FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

how to install and verify SMR-based Memory Verification - Periodic or On-demand in S32K344

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

how to install and verify SMR-based Memory Verification - Periodic or On-demand in S32K344

‎09-05-2023 11:42 PM
1,071 Views
HyunungPark1
Contributor III

Hi,

Currently, I am implement as the title.

But there is any problem.

Could you please let me know to resolve this issue?

Below is codes to install smr and verify for the two types.

case1. SMR-based Memory Verification - Periodic

"HSE_SRV_RSP_NOT_ALLOWED"error happens using the below code

//smr install

service id = HSE_SRV_ID_SMR_ENTRY_INSTALL

g_smrEntry[coreID].configFlags = HSE_SMR_CFG_FLAG_INSTALL_AUTH;
g_smrEntry[coreID].pSmrDest = 0U;
g_smrEntry[coreID].checkPeriod = 80;/* a verification process is triggered every 2s for a system clock frequency of 160MHz, 4s at 80MHz etc*/
g_smrEntry[coreID].pSmrSrc = startAddress;
g_smrEntry[coreID].smrSize = u32CodeLength;
g_smrEntry[coreID].authKeyHandle = CRYPTO_KEY_ID_NVM_FTD_PUBLICKEY_HANDLE;
g_smrEntry[coreID].authScheme.sigScheme.signSch = HSE_SIGN_RSASSA_PKCS1_V15;
g_smrEntry[coreID].authScheme.sigScheme.sch.rsaPkcs1v15.hashAlgo = HSE_HASH_ALGO_SHA2_256;
g_smrEntry[coreID].pInstAuthTag[0] = RSA_TAG_FTD_SIGNATURE_FLASH_ADDRESS; 
g_smrEntry[coreID].pInstAuthTag[1] = (uint32_t)NULL;
u32startAddress = startAddress;
u32endAddress = endAddress;
 
//cr install
service id = HSE_SRV_ID_CORE_RESET_ENTRY_INSTALL
g_crEntry[coreID].preBootSmrMap = 0;
g_crEntry[coreID].coreId = (hseAppCore_t)coreID;
g_crEntry[coreID].preBootSmrMap = 0; ;
g_crEntry[coreID].pPassReset = pAppHeader[coreID]->pAppStartEntry;
g_crEntry[coreID].crSanction = HSE_CR_SANCTION_KEEP_CORE_IN_RESET;
g_crEntry[coreID].altPreBootSmrMap = 0x0UL; /* Not used here - configuration in case boot fails */
g_crEntry[coreID].pAltReset = pAppHeader[coreID]->pAppStartEntry; /* Alternate Reset should not be NULL or 0xFFFFFFFF */
g_crEntry[coreID].startOption = HSE_CR_AUTO_START;
 
BRs.
Hyunung Park

 

0 Kudos
Reply
4 Replies

‎09-07-2023 06:55 AM
1,024 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @HyunungPark1 

If checkPeriod is non-zero, some conditions must be met (copied from HSE Service API RM):

lukaszadrapa_0-1694094798148.png

I can see that this is not considered in your code.

Also make sure that all the structures/variables used to communication with HSE are forced to non-cacheable area.

Regards,

Lukas

0 Kudos
Reply

‎09-15-2023 10:22 PM
866 Views
HyunungPark1
Contributor III
In case of on demand, cr does not installed normally
0 Kudos
Reply

‎09-08-2023 08:32 AM
988 Views
HyunungPark1
Contributor III

Hi 

SMR is installed normally In case of SMR-based Memory Verification - periodic

But error happens when CR Install.

Could you please let me know for the value of hseCrEntry_t strutcure?

g_crEntry[coreID].coreId = (hseAppCore_t)coreID;
g_crEntry[coreID].preBootSmrMap = 1 << coreID; ;
g_crEntry[coreID].postBootSmrMap = 1 << coreID; ;
g_crEntry[coreID].pPassReset = pAppHeader[coreID]->pAppStartEntry;
g_crEntry[coreID].crSanction = HSE_CR_SANCTION_DIS_ALL_KEYS;
g_crEntry[coreID].altPreBootSmrMap = 0x0UL; /* Not used here - configuration in case boot fails */
g_crEntry[coreID].pAltReset = pAppHeader[coreID]->pAppStartEntry; /* Alternate Reset should not be NULL or 0xFFFFFFFF */
g_crEntry[coreID].startOption = HSE_CR_AUTO_START;
 
BRs.
Hyunung Park
0 Kudos
Reply

‎09-12-2023 11:25 PM
917 Views
HyunungPark1
Contributor III

Hi,

SMR and CR is installed normally for the SMR-based Verification-Periodic,

But there is an error for SMR-based Verification -On Demand.

Below is the code for SMR-based Verification -On Demand.

Could you please let me know what should I do to resolve this issue?

===============================================================
g_smrEntry[smrIndex].configFlags = HSE_SMR_CFG_FLAG_INSTALL_AUTH;
g_smrEntry[smrIndex].pSmrDest = 0u;
g_smrEntry[smrIndex].checkPeriod = 0U;
g_smrEntry[smrIndex].pSmrsrc=startAddress;
g_smrEntry[smrIndex].smrSize = u32CodeLength;
g_smrEntry[smrIndex].authKeyHandle = CRYPTO_KEY_ID_NVM_PDP_PUBLICKEY_HANDLE;
g_smrEntry[smrIndex].authScheme.sigScheme.signSch = HSE_SIGN_RSASSA_PKCS1_V15;
g_smrEntry[smrIndex].authScheme.sigScheme.sch.rsaPkcs1v15.hashAlgo = HSE_HASH_ALGO_SHA2_256;
g_smrEntry[smrIndex].pInstAuthTag[0] = RSA_TAG_PDP_SIGNATURE_FLASH_ADDRESS; 
g_smrEntry[smrIndex].pInstAuthTag[1] = (uint32_t)NULL;
gstartAddress = startAddress;
gendAddress = endAddress;
 
g_crEntry[smrIndex].coreId = (hseAppCore_t)0;
 
g_crEntry[smrIndex].preBootSmrMap = 1 << 0;
g_crEntry[smrIndex].pPassReset = pAppHeader[coreID]->pAppStartEntry;//pAppHeader[coreID]->pAppStartEntry;
 
g_crEntry[smrIndex].altPreBootSmrMap = 0;   /* Not used here - configuration in case boot fails */
g_crEntry[smrIndex].pAltReset = pAppHeader[coreID]->pAppStartEntry; /* Alternate Reset should not be NULL or 0xFFFFFFFF */
 
g_crEntry[smrIndex].postBootSmrMap = 1 <<2;
g_crEntry[smrIndex].startOption = HSE_CR_ON_DEMAND;
g_crEntry[smrIndex].crSanction = HSE_CR_SANCTION_DIS_INDIV_KEYS;
 
CoreSrvId = HSE_SRV_ID_ON_DEMAND_CORE_RESET;
SMRSrvId = HSE_SRV_ID_SMR_ENTRY_INSTALL;
 
eRetVal = Crypto_SMR_Install(smrIndex,
SMRSrvId,
(const hseSmrEntry_t *)&g_smrEntry[smrIndex],
(const uint8_t *)g_smrEntry[smrIndex].pSmrSrc,
g_smrEntry[smrIndex].smrSize,
(const uint8 *)tag_addr[0][smrIndex],
(const uint8 *)tag_addr[1][smrIndex],
256U,
256U);
 
eRetVal = Crypto_CoreReset_Install(0, CoreSrvId, (const hseCrEntry_t* )&(g_crEntry[smrIndex]));
CDDAssert((Std_ReturnType)E_OK == eRetVal );
0 Kudos
Reply