• State Resolved
  • Locked Locked
  • Replies 4 replies
  • Subscribers 32 subscribers
  • Views 205 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM263P4: Flashing image or certificate to board

Olivier Hepler
Prodigy 125 points
Part Number: AM263P4
Other Parts Discussed in Thread: UNIFLASH

Tool/software:

Hi,

I am working with the AM263P control card and am currently implementing secure boot on it. I believe this means I should flash the certificate of the image of my sbl and the certificate of the image of my application to the board instead of the generic images.

The image of the application is a .mcelf and the image of my sbl is a .tiimage. However, if I change my device type to HS I believe the makefile will generate certificate files: .hs.tiimage for the sbl and .mcelf.hs for the application image. Should I flash those certificate files to the card similarly to how I would flash the .mcelf and .tiimage if I didn't want to implement secure boot? Or should I flash the .mcelf and .tiimage and then somehow generate their certificate later (this doesn't seem right to me)?

Thanks

  • 0
    TI__Genius 10534 points

    Hi Olivier, 

    Please expect a reply tomorrow due to today's holiday in India.

    Regards,

    Brennan

  • 0 in reply to Brennan Hartigan
    TI__Mastermind 44514 points

    Hi Olivier,

    Olivier Hepler said:
    The image of the application is a .mcelf and the image of my sbl is a .tiimage. However, if I change my device type to HS I believe the makefile will generate certificate files: .hs.tiimage for the sbl and .mcelf.hs for the application image. Should I flash those certificate files to the card similarly to how I would flash the .mcelf and .tiimage if I didn't want to implement secure boot? Or should I flash the .mcelf and .tiimage and then somehow generate their certificate later (this doesn't seem right to me)?

    When you generate the secure boot image using CCS or makefile you pass the flag DEVICE=am263px DEVICE_TYPE=HS

  • 0
    TI__Mastermind 44514 points
    Olivier Hepler said:
    Should I flash those certificate files to the card similarly to how I would flash the .mcelf and .tiimage

    Yes thats correct, You need to flash it using the UART uniflash.py(you will need to rebuild the SBL uart uniflash also with the same flags) or Using uniflash tool use UART mode(use updated flasher binary built using the same flags)

  • +1
    TI__Mastermind 44514 points
    Olivier Hepler said:
    if I didn't want to implement secure boot? Or should I flash the .mcelf and .tiimage and then somehow generate their certificate later (this doesn't seem right to me)?

    What do you mean by not implement secure boot?

    Once a SOC is converted to HSSE, it always need be booted with secure boot only, not possible to use non-secure boot. Its an irreversible possible, so as to preserve integrity of the device.