• State Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 82 subscribers
  • Views 850 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

F28377 Zx CSM password

Simon Jagla
Expert 8415 points

Hi Champs,

In the OTP of the F28377 there are two zones Z1/2 for the CSM password. A customer was asking about the reason behind having two zones which don’t seem to differ except that the Z1 has a higher priority? Could you explain?

Basically the customer wanted to know how often the CSM password can be changed. Since there are two zones with 29bit long link pointers it should be possible to change the password 58 times, correct?

  • 0
    TI__Guru** 115271 points
    Hi Simon,

    Two zone scheme is used for third party development and both are separate/independent. Also there is no priority. In dual zone development, user need to partition the flash sectors and secure RAMs between two Zones and one zone can not access data from other zone (can only call functions from each other zones). Link pointers are specific to zone and can not be shared between zones so it can be only changed 29 times (means 30 different password values) not 58 times. Now if user is only using one zone then he/she could think of releasing all the resource from Zone1 (by leaving security setting at default value in last zone select block of Zone1) and then using Zone2 but this could create issue in some cases hence we do not recommend this.

    Any reason why customer think he/she may need to change passwords more than 29 times?

    Regards,

    Vivek Singh
  • 0 in reply to Vivek Singh
    TI__Expert 8415 points

    Thanks Vivek for clarifying.

    In the datasheet is the following section which gave me the understanding that the Z1 has higher priority since it gets checked first:

    “..The Get mode function in boot ROM first checks if a valid OTPBOOTCTRL value is programmed in Z1. If the answer is yes, then the device boots as per the Z1-OTPBOOTCTRL location. The Z2-OTPBOOTCTRL location is read and decodes only if Z1-OTPBOOTCTRL is invalid or not programmed…”

     

    Vivek Singh said:
    Now if user is only using one zone then he/she could think of releasing all the resource from Zone1 (by leaving security setting at default value in last zone select block of Zone1) and then using Zone2 but this could create issue in some cases hence we do not recommend this.

    If I understood you right then it is possible to change the password more than 29 times by leveraging both zones but since this creates issues we do not recommend doing so.

    I will check with the customer is this is necessary for their application.

  • 0 in reply to Simon Jagla
    TI__Guru** 115271 points

    Hi Simon,

    In the datasheet is the following section which gave me the understanding that the Z1 has higher priority since it gets checked first:

    “..The Get mode function in boot ROM first checks if a valid OTPBOOTCTRL value is programmed in Z1. If the answer is yes, then the device boots as per the Z1-OTPBOOTCTRL location. The Z2-OTPBOOTCTRL location is read and decodes only if Z1-OTPBOOTCTRL is invalid or not programmed…”

    Ok, got it. BOOTCTRL register is used by BOOTROM for device BOOT and in BOOT ROM SW Z1 BOOTCTRL is accessed Ist so yes there it has priority but that has no impact on security and it can be only programmed once.

    If I understood you right then it is possible to change the password more than 29 times by leveraging both zones but since this creates issues we do not recommend doing so.

    That is correct.

    Regards,

    Vivek Singh