TMS320F28P650SH: TMS320F28P650SH: How does this chip implement secure boot functionality?

ok, I will get the C2000Ware_5_04_00_00 ,  5.2 don't have the f28p65x\examples\c28x\boot.
thank you , let me try

Sounds good, I will close this thread.

--Luke

"../boot_ex1_flash_hex_lnk_cpu1.cmd", line 5: error #10008-D: cannot find file "ROMS"
"../boot_ex1_flash_hex_lnk_cpu1.cmd", line 6: error #10021-D: expecting filename, option, MEMORY, or SECTIONS instead of "{"
"../boot_ex1_flash_hex_lnk_cpu1.cmd", line 7: error #10043-D: expecting "";"" instead of "l"
"../boot_ex1_flash_hex_lnk_cpu1.cmd", line 8: error #10043-D: expecting "";"" instead of "}"
why this error?
I have set HEX utility flag:--cmac="${PROJECT_ROOT}/boot_ex1_user_cmac_key.txt" --image --memwidth=16 --romwidth=16 "${PROJECT_ROOT}/boot_ex1_flash_hex_lnk_cpu1.cmd" --diag_wrap=off 

can you send your boot_ex1_flash_hex_lnk_cpu1.cmd ?

it is just the same boot_ex1_flash_hex_lnk_cpu1.cmd in The secure boot example for F28P65

I think that boot_ex1_flash_hex_lnk_cpu1.cmd should not used as linker command file , but I had set C2000 hex utility
 

Can you try excluding the boot_ex1_flash_hex_lnk_cpu1.cmd from build?

thank you ,and there is 2 more questions.

1. Is cmac_sb_1 only calculate for the program less than 16KB ,and the cmac_all is the program more than 16KB? or those two both necessary . does this two have some connect ?

2.  if cmac_all  is not  necessary ,CPU1BROM_calculateCMAC have three parameters ,  how to use this function 

Hello,

cmac_sb_1 and cmac_all cannot be enabled simultaneously, however you can manually enable one at a time and observe the generated CMAC tag in the memory browser, and then manually incorporate the tag from one of the methods.

cmac_all is only needed if you want to authenticate additional regions of flash after booting to the application code. The secure boot function in the boot ROM will authenticate the first 16KB if you use cmac_sb_1. You do not need to call CPU1BROM_calculateCMAC in your application code if authenticating the first 16KB is sufficient.

A common usecase of this is having a bootloader with EXEONLY protection in the first 16KB region. After the bootloader programs the firmware you could call the CPU1BROM_calculateCMAC function to authenticate the flash that has been loaded.

Thank you,

Luke

thanks for reply

1. if ues cmac_sb_1, how to enable or check the value? Because cmac_all can be checked by

" applicationCMACStatus = CPU1BROM_calculateCMAC(CMAC_AUTH_START_ADDRESS,
CMAC_AUTH_END_ADDRESS,
CMAC_AUTH_TAG_ADDRESS);"

2.if I use the cmac_all,  cmac_sb_1 can be commented ?

3. how can i load this secure boot more convenient ? everytime I FIRST load hex program ,then i load out symbol. can uniflash do the load symbol?

Hello,

You're supposed to select the Secure Flash boot mode via the OTP or emulation boot registers, this will cause the BootROM to call the CPU1BROM_calculateCMAC function before jumping to the start of your application code. If the CMAC authentication fails you will never enter your application code.

Thank you,

Luke

how can i load this secure boot more convenient ? everytime I FIRST load hex program ,then i load out symbol. can uniflash do the load symbol?

To my knowledge you cannot load the symbols from the .hex fil unfortunately. You will have to follow a two step process of loading program with the .hex and then loading the symbols with the .out. Uniflash has no debugging capability aside from register reads so I don't expect it to have symbol loading functionality.

Thank you,

Luke

My need is to be able to import programs with secure boot to the production line in batches, and it is not realistic to use CCS to import them one by one, do you have any recommended methods?thank you