4. Boot modes
At startup, NBOOT0 and NSWBOOT0 option bits of the FLASH_OPTR register, and ADD[24:0] option bytes of the FLASH_BOOT0R, FLASH_BOOT1R or FLASH_SBOOT0R registers are used to select the boot memory address that includes:
- • Boot from any address in user flash memory
- • Boot from system memory (bootloader)
- • Boot from any address in the embedded SRAM
- • Boot from root security service (RSS)
The BOOT0 value may come from the BOOT0 pin or from an option bit depending on the value of a user option bit to free the GPIO pad if needed.
The bootloader, located in the system memory, is used to reprogram the flash memory by using USART, I2C, I3C, SPI, FDCAN, or USB in device mode through the DFU (device firmware upgrade).
Table 19 and Table 20 detail the boot modes when TrustZone is disabled or enabled.
Table 19. Boot modes when TrustZone is disabled (TZEN = 0)
| NBOOT0 | BOOT0 pin | NSW BOOT0 | Boot address option-byte selection | Boot area | ST programmed default value |
|---|---|---|---|---|---|
| - | 0 | 1 | ADD[24:0] in FLASH_BOOT0R | Nonsecure boot base address 0 defined by user option bytes in FLASH_BOOT0R | Flash memory: 0x0800 0000 |
| - | 1 | 1 | ADD[24:0] in FLASH_BOOT1R | Nonsecure boot base address 1 defined by user option bytes in FLASH_BOOT1R | Bootloader: 0x0BF8 F000 |
| 1 | - | 0 | ADD[24:0] in FLASH_BOOT0R | Nonsecure boot base address 0 defined by user option bytes in FLASH_BOOT0R | Flash memory: 0x0800 0000 |
| 0 | - | 0 | ADD[24:0] in FLASH_BOOT1R | Nonsecure boot base address 1 defined by user option bytes in FLASH_BOOT1R | Bootloader: 0x0BF8 F000 |
When TrustZone is enabled by setting the TZEN option bit, the boot space must be in the secure area. The ADD[24:0] option bytes in FLASH_SBOOT0R are used to select the boot secure memory address.
A unique boot entry option can be selected by setting the BOOT_LOCK option bit. All other boot options are ignored.
Table 20. Boot modes when TrustZone is enabled (TZEN = 1)
| BOOT_LOCK | NBOOT0 | BOOT0 pin | NSW BOOT0 | RSS command | Boot address option-byte selection | Boot area | ST programmed default value |
|---|---|---|---|---|---|---|---|
| 0 | - | 0 | 1 | 0 | ADD[24:0] in FLASH_SBOOT0R | Secure boot base address 0 defined by user option bytes in FLASH_SBOOT0R | Flash memory: 0x0C00 0000 |
| - | 1 | 1 | 0 | N/A | RSS | RSS: 0x0FF8 0000 | |
| 1 | - | 0 | 0 | ADD[24:0] in FLASH_SBOOT0R | Secure boot base address 0 defined by user option bytes in FLASH_SBOOT0R | Flash memory: 0x0C00 0000 | |
| 0 | - | 0 | 0 | N/A | RSS | RSS: 0x0FF8 0000 | |
| - | - | - | ≠ 0 | N/A | RSS | RSS: 0x0FF8 0000 | |
| 1 | - | - | - | - | ADD[24:0] in FLASH_SBOOT0R | Secure boot base address 0 defined by user option bytes in FLASH_SBOOT0R | Flash memory: 0x0C00 0000 |
The boot address option bytes are used to program any boot memory address. However, the allowed address space depends on flash memory read protection RDP level.
If the programmed boot memory address is out of the allowed memory mapped area when RDP level is 0.5 or more, the default boot fetch address is forced either in the secure flash memory or the nonsecure flash memory depending on the TrustZone security option as described in the table below.
Table 21. Boot space versus RDP protection
| RDP | TZEN = 1 | TZEN = 0 |
|---|---|---|
| 0 | Any boot address | Any boot address |
| 0.5 | Boot address only in RSS: 0x0FF8 0000 or in secure flash memory | N/A |
| 1 | 0x0C00 0000-0x0C07 FFFF on STM32U356/366 0x0C00 0000-0x0C0F FFFF on STM32U375/385 0x0C00 0000-0x0C1F FFFF on STM32U3B5/3C5 Otherwise the boot address is forced to 0x0FF8 0000. | Any boot address |
| 2 | 0x0C00 0000-0x0C07 FFFF on STM32U356/366 0x0C00 0000-0x0C0F FFFF on STM32U375/385 0x0C00 0000-0x0C1F FFFF on STM32U3B5/3C5 Otherwise the boot address is forced to 0x0FF8 0000. | Boot address only in flash memory 0x0800 0000-0x0807 FFFF on STM32U356/366 0x0800 0000-0x080F FFFF on STM32U375/385 0x0800 0000-0x081F FFFF on STM32U3B5/3C5 Otherwise boot address forced is 0x0800 0000. |
The BOOT0 value (either coming from the pin or the option bit) is latched upon reset release. It is up to the user to set NBOOT0 or BOOT0 values to select the required boot mode.
The BOOT0 pin or user option bit (depending on NSWBOOT0 in FLASH_OPTR) is also resampled when exiting Standby mode. Consequently, the BOOT0 pin or user option bit must be kept in the required boot mode configuration in Standby mode. After the startup delay, the selection of the boot area is done before releasing the processor reset.
BOOT0 GPIO is configured as follows:
- • In input mode during the complete reset phase, if the option bit NSWBOOT0 is set in FLASH_OPTR, and then switches automatically in analog mode after reset is released (BOOT0 pin)
- • In input mode from the reset phase to the completion of the option byte loading, if the bit NSWBOOT0 is cleared in FLASH_OPTR (BOOT0 value coming from the option bit), and then switches automatically to the analog mode even if the reset phase is not complete
4.1 Embedded bootloader
The embedded bootloader is located in the system memory, programmed by ST during production. Refer to the application note STM32 microcontroller system memory boot mode (AN2606).
4.2 Embedded root security services (RSS)
The embedded RSS are located in the secure information block, programmed by ST during production. The RSS, for example, enable the SFI (secure firmware installation), through the RSSE SFI (RSS extension firmware).
This feature allows the customer to produce the confidentiality of the firmware to be provisioned into the STM32, when production is sub-contracted to an untrusted third party.
The RSS are available on all devices, after enabling the TrustZone through the TZEN option bit. Refer to the application note Overview secure firmware install (SFI) (AN4992) for more details.