Skip to main content
R
rossU
Associate II
August 12, 2025
Solved

STM32MP257F-EV1 Tamper logging in Linux userspace

  • August 12, 2025
  • 1 reply
  • 264 views

I'm trying to somehow pass information about tampering event from OP-TEE to Linux userspace by means of Tamper Backup registers but I seem to have a problem.

I added this to kernel dts:

&nvram {
	my_free_backup_register: tamp-bkp@c4 {
		reg = <0xC4 0x4>;
	};
};

&usart2 {
 // Other stuff before nvmem
	nvmem-cells = <&my_free_backup_register>;
	nvmem-cell-names = "my_backup_register"; 
};

I tried to write to that register from OP-TEE function stm32_tamp_etamper_action using io_write32 function. Then I'm trying to read that register from OP-TEE immediately after the write and looks like the register has not been written to.

Also, in Linux userspace in /sys/bus/nvmem/devices/ I can see stm32-tamp-nvram0 but when I hexdump its nvmem file it's just a bunch of zeroes. I can't seem to find that nvmem-cells in usart2 either.

Best answer by rossU

Ok, so looks like I wasn't able to write to TAMP_BKP49R because I had to first acknowledge tamper to unlock the register by clearing tamper flag in _TAMP_SCR. Then I was able to successfully write to it from OP-TEE and read from Linux with:

root@stm32mp2:~# hexdump -C /sys/bus/nvmem/devices/stm32-tamp-nvram0/nvmem

 

1 reply

Christophe Guibout
Christophe Guibout
ST Employee
August 13, 2025

Hello @rossU,

 

You use TAMP_BKP49R, which is in Zone2 (Read Nonsecure/Write secure) : you should be  able to read it from the linux kernel: could you please detail how you read this tamper in linux ?

 

BR,

Christophe

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
R
rossUAuthorBest answer
Associate II
August 14, 2025

Ok, so looks like I wasn't able to write to TAMP_BKP49R because I had to first acknowledge tamper to unlock the register by clearing tamper flag in _TAMP_SCR. Then I was able to successfully write to it from OP-TEE and read from Linux with:

root@stm32mp2:~# hexdump -C /sys/bus/nvmem/devices/stm32-tamp-nvram0/nvmem

 

    Terms & ConditionsAccessibility statement