S32K358 - SMR installation for advanced Secure Boot - HSE_SRV_RSP_NOT_ALLOWED

fp-theophile · ‎10-11-2024

Hi,

I am trying to install a SMR with advanced secure boot mod, I get the following response from the HSE: HSE_SRV_RSP_NOT_ALLOWED. I know it is not related to my LC State, I don't what I am missing. The ECDSA signature for the region is written in internal Flash memory.

Here is my code for the configuration:

hseSmrDecrypt_t smrDecrypt = {HSE_SMR_DECRYPT_KEY_HANDLE_NOT_USED, 0, 0, NULL, 0};
hseEcdsaScheme_t ecdsaScheme = {HSE_HASH_ALGO_SHA2_256, NULL};

hseSignScheme_t cryptoScheme;
cryptoScheme.signSch = HSE_SIGN_ECDSA;
cryptoScheme.sch.ecdsa = ecdsaScheme;

hseAuthScheme_t authScheme;
authScheme.sigScheme = cryptoScheme;

hseSmrEntry_t hseEntry;

hseEntry.pSmrsrc=COM_FLS_u32ActivePhysicalStartAddr;
hseEntry.smrSize = 0X200000U;
hseEntry.pSmrDest = NULL;
hseEntry.configFlags = 0U;
hseEntry.checkPeriod = 0U;
hseEntry.authKeyHandle = 0x00010000U;
hseEntry.authScheme = authScheme;
hseEntry.smrDecrypt = smrDecrypt;
hseEntry.versionOffset = HSE_SMR_VERSION_NOT_USED;

hseSmrEntryInstallSrv_t hseInstallSmr;
hseInstallSmr.accessMode = HSE_ACCESS_MODE_ONE_PASS;
hseInstallSmr.entryIndex = 0u;
hseInstallSmr.pSmrEntry = (HOST_ADDR) &hseEntry;
hseInstallSmr.pSmrData = COM_FLS_u32PassivePhysicalStartAddr;
hseInstallSmr.smrDataLength = 0X200000U;
hseInstallSmr.pAuthTag[0U] = (HOST_ADDR) COM_FLS_u32PhysicalAdressSignature;
hseInstallSmr.pAuthTag[1U] = (HOST_ADDR) COM_FLS_u32PhysicalAdressSignature + 32U;
hseInstallSmr.authTagLength[0U] = HSE_BYTES_TO_BITS(32U);
hseInstallSmr.authTagLength[1U] = HSE_BYTES_TO_BITS(32U);

Regards

fp-theophile · ‎10-14-2024

Hi,

Thank you @VaneB for these documents, I have been through them and did not find anything conclusive

My question was specifically on the error response HSE_SRV_RSP_NOT_ALLOWED, I am not sure about what can cause this error in case of a SMR installation request.

Regards

VaneB · ‎10-14-2024

Hi @fp-theophile

Please help me check what hseAttrSmrCoreStatus_t is returning.

Also could you verify if the problem is not caused by data cache? This is the most common issue when HSE_SRV_RSP_NOT_ALLOWED is returned even if everything seems to be correct. You can try to disable the data cache completely to check if this is the case.

Otherwise SMR can be erased by service HSE_SRV_ID_SMR_ENTRY_ERASE. Notice that super user rights are needed.

fp-theophile · ‎10-22-2024

Hello,

I have only 0s in hseAttrSmrCoreStatus_t.

Also now I have HSE_SRV_RSP_INVALID_PARAM as a response from the hse without changing parameters except trying to change key flags, I don't really know what is going on.

About the cache memory I disabled it so I know it is not the problem. And also I checked I had the user rights.

Regards.

VaneB · ‎10-23-2024

Hi @fp-theophile

Since hseAttrSmrCoreStatus_t only returns 0, it indicates the following information:

- smrStatus[2U] > [0].bit : 0 - SMR Not verified
[1].bit : 0 - SMR verification fail

- smrEntryInstallStatus > 0 - SMR entry not installed

- coreBootStatus[2U] > [0].bit : 0 - Core Not booted
[1].bit : 0 - Core booted with alternate/backup reset address

Have you tried any of the Advanced Secure Boot projects shared above?

VaneB · ‎10-11-2024

Hi @fp-theophile

To better understand the Secure Boot we provide an application note including demo projects which explains all the steps in detail. It can be downloaded from:
S32K3 Microcontrollers for Automotive General Purpose

Application note can be found here:
Documentation -> Secure Files -> Secure Boot Application note v0.1.1.0 (AN744511)

Associated demo project can be downloaded here:
Design Resources -> Software -> Secure Files -> SecureBootAppNoteDemo (SW745310)

Additionally, example codes are available without RTD that provide different use case scenarios to show the capabilities of the HSE FW.

S32K3 MCUs for General Purpose HSE Demo Examples

BR, VaneB