1. Article purpose[edit | edit source]
The purpose of this article is to:
- briefly introduce the OTFDEC peripheral and its main features,
- indicate the peripheral instances assignment at boot time and their assignment at runtime (including whether instances can be allocated to secure contexts),
- list the software frameworks and drivers managing the peripheral,
- explain how to configure the peripheral.
2. Peripheral overview[edit | edit source]
The OTFDEC peripheral is used to decrypt data on read request. The peripheral is used on top of an OCTOSPI to allow on the fly decryption of associated data from connected mass storage.
Refer to the STM32 MPU reference manuals for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.
3. Peripheral usage[edit | edit source]
This chapter is applicable in the scope of the OpenSTLinux BSP running on the Arm® Cortex®-A processor(s), and the STM32CubeMPU Package running on the Arm® Cortex®-M processor.
3.1. Boot time assignment[edit | edit source]
3.1.1. On STM32MP21x lines 
[edit | edit source]
Click on 
to expand or collapse the legend...
| Domain | Peripheral | Boot time allocation | Comment
| |||
|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (ROM code) |
Cortex-A35 secure (TF-A BL2) |
Cortex-A35 nonsecure (U-Boot) | |||
| Security | OTFDEC | OTFDEC1 | ⬚ | ⬚ | ||
3.1.2. On STM32MP23x lines [edit | edit source]
Click on to expand or collapse the legend...
| Domain | Peripheral | Boot time allocation | Comment
| |||
|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (ROM code) |
Cortex-A35 secure (TF-A BL2) |
Cortex-A35 nonsecure (U-Boot) | |||
| Security | OTFDEC | OTFDEC1 | ⬚ | ⬚ | ||
| OTFDEC2 | ⬚ | ⬚ | ||||
3.1.3. On STM32MP25x lines [edit | edit source]
Click on to expand or collapse the legend...
| Domain | Peripheral | Boot time allocation | Comment
| |||
|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (ROM code) |
Cortex-A35 secure (TF-A BL2) |
Cortex-A35 nonsecure (U-Boot) | |||
| Security | OTFDEC | OTFDEC1 | ⬚ | ⬚ | ||
| OTFDEC2 | ⬚ | ⬚ | ||||
3.2. Runtime assignment[edit | edit source]
3.2.1. On STM32MP21x lines [edit | edit source]
Click on to expand or collapse the legend...
| Domain | Peripheral | Runtime allocation | Comment
| ||||
|---|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (OP-TEE / TF-A BL31) |
Cortex-A35 nonsecure (Linux) |
Cortex-M33 secure (TF-M) |
Cortex-M33 nonsecure (STM32Cube) | |||
| Security | OTFDEC | OTFDEC1 | ⬚OP-TEE | ⬚ | ⬚ | ⬚ | |
3.2.2. On STM32MP23x lines [edit | edit source]
Click on to expand or collapse the legend...
| Domain | Peripheral | Runtime allocation | Comment
| ||||
|---|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (OP-TEE / TF-A BL31) |
Cortex-A35 nonsecure (Linux) |
Cortex-M33 secure (TF-M) |
Cortex-M33 nonsecure (STM32Cube) | |||
| Security | OTFDEC | OTFDEC1 | ⬚OP-TEE | ⬚ | ⬚ | ⬚ | |
| OTFDEC2 | ⬚OP-TEE | ⬚ | ⬚ | ⬚ | |||
3.2.3. On STM32MP25x lines [edit | edit source]
Click on to expand or collapse the legend...
| Domain | Peripheral | Runtime allocation | Comment
| |||||
|---|---|---|---|---|---|---|---|---|
| Instance | Cortex-A35 secure (OP-TEE / TF-A BL31) |
Cortex-A35 nonsecure (Linux) |
Cortex-M33 secure (TF-M) |
Cortex-M33 nonsecure (STM32Cube) |
Cortex-M0+ (STM32Cube) | |||
| Security | OTFDEC | OTFDEC1 | ⬚OP-TEE | ⬚ | ⬚ | ⬚ | ||
| OTFDEC2 | ⬚OP-TEE | ⬚ | ⬚ | ⬚ | ||||
4. Software frameworks and drivers[edit | edit source]
 Information
|
| The OTFDEC peripheral is currently not supported in OpenSTLinux software. |
5. How to assign and configure the peripheral[edit | edit source]
6. How to go further[edit | edit source]
7. References[edit | edit source]
Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere. 
Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere.