Skip to main content
alessandro morniroli
alessandro morniroli
Associate III
June 19, 2023
Question

Erase non secure page from secure domain

  • June 19, 2023
  • 3 replies
  • 2104 views

Hi,

we are developing a firmware on the STM32U575QG MCU. Trustzone is enabled and configured as follows (DBANK active).

alessandromorniroli_0-1687169218695.png
Flash memory size is 1MB, with DBANK active. So, from my understanding, it should be two different bank, each one composed by 64 pages of 8kB.

BANK1:
- secure from page 0 to page 63 (all bank is secure, 512kB);

BANK2:
- secure from page 0 to page 31 (256kB secure). From 32 to 63 unsecure flash;

We are now trying to erase NS pages from secure domain using interrupts. For instance:

 

 

FLASH_EraseInitTypeDef EraseInitStruct;

HAL_FLASH_Unlock ();

__HAL_FLASH_ENABLE_IT_NS (FLASH_IT_EOP);
__HAL_FLASH_ENABLE_IT_NS (FLASH_IT_OPERR);

HAL_NVIC_EnableIRQ (FLASH_IRQn);

__HAL_FLASH_CLEAR_FLAG_NS(FLASH_FLAG_EOP | FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR | FLASH_FLAG_PGSERR);


EraseInitStruct.TypeErase = FLASH_TYPEERASE_PAGES_NS;
EraseInitStruct.Banks = FLASH_BANK_2;
EraseInitStruct.Page = 32;
EraseInitStruct.NbPages = NbOfPages;

HAL_FLASHEx_Erase_IT(&EraseInitStruct);

 

 

NS IRQ is triggering as expected, but NSSR register is reporting PGSERR.

I've read the datasheet and it says:

alessandromorniroli_1-1687170571072.png

Is it possible to erase NS pages from secure domain? Am I doing something wrong?

Thanks.

Alessandro

 

This topic has been closed for replies.

3 replies

Billy OWEN
Billy OWEN
ST Employee
September 15, 2023

Hi @alessandro morniroli 

 

The forum moderator had marked your post as needing a little more investigation and direct support. An online support case has been created on your behalf, please stand by for just a moment and you will hear from us.

 

Regards,

Billy

D
declan
Visitor II
October 24, 2023

Hi @Billy OWEN ,

I was wondering if this question was ever resolved, since I have the same issue. In my case, I'm working with the STM32H5, but as with the U5, PGSERR is set if the nonsecure STRT is set from the secure domain. Is it possible to perform flash erase on nonsecure sectors from the secure domain, or is it recommended to only perform firmware updates of nonsecure flash from the nonsecure domain?

Thanks,

Declan

Amel NASRI
Amel NASRI
Technical Moderator
October 25, 2023

Hi @declan ,

Could you please submit a new conversation where you describe with more details your case under STM32 MCUs Security?

-Amel

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
D
declan
Visitor II
October 25, 2023

Thanks @alessandro morniroli, I'll look into the SAU setup and see if I can fix things there.

If I'm not able to resolve it I'll start a new conversation.

Terms & ConditionsAccessibility statement