FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

About secure boot of S32K144

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About secure boot of S32K144

‎06-13-2022 07:12 PM
2,759 Views
MervynZong
Contributor II

Hello,

About secure boot of S32K144,i have some questions,
please help me to confirm it.

According to AN5401 or AN4235 spec and the api [BOOT_DEFINE] of SDK,
i think secure boot authenticated area's start address is 0 of P-flash,and maximum of 512KB,
so Is the understanding correct,if not correct please explain how to use secure boot.

Now for the upgrade scheme of S32K144,
i want to use AN12323 spec [6.1.2 S32K144 boot and update procedures],
but the bootloader's area is Flash NVM,if i understand correct,
i think the secure boot can't authenticated Flash NVM,
in other words the secure boot can't authenticated bootloader.

So i want to know how to use secure boot if i use AN12323's upgrade scheme,
if you can give me some suggestions, it will help me a lot.
Thank you very sincerely.


Thanks.

0 Kudos
Reply
2 Replies

‎06-21-2022 01:25 AM
2,716 Views
MervynZong
Contributor II

Hi Lukas,

Thanks for support and reply,
I think that have no other problem.
If i have other problem that will contact with you again.

Regards,
zong

0 Kudos
Reply

‎06-14-2022 06:31 AM
2,747 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi,
Yes, that’s correct. Start address of secure boot is 0x0. This is hardwired, it cannot be changed. And max size for secure boot is 512KB.
To check the bootloader which is placed to FlexNVM, it is necessary to create chain of trust. Let me re-use a text which I wrote for another customer:

******************
The procedure should be like this:
- Let’s say the bootloader occupies area 0x0 - 0xFFF (just an example)
- The secure boot is configured to cover this area.
- The bootloader checks if the secure boot was successful (read if FCSESTAT[BOK]==1)
- If the secure boot failed, do something (this is up to you)
- If the secure boot was successful, start checking of the application – this is just calculating of the CMAC over the application image.
- If the CMAC is correct, run BOOT_OK command which finishes the secure boot process and then it is possible to use boot protected keys. Jump to the application.
- If the CMAC is not correct, run BOOT_FAILURE command which finishes the secure boot process and then it’s not possible to use boot protected keys. It’s up to you if you want to jump to the application or not.
******************

For your use-case, it needs to be little bit modified: you should have very small application starting at 0x0. This application should be protected by the secure boot. And this application should calculate CMAC over bootloader in FlexNVM (instead of calculating CMAC over application as mentioned in the original text above) and then run either BOOT_OK or BOOT_FAILURE and then jump to the bootloader. This is just a principle, you can modify the procedure as needed.

Regards,
Lukas

0 Kudos
Reply