STM32L5 Online Training - STMicroelectronics

• Browser built in viewer
• PDF Viewer
• Universal Document Viewer
• Google Docs View
• Google Drive View
• Download Document [pdf]
Not Your Device? Search For Manuals / Datasheets:



File Info : application/pdf, 11 Pages, 821.15KB

Document Document

Hello, and welcome to this presentation describing the various Boot configurations of the STM32L5.
1

The STM32L5 offers multiple boot options according to Trustzone activation. When TrustZone is disabled (TZEN=0), the Cortex-M33 core can boot from either the user image present in internal memory or the system bootloader, which downloads the user image from a serial interface. When TrustZone is enabled (TZEN=1), the Cortex-M33 core can boot from either the user image present in secure internal memory or the RSS. RSS is the secure part of the secure bootloader, in charge of user image decryption amongst other things.
2

Unlike the Cortex-M4, which always boot at address 0, the Cortex-M33 samples inputs that determine the boot address. When TrustZone is disabled, INITVTOR inputs are used, which receives an address programmed in option bytes. The state of the BOOT0 pin selects either Non Secure boot address 0 or Non Secure boot address 1. When TrustZone is enabled, INITVTOR_S inputs are used, which receives an address programmed in option bytes or a fixed address when RSS is selected. The state of the BOOT0 pin or option bit nBOOT0 selects which of the two addresses will be used.
3

The state of the BOOT0 pin selects which boot address is used on the condition that the nSWBOOT0 option bit is equal to one. When the nSWBOOT0 option bit is equal to zero, the state of the BOOT0 pin is ignored and replaced with the state of another option bit called nBOOT0. In this case, the Port H3 pin, which supports the BOOT0 functionality, becomes a general purpose IO.
4

This slide details the boot configuration when TrustZone is disabled. The microcontroller boots in non-secure mode. The Readout protection can be set to levels 0, 1 or 2. The boot address is programmable through non-secure option bytes. The boot program can be mapped anywhere in the internal memories, flash or SRAM. The boot loader has a unique entry point in system flash, which is the default value of NSBOOTADD1.
5

This slide details the boot configuration when TrustZone is enabled. The microcontroller boots in secure mode and the boot space must be located in secure area. The Readout protection can be set to levels 0, 0.5, 1 or 2. The boot address is programmable through secure option bytes. The boot program can be mapped anywhere in the internal secure memories, flash or SRAM. The RSS has a unique entry point in system flash.
6

RSSCMDR is a register defined in the SYSCONF module. It is used to pass a command to be executed by the RSS. When the value in this register is non null, the MCU will boot on RSS at the next system reset, knowing that this register is only reset by a Power-On Reset. Therefore the RSSCMDR register enables a bootloader to call RSS after applying a warm reset to the microcontroller. This can be done by an in-application programming bootloader or a JTAG/Serial Wire bootloader.
7

BOOT_LOCK is an option bit that guarantees a unique boot entry when it is set. When BOOT_LOCK is set, system boots systematically on address set in Secure Boot Address 0 option bytes. This address cannot be modified. BOOT_LOCK can be set without any constraint. It is not possible to deactivate the BOOT_LOCK option bit. BOOT_LOCK has the precedence over other boot configuration selection features: RSSCMDR, BOOT0 pin and nBOOT0 option bit.
8

This table summarizes the boot options when TrustZone is disabled. When the nSWBOOT0 option bit is equal to one, the boot address depends on the state of the BOOT0 pin: either NSBOOTADD0 pointing to the user image entry point in an internal memory or NSBOOTADD1, which is by default the entry point of the system bootloader. When the nSWBOOT0 option bit is equal to zero, the option bit nBOOT0 replaces the BOOT0 pin state.
9

This table summarizes the boot options when TrustZone is enabled. The center of the table is similar to the table on the previous slide, except that NSBOOTADD0 is replaced with SECBOOTADD0 and NSBOOTADD1 is replaced with the fixed address of the RSS. The two additional columns BOOT_LOCK and RSSCMDR are specific to secure boot. When BOOT_LOCK is set to one, the boot address is unique and defined in SECBOOTADD0, whatever the other parameters. When RSSCMDR is non null and BOOT_LOCK is set to zero, boot in RSS is performed.
10

The Boot configuration module has relationships with the following other module: · Memory protection · System configuration.
11