Hi,
I need someone to explain to me how exactly the secureboot command will be executed during reset as it was mentioned in the datasheet:
from what i understand through going though the reference manual + some application notes:
Hi @Othmane1
Secure boot is enabled on all production devices. And parallel boot mode is selected. This is configured in NXP factory by DCF record and it cannot be changed. The DCF record is not visible in the memory map, it's hidden for user.
The device is configured in a way that SECURE_BOOT command is always executed by CSE during reset. If the BOOT_MAC_KEY is empty that nothing will happen and the process is just finished.
To make it working:
1. It is necessary to program DCF records to define start address and size for secure boot:
This DCF configurator could help:
https://community.nxp.com/t5/MPC5xxx-Knowledge-Base/MPC5777C-DCF-Configurator/ta-p/1104470
2. Load MASTER_ECU_KEY and BOOT_MAC_KEY by using LOAD_KEY command
3. Power cycle the device. The CSE will automatically calculate MAC of defined area and it will be stored automatically to BOOT_MAC slot. Afte next reset, you can just check CSE status register if secure boot was successful or not.
And notice that there's following erratum which is important in case you want to calculate the BOOT_MAC by yourself:
https://www.nxp.com/docs/en/errata/MPC5777C_3N45H.pdf
Regards,
Lukas