Hi,
Question 1:
As per LS1046ARM_Reference_Manual, Pg 147
1E8_0000 - 1E8_FFFF -------> Security fuse processor (SFP) ----> Big-endian (byte swapping required)
But as per yipingwang in https://community.nxp.com/thread/515242
SRKH Register is Little Endian on Layerscape Platform.
Kindly clarify how should the write operations to SRKH Mirror registers be addressed.
And what is the endian-ness of OTPMK Mirror Registers?
Question 2:
If my CST Output SRK Hash is as below
SRKHR_0 = 0x1AB45D78
SRKHR_1 = 0x47264925
. . ..
SRKHR_7 = 0x923DF25B
And my debugger is Lauterbach, should the write instructions over the AXI bus be as follows?
B::Data.Set EZAXI:0x01E80254 %BE %Long 0x1AB45D78
B::Data.Set EZAXI:0x01E80258 %BE %Long 0x47264925
...
B::Data.Set EZAXI:0x01E80270 %BE %Long 0x923DF25B
Question 3: What is the endian-ness of OTPMK Mirror Registers?
If my CST Output OTPMK Hash is as below
OTPMK0 = 0x1AB45D78
OTPMK1 = 0x47264925
. . ..
OTPMK7 = 0x923DF25B
And my debugger is Lauterbach, should the write instructions over the AXI bus be as follows?
B::Data.Set EZAXI:0x01E80234 %BE %Long 0x1AB45D78
B::Data.Set EZAXI:0x01E80238 %BE %Long 0x47264925
...
B::Data.Set EZAXI:0x01E80250 %BE %Long 0x923DF25B
Thanks & Regards,
Rashmitha
Please refer to the following example in CCS:
Generated by CCS tool:
OTPMK[255:0] is:
1a4721b1d5371cf735e6975844932d9ce2f460b7aa7816a774e2aba90adca9a2
NAME | BITS | VALUE
_________|______________|____________
OTPMKR 0 | 255-224 | 1a4721b1
OTPMKR 1 | 223-192 | d5371cf7
OTPMKR 2 | 191-160 | 35e69758
OTPMKR 3 | 159-128 | 44932d9c
OTPMKR 4 | 127- 96 | e2f460b7
OTPMKR 5 | 95- 64 | aa7816a7
OTPMKR 6 | 63- 32 | 74e2aba9
OTPMKR 7 | 31- 0 | 0adca9a2
% config cc cwtap:10.81.116.21
% ccs::config_server 0 10000
% ccs::config_chain {ls1043a dap sap2}
% display ccs::get_config_chain
...
Chain Position 32: DAP
Chain Position 33: SAP2
Write OTPMK to mirror registers.
ccs::write_mem 32 0x1e80234 4 0 0x1a4721b1
ccs::write_mem 32 0x1e80238 4 0 0xd5371cf7
ccs::write_mem 32 0x1e8023c 4 0 0x35e69758
ccs::write_mem 32 0x1e80240 4 0 0x44932d9c
ccs::write_mem 32 0x1e80244 4 0 0xe2f460b7
ccs::write_mem 32 0x1e80248 4 0 0xaa7816a7
ccs::write_mem 32 0x1e8024c 4 0 0x74e2aba9
ccs::write_mem 32 0x1e80250 4 0 0x0adca9a2
Generated by CCS tool:
SRK (Public Key) Hash:
83bba1f03e1ce1d336490b5e4b1071f6c8021c72976408e5084e988ce4c1d93a
SFP SRKHR0 = 83bba1f0
SFP SRKHR1 = 3e1ce1d3
SFP SRKHR2 = 36490b5e
SFP SRKHR3 = 4b1071f6
SFP SRKHR4 = c8021c72
SFP SRKHR5 = 976408e5
SFP SRKHR6 = 084e988c
SFP SRKHR7 = e4c1d93a
ccs::write_mem 32 0x1e80254 4 0 0x83bba1f0
ccs::write_mem 32 0x1e80258 4 0 0x3e1ce1d3
ccs::write_mem 32 0x1e8025c 4 0 0x36490b5e
ccs::write_mem 32 0x1e80260 4 0 0x4b1071f6
ccs::write_mem 32 0x1e80264 4 0 0xc8021c72
ccs::write_mem 32 0x1e80268 4 0 0x976408e5
ccs::write_mem 32 0x1e8026c 4 0 0x084e988c
ccs::write_mem 32 0x1e80270 4 0 0xe4c1d93a
Release core 0 from boot hold off mode.
ccs::write_mem 32 0x1ee00e4 4 0 0x00000001
Thanks yipingwang
Question 1. Could you provide the link for CCS Commands manual?
I am trying to translate CCS commands to Lauterbach commands
ccs::write_mem 32 0x1ee00e4 4 0 0x00000001 ===>What does 4 0 indicate in these commands?
==========================================================================================
Question 2. What is the endian-ness of OTPMK Mirror Registers? (I know SRKH is LE)
===========================================================================================
In AN5227, all the commands in 3.2. Programming One Time Programmable Master Key (OTPMK) explicitly use -s (indicating Little endian)
Whereas in 3.3. Programming Super Root Key Hash (SRKH) there is a note which says
Write SRKH fuse values into mirror registers. These values must be swapped before writing the
SRKH mirror registers. Because the Debugger Shell write operation is done via core, and the
core access is little-endian; therefore, using the -s option is no longer required.
Question 3. Why is there a difference regarding usage of -s option while writing to SRKH and OTPMK?
===========================================================================================
Write SRKH fuse values into mirror registers. These values must be swapped before writing the
SRKH mirror registers. Because the Debugger Shell write operation is done via core, and the
core access is little-endian; therefore, using the -s option is no longer required.
I do not see any values swap happening in commands.
Value written in < ccs::write_mem 32 0x1e80254 4 0 0x83bba1f0 > is same as the generated hash string.
Question 4. Where should the values be swapped?
===========================================================================================
Thanks
Rashmitha
Hello Rashmitha Ramesh Nair,
CCS command ccs::write_mem args is explained as the following.
"ccs::write_mem chain_pos address size space data_list"
OTPMK and SRKH generated by CCS tool can be used directly, no need to do swapping.
You could refer to section "3. Deploy Secure Boot Images to the Target and Write SRKH Mirror Register" in https://community.nxp.com/docs/DOC-332248
Thanks,
Yiping
Hi yipingwang
Thank you for the CCS command explanation that was helpful.
I am not generating OTPMK and SRKH using CCS Tool . I am generating them using Code Signing Tool(CST) in QorIQ SDK with ./gen_keys and ./gen_otpmk_drbg commands.
==> Question: Can the keys generated using Code Signing Tool(CST) be used directly without swapping?
-------------------------------------------------------------------------------------------------------------------------------------------------------------
==>Request you to answer Question 2 and 3 in my previous reply.
Question 2. What is the endian-ness of OTPMK Mirror Registers? (I know SRKH is LE)
Question 3. Why is there a difference regarding usage of -s option while writing to SRKH and OTPMK?
------------------------------------------------------------------------------------------------------------------------------------------------------------
==>Since my debugger is Lauterbach, I am unable to follow
Setting up Secure Boot on PBL Based Platforms in Prototype Stage completely.
I have found an NXP Trace32 Manual (https://www.nxp.com/docs/en/user-guide/LAUTERBACHTRACE32UG.pdf ).
Question: Is there any other document by NXP w.r.t. Lauterbach Trace32 for Secure Boot on PBL Based platforms Prototype stage?
------------------------------------------------------------------------------------------------------------------------------------------------------------
Regards,
Rashmitha
Hello Rashmitha,
You could use keys generated using Code Signing Tool(CST) directly without swapping, please use chain_pos as 32 to write mirror registers, no need consider about endian-ness.
Thanks,
Yiping