- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- Neural Processing UnitsNeural Processing Units
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
- Neural Processing Units
-
- NXP Tech Blogs
- Home
- :
- QorIQプロセッシングプラットフォーム
- :
- レイヤースケープ
- :
- Re: ls1043a is it possible to prototype secure boot without blowing any fuses?
ls1043a is it possible to prototype secure boot without blowing any fuses?
オプション
- RSS フィードを購読する
- トピックを新着としてマーク
- トピックを既読としてマーク
- このトピックを現在のユーザーにフロートします
- ブックマーク
- 購読
- ミュート
- 印刷用ページ
解決済み
04-02-2026
01:22 AM
1,327件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Between documentation and even cross referencing with some Ai agents I can't get a definitive answer on this.
Can secure boot be setup on LS1043A without blowing any fuses? If yes, how? If no, what are the minimum fuses I have to blow in order to step the process along for secure boot.
I seem to be stuck where I setup secure boot in the RCW for SB_EN = 1 and BOOT_HO = 1, but when connecting to CCS when I try to write in the SRK registers those registers are locked and I can't write to them. And obviously secure boot isn't working.
解決済! 解決策の投稿を見る。
1 解決策
04-13-2026
06:48 PM
1,074件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Memory Map for SFP in Qoriq Trust Architecture 2.x has incorrect register range. Tried with other values from LSDUK_Rev21.08 and document 'Setting up Secure Boot on PBL Based Platforms in Prototype Stage', and Secure_boot.pptx. And after entering SRK hash values into registers and releasing the CPU finally got life on the console. I still have errors, but its a step in the right direction
8 返答(返信)
04-05-2026
11:55 PM
1,213件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Was reviewing the Secure Boot.pptx by Yiping Wang from August 2024,
In the secure boot troubleshooting section it lists to check the SecMon_HP Status Register (0x1e90014) bits OTPMK_ZERO should be 0. Which I have (0x81D0AB00 is value returned). And to check SFP_SVHESR(0x1e80024) should be 0, mine however returns 0x00068400.
The powerpoint says if this is the case then there was an error in the way I tried to blow the OTPMK fuse. Is this the case? Is this recoverable? I read a document that said as long as the parity bit was 0 then it should be ok, but after seeing this presentation is that not the case?
Should the jump be attached to the board before power on? From documentation it sounds like it should not be, but rather put the jumper on while the system is running, burn the fuses, then remove the jumper while the system is still running before removing power and power cycling.
When I attempt to use CCS to put the SRK hashes in it appears that the registers are locked, because they don't take the values I'm entering. I try to put in the values and then set the board to release the CPU to boot, but I get no activity on the console (minicom).
For my attempt at secure boot on the LS1043A-RDB is my attempt with this board is this board done? It will still boot with a non-secure image as I didn't try setting the ITS fuse.
04-03-2026
04:43 AM
1,280件の閲覧回数
June_Lu
NXP TechSupport
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Secure boot requires the fuse to be blown.
Some secure boot–related documents are not publicly available. Please kindly create a support case at
https://support.nxp.com/s/?language=en_US
to request access to the Trust Architecture documents.
Thanks.
04-13-2026
05:26 PM
1,080件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
My manager has access to the Qoriq Trust Architecture 2.x document, I'm still waiting on my approval from NXP (already got the secure rights access, but that document hasn't been included).
Can you please provide confirmation of the OTPMK and SRKHR offsets?
I see a couple different values between multiple documents.
For OTPMK I see both offsets between 0x21C-0x238, and 0x234-0x250
For SRKHR I see both offsets between 0x23C-0x258, and 0x254-0x270
As you can see there between the two sets they overlap on a couple of registers.
04-13-2026
06:48 PM
1,075件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Memory Map for SFP in Qoriq Trust Architecture 2.x has incorrect register range. Tried with other values from LSDUK_Rev21.08 and document 'Setting up Secure Boot on PBL Based Platforms in Prototype Stage', and Secure_boot.pptx. And after entering SRK hash values into registers and releasing the CPU finally got life on the console. I still have errors, but its a step in the right direction
04-17-2026
12:52 PM
960件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Marked as solved since I was able to get output on the console, will open a new issue for the SEC/CAAM not initializing
04-14-2026
05:20 PM
1,037件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
If anyone is curious these are the errors I am receiving after putting the SRK hash in and releasing the cpu
04-14-2026
07:14 PM
1,028件の閲覧回数
kenli
NXP Employee
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Did you eventually use CodeWarrior or U-Boot to fuse the OTPMK? This is mandatory. Later, if you need to verify the SRKH effects, you can skip the actual fusing and just use the mirror registers instead. You'll need CodeWarrior to assist with this—halt the main CPU, configure the mirror registers properly, then release the CPU. Refer to the corresponding sections in the LSDK documentation for detailed descriptions.
Best regards
04-15-2026
02:26 PM
1,003件の閲覧回数
endrunner_smw
Contributor III
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Yes, I used CCS to fuse the OTPMK. Then with BOOT_HO = 1 and SB_EN = 1 in RCW I booted and in CCS set the SRKH mirror registers and released the cpu. That is the screenshot I posted above. Though apparently I still have an issue of SEC/CAAM not initializing?
