Associate II

Question

Access to UID_BASE from non secure application on Stm32U585 under SBSFU cube example

Forum|Forum|2 years ago
November 30, 2023
6 replies
2665 views

Hi,

I'm trying to get access to the UID registers (address 0x0BFA0700UL) of the CPU with the above configuration from the non secure application. The secure fault callback is getting called. I have tried adding an entry in the boot code file low_level_security.c in the sau_init_cfg and region_cfg_init_ns arrays in an attempt to allow the non secure application to access this region.

This addition does not seem to help.
I would like to get access to these values in order to initialize the USB CDC device stack which uses this data in the device description. Obviously I have access to these registers in the boot code. In a TF-M project on the same hardware I pass this data to the application using the BOOT_TFM_SHARED_DATA_BASE.
Is it possible to make this data accessible to the non secure application without adding all the TF-M code? If so, can you, please, provide some pointer to how I should approach this to get the code working?
From a security point of view, is this approach adding vulnerability to the code? If it is, should I take a different path to make this data available to the non secure application?

Thanks,

Daniel

This topic has been closed for replies.

Roger SHIVELY

ST Employee

Hello @DPerr.2216 ,

There has been a case created to resolve this question and we will be reaching out to you directly.

Regards,
Roger

Frantz LEFRERE

ST Employee

to get access to this register, you need to update the secure application SAU and to insure the MPU configured by SBSFU allows the application to access this range of address.

For the SAU update :
in the file
STM32Cube_FW_U5_V1.3.0\Projects\B-U585I-IOT02A\Applications\SBSFU\SBSFU_Appli\Secure\Inc\partition_stm32u5xx.h

You need to define
/*
// <e>Initialize SAU Region 6
// <i> Setup SAU Region 6 memory attributes
*/
#define SAU_INIT_REGION6 1

/*
// <o>Start Address <0-0xFFFFFFE0>
*/
#define SAU_INIT_START6 0xBFA0500 /* start address of SAU region 6 */

/*
// <o>End Address <0x1F-0xFFFFFFFF>
*/
#define SAU_INIT_END6 0xBFA14FF /* end address of SAU region 6 */

/*
// <o>Region is
// <0=>Non-Secure
// <1=>Secure, Non-Secure Callable
*/
#define SAU_INIT_NSC6 0

The for the MPU of the application, you need to modify the file :
STM32Cube_FW_U5_V1.3.0\Projects\B-U585I-IOT02A\Applications\SBSFU\SBSFU_Boot\Src\low_level_security.c

In the structure
const struct mpu_armv8m_region_cfg_t region_cfg_appli_ns[] __attribute__((section(".BL2_NoHdp_Data"))) = {

Please add a region 6
{
6,
PACKAGE_BASE,
(PACKAGE_BASE + 0xfff),
MPU_ARMV8M_MAIR_ATTR_DATANOCACHE_IDX,
MPU_ARMV8M_XN_EXEC_NEVER,
MPU_ARMV8M_AP_RW_PRIV_UNPRIV,
MPU_ARMV8M_SH_NONE,
#ifdef FLOW_CONTROL
FLOW_STEP_MPU_NS_A_EN_R6,
FLOW_CTRL_MPU_NS_A_EN_R6,
FLOW_STEP_MPU_NS_A_CH_R6,
FLOW_CTRL_MPU_NS_A_CH_R6,
#endif /* FLOW_CONTROL *//
}

and for the associated flow control for example :
STM32Cube_FW_U5_V1.3.0\Projects\B-U585I-IOT02A\Applications\SBSFU\SBSFU_Boot\Inc\boot_hal_flowcontrol.h
#define FLOW_STEP_MPU_NS_A_EN_R6 0x00000000U
#define FLOW_STEP_MPU_NS_A_CH_R6 0x00000000U
#define FLOW_CTRL_MPU_NS_A_EN_R6 (FLOW_CTRL_MPU_NS_A_EN_R5 ^ FLOW_STEP_MPU_NS_A_EN_R6)
#define FLOW_CTRL_MPU_NS_A_CH_R6 (FLOW_CTRL_MPU_NS_A_CH_R5 ^ FLOW_STEP_MPU_NS_A_CH_R6)

PJose.4

Senior

Hello @Frantz LEFRERE @DPerr.2216 @Roger SHIVELY
Greetings

i have a similar requirement to access the UID of the microcontroller using the TFM Example(TFM_SBSFU_Boot, TFM_Appli(Secure+Non Secure) provided by ST package. Can the same steps be used or any file difference is applicable. Please suggest solutions

Thanks and Regards
Philip

Frantz LEFRERE

ST Employee

Hello @PJose.4,

if the target is U5, yes same steps should be applied.

Best regards,

Frantz

PJose.4

Senior

Hello @Frantz LEFRERE
Thanks for your quick reply

Yes my target is STM32U585. one query is like i dont have a file in TFM_Appli_Secure-> partition_stm32u5xx.h. could you please guide where i have to add the contents from this file.(for SAU Update)
Thanks for your support

Frantz LEFRERE

ST Employee

The SAU configuration is done by the TFM_SBSFU_Boot and not the Appli.

Please modify the TFM_SBSFU project.

Nitin

Associate III

Hi Frantz, I have a similar requirement and the solution provided by you worked straightforwardly until I made a slight change in U5 board linker file script.

By default Appli Non Secure was using SRAM(192KB) which got exhausted for my application so I switched to SRAM3 but it has a consequence that now I am not able to get UID_BASE.

In other words, previously ld conf was like below

MEMORY
{
FLASH (rx) : ORIGIN = NS_CODE_START, LENGTH = NS_CODE_SIZE
RAM (rwx) : ORIGIN = NS_DATA_START, LENGTH = NS_DATA_SIZE
}

which now is

MEMORY
{
FLASH (rx) : ORIGIN = NS_CODE_START, LENGTH = NS_CODE_SIZE
SRAM3 (rwx) : ORIGIN = _SRAM3_BASE_NS + SRAM3_S_SIZE, LENGTH = _SRAM3_SIZE_MAX
}

And boom, now UID_BASE stopped working. Any clue for this?

PJose.4

Senior

Hi @Frantz LEFRERE

Thanks for the support
Will add the code portion that was shared above in the TFM_SBSFU_Boot project and will update.
Thanks again
Philip

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded