This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS320F2800155-Q1: After importing the DCSM module, the program cannot run properly.

Part Number: TMS320F2800155-Q1

Why is it that when using the emulator for debugging, the encryption is successful and the code can run and has been burned into the flash, but when the power is turned on again for the second time, the code can no longer run?

Note: My code debugging has always been done using flash.cmd, which means my code is not in RAM and there won't be a situation where the code disappears upon power loss.

At the same time, I have verified that the program can operate normally even when the DCSM module is not imported, and the power is cut off.

My corresponding configuration is as follows

;----------------------------------------------------------------------
; Zone 1
;----------------------------------------------------------------------
     .sect "dcsm_otp_z1_linkpointer"
      .retain
      .long 0x00003FE0
      .long 0x00003FE0
      .long 0x00003FE0
    
         .retain
      .long 0xFFFF0000     ;Z1OTP_JLM_ENABLE
;;     .sect "dcsm_otp_z1_jtag_pswdh"
;;      .retain
;;      .long 0x4BFFFFFF     ;Z1OTP_JTAGPSWDH0
;;      .long 0x3FFFFFFF     ;Z1OTP_JTAGPSWDH1
;;
;;     .sect "dcsm_otp_z1_cmac_key"
;;      .retain
;;      .long 0xFFFFFFFF     ;Z1OTP_CMACKEY0
;;      .long 0xFFFFFFFF     ;Z1OTP_CMACKEY1
;;      .long 0xFFFFFFFF     ;Z1OTP_CMACKEY2
;;      .long 0xFFFFFFFF     ;Z1OTP_CMACKEY3
;;
     .sect "dcsm_otp_z1_pswdlock"
      .     .retain
      .long 0xFB7FFFFF
      
     .sect "dcsm_otp_z1_crclock"
      .retain
      .long 0x7FFFFFFF

;;     .sect "dcsm_otp_z1_gpreg"
;;      .retain
;;      .long 0x5AFF1820     ;Z1OTP_GPREG1 = Z1_BOOTPIN
;;      .long 0x5Affffff     ;Z1OTP_GPREG2
;;      .long 0x0A24040A     ;Z1OTP_GPREG3 = Z1OTP_BOOTDEF_LOW
;;      .long 0xFFFFFFFF     ;Z1OTP_GPREG4 = Z1OTP_BOOTDEF_HIGH
    .sect "dcsm_zsel_z1"
      .retain
      .long 0x12345678     ;Z1OTP_CSMPSWD0 (LSW of 128-bit password)
      .long 0x17fFFFFF     ;Z1OTP_CSMPSWD1
      .long 0x12345678     ;Z1OTP_CSMPSWD2
      .long 0x12345678     ;Z1OTP_CSMPSWD3 (MSW of 128-bit password)
 
      .long 0x55555555     ;Z1OTP_GRABSECT1
      .long 0x55555555     ;Z1OTP_GRABSECT2
      .long 0x55555500     ;Z1OTP_GRABSECT3
      ..long 0x0000AAAA     ;Z1OTP_GRABRAM1
      .long 0xFFFFFFFF     ;Reserved
      .long 0xFFFFFFFF     ;Reserved
 
      .long 0xFFFF0000     ;Z1OTP_EXEONLYSECT1
      .long 0x0000FFF0     ;Z1OTP_EXEONLYSECT2
      .long 0x000000FF     ;Z1OTP_EXEONLYRAM1
      .long 0xFFFFFFFF     ;Reserved
      .long 0x12345678     ;Z1OTP_JTAGPSWDL0
      .long 0x6f7fffff     ;Z1OTP_JTAGPSWDL1
;----------------------------------------------------------------------

; For code security operation,after development has completed, prior to
; production, all other zone select block locations should be programmed
; to 0x0000 for maximum security.        
; If the first zone select block at offset 0x10 is used, the section 
; "dcsm_rsvd_z1" can be used to program these locations to 0x0000.
; This code is commented out for development.

     .sect "dcsm_rsvd_z1"
;        .loop (1e0h)
;              .int 0x0000
;        .endloop


;----------------------------------------------------------------------
; Zone 2
;----------------------------------------------------------------------
    .sect "dcsm_otp_z2_linkpointer"
      .retain
      .long 0x00003FE0
      .long 0x00003FE0
      .long 0x00003FE0

     .sect "dcsm_rsvd_z2"
      .retain
      .long 0xFFFFFFFF     ;Reserved
     .sect "dcsm_otp_z2_pswdlock"
      .retain
      .long 0x1F7FFFFF
      
     .sect "dcsm_otp_z2_crclock"
      .retain
      .long 0x3FFFFFFF
;;     .sect "dcsm_otp_z2_gpreg"
;;      .retain
;;      .long 0x5AFFFFFF     ;Z2OTP_GPREG1 = Z2_BOOTPIN
;;      .long 0x5AFFFFff     ;Z2OTP_GPREG2
;;      .long 0xFFFFFF0A     ;Z2OTP_GPREG3 = Z2OTP_BOOTDEF_LOW
;;      .long 0xFFFFFFFF     ;Z2OTP_GPREG4 = Z2OTP_BOOTDEF_HIGH
     .sect "dcsm_rsvd1_z2"
      .retain
      .long 0xFFFFFFFF     ;Reserved
      .long 0xFFFFFFFF     ;Reserved
  .sect "dcsm_zsel_z2"
      .retain
      .long 0x12345678     ;Z2OTP_CSMPSWD0 (LSW of 128-bit password)
      .long 0x5bfFFFFF     ;Z2OTP_CSMPSWD1
      .long 0x12345678     ;Z2OTP_CSMPSWD2
      .long 0x12345678     ;Z2OTP_CSMPSWD3 (MSW of 128-bit password)
 
      .long 0xAAAAAAAA     ;Z2OTP_GRABSECT1
      .long 0xAAAAAAAA     ;Z2OTP_GRABSECT2
      .long 0xAAAAAA00     ;Z2OTP_GRABSECT3
      .long 0x0000AAAA     ;Z2OTP_GRABRAM1
      .long 0xFFFFFFFF     ;Reserved
        .long 0xFFFFFFFF     ;Reserved
 
      .long 0xFFFFFFFF     ;Z2OTP_EXEONLYSECT1
      .long 0x0000FFF0     ;Z2OTP_EXEONLYSECT2
      .long 0x000000FF     ;Z2OTP_EXEONLYRAM1
      .long 0xFFFFFFFF     ;Reserved
      .long 0xFFFFFFFF     ;Reserved
      .long 0xFFFFFFFF     ;Reserved
;----------------------------------------------------------------------

; For code security operation,after development has completed, prior to
; production, all other zone select block locations should be programmed
; to 0x0000 for maximum security.        
; If the first zone select block at offset 0x10 is used, the section 
; "dcsm_rsvd_z2" can be used to program these locations to 0x0000.
; This code is commented out for development.

;       .sect "dcsm_rsvd_z2"
;        .loop (1e0h)
;              .int 0x0000
;        .endloop


;----------------------------------------------------------------------
; End of file
;----------------------------------------------------------------------
  • Hi Zhang,

    I've looped in the expert to comment further on this.

    Best Regards,

    Aishwarya

  • Hello,

    Why is it that when using the emulator for debugging, the encryption is successful and the code can run

    Did you perform an ECSL or CSM unlock when running the application with the DCSM enabled? If you only do a ECSL unlock, does the application work as expected?

    the code can no longer run?

    Can you share more details on the nature of the issue? From your DCSM configurations, you're incrementing the link pointer to 0x3FE0. Did you account for this with the ZSB offset in dcsm.cmd? 

    Best,
    Matt

  • Hi Matt

    I have identified the problem area.At present, it seems to be caused by EXEONLY.

    .long 0xFFFF0000     ;Z1OTP_EXEONLYSECT1

    When I didn't set EXEONLY, only the FLASH was encrypted and the program ran normally after power loss. When I set flash sectors 1-15, the program couldn't run after power loss. It seemed that it didn't enter the FLASH at this time. Since I didn't disable ECSL, but it could be simulated and the program could be decrypted and burned normally. I think the program was stuck in BootRAM. I didn't configure software startup. The default pin was used for startup, and 24 and 32 were high levels. The default pin was used for startup, and 24 and 32 were high levels. The default was to enter the FLASH. I confirmed this. So it seems that setting EXEONLY caused my program to be unable to enter the FLASH. What could be the possible reason for this?

    Since I need to perform a secure boot, I need to set EXEONLY. Could you please tell me what might be the reason for this and how I should modify it? Thank you.

    Best.

    Zhang

  • Is anyone paying attention to this issue?

  • Hello,

    When I set flash sectors 1-15, the program couldn't run after power loss.

    The following configurations you shared configures sectors 0 to 15 as EXEONLY. Please confirm this is intentional.

    .long 0xFFFF0000 ;Z1OTP_EXEONLYSECT1

    When the Execute-Only protection is turned on for any secure Flash sector or RAM block, data reads to that Flash sector or RAM block are disallowed from any code (even from secure code). Since you isolated this configuration to be the cause for error, you will have to audit your code to ensure that no reads are being performed in sectors 0-15. This includes any non-secure memcpy() calls, CRC calculations, etc.

    Best,
    Matt