Dear all,
We want to use secure JTAG function of i.MX6UL.
However, we cannot access it by JTAG when i.MX6UL is secure JTAG mode.
We use Advice LUNA2 JTAG.
The challenge seems to succeed.
We set a register of the i.MX6UL following.
JTAG_SMOD = 0x01
SJC_DISABLE = 0
BOOT_CFG_LOCK = 0x1x
If there is more necessary setting for i.MX6UL, would you tell me?
May I have advice?
Best Regards,
Yuuki
Hello,
Please use the following app note
http://cache.nxp.com/files/32bit/doc/app_note/AN4686.pdf
Have a great day,
Yuri
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
Dear Yuri-san,
Thank you for your support.
We refer to this document.
However, I cannot access it from JTAG.
We do not know what is not enough.
We think that register setting is not enough.
Is the register setting that i.MX6 needs only JTAG_SMOD, SJC_DISABLE and BOOT_CFG_LOCK?
May I have any advice?
Best Regards,
Yuuki
Dear Yuri-san,
Thank you for your support.
> Do You use secret response key ?
=>
Yes.
We set SJC_RESP as follows.
1, set the SJC_RESP
- OCOTP_SJC_RESP0 (OTP Bank 4, word 0) => xxxxxxxx
- OCOTP_SJC_RESP1 (OTP Bank 4, word 1) => yyyyyyyy
- OCOTP_LOCK (OTP Bank 0, word 0) => 0x00000040
2, set the JTAG_SMODE
- OCOTP_CFG5 (OTP Bank 0, word 6) => 00400000(JTAG_SMODE=0b01)
3, set the mem_trim region
- OCOTP_LOCK (OTP Bank 0, word 0) => 0x00000004
Please advise of your findings.
Best Regards,
Yuuki
Hello,
1.
Have the response been burned to the fuses as described in
section 4.1 (Steps to program Secure JTAG eFuses using the Freescale
manufacturing tool) or just written to the shadow registers ?
2.
Is it possible to look at JTAG tool log during connection ?
Regards,
Yuri.
Dear Yuri-san,
Thank you for your support.
1. We use "fuse" command on u-boot.
2. The adviceLUNA2 side does not output any error.
In Kernel log (i.MX6 side):
:
[ 3.052384] snvs-secvio 20cc000.caam-snvs: can't get snvs clock
[ 3.058473] snvs-secvio 20cc000.caam-snvs: violation handlers armed - non-secure state
:
:
[ 3.052306] snvs-secvio 20cc000.caam-snvs: can't get snvs clock
[ 3.096367] random: nonblocking pool is initialized
<=stop here
Should we disable CAAM?
If so, Would you tell me the method to disable CAAM?
Best Regards,
Yuuki