• State Resolved
  • Locked Locked
  • Replies 7 replies
  • Subscribers 82 subscribers
  • Views 363 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS320F280049C: CPU read secured CLA data through CLA-to-CPU MSGRAM

Julia Li
Expert 3800 points
Part Number: TMS320F280049C

Hi Champs,

I ask this for our customer.

1. Since LS RAM can be encrypted, CLA-to-CPU can not. Is this understanding correct?

    The encrypted area can access CPU-to-CLA RAM, that is, the encrypted CLA area can get the data transmitted from the CPU

    But the CPU cannot obtain the encrypted data in the CLA through CLA-to-CPU RAM

2. Customer now have a problem that when they are not using DCSM, the code runs fine, but after using DCSM, when the code is run without decryption, the encrypted CLA fails to access the data of CPU-TO-CLA (data by DAC output, output is 0). 

I checked the configuration of the customer's .cmd file and there should be no errors that unencrypted RAM to access encrypted RAM. Couls you help analyze the reason? Thanks!

Fullscreen
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
MEMORY
{
PAGE 0 :
/* BEGIN is used for the "boot to Flash" bootloader mode */
/* not boot used*/
BEGIN : origin = 0x080000, length = 0x000002
CLA_PROG_RAM : origin = 0x008000, length = 0x003800
RESET : origin = 0x3FFFC0, length = 0x000002
RAMGS1 : origin = 0x00E000, length = 0x002000
RAMGS2 : origin = 0x010000, length = 0x002000
/* Flash sectors */
/* BANK 0 */
HEADERINFO : origin = 0x084000, length = 0x000100, fill 0xFFFF /* on-chip Flash */
CPU_PROG_FLASH : origin = 0x084102, length = 0x00BEFE/* on-chip Flash */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Best Regards,

Julia

  • 0
    TI__Expert 3800 points

    Hi,

    Can someone answer my question? Thanks!

    Best Regards,

    Julia

  • 0 in reply to Julia Li
    TI__Expert 5350 points

    Hi Julia,

    I was out of office for the past week. Apologies for the late response. 

    Julia Li said:
    Since LS RAM can be encrypted, CLA-to-CPU can not. Is this understanding correct?

    Your understanding is correct.

    Julia Li said:

    The encrypted area can access CPU-to-CLA RAM, that is, the encrypted CLA area can get the data transmitted from the CPU

        But the CPU cannot obtain the encrypted data in the CLA through CLA-to-CPU RAM

    I am answering below based on whatever I could gather from your question. Feel free to modify your question if you think I have not properly interpreted your question.

    The Encrypted area (LS RAM) can be used by CLA to get data transmitted from the CPU-to-CLA RAM.

    CLA-to-CPU RAM can only be written by CLA and not by CPU.

    Julia Li said:
    Customer now have a problem that when they are not using DCSM, the code runs fine, but after using DCSM, when the code is run without decryption, the encrypted CLA fails to access the data of CPU-TO-CLA (data by DAC output, output is 0). 

     I see you use the term encrypted CLA... Can you please tell me if you are referring to the CLA as a peripheral (if yes, then your understanding is incorrect.) LS RAMs are secure and CLA has access the these memories.

    Also, what do you mean by when the code is run without decryption?

    Please share the security settings that has been configured for the program for further analysis on this.

  • 0 in reply to Pramod P
    TI__Expert 3800 points

    Hi Pramod,

    "encrypted CLA" means allocate secured LS RAM to CLA, sorry I didn't express clearly. Now the problem is when customer not set the password, the code works well, but when customer set the password, CLA(is allocated secured LS RAM) cannot read the data from CPU-TO-CLA(unsecured), customer use DAC to output the data but the output is 0.

    Due to customer's policy, I cannot disclose this part of security settings code, and I have sent the code to you offline.

    The initialization of the DAC is configured in the CPU, and the variables representing the output value of the DAC will be accumulated in the CPU, then written to the CPU-TO-CLA MSGRAM, and then read by the CLA.

    Best Regards,

    Julia

  • 0 in reply to Julia Li
    TI__Expert 5350 points

    This thread is being handled offline and will post a conclusion once the query is resolved. 

    Thanks & Regards

    Pramod

  • 0 in reply to Pramod P
    TI__Guru 50470 points

    Pramod,

    This thread is about to be locked. Any update to close it?

  • 0 in reply to Santosh Jha
    TI__Expert 5350 points

    Santosh,

    I identified the root cause (copy of data from unsecure memory to secure memory which is not allowed when the Zone is secure). Yet to receive a word from the customer if the issue is resolved.  

    Thanks & Regards

    Pramod

  • +1 in reply to Pramod P
    TI__Expert 5350 points

    The root cause has been identified. The memcpy function used in the application was actually resulting the data transfer from unsecure memory to secure memory which is not allowed when the zone is secure. This resulted in CLA not getting configured properly and hence application was not able to run. Once the memcpy routine was moved to the secure memory, the data transfer happened without any problems and the application was able to run.

    Julia, please add any further details if necessary and kindly mark the thread as resolved if there are no further questions regarding this. 

    Thanks & Regards

    Pramod