Changes notification – v4.0.0

1. Article purpose[edit source]

The article aims to help youto rebase your STM32 MPU project on a new ecosystem release by focusing on main changes impacts.

2. Scope of this article[edit source]

This article provides some details for main changes between STM32 MPU ecosystem release v3.1.0 and new STM32 MPU ecosystem release v4.0.0 to help you for migrating your project.

3. Impacted domains[edit source]

3.1. Yocto build environment for Distribution Package[edit source]

Yocto layers/recipes to update for new Kirkstone version. Follow scripts available in OpenEmbedded-Core layer to help user:

• ./layers/openembedded-core/scripts/contrib/convert-overrides.py
• ./layers/openembedded-core/scripts/contrib/convert-spdx-licenses.py
• ./layers/openembedded-core/scripts/contrib/convert-srcuri.py
• ./layers/openembedded-core/scripts/contrib/convert-variable-renames.py

(see Yocto Kirkstone release note^[1] for more information)

3.2. Hardware configuration[edit source]

Check device tree files for STMP32 MPU board:

Linux Kernel: between Linux kernel v5.15-stm32mp-r1 (v5.15.24) and previous Linux kernel v5.10-stm32mp-r2 (v5.10.61)

• New STM32MP135x-DK Discovery kit
  

U-Boot: between U-Boot v2021.10-stm32mp-r1 and previous U-Boot v2020.10-stm32mp-r2

• New STM32MP135x-DK Discovery kit

OP-TEE: between OP-TEE 3.16.0-stm32mp-r1 and previous OP-TEE 3.12.0-stm32mp-r2

• New STM32MP135x-DK Discovery kit
  
• Update device tree to use a bus controller configuration to manage secure/non secure IP
  
• Remove secure-status
  
• Remove unused nodes in OP-TEE
  
• Define GPIO secure configuration in device tree
  
• I2C compatible update for MP15 to manage non secure PMIC in OP-TEE (st,stm32mp15-i2c-non-secure)
  
• Remove nvmem_layout bindings
  

TF-A: between TF-A v2.6-stm32mp-r1 and previous TF-A v2.4-stm32mp-r2

• New STM32MP135x-DK Discovery kit
  
• Remove secure-status
  
• Remove nvmem_layout bindings
• DDR: remove unused configuration defined

Information

This is possible with git diff command to get delta between to branches in the same repository. For example with ST Linux GitHub repository: git diff v5.10-stm32mp-r2 v5.15-stm32mp-r1 arch/arm/boot/dts/stm32mp15

3.3. System configuration[edit source]

• FIP only on 4.0. NoFIP no more supported
• FOTA (memory mapping if activated and GPT UUID partition fixed). if no FOTA activate, no change at driver level. Impact on flashlayout.
• Memory mapping update linked to OP-TEE

3.4. Boot stages[edit source]

BL2

• BL2 more hardcoded and less configurable
  
• Remove STM32 image management (parsing and authentication)
  
• Introduce PSA_FWU support: Fix specific UUID for GPT partitions when used
  
• Update the NAND core driver to allow external memory usage for temporary buffer
  

SP-MIN boot chain deprecated replaced by OP-TEE.

3.5. Security[edit source]

• Rework firewall control management: Use bus controller to add device tree node to probe list
  
• TZC400 configuration managed in OP-TEE
  
• Calibration binding updated: Use a dedicated binding for the calibration, out from RCC node
  
• Remove proprietary SMC access replaced by SCMI access or dedicated PTA.
  
• Move RNG to secure RNG by default
  
• Remove SCMI channel 1 (unused) and rename SCMI0 to SCMI
  
• New BSEC PTA for OTP management
  
• New Introduce Trusted UI framework
  
• New SCMI Performance for STM32MP13
  
• New Use Clock framework to manage clocks
  
• Remove SCMI channel 1 (unused) and rename SCMI0 to SCMI
  

3.6. User space and applications[edit source]

New "weston" user now required for wayland, which avoid executing some application with root profile for security reasons

• su -l weston -c "<command>" could be used to specify the user profile

which mainly impacts Graphic frameworks usage.

3.7. STM32Cube tools[edit source]

TBC

4. References[edit source]