帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

FIELD_RETURN

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

FIELD_RETURN

‎04-22-2020 04:10 AM
3,605 次查看
antonio_santagi
Contributor IV

Hello, reading on the iMX8M Mini manual I could find FIELD_RETURN and FIELD_RETURN_LOCK registers :

Configure device for field return testing.

Fuse burning is protected by CSF command, with proper parameter passed.

Nonlockable.

I haven't understood if after using FIELD_RETURN capability on a secure boot enabled device returned from the field I can sign again and enable again secure boot capabilities.

If so, does it mean the hash of the keys burned on the fuses are still valid , so same keys can still be used ?

Or after using FIELD_RETURN device can only be used in open ( non secure ) mode ?

thank you

标记 (2)
0 项奖励
回复
5 回复数

‎04-22-2020 07:32 AM
3,491 次查看
Bio_TICFSL
NXP TechSupport
NXP TechSupport

Hello Antonio,

The entry to the Field-Return configuration on a secure enabled device requires specific steps to be performed. On certain devices, the field-return configuration operates differently than currently described in the Security Reference Manual. The FIELD_RETURN fuse is protected by the FIELD_RETURN_LOCK sticky bit in the OCOTP_CTRL fuse controller. This requires the OCOTP module clock to be enabled to set the sticky bit


Before leaving the boot ROM, the FIELD_RETURN_LOCK bit is set as long as the OCOTP clock has been enabled in initial bootloader either via DCD or plugin method), so that the FIELD_RETURN fuse cannot be burned. 

 

If the OCOTP module clock is not enabled then the FIELD RETURN behavior does not operate as described. In addition, if the device is configured in Serial Downloader Mode (SDP) the OCOTP module clock is not enabled on certain devices hence the Field Return Mode functionality does not operate as described.

Regards

0 项奖励
回复

‎04-22-2020 07:45 AM
3,491 次查看
antonio_santagi
Contributor IV

Ok, thank you, 

but can I use the device again in secure mode after I enabled the FIELD_RETURN feature and retested/reflashed my device ?

Or does that mean that after that it will be then usable only in non secure mode and with JTAG enabled ?

thank you

0 项奖励
回复

‎08-05-2020 10:29 AM
3,491 次查看
lockit282
Contributor III

Did you ever get a reply as to whether the devices become locked again or not?

0 项奖励
回复

‎08-06-2020 12:50 AM
3,491 次查看
antonio_santagi
Contributor IV

No, I did not.

0 项奖励
回复

‎08-07-2020 02:24 PM
3,491 次查看
lockit282
Contributor III

I saw this in the doc for I.MX RT10 and I am pretty sure it applies to the imx8mm -- would someone from NXP confirm?

Snippet:

Field Return (SEC_CONFIG[1] fuse = 1; FIELD_RETURN fuse = 1): — Intended for the secure products that have been returned by the end customer. Device should not be returned to the service (cannot return to the Closed state). — Signed code with specific commands in the HAB CSF are required to allow transition from Closed to Field return. ◦ Using HAB CSF unlock command including the device’s unique ID (CSF cannot be reused on another device), the field return sticky bit, which normally sets to block programming of the Field Return fuse, can be left clear. ◦ After successful execution of the HAB CSF with the unlock field return command, the Field Return fuse can be blown to allow for additional debugging or sending the device back to NXP for analysis.

Doc: https://www.nxp.com.cn/docs/en/application-note/AN12800.pdf 

0 项奖励
回复