Skip to content

WIP: STM32N6 HW memory encryption for XSPI devices #403

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
winderdoot wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

WIP: STM32N6 HW memory encryption for XSPI devices #403

winderdoot wants to merge 2 commits into from

Conversation

@winderdoot
Copy link
Contributor

@winderdoot winderdoot commented Nov 6, 2025
edited
Loading

Add MCE encryption to XSPI external memories.

Description

Introduce new plo device class for encrypted storage.
Add new XSPI controllers that support encryption via MCE.
Add memcrypt command for STM32N6 to configure encrypted regions.
Add RNG driver to hal/stm32/n6.
Add OTP driver to hal/stm32/n6.

Motivation and Context

Memory encryption is required for secureboot (JIRA: RTOS-1084)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Chore (refactoring, style fixes, git/CI config, submodule management, no code logic changes)

How Has This Been Tested?

  • Already covered by automatic testing.
  • New test added: (add PR link here).
  • Tested by hand on: armv8m55-stm32n6-nucram.

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing linter checks and tests passed.
  • My changes generate no new compilation warnings for any of the targets.

Special treatment

These changes were tested, but it would be good to test memcrypt even more.
Potential clean up/refactor in devices/flash-stm32xspi.

  • This PR needs additional PRs to work (list the PRs, preferably in merge-order).
  • I will merge this PR by myself when appropriate.

github-actions[bot]
github-actions bot reviewed Nov 6, 2025
View reviewed changes
devices/flash-stm32xspi/xspi_regcom.c Outdated

return EOK;
}
}
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[clang-format-pr] reported by reviewdog 🐶
suggested fix

Suggested change
}

github-actions[bot]
github-actions bot reviewed Nov 6, 2025
View reviewed changes
cmds/memcrypt.c Outdated
lib_printf(
"Usage: %s d saddr eaddr -encr algo:mode -key [r|p|x]:[addr:key]\n"
"where:\n"
"\td - devide controller number (major.minor) \n"
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
devide ==> divide, device

cmds/memcrypt.c Outdated
"\talgo - used cipher: aes128, aes256, noekeon\n"
"\tmode - used mode of operation: 1, 2, ...\n"
"\tr - generate random key\n"
"\tp - use key stored in OTP memory. Requires addr - first OTP word contaning the key\n"
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
contaning ==> containing

hal/armv8m/stm32/n6/otp.c Outdated

static void otp_waitBusy(void)
{
/* Wait untill not busy */
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
untill ==> until

hal/armv8m/stm32/n6/otp.c Outdated
u32 t;
otp_common.bsec_base = BSEC_BASE;

/* Wait untill not busy and BSEC initialized */
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
untill ==> until

devices/flash-stm32xspi/mce.c Outdated
}


/* Configure and enable a memory region to be enrypted/decrypted, by MCE.
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
enrypted ==> encrypted

devices/flash-stm32xspi/mce.c Outdated
};


/* Lock some part of MCE configuration. Recomended to use global lock after mce regions are configured. */
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
Recomended ==> Recommended

devices/flash-stm32xspi/mce.c Outdated
return ret;
}

/* The RM says that MCE clocks are automatically manged by the device, but that only applies to reseting clocks.
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
manged ==> managed

devices/flash-stm32xspi/mce.c Outdated
return ret;
}

/* The RM says that MCE clocks are automatically manged by the device, but that only applies to reseting clocks.
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[codespell] reported by reviewdog 🐶
reseting ==> resetting

@winderdoot winderdoot force-pushed the kradzewicz/stm32n6_mce branch from 2e2a888 to e6b13fa Compare November 6, 2025 17:22
github-actions[bot]
github-actions bot reviewed Nov 6, 2025
View reviewed changes
hal/armv8m/stm32/n6/stm32n6.h
#include "../types.h"

#ifndef EIO
#define EIO 5
Copy link

@github-actions github-actions bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[clang-format-pr] reported by reviewdog 🐶
suggested fix

Suggested change
#define EIO 5
#define EIO 5

@github-actions
Copy link

github-actions bot commented Nov 6, 2025
edited
Loading

Unit Test Results

9 462 tests  +20   8 873 ✅ +20   50m 27s ⏱️ + 1m 40s
  561 suites +17     589 💤 ± 0 
    1 files   ± 0       0 ❌ ± 0 

Results for commit 8c8f4cb. ± Comparison against base commit 53a8dd3.

♻️ This comment has been updated with latest results.

@winderdoot
hal/stm32n6: add otp controller
f4f5459 
Enable otp command for STM32N6 in Makefile.

JIRA: RTOS-1068
@winderdoot
devices/flash-stm32xspi: add MCE encryption to external memory
8c8f4cb 
Introduce new plo device class for encrypted storage.
Add new XSPI controllers that support encryption via MCE.
Add memcrypt command for STM32N6 to configure encrypted regions.
Add rng driver to hal/stm32/n6.

JIRA: RTOS-1084
@winderdoot winderdoot force-pushed the kradzewicz/stm32n6_mce branch from e6b13fa to 8c8f4cb Compare November 20, 2025 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@jmaksymowicz jmaksymowicz Awaiting requested review from jmaksymowicz

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@winderdoot