- Last edited 8 months ago ago
DDRMCE internal peripheral
1 Article purpose
The purpose of this article is to:
- briefly introduce the DDRMCE peripheral and its main features
- indicate the level of security supported by this hardware block
- explain how to configure the DDRMCE peripheral.
2 Peripheral overview
The DDRMCE (DDR Memory Cipher Engine) peripheral allows to defined one AES encrypted region in DDR memory.
Refer to STM32MP13 reference manuals for the complete list of features, and to the software components, introduced below, to know which features are really implemented.
DDRMCE 128-bit master key is provisioned during boot processing, in order to use AES block ciphering feature. It must be fully saved in Backup RAM for low power sequences.
2.2 Security support
DDRMCE is a securable peripheral (under ETZPC control).
3 Peripheral usage and associated software
3.1 Boot time
The DDRMCE, part of the DDR subsystem, is configured inside TF-A BL2 to setup the security of a DDR region. This should be done before accessing DDR region if encryption is required.
All system bus traffic going through an encrypted region is managed on-the-fly by the DDRMCE, automatically decrypting reads and encrypting writes.
3.2.2 Software frameworks
3.2.3 Peripheral configuration
The DDRMCE configuration is generated via STM32CubeMX tool, according to the region characteristics (address, length, type). This configuration is applied during boot time by the FSBL (see Boot chain overview): TF-A.
3.2.4 Peripheral assignment
Click on the right to expand the legend...
Check boxes illustrate the possible peripheral allocations supported by STM32 MPU Embedded Software:
- ☐ means that the peripheral can be assigned (☑) to the given runtime context.
- ⬚ means that the peripheral can be assigned to the given runtime context, but this configuration is not supported in STM32 MPU Embedded Software distribution.
- ✓ is used for system peripherals that cannot be unchecked because they are statically connected in the device.
Refer to How to assign an internal peripheral to a runtime context for more information on how to assign peripherals manually or via STM32CubeMX.
The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possiblities might be described in STM32MP13 reference manuals.