I have several questions about i.MX6UL SNVS and tamper:
* Processor is the G3 version.
* I am writing code in U-Boot, using SPL.
* I am running a secure setup, so SRK fuses are burned and U-Boot and U-Boot SPL are signed.
* In the U-Boot CSF scripts, I have unlocked the SNVS (LP SWR and ZMK WRITE).
* I need to implement active tamper.
My code works somewhat. The SNVS comes up as secure in trusted state. I can set ZMK, time etc. Setting the SW_LPSV generates a violation and ZMK is zeroed etc. However I have some issues & questions:
1. If I disconnect and reconnect the SNVS coin cell supply, an SNVS POR is forced, as expected. The SNVS PGD bit is set, also expected. However, I cannot clear the PGD bit - it always remains set. I can reset PGD by loading a signed image that does not unlock SNVS, so there is no problem with the battery circuit. The ROM code manages to reset PGD. How should I do this?
2. What SNVS initialisation does the ROM code carry out: a) if SNVS is not unlocked; b) if SNVS is unlocked.
3. If I read the LFSR parameter registers (LPATnCR), I always read zeros. If I write non-zero values to these registers, I always read back zeros. Is this expected?
4. Active tamper functionality appears in both the 'normal' SNVS registers and the LP_SNVS registers. For example routing control (LPATRC1R, LPATRC2R in SNVS vs ETRCTRL in LP_SNVS). If I leave DryIce disabled (DRYICE_EN=0), do the SNVS registers take precedence? Or do I have to enable DryIce and use the LP_SNVS registers?
5. The DryIce Trim Value Register documentation states that the trim values should be read from OCOTP. I assume these are set during manufacture? I can't find any reference to these fuse values in the documentation.
6. Do you have any SNVS sample code?
Any light you can throw on these questions would be appreciated.
Solved! Go to Solution.
Hello,
Sorry, but the information you are requesting is treated as confidential info at this time and requires a signed NDA
(Non-Disclosure Agreement). Naturally, we cannot discuss this with you in public anyway, this requires to be handled as a Service Request (SR).
Have a great day,
Yuri
-------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-------------------------------------------------------------------------------
Hello,
Sorry, but the information you are requesting is treated as confidential info at this time and requires a signed NDA
(Non-Disclosure Agreement). Naturally, we cannot discuss this with you in public anyway, this requires to be handled as a Service Request (SR).
Have a great day,
Yuri
-------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-------------------------------------------------------------------------------
Hi Yuri,
SNVS is documented in the RM, so I presumed public discussion would be fine.
How do I raise a Service Request (SR)?
Thanks,
Bill
Hello,
There are several questions in Your request, in particular regarding boot ROM.
To create request (ticket) :
Regards,
Yuri.