[PATCH v2 1/4] ARM: stm32: Fix ECDSA authentication with Dcache enabled
Marek Vasut
marex at denx.de
Wed Dec 14 17:15:47 CET 2022
On 12/12/22 10:40, Patrick DELAUNAY wrote:
> Hi,
Hello Patrick
[...]
>> Hmmm, what does the BootROM use CRYP for then ?
>
>
> used for SSP = Secure Secret Provisioning
>
> https://wiki.st.com/stm32mpu/wiki/Secure_Secret_Provisioning_(SSP)
Oh, only this part, I see.
>> It is necessary to have MP15xC/F for the authenticated boot to work,
>> but it seems the only difference there is the presence of CRYP. Or is
>> there some BootROM fuse too ?
>
>
> Yes, the secure boot feature availability is indicated in the security
> field of the chip part number, for STM32MP13 and STM32MP15.
>
> - SSP is not supported
>
> - the associated authentication feature for secure boot is deactivated
> in ROM code
>
>
> => the key is burned/locked in OTP on these chips
>
> and checked by ROM code before to authenticate the FSBL
Thank you for the clarification, this is really useful.
More information about the U-Boot
mailing list