FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

[Security]Secure Boot SDK Verification Interface Confirm

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

[Security]Secure Boot SDK Verification Interface Confirm

Jump to solution
‎02-01-2024 02:01 AM
2,212 Views
Gideon
Contributor III

Dear NXPs:

S32K146

P-Flash 1M(2 Block)

D-Flash 32K 

 

background:

CMD_BOOT_DEFINE→BootManager 6KB Use CSEC's secureboot mechanism for verification.

The secondary verification area is Flex NVM Bootloader;

The area of third-level verification is Application;

Q1: When I fail to verify the bootloader, I will call the CSEC_DRV_BootFailure() interface to notify CSEC. What I want to know is that in addition to the SHE Key being locked, what other processing will NXP do when calling the CSEC_DRV_BootFailure() interface? For example, Reset, etc.

Q2: I use the interface CSEC_DRV_VerifyMACAddrMode() to verify P-Flash. What I want to know is whether there is a limit to the size of P-FLash that can be verified by calling this interface once (I don't want to design it to be called multiple times)? For example, it does not exceed 512K, for example, it cannot be called across blocks, etc.

Q3: When you power on for the first time, call the CSEC_DRV_BootDefine() interface in the BootManager project. In this way, secureboot will be executed when you power on for the second time. What method should I use to ensure that the CSEC_DRV_BootDefine() interface is only called once? I noticed that the CSEC_DRV_GetStatus() interface provided by the SDK does not necessarily meet my needs. I look forward to your help.

0 Kudos
Reply
1 Solution

Jump to solution
‎02-06-2024 05:49 AM
2,097 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

A1: SB should be set after next reset.

A2: BOK is set after successful verification.

Regards,

Lukas

View solution in original post

0 Kudos
Reply
3 Replies

Jump to solution
‎02-02-2024 01:05 AM
2,171 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Gideon 
1. The CSEC_DRV_BootFailure() will execute only the command CMD_BOOT_FAILURE to finish the secure boot. Nothing else.
2. The only limitation is:
"For internal NVM space the maximum size of data is limited to be no more than one read partition, or less if the starting address is not the start of the
read partition (i.e., the address sequence cannot cross boundaries of read partitions). The 'Flash Start Address' must be 128-bit aligned (the same is true for CMD_VERIFY_MAC pointer method)."
In case of S32K146, there are two 512KB blocks / read partitions.
3. I would read FCSESTAT register, bit SB. It says if secure boot is already activated or not.
Regards,
Lukas

0 Kudos
Reply

Jump to solution
‎02-04-2024 08:31 PM
2,146 Views
Gideon
Contributor III

Dear NXPs:

Thank you for your strong support. The above questions have been confirmed. There are still two questions to confirm:
Q1: When the CSEC_DRV_BootDefine() interface is called for the first time, is the FCSESTAT register bit SB set immediately, or is the bit SB set only after the next power-on? (All keys used by Secureboot have been imported successfully)
Q2: When was bit BOK set? Regarding the trust chain verification in the figure, BootManager is verified by the Secureboot mechanism provided by CSEC. So after the BootManager verification is successful, bit BOK = 1, is this true?

0 Kudos
Reply

Jump to solution
‎02-06-2024 05:49 AM
2,098 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

A1: SB should be set after next reset.

A2: BOK is set after successful verification.

Regards,

Lukas

0 Kudos
Reply