Registered User mNo edit summary |
Registered User m (Corrected "authentification" to "authentication". The verb "allow" requires an object and an infinitive verb structure to form a grammatically correct sentence. Added a line break to the footnote for better visualization after the jump.) Tag: 2017 source edit |
||
| (8 intermediate revisions by 4 users not shown) | |||
| Line 10: | Line 10: | ||
== Overview == | == Overview == | ||
The STM32MP25 embeds 128 backup registers of 32 bits. A programmable border allows these backup registers to be split into a secure and a | The STM32MP25 embeds 128 backup registers of 32 bits. A programmable border allows these backup registers to be split into a secure and a nonsecure group<sup>[[#RIFZone|a]]</sup>.<br /> | ||
== Backup register usage == | == Backup register usage == | ||
| Line 16: | Line 16: | ||
{{Warning|It is important to notice that the backup registers can be erased when a tamper detection occurs in [[TAMP internal peripheral]]}} | {{Warning|It is important to notice that the backup registers can be erased when a tamper detection occurs in [[TAMP internal peripheral]]}} | ||
{{Info | Backup register(s) might be used for another purpose by the application when the feature(s) listed below is/are not used by the said application}} | {{Info | Backup register(s) might be used for another purpose by the application when the feature(s) listed below is/are not used by the said application}} | ||
=== Boot mode selection feature === | === Boot mode selection feature === | ||
The [[#BOOT_MODE|BOOT_MODE]] register is used to propagate boot mode information from one component to the next boot stage, on cold boot or after a reset: | The [[#BOOT_MODE|BOOT_MODE]] register is used to propagate boot mode information from one component to the next boot stage, on cold boot or after a reset: | ||
* The [[STM32 MPU ROM code overview|ROM code]] executes a serial boot if [[#BOOT_MODE|BOOT_MODE]][7:0] is equal to 0xFF, as stated in the [[STM32 MPU ROM code overview#Boot_device_selection|ROM code boot device selection strategy]]. In this case, the backup register is reset by the ROM code before proceeding with the serial boot mode. Other values are ignored by the ROM code. | * The [[STM32 MPU ROM code overview|ROM code]] executes a serial boot if [[#BOOT_MODE|BOOT_MODE]][7:0] is equal to 0xFF, as stated in the [[STM32 MPU ROM code overview#Boot_device_selection|ROM code boot device selection strategy]]. In this case, the backup register is reset by the ROM code before proceeding with the serial boot mode. Other values are ignored by the ROM code. | ||
* [[TF-A overview | TF-A]] gets the selected boot device from the ROM code context in SYSRAM and writes it into [[#BOOT_MODE|BOOT_MODE]][15:8] for U-Boot<ref name="u-boot">{{CodeSource | U-Boot |arch/arm/mach-stm32mp/include/mach/stm32.h}}</ref>. The boot interface type is written into [[#BOOT_MODE|BOOT_MODE]][15:12], and the instance used is written into [[#BOOT_MODE|BOOT_MODE]][11:8]. TF-A also writes other information in this register. The partition that was used to boot is written into [[#BOOT_MODE|BOOT_MODE]][19:16], and the BL2 | * [[TF-A overview | TF-A]] gets the selected boot device from the ROM code context in SYSRAM and writes it into [[#BOOT_MODE|BOOT_MODE]][15:8] for U-Boot<ref name="u-boot">{{CodeSource | U-Boot |arch/arm/mach-stm32mp/include/mach/stm32.h}}</ref>. The boot interface type is written into [[#BOOT_MODE|BOOT_MODE]][15:12], and the instance used is written into [[#BOOT_MODE|BOOT_MODE]][11:8]. TF-A also writes other information in this register. The partition that was used to boot is written into [[#BOOT_MODE|BOOT_MODE]][19:16], and the BL2 authentication status from ROM code into [[#BOOT_MODE|BOOT_MODE]][23:20]. | ||
=== Firmware update info feature === | === Firmware update info feature === | ||
| Line 33: | Line 26: | ||
=== SAES secret key feature === | === SAES secret key feature === | ||
The [[#SAES secret key|SAES secret key]] registers can be used to own a 256 bits key that is carried to [[SAES internal peripheral]] via a buried hardware bus. This solution allows | The [[#SAES secret key|SAES secret key]] registers can be used to own a 256 bits key that is carried to [[SAES internal peripheral]] via a buried hardware bus. This solution allows the key to be protected by the tamper mechanism: these registers together with SAES memory and registers are erased as soon as a tamper event occurs.<br> | ||
Notice that, when this feature is used, the concerned backup registers should be set as 'secure'.<br> | Notice that, when this feature is used, the concerned backup registers should be set as 'secure'.<br> | ||
Look for 'boot hardware key' in the [[STM32MP25 resources#Reference manuals|STM32MP25 Reference Manuals]] for more information about this feature. | Look for 'boot hardware key' in the [[STM32MP25 resources#Reference manuals|STM32MP25 Reference Manuals]] for more information about this feature. | ||
| Line 39: | Line 32: | ||
=== Cortex-M coprocessor resource table === | === Cortex-M coprocessor resource table === | ||
The [[#Cortex_M_rsc_tab_addr| | The [[#Cortex_M_rsc_tab_addr|CortexM Resource table address]] and [[#Cortex_M_rsc_tab_size|Resource table size]] registers are used to provide information on the resource table present in the Cortex-M firmware. This information is written by the boot stage in charge of Cortex-M load and start, and then read and initialized by the Linux to instantiate the inter-processor communication. | ||
Notice that the registers are duplicated to support the Cortex-A master boot mode (registers written by U-boot) and the Cortex-M master boot mode (registers written by the Cortex-M non secure FW itself). | Notice that the registers are duplicated to support the Cortex-A master boot mode (registers written by U-boot) and the Cortex-M master boot mode (registers written by the Cortex-M non secure FW itself). | ||
| Line 56: | Line 49: | ||
{| | {| | ||
! Zone | ! Zone | ||
! RIF Zone | ! RIF Zone<sup>[[#RIFZone|a]]</sup> | ||
! [[TAMP internal peripheral|TAMP]] register | ! [[TAMP internal peripheral|TAMP]] register | ||
! [[STM32 MPU ROM code overview|ROM]] / software register name | ! [[STM32 MPU ROM code overview|ROM]] / software register name | ||
| Line 84: | Line 77: | ||
|- | |- | ||
| TAMP_BKP122R | | TAMP_BKP122R | ||
| | | <span id="Cortex_M_rsc_tab_size">CortexM Resource table size</span> | ||
| Cortex-M resource table address | | Cortex-M resource table address | ||
|- | |- | ||
| TAMP_BKP121R | | TAMP_BKP121R | ||
| | | <span id="Cortex_M_rsc_tab_addr">CortexM Resource table address</span> | ||
| Cortex-M resource table size | | Cortex-M resource table size | ||
|- | |- | ||
| TAMP_BKP120R | | TAMP_BKP120R | ||
| BOOT_MODE | | <span id="BOOT_MODE">BOOT_MODE</span> | ||
| Boot mode for CM33 non secure | | Boot mode for CM33 non secure | ||
|- | |- | ||
| Line 537: | Line 530: | ||
| TAMP_BKP11R | | TAMP_BKP11R | ||
| LOWPOWER_EP_ADDR | | LOWPOWER_EP_ADDR | ||
| Entry point address for low power mode exit | | Entry point address for low power mode exit (STOP2) | ||
|- | |- | ||
| TAMP_BKP10R | | TAMP_BKP10R | ||
| | | ROM_CORE1_HOLDING_PEN_ADDR | ||
| | | Core1 branch address for second core boot (32bit only / Reserved otherwise) | ||
|- | |- | ||
| TAMP_BKP9R | | TAMP_BKP9R | ||
| | | ROM_CORE1_HOLDING_PEN_MAGIC | ||
| | | Core1 Magic (0xCA7FACE1) (32bit only/ Reserved otherwise) | ||
|- | |- | ||
| TAMP_BKP8R | | TAMP_BKP8R | ||
| Line 552: | Line 545: | ||
|- | |- | ||
| TAMP_BKP7R | | TAMP_BKP7R | ||
| rowspan=8 | Can be used as 'SAES secret key' and the registers should be set secure in that case | | rowspan=8 | Can be used as '<span id="SAES_secret_key">SAES secret key</span>' and the registers should be set secure in that case | ||
| rowspan=8 | Propagated to SAES by the hardware KEYBUS | | rowspan=8 | Propagated to SAES by the hardware KEYBUS | ||
|- | |- | ||
| Line 569: | Line 562: | ||
| TAMP_BKP0R | | TAMP_BKP0R | ||
|} | |} | ||
<span id="RIFZone"><br>a</span>: the security borders are configured by the Secure OS (look for {{Highlight|st,backup-zones}} in [[TAMP_device_tree_configuration#Common_TAMP_node_append|TAMP configuration]]), so the OP-TEE device tree has to be modified if different borders are needed. | |||
<noinclude> | <noinclude> | ||
== References == | |||
<references/> | <references/> | ||
[[Category:STM32MP25 platform configuration]] | [[Category:STM32MP25 platform configuration]] | ||
{{ | {{PublicationRequestId | 31768| 2024-07-22| }} | ||
</noinclude> | </noinclude> | ||
Latest revision as of 21:21, 18 August 2024
1. Article purpose
This article explains how the TAMP backup registers are used by STM32MPU Embedded Software on STM32MP25.
2. Overview
The STM32MP25 embeds 128 backup registers of 32 bits. A programmable border allows these backup registers to be split into a secure and a nonsecure groupa.
3. Backup register usage
This paragraph explains the default usage of backup registers by the ROM code and STM32MPU Embedded Software distribution. The subsequent chapter then shows the backup register mapping used to fulfill those needs.
3.1. Boot mode selection feature
The BOOT_MODE register is used to propagate boot mode information from one component to the next boot stage, on cold boot or after a reset:
- The ROM code executes a serial boot if BOOT_MODE[7:0] is equal to 0xFF, as stated in the ROM code boot device selection strategy. In this case, the backup register is reset by the ROM code before proceeding with the serial boot mode. Other values are ignored by the ROM code.
- TF-A gets the selected boot device from the ROM code context in SYSRAM and writes it into BOOT_MODE[15:8] for U-Boot[1]. The boot interface type is written into BOOT_MODE[15:12], and the instance used is written into BOOT_MODE[11:8]. TF-A also writes other information in this register. The partition that was used to boot is written into BOOT_MODE[19:16], and the BL2 authentication status from ROM code into BOOT_MODE[23:20].
3.2. Firmware update info feature
The FWU_INFO is used by TF-A BL2 to detect boot failures between its execution and before the complete Linux application initialization during a Secure Firmware Update.
3.3. SAES secret key feature
The SAES secret key registers can be used to own a 256 bits key that is carried to SAES internal peripheral via a buried hardware bus. This solution allows the key to be protected by the tamper mechanism: these registers together with SAES memory and registers are erased as soon as a tamper event occurs.
Notice that, when this feature is used, the concerned backup registers should be set as 'secure'.
Look for 'boot hardware key' in the STM32MP25 Reference Manuals for more information about this feature.
3.4. Cortex-M coprocessor resource table
The CortexM Resource table address and Resource table size registers are used to provide information on the resource table present in the Cortex-M firmware. This information is written by the boot stage in charge of Cortex-M load and start, and then read and initialized by the Linux to instantiate the inter-processor communication. Notice that the registers are duplicated to support the Cortex-A master boot mode (registers written by U-boot) and the Cortex-M master boot mode (registers written by the Cortex-M non secure FW itself).
4. Memory mapping
The table below shows the backup register mapping used by STM32MPU Embedded Software.
The TAMP backup register base address is 0x46010100, corresponding to TAMP_BKP0R.
By default, the openSTLinux set a fixed configuration for tamp resources identification:
- R0 = Main processor (Cortex-A35 or Cortex-M33 depending on boot mode selection)
- R1 = Cortex-A35 processor
- R2 = Cortex-M33 processor
The table shows the read/write accesses to the registers but doesn't show the read only accesses. Refer to STM32MP25 Reference Manuals for more details on the read only access.
The different area listed in the table below are all programmable thanks to the device tree configuration.
| Zone | RIF Zonea | TAMP register | ROM / software register name | Comment |
|---|---|---|---|---|
| Zone3 Read/Write Non-secure | Zone3-RIF2 | TAMP_BKP127R | ||
| TAMP_BKP126R | ||||
| TAMP_BKP125R | ||||
| TAMP_BKP124R | ||||
| TAMP_BKP123R | ||||
| TAMP_BKP122R | CortexM Resource table size | Cortex-M resource table address | ||
| TAMP_BKP121R | CortexM Resource table address | Cortex-M resource table size | ||
| TAMP_BKP120R | BOOT_MODE | Boot mode for CM33 non secure | ||
| Zone3-RIF0 | TAMP_BKP119R | |||
| TAMP_BKP118R | ||||
| TAMP_BKP117R | ||||
| TAMP_BKP116R | ||||
| TAMP_BKP115R | ||||
| TAMP_BKP114R | ||||
| TAMP_BKP113R | ||||
| TAMP_BKP112R | ||||
| TAMP_BKP111R | ||||
| TAMP_BKP110R | ||||
| TAMP_BKP109R | ||||
| TAMP_BKP108R | ||||
| Zone3-RIF1 | TAMP_BKP107R | |||
| TAMP_BKP106R | ||||
| TAMP_BKP105R | ||||
| TAMP_BKP104R | ||||
| TAMP_BKP103R | ||||
| TAMP_BKP102R | ||||
| TAMP_BKP101R | ||||
| TAMP_BKP100R | ||||
| TAMP_BKP99R | ||||
| TAMP_BKP98R | CM_rsc_tab_addr | Cortex-M resource table address | ||
| TAMP_BKP97R | CM_rsc_tab_size | Cortex-M resource table size | ||
| TAMP_BKP96R | BOOT_MODE | See Boot mode selection feature | ||
| Zone2 Read Non-secure/Write secure | Zone2-RIF2 | TAMP_BKP95R | Cortex_M_state | CM33 power state |
| TAMP_BKP94R | ||||
| TAMP_BKP93R | ||||
| TAMP_BKP92R | ||||
| TAMP_BKP91R | ||||
| TAMP_BKP90R | ||||
| TAMP_BKP89R | ||||
| TAMP_BKP88R | ||||
| TAMP_BKP87R | ||||
| TAMP_BKP86R | ||||
| TAMP_BKP85R | ||||
| TAMP_BKP84R | ||||
| TAMP_BKP83R | ||||
| TAMP_BKP82R | ||||
| TAMP_BKP81R | ||||
| TAMP_BKP80R | ||||
| TAMP_BKP79R | ||||
| TAMP_BKP78R | ||||
| TAMP_BKP77R | ||||
| TAMP_BKP76R | ||||
| TAMP_BKP75R | ||||
| TAMP_BKP74R | ||||
| TAMP_BKP73R | ||||
| TAMP_BKP72R | ||||
| Zone2-RIF1 | TAMP_BKP71R | Cortex_A_state | CA35 power state | |
| TAMP_BKP70R | ||||
| TAMP_BKP69R | ||||
| TAMP_BKP68R | ||||
| TAMP_BKP67R | ||||
| TAMP_BKP66R | ||||
| TAMP_BKP65R | ||||
| TAMP_BKP64R | ||||
| TAMP_BKP63R | ||||
| TAMP_BKP62R | ||||
| TAMP_BKP61R | ||||
| TAMP_BKP60R | ||||
| TAMP_BKP59R | ||||
| TAMP_BKP58R | ||||
| TAMP_BKP57R | ||||
| TAMP_BKP56R | ||||
| TAMP_BKP55R | ||||
| TAMP_BKP54R | ||||
| TAMP_BKP53R | ||||
| TAMP_BKP52R | ||||
| TAMP_BKP51R | ||||
| TAMP_BKP50R | ||||
| TAMP_BKP49R | ||||
| TAMP_BKP48R | FWU_INFO | See Firmware update info feature | ||
| Zone1 Read/Write secure | Zone1-RIF2 | TAMP_BKP47R | ||
| TAMP_BKP46R | ||||
| TAMP_BKP45R | ||||
| TAMP_BKP44R | ||||
| TAMP_BKP43R | ||||
| TAMP_BKP42R | ||||
| TAMP_BKP41R | ||||
| TAMP_BKP40R | ||||
| TAMP_BKP39R | ||||
| TAMP_BKP38R | ||||
| TAMP_BKP37R | ||||
| TAMP_BKP36R | ||||
| TAMP_BKP35R | ||||
| TAMP_BKP34R | ||||
| TAMP_BKP33R | ||||
| TAMP_BKP32R | ||||
| TAMP_BKP31R | PLAT_NV_COUNTER_BL2_3 | |||
| TAMP_BKP30R | PLAT_NV_COUNTER_BL2_2 | |||
| TAMP_BKP29R | PLAT_NV_COUNTER_BL2_1 | |||
| TAMP_BKP28R | PLAT_NV_COUNTER_BL2_0 | |||
| TAMP_BKP27R | PLAT_NV_COUNTER_PS_2 | |||
| TAMP_BKP26R | PLAT_NV_COUNTER_PS_1 | |||
| TAMP_BKP25R | PLAT_NV_COUNTER_PS_0 | |||
| TAMP_BKP24R | Init value | TF-M NV Counter region | ||
| Zone1-RIF1 | TAMP_BKP23R | |||
| TAMP_BKP22R | ||||
| TAMP_BKP21R | ||||
| TAMP_BKP20R | ||||
| TAMP_BKP19R | ||||
| TAMP_BKP18R | ||||
| TAMP_BKP17R | ||||
| TAMP_BKP16R | ||||
| TAMP_BKP15R | ||||
| TAMP_BKP14R | ||||
| TAMP_BKP13R | ||||
| TAMP_BKP12R | ||||
| TAMP_BKP11R | LOWPOWER_EP_ADDR | Entry point address for low power mode exit (STOP2) | ||
| TAMP_BKP10R | ROM_CORE1_HOLDING_PEN_ADDR | Core1 branch address for second core boot (32bit only / Reserved otherwise) | ||
| TAMP_BKP9R | ROM_CORE1_HOLDING_PEN_MAGIC | Core1 Magic (0xCA7FACE1) (32bit only/ Reserved otherwise) | ||
| TAMP_BKP8R | ||||
| TAMP_BKP7R | Can be used as 'SAES secret key' and the registers should be set secure in that case | Propagated to SAES by the hardware KEYBUS | ||
| TAMP_BKP6R | ||||
| TAMP_BKP5R | ||||
| TAMP_BKP4R | ||||
| TAMP_BKP3R | ||||
| TAMP_BKP2R | ||||
| TAMP_BKP1R | ||||
| TAMP_BKP0R |
a: the security borders are configured by the Secure OS (look for st,backup-zones in TAMP configuration), so the OP-TEE device tree has to be modified if different borders are needed.
5. References