Flash Command and CSEc Command

kmh48301 · ‎01-04-2022

Hi.

I read "The FTFC module's Cryptographic Services Engine (CSEc) implements a comprehensive
set of cryptographic functions as described in the SHE Functional Specification,
including:" in s32k-rm.

So it means that CSEc command is run by FTFC.

And, I guess the CSEc command is launched by clearing CCIF flag.

because : "The operation will start as indicated by CCIF transitioning from 1 to 0. The operation will
complete and set CCIF to 1 again. At this point the user may read the PRAM to verify or
transfer results as applicable." in s32k-rm page 884.

But any flash program command is also launched by clearing CCIF flag.

So what happened if during flash program command is executing, trying to launch CSEc command?

for example : CSEC_DRV_EncryptECB

I think in CSEC_DRV_StartEncDecECBCmd, the CCIF Flag will be cleared.

but in that situation, CCIF flag is already 0 because flash program command is executing.

the CSEc command will be executed? or not?

Please give me any advice

Thanks

Best Regards

Phillip

lukaszadrapa · ‎01-07-2022

Hi Phillip,

that's a good note, I was checking AN5401 only, not the SDK code. It looks like a weakness of the SDK driver. I will report this to SDK team. Thanks for pointing this out.

Regards,

Lukas

在原帖中查看解决方案

lukaszadrapa · ‎01-05-2022

Hi Phillip,

"And, I guess the CSEc command is launched by clearing CCIF flag."

No, it's not. It says indicating, not starting.

Take a look at:

Then:

And some example from AN5401 code:

Regards,

Lukas

kmh48301 · ‎01-05-2022

Hi Lukas

Thank you for replying.

I misunderstood important thing.

In example code that you gave, after CSEc command executes, it waits ccif mask.

Then, if flash command had executed before CSEc command executed,

the ccif mask indicates flash command completion and CSEc command completion.

It looks something wrong and unsafe.

1. I think CSEc Driver had better wait CCIF Mask and something other status bit for just in case.

2. Can the FTFC execute 2 commands at the same time such as csec command and flash command?

Thanks

Best Regards

Phillip

lukaszadrapa · ‎01-06-2022

Hi Phillip,

I can see no problem here. It's mentioned in the notes that only one command can be executed at a time. Adding the screenshot again:

Anytime when you are going to launch a flash command or CSEc command, you should check (using CCIF) if previous operation is completed. This is done in the drivers, so it's safe.

Regards,

Lukas

kmh48301 · ‎01-06-2022

Hi Lukas

Thank you for kindness.

Anytime when you are going to launch a flash command or CSEc command, you should check (using CCIF) if previous operation is completed. "This is done in the drivers, so it's safe."

I need to know how the driver make it safe.

In CSEC_DRV_EncryptECB(), i can't see the safety method.

==============================

if (g_csecStatePtr->cmdInProgress)
{
return STATUS_BUSY;
}

==============================

Those lines can't make this situation safe.

because g_csecStatePtr is not related flash driver and command.

Could you please let me know how the "CSEC_DRV_EncryptECB()" make it safe?

Thanks

Best Regards

Phillip

lukaszadrapa · ‎01-07-2022

Hi Phillip,

that's a good note, I was checking AN5401 only, not the SDK code. It looks like a weakness of the SDK driver. I will report this to SDK team. Thanks for pointing this out.

Regards,

Lukas

kmh48301 · ‎01-09-2022

Hi Lukas

If you get response from the SDK team, Please let me know as well.

Because I need to know when this weakness is fixed.

Thanks

Best Regards

Phillip