This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

  • TI Thinks Resolved

TMS320C6748: Can't load secure DSP with GenericSecureUartHost.exe

Part Number: TMS320C6748

Trying to load my program in to a secure C6748 (E) using GenericSecureUartHost.exe.
I read everything I could find here.

This is the response from the loader:

(File IO): Read 149516 bytes from file C:\Projects\CCS\OMAPL138_C6748_Generic_Security\OMAP-L138_Secure\GNU\AISUtils\MXS_Gmbl.bin.
(Serial Port): Opening COM4 at 115200 baud...
(AIS Parse): Read magic word 0x41504954.
(AIS Parse): Waiting for BOOTME... (power on or reset target now)
(AIS Parse): BOOTME received!
(AIS Parse): Performing Start-Word Sync...
(AIS Parse): Performing Ping Opcode Sync...
(AIS Parse): Processing command 0: 0x58535920.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Secure key loading, entering secure mode.
(AIS Parse): Processing command 1: 0x58535923.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Setting boot exit mode...
(AIS Parse): Set exit mode to 0x00000000.
(AIS Parse): Processing command 2: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 3: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 145216-Byte section to address 0x11800000.
(AIS Parse): Processing command 4: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(Serial Port): Read error: The operation has timed out.
(AIS Parse): I/O Error in read!
(Serial Port): Read error: The operation has timed out.
(AIS Parse): I/O Error in read!
(System): Boot aborted by user.
(Serial Port): Read error: The I/O operation has been aborted because of either a thread exit or an application request.

Please help.

  • Hi,

    I've notified the sw team. They will post their feedback directly here.

    Best Regards,
    Yordan

     


     Please make sure you read the forum guidelines first.

  • In reply to Yordan Kovachev:

    Hello
    Please speed up the answer or help if you can. I am on "hold", waiting to solve this.

    Best regards
    Attila Szalay
  • In reply to Patyi:

    Hello Attila,

    Sorry for the delay. Is this on a custom board or a TI EVM board?

    What are your AISgen settings? Can you post them here?

    Best,
    Sahin

    Sahin Okur
    Applications Engineer

  • In reply to Sahin Okur:

    Custom board. Programming and running for years with non secure processors. This is the first time we try to use a secure (E) processor in the board.
    The CCS project is set to generate an .out file.
    Eabi(ELF), little endian.
    Using command line "SecureHexAIS_OMAP-L138 -ini Secure.ini MXS_Gmbl.out" to generate .AIS file.

    The ini file is:
    --------------------------------------------------------------------
    [General]0
    busWidth = 16
    BootMode = NAND
    ;BootMode = legacy
    crcCheckType = NO_CRC
    seqReadEn = ON

    [Security]

    securityType = GENERIC
    bootExitType = NONSECURE
    encryptSections = ALL
    encryptionKey = 4A7E1F56AE545D487C452388A65B0C05
    ;rsaKeyFileName =
    genericSHASelection = SHA256
    ;genKeyHeaderFileName = gen_keyhdr_encrypted.bin

    [PLLANDCLOCKCONFIG]
    ; |------24|------16|-------8|-------0|
    ; PLL0CFG0: | CLKMODE| PLLM | PREDIV | POSTDIV|
    ; PLL0CFG1: | RSVD | PLLDIV1| PLLDIV3| PLLDIV7|
    PLL0CFG0 = 0x00120000
    PLL0CFG1 = 0x00010113
    ; |------24|------16|-------8|-------0|
    ; PLL1CFG0: | PLLM| POSTDIV| PLLDIV1| PLLDIV2|
    ; PLL1CFG1: | RSVD | PLLDIV3|
    PLL1CFG0 = 0x00010101
    PLL1CFG1 = 0x00000005

    [SecureLegacy]
    encryptImage = TRUE

    [TAPSCONFIG]
    TAPSCFG = 0x0000FFFF

    [BinaryInputFile]
    fileName = MXS_Gmbl.out
    ;loadAddress = 0x11800000
    ;entryPointAddress = 0x11800000
    ;entryPointAddress = 0xc1080000
    useEntryPoint = TRUE
    encrypt = TRUE
    --------------------------------------------------------------------

    A 256Mx16 NAND (MT29F4G16ABADAH4) is on CS3 (16 bit data) should be programmed for standalone operation.


    Thanks
    Attila
  • In reply to Patyi:

    Hello Attila,

    I'm not sure why it's not working. I need to check with the team and get back to you.

    Did you already refer to the Secure Boot Wiki? processors.wiki.ti.com/.../Basic_Secure_Boot_for_OMAP-L138_C6748

    Regards,
    Sahin

    Sahin Okur
    Applications Engineer

  • In reply to Sahin Okur:

    Thanks. Time is pressuring here thou.
    I could just zip the whole thing and send it to you. I even can send the relevant pages of the schematic pdf files. (Guess you are under nondisclosure agreement?)
    I am completely puzzled and sure when we find the problem it will be simple.
  • In reply to Patyi:

    Hi Patyi
    We regret the delays in response. Our lead security apps on this device is out of office till Jan 1st week. So potentially the issue may take longer to resolve.
    Can you confirm that the only change you have made in your project / hardware is to move from a non secure to secure version of the device?
    This will help eliminate potentially the possibility of NAND/DDR , other board related issues with your custom hardware as a potential suspect.

    I know you mentioned that you have looked through past E2Es?
    Have you specifically looked at the following
    e2e.ti.com/.../381405

    This was supported by another ex TIer, but it outlines a process and potential care abouts on creating a flash image.

    Can you please confirm that you are not missing anything relevant from this thread?

    Regards
    Mukul
  • In reply to Mukul Bhatnagar:

    I can’t believe that you only have 1 guy who can help!
    I am sure the board is the same as it was. I am the hardware/software designer here.
    I will do some more tests in the mean time and look at the link you sent. Looks something I did not see before.
    :)
  • In reply to Patyi:

    Sounds good , keep us posted on the tests and see if the other e2e post does help.

    If you are confirming that there is no change in hardware/software except for adding the secure enabled processor and working with the software tools available to generate the image for secure boot, let us focus on the imaging/flashing/binding process.

    Regards
    Mukul
  • In reply to Patyi:

    Log shows you are using encrypted section loads. Try using simple secure section loads (no encryption) to take one variable away. Please let us know if that changes the behavior.

    ----------------------------------------------------------------------------------------------------------
    Please click the
    Verify Answer button on this post if it answers your question.
    ----------------------------------------------------------------------------------------------------------

     

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.