Part Number: AM2434
Hi,
I noticed in the document: AM243x MCU+ SDK: Enabling Secure Boot
There writes:
Limitations in Secure Boot
- XIP boot : Secure boot is yet to be supported for XIP applications. This is due to the fact that the XIP sections are loaded before the SBL parses the other sections.
- Decryption of application image size greater than 256kb is not possible in SBL OSPI : In am243x-lp board, in case of booting multicore application only 256KB is available in MSRAM( Please refer Memory Map Layout). In SBL OSPI the HSM does an in-place authentication and decryption of the image and we load the image directly from the FLASH memory . FLASH memory, as you would know is most often not directly writable. Due to this limitation not being taken care in the HSM, we can do decryption of images only in case where the image resides in a volatile RAM-like memory. So we are copying the image from flash to MSRAM and decrypting the image. Therefore in case of secure boot, the available memory for decrypting the image is 256KB( greater than 256KB can be problematic in multi-core image scenarios).
My first question is: If we do not use XIP, does this limitation "Decryption of application image size greater than 256kb is not possible in SBL OSPI" still exsits?
If so, is there a solution for encrypted multicore application image exceeds 256 KB? —— In this discussion: AM2434: AM243x Secure Boot (SBL OSPI) – 256KB Decryption Limit vs Total MSRAM - Arm-based microcontrollers forum - Arm-based microcontrollers - TI E2E support forums , your staff mentioned "The limitation is a direct consequence of the default SBL memory layout. If required, you may adjust the memory layout as per your requirements. "
How exactly should we adjust the memory layout? Are there any clear steps or references we can follow?
Thanks!
