Last edited one month ago

OTFDEC internal peripheral

Applicable for   STM32MP23x lines  STM32MP25x lines

1. Article purpose[edit | edit source]

The purpose of this article is to:

  • briefly introduce the OTFDEC peripheral and its main features,
  • indicate the peripheral instances assignment at boot time and their assignment at runtime (including whether instances can be allocated to secure contexts),
  • list the software frameworks and drivers managing the peripheral,
  • explain how to configure the peripheral.

2. Peripheral overview[edit | edit source]

The OTFDEC peripheral is used to decrypt data on read request. The peripheral is used on top of an OCTOSPI to allow on the fly decryption of associated data from connected mass storage.

Refer to the STM32 MPU reference manuals for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.

3. Peripheral usage[edit | edit source]

This chapter is applicable in the scope of the OpenSTLinux BSP running on the Arm® Cortex®-A processor(s), and the STM32CubeMPU Package running on the Arm® Cortex®-M processor.

3.1. Boot time assignment[edit | edit source]

3.1.1. On STM32MP21x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

  • means that the peripheral can be assigned to the given boot time context.
  • means that the peripheral is assigned by default to the given boot time context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given boot time context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32 MPU reference manuals.

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code)
Cortex-A35
secure
(TF-A BL2)
Cortex-A35
nonsecure
(U-Boot)
Security OTFDEC OTFDEC1

3.1.2. On STM32MP23x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

  • means that the peripheral can be assigned to the given boot time context.
  • means that the peripheral is assigned by default to the given boot time context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given boot time context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32 MPU reference manuals.

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code)
Cortex-A35
secure
(TF-A BL2)
Cortex-A35
nonsecure
(U-Boot)
Security OTFDEC OTFDEC1
OTFDEC2

3.1.3. On STM32MP25x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

  • means that the peripheral can be assigned to the given boot time context.
  • means that the peripheral is assigned by default to the given boot time context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given boot time context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32 MPU reference manuals.

Domain Peripheral Boot time allocation Comment How to.png
Instance Cortex-A35
secure
(ROM code)
Cortex-A35
secure
(TF-A BL2)
Cortex-A35
nonsecure
(U-Boot)
Security OTFDEC OTFDEC1
OTFDEC2

3.2. Runtime assignment[edit | edit source]

3.2.1. On STM32MP21x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

STM32MP21 internal peripherals

Check boxes illustrate the possible peripheral allocations supported by Yocto-based OpenSTLinux Embedded Software:

  • means that the peripheral can be assigned to the given runtime context.
  • means that the peripheral is assigned by default to the given runtime context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given runtime context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

Refer to How to assign an internal peripheral to an execution context for more information on how to assign peripherals manually or via STM32CubeMX.
The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32MP21 reference manuals.

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A35
secure
(OP-TEE /
TF-A BL31)
Cortex-A35
nonsecure
(Linux)
Cortex-M33
secure
(TF-M)
Cortex-M33
nonsecure
(STM32Cube)
Security OTFDEC OTFDEC1 OP-TEE

3.2.2. On STM32MP23x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

STM32MP23 internal peripherals

Check boxes illustrate the possible peripheral allocations supported by Yocto-based OpenSTLinux Embedded Software:

  • means that the peripheral can be assigned to the given runtime context.
  • means that the peripheral is assigned by default to the given runtime context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given runtime context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

Refer to How to assign an internal peripheral to an execution context for more information on how to assign peripherals manually or via STM32CubeMX.
The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32MP23 reference manuals.

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A35
secure
(OP-TEE /
TF-A BL31)
Cortex-A35
nonsecure
(Linux)
Cortex-M33
secure
(TF-M)
Cortex-M33
nonsecure
(STM32Cube)
Security OTFDEC OTFDEC1 OP-TEE
OTFDEC2 OP-TEE

3.2.3. On STM32MP25x lines More info.png[edit | edit source]

Click on How to.png to expand or collapse the legend...

STM32MP25 internal peripherals

Check boxes illustrate the possible peripheral allocations supported by Yocto-based OpenSTLinux Embedded Software:

  • means that the peripheral can be assigned to the given runtime context.
  • means that the peripheral is assigned by default to the given runtime context and that the peripheral is mandatory for the Yocto-based OpenSTLinux Embedded Software.
  • means that the peripheral can be assigned to the given runtime context, but this configuration is not supported in Yocto-based OpenSTLinux Embedded Software.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

Refer to How to assign an internal peripheral to an execution context for more information on how to assign peripherals manually or via STM32CubeMX.
The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32MP25 reference manuals.

Domain Peripheral Runtime allocation Comment How to.png
Instance Cortex-A35
secure
(OP-TEE /
TF-A BL31)
Cortex-A35
nonsecure
(Linux)
Cortex-M33
secure
(TF-M)
Cortex-M33
nonsecure
(STM32Cube)
Cortex-M0+
(STM32Cube)
Security OTFDEC OTFDEC1 OP-TEE
OTFDEC2 OP-TEE

4. Software frameworks and drivers[edit | edit source]

Below are listed the software frameworks and drivers managing the OTFDEC peripheral for the embedded software components listed in the above tables.

Under construction.png Coming soon

5. How to assign and configure the peripheral[edit | edit source]

The peripheral assignment can be done via the STM32CubeMX graphical tool (and manually completed if needed).
This tool also helps to configure the peripheral by generating:

  • partial device trees (pin control and clock tree) for the OpenSTLinux software components,
  • HAL initialization code for the STM32CubeMPU Package.

The configuration is applied by the firmware running in the context in which the peripheral is assigned.

Under construction.png Coming soon

6. How to go further[edit | edit source]

Under construction.png Coming soon

7. References[edit | edit source]