Last edited 9 months ago

DDRMCE internal peripheral

This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Applicable for STM32MP13x lines

1 Article purpose[edit source]

The purpose of this article is to:

  • briefly introduce the DDRMCE peripheral and its main features,
  • indicate the peripheral instances assignment at boot time and their assignment at runtime (including whether instances can be allocated to secure contexts),
  • list the software frameworks and drivers managing the peripheral,
  • explain how to configure the peripheral.

2 Peripheral overview[edit source]

The DDRMCE (DDR Memory Cipher Engine) peripheral allows to define one AES encrypted region in DDR memory.

Info white.png Information
Functions and registers names declared in the embedded software are using "MCE" / "mce" acronym instead of the longest "DDRMCE" / "ddrmce" ones, so take care about this for any research in the code.

The DDRMCE 128-bit master key is provisioned during boot processing, in order to use AES[1] block ciphering feature. It must be fully saved in BKPSRAM for low power sequences.

Refer to the STM32MP13 reference manuals for the complete list of features, and to the software frameworks and drivers, introduced below, to see which features are implemented.

3 Peripheral usage[edit source]

This chapter is applicable in the scope of the OpenSTLinux BSP running on the Arm® Cortex®-A processor(s), and the STM32CubeMPU Package running on the Arm® Cortex®-M processor.

3.1 Boot time assignment[edit source]

3.1.1 On STM32MP13x lines More info.png[edit source]

The DDRMCE peripheral, part of the DDR subsystem, is configured inside TF-A BL2 to setup the security of a DDR region thanks to TF-A FW Configuration. This should be done before accessing DDR region if encryption is required.

Click on the right to expand the legend...

Check boxes illustrate the possible peripheral allocations supported by STM32 MPU Embedded Software:

  • means that the peripheral can be assigned to the given boot time context.
  • means that the peripheral is assigned by default to the given boot time context and that the peripheral is mandatory for the STM32 MPU Embedded Software distribution.
  • means that the peripheral can be assigned to the given boot time context, but this configuration is not supported in STM32 MPU Embedded Software distribution.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32 MPU reference manuals.

Domain Peripheral Boot time allocation Comment
Instance Cortex-A7
secure
(ROM code) 		Cortex-A7
secure
(TF-A BL2) 		Cortex-A7
non-secure
(U-Boot)
Security DDRMCE DDRMCE

3.2 Runtime assignment[edit source]

3.2.1 On STM32MP13x lines More info.png[edit source]

Click on the right to expand the legend...

STM32MP13 internal peripherals

Check boxes illustrate the possible peripheral allocations supported by STM32 MPU Embedded Software:

  • means that the peripheral can be assigned to the given runtime context.
  • means that the peripheral is assigned by default to the given runtime context and that the peripheral is mandatory for the STM32 MPU Embedded Software distribution.
  • means that the peripheral can be assigned to the given runtime context, but this configuration is not supported in STM32 MPU Embedded Software distribution.
  • is used for system peripherals that cannot be unchecked because they are hardware connected in the device.

Refer to How to assign an internal peripheral to an execution context for more information on how to assign peripherals manually or via STM32CubeMX.
The present chapter describes STMicroelectronics recommendations or choice of implementation. Additional possibilities might be described in STM32MP13 reference manuals.

Domain Peripheral Runtime allocation Comment
Instance Cortex-A7
secure
(OP-TEE) 		Cortex-A7
non-secure
(Linux)
Security DDRMCE DDRMCE

4 Software frameworks and drivers[edit source]

All system bus traffic going through an encrypted region is managed on-the-fly by the DDRMCE, automatically decrypting reads and encrypting writes: see the memory mapping.

5 How to assign and configure the peripheral[edit source]

The DDRMCE configuration is generated via STM32CubeMX tool, according to the region characteristics (address, length, type). This configuration is applied during boot time by the FSBL (see Boot chain overview): TF-A.

6 References[edit source]

  1. https://en.wikipedia.org/wiki/Advanced_Encryption_Standard


Doubledata rate (memory domain)

Advanced encryption standard

Board support package

Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere. Arm logo.png

Cortex®

Trusted firmware for Arm® Cortex®-A

Boot loader stage 2

Read only memory

Das U-Boot -- the universal boot loader (see U-Boot)

Open portable trusted execution environment

Linux® is a registered trademark of Linus Torvalds.

First stage boot loader

Doubledata rate (memory domain)

Advanced encryption standard

Board support package

Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere. Arm logo.png

Cortex®

Trusted firmware for Arm® Cortex®-A

Boot loader stage 2

Read only memory

Das U-Boot -- the universal boot loader (see U-Boot)

Open portable trusted execution environment

Linux® is a registered trademark of Linus Torvalds.

First stage boot loader

Retrieved from "https://wiki.st.com/stm32mpu/index.php?title=DDRMCE_internal_peripheral&oldid=93604"