AnsweredAssumed Answered

New LS1020 batch boots with different SECMON state

Question asked by Luc Roy on Jan 24, 2020
Latest reply on Feb 5, 2020 by Pavel Chubakov

We have received new batch of LS1020 (ls1020 axe7hnb qyx1848 1nk taiw kqaluyu) and they were causing some problem for our u-boot software (and manufacturing) because security wise (SECMON) they do not seem to react in the same way as previous batchs (ls1020 axehnb qty1813 1nk taiw jkakuyu, LS1020 AXE7HNB  QVW 1828 JMAKUYF).

 

We have fix the problem for our manufacturing by reverting back to original uboot code to determine "ITS" state (i.e OSPR register) instead of using the SYS_SECURE_BOOT bit in the SecMon HP Status Register (LS1021 reference manual rev1).

 

We have noticed that the new chip boots in the "check" state while the old one is in the "non-secure" state. We believe that the difference in state may have affected the state of SYS_SECURE_BOOT.

 

Are there changes or fixes to SECMON or the chip that could explain the problems we are having? Are there conditions or inputs to SECMON or the chip that could explain the problems? Are we fielding ls1020 IC that would have security issues or weaknesses in the future? Do you have release notes on the various LS1020 production batches?

 

Notes

1- The SECMON version listed in the 2 version register are the same in all versions of the chip.

2- All LS1020 batches were used in the same board manufacturing batch so only the CPU has changed not the surrounding circuits.

3- Our boards are on the LS1021 IOT. 

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------

 

The next questions are related to our original use of the chip. 

 

In the LS1021 reference manual rev1, the SecMon HP Status Register has a bit SYS_SECURE_BOOT and the manual states the following: In a chip in the field, SYS_SECURE_BOOT will normally reset to 1. It will reset to 0 only in a test chip.

 

Can you clarify what is a chip in the field and a test chip?

How can I find out which one I am using (field/test)? Can the setting be changed?

Is there a SecMon state where the value will be overridden or modified?

The bit description indicated: sys_secure_boot input signal to SecMon. Where is the signal coming from? Is possible to have more information.  

Outcomes