Graduate II

Solved

Unable to regress to RDP=0

Forum|Forum|2 years ago
July 11, 2023
4 replies
3292 views

I'm working on a custom STM32U5 board and I'm trying to harden the system.

I followed the AN5347 (https://www.st.com/resource/en/application_note/an5347-arm-trustzone-features-for-stm32l5-and-stm32u5-series-stmicroelectronics.pdf) in particular I followed the chapter 10 with success as I was able to raise up to RDP=2 with OEM password and back to RDP=0.

Then I tried for the second time using the STM32CubeProgrammer instead of the command line as described in the application note, but I got some issues at step 5: Set RDP level 2. The STM32CubeProgrammer did not end the process and got stuck writing RDP=0xCC in the option byte and after ten minutes I forced the termination of the GUI.

After that I was not able to recover to RDP=0.

Every time I try to send a command to the board I get some error.

If I try to follow chapter 10.6 Unlock RDP level 2 with OEM2Key with the command line:

STM32_Programmer_CLI.exe -c port=swd mode=UR -unlockrdp2 0xMYKEYLOW 0xMYKEYHI

the result is the following:

 -------------------------------------------------------------------
 STM32CubeProgrammer v2.13.0
 -------------------------------------------------------------------

ST-LINK SN : 53FF71068389505253152567
ST-LINK FW : V2J40S7
Board : --
Voltage : 3.39V
Unlock RDP2 password succefully done!
Error: ST-LINK error (DEV_TARGET_NOT_HALTED)

All other commands sent via cli or via the programmer, get some error, most of the time unable to read values.

Now I don't know what to do to recover this board.

Any idea?

This topic has been closed for replies.

Best answer by Diane POMABIA

Hello @Manuel Ferrero ,

If you have activated RDP level 2 without defining the OEM2key, you have blocked your part and will no longer be able to regress, therefore erasing or reprogramming it.

You can refer to table 21 in reference Manual (RM0456)

Regards

Diane

Regards

Diane

D

Diane POMABIA

ST Employee

Hello @Manuel Ferrero

Can you confrim that that you followed the same procedure as described in this article?

https://community.st.com/t5/stm32-mcus/how-to-regress-from-rpd-level-2-to-rdp-level-0-on-the-stm32u5/ta-p/568476

Regards

Diane

M

Manuel FerreroAuthor

Graduate II

Hello @Diane POMABIA

I confirm that I followed that procedure, but at the moment I have problems at step #3, where I get the following error:

09:29:23 : UR connection mode is defined with the HWrst reset mode
09:29:24 : ST-LINK SN : REDACTED
09:29:24 : ST-LINK FW : V2J40S7
09:29:24 : Board : --
09:29:24 : Voltage : 3.39V
09:29:24 : SWD freq : 4000 KHz
09:29:24 : Connect mode: Hot Plug
09:29:24 : Reset mode : Software reset
09:29:24 : Device ID : 0x482
09:29:24 : Revision ID : Rev W
09:29:24 : Debug in Low Power mode enabled.
09:29:25 : Error: Target interface must be at chip protection Level 2
09:29:25 : UPLOADING OPTION BYTES DATA ...
09:29:25 : Bank : 0x00
09:29:25 : Address : 0x40022040
09:29:25 : Size : 36 Bytes
09:29:25 : Error: Uploading Option Bytes bank: 0 failed
09:29:25 : Error: Initializing the Option Bytes failed
09:29:25 : Disconnected from device.

And when I try to reconnect the STLINK i get the following log:

09:34:13 : UR connection mode is defined with the HWrst reset mode
 09:34:14 : ST-LINK SN : REDACTED
 09:34:14 : ST-LINK FW : V2J40S7
 09:34:14 : Board : --
 09:34:14 : Voltage : 3.39V
 09:34:14 : SWD freq : 4000 KHz
 09:34:14 : Connect mode: Hot Plug
 09:34:14 : Reset mode : Software reset
 09:34:14 : Device ID : 0x482
 09:34:14 : Revision ID : Rev W
 09:34:14 : Debug in Low Power mode enabled.
 09:34:14 : UPLOADING OPTION BYTES DATA ...
 09:34:14 : Bank : 0x00
 09:34:14 : Address : 0x40022040
 09:34:14 : Size : 36 Bytes
 09:34:14 : Error: Uploading Option Bytes bank: 0 failed
 09:34:14 : Error: Initializing the Option Bytes failed
 09:34:14 : Disconnected from device.

Is there some procedure to wipe completely the micro and restart from scratch or I have to throw it in the bin?

D

Diane POMABIAAnswer

ST Employee

Hello @Manuel Ferrero ,

If you have activated RDP level 2 without defining the OEM2key, you have blocked your part and will no longer be able to regress, therefore erasing or reprogramming it.

You can refer to table 21 in reference Manual (RM0456)

Regards

Diane

Regards

Diane

M

Manuel FerreroAuthor

Graduate II

In RM0456 I read:

"Shifting the password key through JTAG/SWD corresponds to writing two 32-bit key words,
AUTH_KEY[31:0], then AUTH_KEY[63:32], in the DBGMCU_DBG_AUTH_HOST register."

If I launch the STM32CubeProgrammer and I write my password in the Secure programming screen does the ST-LinkV2 send the password as described?

D

Diane POMABIA

ST Employee

Hello @Manuel Ferrero

Yes, based on what you told me under the forum of the article, you have correctly set your password .

You are facing a tool bug, this is a workaround:

Can you retest on your two boards by doing step 1 <<Go back to the "secure programming" menu and Click on "Unlock RDP2" and after on "Apply unlock RDP2">> 2 times before moving on to step 2?

if you have correctly defined your password, no worries, go back directly from this step, you can regress to level 0.

Internal ticket has been created to solve this bug.

Internal ticket number: 157559 (This is an internal tracking number and is not accessible or usable by customers).

Let me know if it's ok for you.

Regards

Diane

I

Istillaga

Graduate

Hello,
I have the same problem with STM32U585. Did you manage to solve the problem? If you could tell me what you did, you could really help me out.

Thanks in advance.

I

Istillaga

Graduate

Hello @Diane POMABIA ,

Thank you for responding.

I have version 2.16.0 of CubeProgrammer.

Regards

Istillaga

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded