SB 2.1 (1B) Flash out of date CFPA page

Hello,

I don't know which ports you are talking about, but I have nothing disabled.

I can't use read-memory in blhost tools  !

Could you please tell me how can read through debugger ?

Hello TomasVoda‌,

I took a new device, this one it's not  locked :smileyhappy:  

1- But i get always flash out of date cfpa page How can i set correctly my CFPA page ?

     > blhost -p COM12 read-memory 0X9DE18 0x4
         Ping responded in 1 attempt(s)
         Inject command 'read-memory'
         Successful response to command 'read-memory'
         55 00 00 00
         (1/1)100% Completed!
         Successful generic response to command 'read-memory'
         Response status = 0 (0x0) Success.
         Response word 1 = 4 (0x4)
         Read 4 of 4 bytes.

2- How we can avoid locking device ?

Thanks 

Best regards

Hello Mohammed,

2) When updating CMPA please do not write hash field.

Regards,

Tomas

Hash field ? Are you talking about RKTH ? 

NO, about SHA-256 digest at the end of page.

Sorry, it's not clear for me. In the application notes they don't talk about SHA-256 at the end of CMPA ? which level are you talking about ?

Can't send you my CFPA binary ! 

Hello Mohammed,

About which AppNote you are talking? Where did you download demo package CFPA?

SHA-256 digest is written at the end CMPA when you are at the end of development and you will change your security state to SECURE. After that it is not possible to change CMPA content and ISP commands are limited.

Please see Protected_flash_region.xlsx file attached to UM where you can see all registers in CMPA/CFPA.

Regards,

Tomas

I am talking about AN12283 app notes.

I download package demo from from community : https://community.nxp.com/message/1266918?commentID=1266918#comment-1266918 

below my CFPA binary file. 

You said that my CFPA looks OK ! but when i write CFPA 0X9DE00 i get always : Flash out of date CFPA PAGE !

Hey TomasVoda‌

I edited my CFPA file and I moved 0x9DE18 @ to 0x01 value.

But still can't update my CFPA PAGE into device !

Any help !

Hey TomasVoda 

The CFPA PAGE update it works.

Thanks 

Hello Mohammed,

CFPA version is based at address  0x9de04 -> blhost -p COM12 read-memory 0X9DE04 0x4 (keep in mind endianness)

When you want to update CFPA than version of new CFPA has to be higher then previous version.

How do you want to update CFPA? I expect you use blhost -p COM12 write-memory 0X9DE00 new_cfpa.bin

Be sure that in new_cfpa.bin which is 512B file is at address 0x4 incremented version register.

Also keep in mind for proper security setting we have one way changing possibilities for some registers in CFPA.

Ensure the secureFwVersion in new CFPA must be >= existing secureFwVersion

Ensure the nsFwVersion in new CFPA must be >= existing nsFwVersion

Ensure the vendorUsage in new CFPA must be >= existing vendorUsage

Ensure that the imageKeyRevoke must be >= existing imageKeyRevoke

Note the imagekeyRevoke are treated like OTP, the version increasing flow, (0, 1, 3, 7, etc)

Ensure that the rotkhRevoke must be >= existing rotkhRevoke

Note the rotkhRevoke are treated like OTP, the version increasing flow, (0, 1, 3, 7, etc)

Regards,

Tomas

Hi @Tomas

Thank you for answers.

Reading my CFPA at 0x4 : 

>blhost -p COM12 read-memory 0X9DE04 0x4
   Ping responded in 1 attempt(s)
   Inject command 'read-memory'
   Successful response to command 'read-memory'
   01 00 00 00
   (1/1)100% Completed!
   Successful generic response to command 'read-memory'
   Response status = 0 (0x0) Success.
   Response word 1 = 4 (0x4)
   Read 4 of 4 bytes.

I have one CFPA.bin file i download from demo package which is 1Ko ! see attached file !

How can i generate a new CFPA file ?

Thanks  

Thanks for answer.
I already saw this thread, they don't explain how they fixed CFPA error.

1) How can i check my CFPA PAGE at 0x4 ?

2) I can't eras flash memory, So i guess it's locked : 

>blhost -p COM 12 flash-erase-all

       Response status = 10001 (0x2711) Command disallowed when security is enabled.

If that's the case, I don't know how it's locked, i was just trying to update my image through SB 2.1.

>12 get-property 17
     Ping responded in 1 attempt(s)
     Inject command 'get-property'
     Response status = 0 (0x0) Success.
     Response word 1 = -1019428036 (0xc33cc33c)
     Security State = SECURE

Thanks

Hello Mohammed,

CFPA page has at offset 0x4 Version register. Each time when you load new CFPA page Version has to be incremented for loading new CFPA page.

Could you please send me .bd file configuration?

Security state is locked when you write CMPA hash.

When you move into SECURE state then there are limited ISP commands (flash-erase-all is not allowed).

Regards,

Tomas

OK

Below my CommandFile.bd configuration :

options {
flags = 0x8; // 0x4 //encrypted
buildNumber = 0x1;
productVersion = "1.00.00";
componentVersion = "1.00.00";
secureBinaryVersion = "2.1";
}

sources {
mainImage = "\signed_led_blinky.bin";
}

section (0) {
erase 0x0000..0x40000;
load mainImage > 0x0;
//call mainImage;
//reset;
}