Hi all,
I am working on secure boot via HSE in s32k312. And, here is some question to ask.
Q1: how can I know the status when S32k312 boot fail?
In the manual(HSE_B Firmware Reference Manual, Rev 2.1),
Q2: chap. 14.2.7 mention handshake mode, my question is which conditions will trigger this mode?
Q3: Chap. 10 mention about GSR register logs the HSE system event, can we know the GSR address? If GSR address isn’t allow to know, do we have another way or register to know HSE status during boot time?
Thanks for reading..
已解决! 转到解答。
Hi @JasonChou
A1: You can use service HSE_SMR_CORE_BOOT_STATUS_ATTR_ID to check the status of SMR verification. See the details of hseAttrSmrCoreStatus_t in HSE Service API Reference Manual.
A2: This could be caused by double bit ECC error in flash HSE FW area, by interrupted HSE FW intallation, etc.
A3:
Regards,
Lukas
Hi lukaszadrapa,
Thanks for reply, follow the Q1,
Q1.1: So bascially, I need to verify SMR/CR before enable secure boot and reset, right?
Q1.2: If the scenario is mcu enable secure boot without entry Apps(USer code), how can I debug? recovery mode?
1. You need to provide authenticity proof when installing a SMR. You can either calculate it offline using tools like OpenSSL or you can use HSE services to generate the signatures. The authenticity proof is optional only when life cycle is set to CUST_DEL and when entryIndex is 0.
2. If SMR verification fails, the device enters recovery mode as described in "8.8.4 Sanctions" in HSE FW RM.
Regards,
Lukas
Hi @JasonChou
A1: You can use service HSE_SMR_CORE_BOOT_STATUS_ATTR_ID to check the status of SMR verification. See the details of hseAttrSmrCoreStatus_t in HSE Service API Reference Manual.
A2: This could be caused by double bit ECC error in flash HSE FW area, by interrupted HSE FW intallation, etc.
A3:
Regards,
Lukas