How to validate an image with security features enabled?

Thank you for posting your question. While I do not have an answer, I do have the exact same situation with my board's STM32L496 and SBSFU v2.5.0.

Per your observation, I disabled SFU_MPU_USERAPP_ACTIVATION and the problem went away.

For background info, when I run my projects with ENABLE_IMAGE_STATE_HANDLING disabled, the firmware can be updated.

There is a difference in MPU permissions comparing the SB / SFU vs. App regions. MPU_REGION_FULL_ACCESS vs. MPU_REGION_PRIV_RO respectively. There is a comment regarding the app permissions and firewall, however I do not know enough about either yet. Still learning.

For fun, I changed the App region permission to MPU_REGION_FULL_ACCESS and it boots up and the app runs now. Is this OK?

Hi @jrgert​, thank you for your answer. I am glad that you can reproduce the problem. If you assign it full access, will the MPU protection still have any effect?

How did you manage to call SE_APP_ValidateFw() from within the UserApp? I am trying to run SBSFU with ENABLE_IMAGE_STATE_HANDLING, but the SE_APP_ValidateFw() function will reset the STM32L4A6 as the function is not in the expected memory boundary. Are you calling the SE_APP_ValidateFw() from the UserApp in the SBSFU code?

The failing part is in the function

/*Secure Engine Call*/
 
e_ret_status = (*SE_CallGatePtr)(SE_APP_VALIDATE_FW, peSE_Status, primask_bit, SlotNumber);

and this calls the:

SE_ErrorStatus SE_CallGate(SE_FunctionIDTypeDef eID, SE_StatusTypeDef * const peSE_Status, uint32_t PrimaskParam, ...)
{
 SE_ErrorStatus e_ret_status;
 va_list arguments;
#if defined(__GNUC__)
 register unsigned lr asm("lr");
 uint32_t LR = lr;
#else
 uint32_t LR;
#endif /* __GNUC__ */
 
 /* Enter the protected area */
 ENTER_PROTECTED_AREA();
 
 /*
 * Warning : It is mandatory to call NVIC_SystemReset() in case of error
 * instead of return(SE_ERROR) to avoid any attempt of attack by modifying
 * the call stack (LR) in order to execute code inside secure enclave
 */
 
 /* Check the Callgate was called only from SE Interface */
#if defined(__ICCARM__) || defined (__CC_ARM)
 LR = __get_LR();
#endif /* __ICCARM__ || __CC_ARM */
 
 IS_CALLER_SE_IF();

the IS_CALLER_SE_IF is

#define IS_CALLER_SE_IF() \
 do{ \
 if (LR< SE_IF_REGION_ROM_START){\
 NVIC_SystemReset();}\
 if (LR> SE_IF_REGION_ROM_END){\
 NVIC_SystemReset();}\
 }while(0)

and obviously, if the SE_APP_ValidateFw() function is in the UserApp flash space, the second IF will trigger a reset.

So, my question is, how did you avoid this? I'm on STM32CubeIde. Too bad STM tries its best not to provide working examples on STM32CubeIde.

Hello @kaur ,

Are you using latest version of X-CUBE-SBSFU ?

Did you change the flash mapping ?

In this package, the MPU configuration needs to be adapted when flash mapping is changed. this is not done automatically ...

Best regards

Jocelyn

Hello,

First, I have double checked the Image state handling feature of the SBSFU 6.2.0 on STM32WB55 and is works fine on the default project.

I also changed the mapping as you did, and adapted MPU configuration accordingly in

Projects\P-NUCLEO-WB55.Nucleo\Applications\2_Images\2_Images_SBSFU\SBSFU\Target\sfu_low_level_security.h

#define APP_PROTECT_MPU_AREA_2_ACTIVE_SLOT_START 0x08040000U
#define APP_PROTECT_MPU_AREA_2_ACTIVE_SLOT_SIZE MPU_REGION_SIZE_256KB
#define APP_PROTECT_MPU_AREA_2_ACTIVE_SLOT_PERM MPU_REGION_FULL_ACCESS
#define APP_PROTECT_MPU_AREA_2_ACTIVE_SLOT_EXEC MPU_INSTRUCTION_ACCESS_ENABLE
#define APP_PROTECT_MPU_AREA_2_ACTIVE_SLOT_SREG 0xC0U 

 All works fine : Check active firmware version, update and image validation.

Best regards

Jocelyn

Hi @unknown ,

Is there anything different in your scenario which is leading to this issue?