CC_SOCU_DLFT in CMPA

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CC_SOCU_DLFT in CMPA

Jump to solution
1,320 Views
kamii
Contributor III

Hello,

We'd like LPC55S69 to enter "OEM Closed" lifecycle state and close all debug ports permanently.

For this transition, which CMPA configuration is correct?

[Configuration 1]

CMPA.CC_SOCU_PIN = 0xFC00.03FF

CMPA.CC_SOCU_DFLT = 0xFC00.03FF (all SOCU_DFLT[n] bit to 1)

[Configuration 2]

CMPA.CC_SOCU_PIN = 0xFC00.03FF

CMPA.CC_SOCU_DFLT = 0xFFFF.0000 (all SOCU_DFLT[n] bit to 0)

I'd like to confirm the SOCU_DFLT[n] bit polarity.

I'm looking the Table 1062 "Access restriction levels" in UM11126 Rev.2.0, and that shows that "SOCU_PIN[n] = 1 and SOCU_DFLT[n] = 1" mean Restriction Level 3 (Access to the sub-domain is permanently disabled), so I think the above Configuration 1 is correct for disabling debug ports.

Best Regards,

1 Solution
1,207 Views
nxf58474
NXP Employee
NXP Employee

Hi,

 

Hope you are doing well. The correct configuration would be the second one. There is a documentation issue in the version of the User Manual.

 

CC_SoCU_DFLT setting defines the default access rights for corresponding debug domains.

– If bit is set, access is allowed. Otherwise access is denied.

 

CC_SoCU_PIN setting defines if debug authentication process can modify the access rights defined by CC_SoCU_DFLT:

– If bit is clear, access rights to corresponding debug domain are determined via debug authentication process.

– If bit is set, access right as defined CC_SoCU_DFLT cannot be altered.

 

 

– SOCU_PIN[n] = 1, SoCU_DFLT[n] = 0: This offers the highest level of restriction.

– SOCU_PIN[n] = 0, SOCU_DFLT[n] = 0/1: This setting allows debug authentication process to define access rights.

– SOCU_PIN[n] = 1, SOCU_DFLT[n] =1: This setting is lowest security level.

 

Hope this helps.

 

Best Regards,

Ricardo

View solution in original post

4 Replies
1,208 Views
nxf58474
NXP Employee
NXP Employee

Hi,

 

Hope you are doing well. The correct configuration would be the second one. There is a documentation issue in the version of the User Manual.

 

CC_SoCU_DFLT setting defines the default access rights for corresponding debug domains.

– If bit is set, access is allowed. Otherwise access is denied.

 

CC_SoCU_PIN setting defines if debug authentication process can modify the access rights defined by CC_SoCU_DFLT:

– If bit is clear, access rights to corresponding debug domain are determined via debug authentication process.

– If bit is set, access right as defined CC_SoCU_DFLT cannot be altered.

 

 

– SOCU_PIN[n] = 1, SoCU_DFLT[n] = 0: This offers the highest level of restriction.

– SOCU_PIN[n] = 0, SOCU_DFLT[n] = 0/1: This setting allows debug authentication process to define access rights.

– SOCU_PIN[n] = 1, SOCU_DFLT[n] =1: This setting is lowest security level.

 

Hope this helps.

 

Best Regards,

Ricardo

1,207 Views
kamii
Contributor III

Hi,

Thank you for your answer! I understand that's a documentation issue. I was confused about inconsistency between the documentation and my testing result.

I think that table is important for security level description, so could you please consider to modify the UM?

Thank you.

0 Kudos
1,207 Views
nxf58474
NXP Employee
NXP Employee

Hi,

 

Yes, the new upcoming release of the User Manual should have this modification.

 

Thank you for your observation.

 

Best Regards,

Ricardo

1,207 Views
kamii
Contributor III

Hi,

I've found the latest User Manual Rev.2.1, but that documentation isn't modified. When will you apply the modification?

Best Regards,  

0 Kudos