Skip to main content
MBand.3
MBand.3
Associate III
February 14, 2022
Solved

Serial DFU of Secure Firmware Fails

  • February 14, 2022
  • 1 reply
  • 915 views

I'm attempting to use the serial bootloader to load a secure firmware image to an STM32L5 using STM32CubeProgrammer. I can successfully connect to the board in bootloader mode and perform a full-chip erase, but attempting to download the image (either a .hex or a .out) results in an error:

10:20:33 : Memory Programming ...
 10:20:33 : Opening and parsing file: project.out
 10:20:33 : File : project.out
 10:20:33 : Size : 256 KBytes
 10:20:33 : Address : 0x0C000000 
 10:20:33 : Erasing memory corresponding to segment 0:
 10:20:33 : Not flash Memory : No erase done
 10:20:33 : Download in Progress:
 10:20:34 : Response received from device: NACK
 10:20:34 : Error: Write address not acknowledged: 0xC000000
 10:20:34 : Error: failed to download Segment[0]
 10:20:34 : Error: failed to download the File

TrustZone is enabled (FLASH_OPTR->TZEN=1) on this device. Reading 0x0BF97FFE returns a bootloader ID of 0x92.

Is there a way to apply a secure image via the serial bootloader?

Thanks!

Update:

I tried converting my project to a raw binary and uploading it to address 0x0800'0000. The upload reports success, but verification fails and reading back the memory shows that it was not programmed.

This topic has been closed for replies.
Best answer by Jocelyn RICARD

Hello @MBand.3​ ,

yes the embedded bootloader runs in non secure environment.

So, if you activated trustzone, the default configuration is that flash is fully secure.

You can still change this configuration to make it full non secure and you will be able to write your firmware. Then you should be able to set again the secure area through option bytes.

Other way could be to program your software with TZEN=0, and then activate it and set the correct secure watermark. This could also be done by your firmware.

Regarding addressing the secure alias (0x0C000000) I think this will not work anyway. The system bootloader checks the address range, and I think this one was not included.

So, I need to use binary download instead of elf or hex.

Best regards

Jocelyn

Best regards

Jocelyn

1 reply

Jocelyn RICARD
Jocelyn RICARDBest answer
ST Employee
February 15, 2022

Hello @MBand.3​ ,

yes the embedded bootloader runs in non secure environment.

So, if you activated trustzone, the default configuration is that flash is fully secure.

You can still change this configuration to make it full non secure and you will be able to write your firmware. Then you should be able to set again the secure area through option bytes.

Other way could be to program your software with TZEN=0, and then activate it and set the correct secure watermark. This could also be done by your firmware.

Regarding addressing the secure alias (0x0C000000) I think this will not work anyway. The system bootloader checks the address range, and I think this one was not included.

So, I need to use binary download instead of elf or hex.

Best regards

Jocelyn

Best regards

Jocelyn

Terms & ConditionsAccessibility statement