NXP S32K 1XX
During the development phase, choose A. Sequential Boot Mode for the Seure boot solution.
Related to FCSESTAT Register and secure boot are the BOK, BFN, BIN and SB bits.
AN5401.pdf->Figure 5. CSEc Boot Process on S32K1xx devices
In the Application code, when Check FCSESTAT[BOK](==1), you need to execute the CMD_BOOT_OK command in the Application code, which will set FCSESTAT[BFN](==1).
Q1. In the Application code, if Check FCSESTAT[BOK](==0), do I need to execute the CMD_BOOT_FAILURE command?
Q2. Will executing the CMD_BOOT_FAILURE command set FCSESTAT[BFN](==0)?
Q3. Figure 5. CSEc Boot Process on S32K1xx devices,Is BOOT_MAC_KEY slot empty? == Yes branch, I think there should be Set FCSESTAT[BIN](=1) processing, right?
Solved! Go to Solution.
Hi @Gideon
A1. It’s not necessary. CMD_BOOT_FAILURE is used rather in different situation – when you run chain of trust - for example: bootloader is checked by secure boot and then bootloader checks application(s). If secure boot covering the bootloader is successful but verification of application(s) which is initiated by bootloader fails then bootloader is supposed to run CMD_BOOT_FAILURE to finish the secure boot process – to disable boot protected keys even if HW secure boot was successful.
If the secure boot fails right at the beginning, it won’t be possible to use boot protected keys regardless of CMD_BOOT_FAILURE or CMD_BOOT_OK.
But yes, you can run CMD_BOOT_FAILURE to finish the boot process.
A2. Yes.
A3. Not sure if I can understand. What’s the problem here?
Regards,
Lukas
A3. Not sure if I can understand. What’s the problem here?
Q1 and Q2 is OK. About Q3, I misunderstood, this question is closed,sorry
Hi @Gideon
A1. It’s not necessary. CMD_BOOT_FAILURE is used rather in different situation – when you run chain of trust - for example: bootloader is checked by secure boot and then bootloader checks application(s). If secure boot covering the bootloader is successful but verification of application(s) which is initiated by bootloader fails then bootloader is supposed to run CMD_BOOT_FAILURE to finish the secure boot process – to disable boot protected keys even if HW secure boot was successful.
If the secure boot fails right at the beginning, it won’t be possible to use boot protected keys regardless of CMD_BOOT_FAILURE or CMD_BOOT_OK.
But yes, you can run CMD_BOOT_FAILURE to finish the boot process.
A2. Yes.
A3. Not sure if I can understand. What’s the problem here?
Regards,
Lukas
Hi~ Thank u for your reply
Q1:from A1, for Application code, whether CMD_BOOT_OK or CMD_BOOT_FAILURE is set, it means the end of the Secure boot process, right?
Boot protected keys are valid only when the following conditions are met, right?
FCSESTA[BOK](=1) && FCSESTAT[BFN](=1)
Please take a look at this thread:
https://community.nxp.com/t5/S32K/s32k144-csec-Boot-Ok-Command/td-p/1330132
CMD_BOOT_OK is not necessary to unlock boot protected keys.
Regards,
Lukas