安全启动加载器测试

⚠️
Hi there.. thanks for coming to the forums. Exciting news! we’re now in the process of moving to our new forum platform that will offer better functionality and is contained within the main Dialog website. All posts and accounts have been migrated. We’re now accepting traffic on the new forum only - please POST any new threads at//www.wsdof.com/support。We’ll be fixing bugs / optimising the searching and tagging over the coming days.
9个帖子/ 0新
Last post
星期四,2020-02-27 07:44
#1
托马斯唐豪瑟
Offline
Last seen:4 months 2 weeks ago
Joined:2019-10-20 10:45
安全启动加载器测试

Hi!

我需要在闪烁到OTP之前测试我的安全引导加载程序。我有3个问题:

1) What ist the best way to test the boot loader itself ? Right now I'm doing it by starting it in RAM by SS-Studio. But not sure if this is right or wrong?

2)如何只将键写入OTP?我可以用cli_programmer这样做吗?是的,是的 - 怎么样?

3)如何在我的Devel USB-套件上禁用JTAG,即使安全引导加载程序闪烁到OTP。

我自上天阅读文档,但非常紧张地通过对OTP做错事来杀死我的开发板。

谢谢,

Thomas

设备:
DA1468x
Thu, 2020-02-27 08:06
PM_Dialog
Offline
Last seen:1天19小时前
Staff
Joined:2018-02-08 11:03
嗨托马斯唐豪斯,

嗨托马斯唐豪斯,

谢谢你的问题在线。您可以使用您使用哪种DA1468x产品?它是DA14680 / 681还是DA14682 / 683?此外,这是DA14682/DA14683 Secure Boot Tutorial您指的文件?

Thanks, PM_Dialog

Thu, 2020-02-27 08:25
托马斯唐豪瑟
Offline
Last seen:4 months 2 weeks ago
Joined:2019-10-20 10:45
Hi, it is the da14683 USB-Kit

嗨,它是DA14683 USB-KIT DEVEL板。我知道你提到的链接。但它没有说如何测试安全引导加载程序。它只是一个直接的描述如何与SS-IDE脚本进行。PLS。你能详细说明我的3个问题吗?

谢谢!

Fri, 2020-02-28 10:56
PM_Dialog
Offline
Last seen:1天19小时前
Staff
Joined:2018-02-08 11:03
嗨托马斯唐豪斯,

嗨托马斯唐豪斯,

如果启用了安全引导,Bootrom默认情况下会禁用JTAG。您可以通过配置sys_ctrl_reg [debugger_Enable]位域来启用应用程序的JTAG,以便访问调试器。然而,“安全启动”概念是没有JTAG访问权限,所以通过这种方式,系统将变得不安全。如果您想要从申请中启用JTAG,因为您已启用安全引导机制,则应处理以下内容:

  • If the SECURE_BOOT_REG[FORCE_DEBUGGER_OFF is set to 1 by your application, the system debugger SWD is totally disabled. There is no way to revert this.
  • 如果安全设备(0x7F8EA68)字段在OTP标题中写入0xAA,则设备是安全的,并且启用所有安全功能
  • 在进行安全启动机制之前,应用程序图像应在功能完全正常。如果它不起作用,则没有任何方法可以恢复。如果它是实用的,并且您要重写QSPI Flash,则应使用存储到OTP和通过JTAG的相同密钥进行。
  • 如果安全启动失败,我强烈建议在安全启动失败时拥有一些额外的开发板。应用此机制以使应用程序图像无法访问和易受攻击。
  • Make sure that the application firmware is fully functional and the debugger bitfield is enabled. Please follow step-by-step the tutorial. Keep in mind that it is double tested from our side.

Hope my comment will help you. If you have any other follow up questions, please let me know.

Thanks, PM_Dialog

Accepted answer
Fri, 2020-02-28 11:25
托马斯唐豪瑟
Offline
Last seen:4 months 2 weeks ago
Joined:2019-10-20 10:45
Hello,

Hello,

谢谢你的asnwer。对不起,但你的Anser没有帮助。上面的教程Mentoniend显示了如何使用SS-Studio进行操作,其中暂停信息在脚本中隐藏。但是对于生产而言,不建议这样做。脚本运行的太多步骤在此内部无法在某种程度上记录,我觉得它会随之而来。所以我想我觉得脚本分析了脚本来获得所需信息的工具。我是DA14683的真正粉丝,我对SS-Studio很满意。唯一的缺点是文档。至少,任何时候都会描述任何地方,但这取决于我将所有部分信息组合到稳定的图片。

如果你看我的三个问题你会发现没有n of them is answered so far. Giving me hints to tutorial like the one you mentined is not helpfull. Because I'f read them allready befor I asked you here at support. You guyes did a great job on the chip, but you messed it up on documenting the interessting parts!

Fri, 2020-02-28 17:35
PM_Dialog
Offline
Last seen:1天19小时前
Staff
Joined:2018-02-08 11:03
嗨托马斯唐豪斯,

嗨托马斯唐豪斯,

我正在寻找你的疑问,很快就回到你身边。

Thanks, PM_Dialog

Accepted answer
Fri,2020-02-28 19:46
托马斯唐豪瑟
Offline
Last seen:4 months 2 weeks ago
Joined:2019-10-20 10:45
谢谢,that's great!

谢谢,that's great!

Sat, 2020-02-29 10:23
PM_Dialog
Offline
Last seen:1天19小时前
Staff
Joined:2018-02-08 11:03
亲爱的托马斯唐豪瑟,

亲爱的托马斯唐豪瑟,

Please find below my commnets.

问题1:Yes, you are correct. This is the right way to test the boot loader itself. You should execute it for RAM through SS-Studio.

QUESTION 2:Yes, you can use the cli_programmer in order to write only the keys in the OTP. Please open the cli-programmer.exe and execute the help command:

cli-programmer.exe -help returns the syntax: ... write_key    writes symmetric or asymmetric key and its bit inversion to the OTP memory.  is a key's (and inverted key's) index in OTP. Valid range for this argument is 0-3 for asymmetric keys and 0-7 for symmetric keys.  is a key hexadecimal string without any prefixes e.g. 00112233AABBCCDD. The asymmetric key must have from 32 to 64 bytes length and the symmetric key must have 32 bytes length. read_key [ [key_idx]] reads symmetric or asymmetric key. If [key_idx] is not passed then all asymmetric or symmetric keys are read (type is selected by ). If  is not passed then all asymmetric and symmetric keys are read. ...

HOW TO WRITE A KEY INTO OTP

To program only a key into the OTP, use the following command syntax (after the gdbserver started for the syntax below, otherwise the UART can be used) as the example below:

cli_programmer gdbserver write_otp 0x07F8E8C0 8 0x2b7e1516 0x28aed2a6 0xabf71588 0x09cf4f3c 0x809079e5 0x62f8ead2 0x522c6b7b 0xc810f32b

您可以使用命令语法读取键:

cli_programmer gdbserver read_otp 0x07f8e8c0 20

Read Result:

1D18 16 15 7E 2B A6 D2 AE 28 ..〜+ ...(1D19 88 15 F7 AB 3C 4F CF 09 ....

PROCEDURE FOR WRITING A SECURE BOOT DEVICE FROM UART

以下是从UART编写安全引导设备的过程。GDB服务器也可以使用,而不是CLI_Programmer的命令行中的UART。

  • For writing the Secure Booter in the OTP use the cli_programmer with the commandwrite_otp_exec
  • 用于编写OTP中的键使用CLI_Programmer命令write_key.

为方便起见,您将找到附加文件夹作为您的参考。请检查那里的命令。批处理文件的执行顺序是显而易见的(我让他们从订单号开始)

The operation for preparing a secure boot device is divided in两(2)个细分:

Segment #1 : Preparation work by the developers

  1. Generate theproduct_keys.xml.file with the keys to write in the product. The keys and file can be generated by the SmartSnippets Studio, or using the mkimage.exe (see the help of the mkimage.exe), or even manually. The only important thing is to keep the format.

重要提示:不要丢失此文件。如果丢失这一点,则无法为设备创建新的有效图像。

  1. Generate thesecure_img_cfg.xml。该文件可以由SmartSnippets Studio生成,或者使用像附加的批处理文件所做的批次文件。唯一重要的是保持格式。

  1. 构建应用程序图像(例如,PXP_Reporter)。最重要的是用suota功能构建它

  1. Build the Secure Boot Loader for OTP. The most important thing is to use the same partition table as the application above.

  1. 具有sw_version.h以及二进制文件,批处理文件和XML文件以避免长路径

Segment #2 : Steps to run in Mass Production or test bench.

  1. 编程闪存:
    1. The FW image
    2. 图像标题
    3. The resources
  2. OTP程序的关键
  3. 在OTP中编程安全引导加载程序
  4. 在OTP中启用安全启动和生产模式

In the attached ZIP file there is a set of batch files for reference for all the above steps.

VERY IMPORTANT NOTE:

Thelibprogrammer必须用下面的修复程序修补,然后重新构建libprogrammerand thecli_programmer.exebefore attempting to program devices in secure boot.

Without this patch there might be a timeout when writing the Keys in OTP and have a failure.

diff --git a/utilities/cli_programmer/libprogrammer/protocol_cmds.c b/utilities/cli_programmer/libprogrammer/protocol_cmds.c index e2f592a..6609e23 100644 --- a/utilities/cli_programmer/libprogrammer/protocol_cmds.c +++ b/utilities/cli_programmer/libprogrammer/protocol_cmds.c @@ -733,7 +733,7 @@ int protocol_cmd_write_otp(uint32_t address, const uint32_t *buf, uint32_t len) return err; } - err = wait_for_ack(150); + err = wait_for_ack(1500); return err; }

QUESTION 3:如我之前的评论中提到的,是的,您可以在应用程序代码中重新启用它。ROM Booter不会以安全启动模式启用它。

生产线工具(PLT)

Dialog has designed a production test and programming unit that enables you to reduce cost and increase throughput in volume test & programming of units.

- Ease of integration: DLL based commands

- 编程OTP / Flash / EEPROM中的灵活性(也支持安全启动)

- Low overall cost of tester equipment

- 高水平的并行化和短暂的测试时间。

- Up to 16 times parallel programming and test

请看看我们的PLT支持网页

//www.wsdof.com/products/production-line-tool

Best regards,

PM_Dialog

Attachment:
Package iconReference_files_for_secure_boot_683.zip.
Accepted answer
Sat, 2020-02-29 10:36
托马斯唐豪瑟
Offline
Last seen:4 months 2 weeks ago
Joined:2019-10-20 10:45
亲爱的PM_DIALOG!

亲爱的PM_DIALOG!

Thank you very much! your verbose answer lift up my mind for the weekend. I will verify each hint and execute your recommendation and come back after with feedback.

regards,
Thomas