Hi,
1. We have encountered a difficult problem, when I use CSEC_DRV_GenerateMACAddrMode(the size is 64k bytes and start address is 0x10000.) to calculate CMAC value in bootloader,the board will reset and rigister RCM_SRS[LOCKUP] = 1, I want to know why it occurs and how to solve this problem?
const uint8_t *flash_pointer = (uint8_t *)(0x10000);
uint32_t aplLenth = 64 * 1024 * 8;
uint8_t cmacValue[16];
stat = CSEC_DRV_GenerateMACAddrMode(CSEC_KEY_11, flash_pointer, aplLenth, cmacValue);
2. if I try to use chain of trust to verify apl, Where should CMAC be stored? if this is possible to Use CSEC_DRV_VerifyMACAddrMode to verify? because of the APL image occupies 2 read partitions, Whether or not we should generate two CMAC
board: S32K146
partition: bootloader:0x00000-0x10000 ,apl:0x10000-0xFFFFF
csec repository: SDK_S32K1xx_15
解決済! 解決策の投稿を見る。
Hi,
there's a note in the reference manual:
"In addition, program flash reads are not allowed when CSEc command CMD_VERIFY_MAC (pointer method) or CMD_GENERATE_MAC (pointer method) is running."
The driver executes the command from RAM memory but there's probably an interrupt which accessed the flash. So, try to disable the interrupts and I guess it will work as expected.
To make it bulletproff, the CMAC should be stored in flash area which is checked by secure boot feature. So, if the application is updated, also BOOT_MAC needs to be updated after programming new CMAC.
Regards,
Lukas
Hi,
there's a note in the reference manual:
"In addition, program flash reads are not allowed when CSEc command CMD_VERIFY_MAC (pointer method) or CMD_GENERATE_MAC (pointer method) is running."
The driver executes the command from RAM memory but there's probably an interrupt which accessed the flash. So, try to disable the interrupts and I guess it will work as expected.
To make it bulletproff, the CMAC should be stored in flash area which is checked by secure boot feature. So, if the application is updated, also BOOT_MAC needs to be updated after programming new CMAC.
Regards,
Lukas
Thank you for your patient answer, it is helpful to me