Changes notification – v4.0.0

< STM32 MPU OpenSTLinux release note - v4.0.0
Applicable for STM32MP13x lines, STM32MP15x lines

BackToNavigationTree button.png

1 Article purpose[edit]

The article aims to help to rebase an STM32 MPU project on a new ecosystem release by focusing on main changes impacts.

2 Scope of this article[edit]

This article provides some details for main changes between STM32 MPU ecosystem release v3.1.0 and new STM32 MPU ecosystem release v4.0.0 More info.png to help for migrating your project.

All Informations about the features delivered in the new release is also available in the OpenSTLinux release note.

3 Impacted domains[edit]

3.1 Yocto build environment for Distribution Package[edit]

Yocto layers/recipes to update for new Kirkstone version. Follow scripts available in OpenEmbedded-Core layer to help user:

  • ./layers/openembedded-core/scripts/contrib/
  • ./layers/openembedded-core/scripts/contrib/
  • ./layers/openembedded-core/scripts/contrib/
  • ./layers/openembedded-core/scripts/contrib/
(see Yocto Kirkstone release note[1] for more information)

3.2 Hardware configuration[edit]

Check device tree files for STMP32 MPU board: Linux Kernel: between Linux kernel v5.15-stm32mp-r1 (v5.15.24) and previous Linux kernel v5.10-stm32mp-r2 (v5.10.61)

  • New STM32MP135x-DK Discovery kit More info green.png

U-Boot: between U-Boot v2021.10-stm32mp-r1 and previous U-Boot v2020.10-stm32mp-r2

  • New STM32MP135x-DK Discovery kit More info green.png

OP-TEE: between OP-TEE 3.16.0-stm32mp-r1 and previous OP-TEE 3.12.0-stm32mp-r2

  • New STM32MP135x-DK Discovery kit More info green.png
  • Update device tree to use a bus controller configuration to manage secure/non secure IP
  • Remove secure-status
  • Remove unused nodes in OP-TEE
  • Define GPIO secure configuration in device tree
  • I2C compatible update for STM32MP15 lines to manage non secure PMIC in OP-TEE (st,stm32mp15-i2c-non-secure)
  • Remove nvmem_layout bindings
  • Reduce device tree and only keep the securable peripheral nodes.

TF-A: between TF-A v2.6-stm32mp-r1 and previous TF-A v2.4-stm32mp-r2

  • New STM32MP135x-DK Discovery kit More info green.png
  • Remove secure-status
  • Remove nvmem_layout bindings
  • DDR: remove unused configuration defined
  • Clean up device tree to only keep required nodes (reduce device tree size)
Info white.png Information
This is possible with git diff command to get delta between to branches in the same repository.
Example with ST Linux GitHub repository and for all stm32mp1 device tree files:

git diff v5.10-stm32mp-r2 v5.15-stm32mp-r1 -- arch/arm/boot/dts/stm32mp1*

3.3 System configuration[edit]

  • FIP only on STM32 MPU ecosystem release v4.0.0 More info.png . NoFIP is no more supported
  • FOTA (memory mapping if activated and GPT UUID partition fixed). If no FOTA activated, no change at driver level. Impact on flashlayout.
  • Memory mapping update linked to OP-TEE

3.4 Boot stages[edit]


  • BL2 more hardcoded configuration values such as early console default parameters
  • Remove STM32 image management (parsing and authentication)
  • Introduce PSA_FWU support: Fix specific UUID for GPT partitions when used
  • Update the NAND core driver to allow external memory usage for temporary buffer

SP-MIN boot chain deprecated replaced by OP-TEE.

3.5 Security[edit]

  • Rework firewall control management: use bus controller to add device tree node to probe list
  • TZC400 configuration managed in OP-TEE
  • Calibration binding updated: Use a dedicated binding for the calibration, out from RCC node
  • Remove proprietary SMC access replaced by SCMI access or dedicated PTA.
  • Move RNG to secure RNG by default
  • Remove SCMI channel 1 (unused) and rename SCMI0 to SCMI
  • New BSEC PTA for OTP management
  • New Introduce Trusted UI framework
  • New SCMI performance for STM32MP13 lines
  • New Use clock framework to manage clocks

3.6 User space and applications[edit]

New "weston" user now required for "wayland", which avoids executing some application with root profile for security reasons

  • su -l weston -c "<command>" could be used to specify the user profile

which mainly impacts Graphic and Audio frameworks usage.

4 References[edit]