CMSIS, BSP, MW, plus a set of Projects (examples and demos) running on all boards provided by ST (Nucleo, Evaluation and Discovery Kits).
Other
116 stars 61 forks source link

SBSFU #45

Closed aitor4321 closed 2 months ago

aitor4321 commented 3 months ago

Hello,

I have a small question about how the SBSFU example works. Does it work in the secure zone or in the non secure zone? If it works in the non secure zone, how can I make it work in the secure zone?

Thanks in advance

tdjastrzebski commented 3 months ago

@aitor4321 It works in both zones. Recently I was puzzled as well so I visualized it in Excel. See below, green is Trust Zone.

image

aitor4321 commented 3 months ago

Hello @tdjastrzebski,

Thank you for responding. So, if I modify the main file of SBSFU_APPLI_SECURE and make an application that saves data in memory, will it save it in the secure zone? If someone tries to retrieve that data, could they access that memory?

tdjastrzebski commented 3 months ago

@aitor4321 In general, app in secure zone has access to non-secure zone memory, including flash, but not the other way around. See AN5347. Where data is saved is up to you. Note that this implementation contains two DATA images - secure and non-secure, each has two slots (primary and secondary). More details you can find in MCUboot docs. I suggest starting there.

ALABSTM commented 2 months ago

ST Internal Reference: 179481

ALABSTM commented 2 months ago

Hi,

@tdjastrzebski, thank you for your contribution.

@aitor4321, did the indications provided by @tdjastrzebski help you with what you are trying to do? In the meanwhile, your question has been forwarded to our development teams. I will keep you informed.

With regards,

With regards,

aitor4321 commented 2 months ago

Hi @ALABSTM,

Yes, the instructions provided by @tdjastrzebski have helped me with what I'm trying to accomplish. Thank you!

Looking forward to hearing from the development teams.

With regards,

ALABSTM commented 2 months ago

Hi @aitor4321,

Back to you with an extra information from our development teams. You asked:

If someone tries to retrieve that data, could they access that memory?

The answer is that it depends on the location where the modified SBSFU_Appli_Secure application saves data... If it save it to a non-secure or to a secure area in the flash memory. Hence, you have to ensure that your data is saved to a secure area in the flash memory.

I hope this helps. Please allow me to close this thread.

With regards,