Part Number: AM2634
Other Parts Discussed in Thread: LP-AM263,
Without altering the HSM firmware source code provided in TIFS, it is not possible to use HSM services to update the key revision OTP value to switch the root of trust. The following changes were made in TIFS to compile a modified HSM image that updates the key revision successfully:
- The HSM Message value for the update key rev handler was not registered in the isr msg ids array. It was appended at the end.
-
The HsmServer_UpdateKeyRevHandler function pointer was not registered in the isr func ptrs array. It was appeneded at the end.
- The definition for the number of HSM ISRS was incremented by one to account for the above changes.
- In the function ROT_UpdateKeyRev, the status flag is never set to SUCCESS upon succesful reading of read/write lock protection status from the OTP row. This causes the the update to fail prematurely, despite being otherwise properly configured. A new line setting status to true was added in the appropriate condition block and allows the function to run to completion.
TIFS Version: 11_00_00_01
Board: LP-AM263 Rev A
Device_Type: HS_SE
Device Revision: SR 1.1