[Security] secure boot enable disable method

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

[Security] secure boot enable disable method

ソリューションへジャンプ
2,360件の閲覧回数
Gideon
Contributor III

Hi ~

The chip is S32K1XX series,I have read AN5401.pdf some Qs as follows:

1. After BOOT_MAC_KEY and BOOT_MAC key are loaded into the CSEC module security area, secure boot will not be enabled immediately. Is this correct?
2. Under the premise of 1, secure boot will be enabled immediately after setting CMD_BOOT_DEFINE. Key writing and secure boot enablement are separate and independent steps. Is this understood correctly?
3. Select "B. Strict Sequential Boot Mode" for the secure boot mode, and enable Secure boot. In this case, is there any way to Disable Secure boot? ※Mainly for the convenience of debugging.

Thx v mush~~

ラベル(1)
0 件の賞賛
返信
1 解決策
2,133件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

"In the development stage, A Sequential Boot Mode is used, and in the mass production stage, B Strict Sequential Boot Mode is used."

- yes. But that's also up to you - it depends on your requirements. It's not mandatory to use strict sequential boot mode in production.

Is there any risk in using different boot modes for the development stage and mass production stage?

- I don't think so. There's only one difference which you need to be aware of - if sequential boot mode fails, application is running but boot protected keys cannot be used. If strict boot mode fail, the device will never leave reset.

It just doesn't make sense to use strict boot mode during development because the flash is reprogrammed many times and it would be necessary to be very careful during each programming. I would implement strict boot mode as the last thing.

Regards,

Lukas

元の投稿で解決策を見る

0 件の賞賛
返信
5 返答(返信)
2,286件の閲覧回数
Gideon
Contributor III

I have got it. Thx very mush. Please allow me to ask another question.

"B. Strict Sequential Boot Mode" for the secure boot mode, BOOT_MAC's "Write Prot" attribute is set to 1,  If an error occurs, BOOT_MAC can't update any more, the device can't use any more, am  right?

0 件の賞賛
返信
2,275件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

If WRITE_PROT attribute for BOOT_MAC is set, it's not possible to update BOOT_MAC anymore. And if strict sequential secure boot mode is used, the area covered by secure boot cannot be updated anymore. If single word is changed in that flash, the secure boot will fail and the device will be bricked - it will never leave reset state.
Regards,
Lukas

0 件の賞賛
返信
2,235件の閲覧回数
Gideon
Contributor III

Thank you very much. I already understand this situation. In the development stage, A Sequential Boot Mode is used, and in the mass production stage, B Strict Sequential Boot Mode is used. Is there any risk in using different boot modes for the development stage and mass production stage?

0 件の賞賛
返信
2,134件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

"In the development stage, A Sequential Boot Mode is used, and in the mass production stage, B Strict Sequential Boot Mode is used."

- yes. But that's also up to you - it depends on your requirements. It's not mandatory to use strict sequential boot mode in production.

Is there any risk in using different boot modes for the development stage and mass production stage?

- I don't think so. There's only one difference which you need to be aware of - if sequential boot mode fails, application is running but boot protected keys cannot be used. If strict boot mode fail, the device will never leave reset.

It just doesn't make sense to use strict boot mode during development because the flash is reprogrammed many times and it would be necessary to be very careful during each programming. I would implement strict boot mode as the last thing.

Regards,

Lukas

0 件の賞賛
返信
2,325件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Gideon 
To enable the secure boot, it is necessary to perform all the steps described in section "4.4.3 Adding BOOT_MAC to secure flash (first time)" in AN5401. If you do not run CMD_BOOT_DEFINE command, the secure boot won't be enabled.
The best way is to follow those steps to configure the secure boot.
Once the secure boot is enabled, it can't be disabled. There are only two options: you can either update the BOOT_MAC (for example when updating application) or you can reset the device to factory state - you need to know MASTER_ECU_KEY for this. Read "4.5 Resetting Flash to the Factory State" in AN5401 for details.
And if you use strict secure boot, it can't be disabled anymore, you can't even reset the device back to factory state. You can only update the BOOT_MAC if necessary. I do not recommend to use strict secure boot for development. During development, you can test it with standard sequential boot mode, so you can always recover the device if something goes wrong. If strict secure boot fails, the device will stay in reset forever, there's no way back.
Regards,
Lukas

0 件の賞賛
返信