[Security] FCSESTAT Register with BOK、BFN、BIN and SB bit

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[Security] FCSESTAT Register with BOK、BFN、BIN and SB bit

Jump to solution
1,093 Views
Gideon
Contributor III

NXP S32K 1XX
During the development phase, choose A. Sequential Boot Mode for the Seure boot solution.
Related to FCSESTAT Register and secure boot are the BOK, BFN, BIN and SB bits.
AN5401.pdf->Figure 5. CSEc Boot Process on S32K1xx devices

Gideon_0-1696405635884.png


In the Application code, when Check FCSESTAT[BOK](==1), you need to execute the CMD_BOOT_OK command in the Application code, which will set FCSESTAT[BFN](==1).
Q1. In the Application code, if Check FCSESTAT[BOK](==0), do I need to execute the CMD_BOOT_FAILURE command?
Q2. Will executing the CMD_BOOT_FAILURE command set FCSESTAT[BFN](==0)?

Q3. Figure 5. CSEc Boot Process on S32K1xx devices,Is BOOT_MAC_KEY slot empty? == Yes branch, I think there should be Set FCSESTAT[BIN](=1) processing, right?

Gideon_0-1696407271669.png

 

Labels (1)
0 Kudos
Reply
1 Solution
1,081 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Gideon 

A1. It’s not necessary. CMD_BOOT_FAILURE is used rather in different situation – when you run chain of trust - for example: bootloader is checked by secure boot and then bootloader checks application(s). If secure boot covering the bootloader is successful but verification of application(s) which is initiated by bootloader fails then bootloader is supposed to run CMD_BOOT_FAILURE to finish the secure boot process – to disable boot protected keys even if HW secure boot was successful.

If the secure boot fails right at the beginning, it won’t be possible to use boot protected keys regardless of CMD_BOOT_FAILURE or CMD_BOOT_OK.

But yes, you can run CMD_BOOT_FAILURE to finish the boot process.

 

A2.  Yes.

 

A3. Not sure if I can understand. What’s the problem here?

 

Regards,

Lukas

View solution in original post

0 Kudos
Reply
4 Replies
993 Views
Gideon
Contributor III

A3. Not sure if I can understand. What’s the problem here?

Q1 and Q2 is OK.  About Q3, I misunderstood, this question is closed,sorry

 

0 Kudos
Reply
1,082 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Gideon 

A1. It’s not necessary. CMD_BOOT_FAILURE is used rather in different situation – when you run chain of trust - for example: bootloader is checked by secure boot and then bootloader checks application(s). If secure boot covering the bootloader is successful but verification of application(s) which is initiated by bootloader fails then bootloader is supposed to run CMD_BOOT_FAILURE to finish the secure boot process – to disable boot protected keys even if HW secure boot was successful.

If the secure boot fails right at the beginning, it won’t be possible to use boot protected keys regardless of CMD_BOOT_FAILURE or CMD_BOOT_OK.

But yes, you can run CMD_BOOT_FAILURE to finish the boot process.

 

A2.  Yes.

 

A3. Not sure if I can understand. What’s the problem here?

 

Regards,

Lukas

0 Kudos
Reply
1,063 Views
Gideon
Contributor III

Hi~ Thank u for your reply

Q1:from A1, for Application code, whether CMD_BOOT_OK or CMD_BOOT_FAILURE is set, it means the end of the Secure boot process, right?

Boot protected keys are valid only when the following conditions are met, right?

FCSESTA[BOK](=1) && FCSESTAT[BFN](=1)

0 Kudos
Reply
1,035 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Please take a look at this thread:

https://community.nxp.com/t5/S32K/s32k144-csec-Boot-Ok-Command/td-p/1330132

CMD_BOOT_OK is not necessary to unlock boot protected keys.

Regards,

Lukas

 

0 Kudos
Reply