• State TI Thinks Resolved
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 84 subscribers
  • Views 1234 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS320F28023: Using the Code Security Module

William Dussault87
Intellectual 665 points

Part Number: TMS320F28023

Hello

I am trying to implement the Code Security Module. I have a few questions regarding it’s implementation.

  1. If I understand the literature correctly, the 128 bit key must be included in the boot loader in memory locations 0x3F 7FF8 – 0x3F 7FFF.  
  2. Once the application code is loaded (Flashed) the security key (128 bit ) is stored in the DSP2803xSystemCtrl.c file and we use the csmUnlock(); function to compare what is written in the Flash to what is stored in the DSP2803xSystemCtrl.c file.   Is this correct? 

The functions in the written in the literature do not make sense The first function dspUnsecure(); goes through the flash memory where the key is stored and compares it to a variable named "temp" Then it assigns the CSM registers values. Shouldn't this be checking the memory with the CSM values?

void dspUnsecure (void)
{
    volatile int *CSM = (volatile int *)0x000AE0; //CSM register file
    volatile int *PWL = (volatile int *)0x003F7FF8; //Password location
    volatile int tmp;
    int I;
    // Read the 128-bits of the password locations (PWL)
    // in flash at address 0x3F 7FF8 - 0x3F 7FFF
    // If the device is secure, then the values read will
    // not actually be loaded into the temp variable, so
    // this is called a dummy read.
    for (I=0; I<8; I++) tmp = *PWL++;
    // If the password locations (PWL) are all = ones (0xFFFF),
    // then the device will now be unsecure. If the password
    // is not all ones (0xFFFF), then the code below is required
    // to unsecure the CSM.
    // Write the 128-bit password to the KEY registers
    // If this password matches that stored in the
    // PWL then the CSM will become unsecure. If it does not
    // match, then the device will remain secure.
    // An example password of:
    // 0x11112222333344445555666677778888 is used.
    EALLOW; // Key registers are EALLOW protected
    *CSM++ = 0x1111; // Register KEY0 at 0xAE0
    *CSM++ = 0x2222; // Register KEY1 at 0xAE1
    *CSM++ = 0x3333; // Register KEY2 at 0xAE2
    *CSM++ = 0x4444; // Register KEY3 at 0xAE3
    *CSM++ = 0x5555; // Register KEY4 at 0xAE4
    *CSM++ = 0x6666; // Register KEY5 at 0xAE5
    *CSM++ = 0x7777; // Register KEY6 at 0xAE6
    *CSM++ = 0x8888; // Register KEY7 at 0xAE7
    EDIS;


}

Nexwe have a secure function dspSecure(); which reassigns a new value to CSMCR pointer which was 0x00AEF and now is 0x8000 I do not understand what it is doing. Is it assigning a new passcode?

Here is the code

void dspSecure (void)
{
    volatile int *CSMSCR = 0x00AEF; //CSMSCR register
    //Set FORCESEC bit
    EALLOW; //CSMSCR register is EALLOW protected.
    *CSMSCR = 0x8000;
    EDIS;

}

Is writing the wrong code the method used to secure the DSP?

Thanks

  • 0
    TI__Genius 17370 points
    Hello,
    I am writing to let you know that a C2000 team member has been assigned to this post and should be answering shortly.

    Regards
    Baskaran
  • 0
    TI__Mastermind 32995 points
    The dspSecure function is writing to the FORSEC bit which forces security on. It caused the CSM to be secure again.

    sal
  • 0 in reply to Sal Pezzino
    TI__Guru** 116031 points

    Hi,

    Sal has pointed out exactly what the function is doing. I am providing a bit mode detail on this -

    Nexwe have a secure function dspSecure(); which reassigns a new value to CSMCR pointer which was 0x00AEF and now is 0x8000 I do not understand what it is doing. Is it assigning a new passcode?

    No it is not assigning new passcode but setting the FORCESEC bit to secure the device again. If device has been made unsecure for some reason (e.g. debug purpose) and user want to secure it again then he can set the FORCESEC  bit in CSMSCR (also called CSMCR) register. Following is the definition of this bit.

    Hope this is clear.

    Regards,

    Vivek Singh

  • 0 in reply to Vivek Singh
    Intellectual 665 points
    Vivek,

    Thanks for the reply, Can you tell me in a quite specific manner how to Unsecure the DSP for debugging if it is secure? One more question about this is that is it possible to secure and unsecure the device if we are programming it over UART?

    Thank you

    Bill
  • 0 in reply to William Dussault87
    TI__Mastermind 32995 points
    To unsecure a device, write the correct passwords to the CSM key registers (128-bits)

    To secure the device, write to the FORCESEC bit in the CSM registers.

    sal
  • 0 in reply to Sal Pezzino
    Intellectual 665 points

    Sal,

    When should I write the passwords to unlock the device? Do I need to do it within a certain time limit or before I initialize anything?

    my initialization code is below:

    void main(void)

{
/* PLL, WatchDog, enable Peripheral Clocks */
	InitSysCtrl();

/* Set all default GPIO */
	InitGpio(); 
   
/* Clear all interrupts and initialize PIE vector table: 
   Disable CPU interrupts */
	DINT;

/* Initialize the PIE control registers to their default state.
   The default state is all PIE interrupts disabled and flags
   are cleared. */ 
	InitPieCtrl();   
   
/* Disable CPU interrupts and clear all CPU interrupt flags: */
	IER = 0x0000;
	IFR = 0x0000;

/* Initialize the PIE vector table with pointers to the shell Interrupt 
   Service Routines (ISR).  
   This will populate the entire table, even if the interrupt
   is not used in this example.  This is useful for debug purposes. */
	InitPieVectTable();

/* Interrupts that are used in this example are re-mapped to
   ISR functions found within this file. */ 
//	EALLOW;  // This is needed to write to EALLOW protected registers
//	PieVectTable.EPWM1_INT= &epwm1_timer_isr;
//	EDIS;    // This is needed to disable write to EALLOW protected registers

	// Interrupts that are used in this example are re-mapped to
	// ISR functions found within this file.
	EALLOW;  // This is needed to write to EALLOW protected registers
	PieVectTable.TINT0 = &cpu_timer0_isr;
	EDIS;    // This is needed to disable write to EALLOW protected registers


/* Initialize all the Device Peripherals: */      
	InitAdc();
	InitEPwm();
	InitComp();

	InitECap();
	InitCpuTimers();
	ConfigCpuTimer(&CpuTimer0, 60, 50); //set timer1 as 20k interrupt
	StartCpuTimer0();
//	ConfigCpuTimer(&CpuTimer1, 6000, 100000); //set period of timer1 as 10s
	StartCpuTimer1();
   // To ensure precise timing, use write-only instructions to write to the entire register. Therefore, if any
	// of the configuration bits are changed in ConfigCpuTimer and InitCpuTimers (in DSP2803x_CpuTimers.h), the
	// below settings must also be updated.
    CpuTimer0Regs.TCR.all = 0x4001; // Use write-only instruction to set TSS bit =

    Should I do it after all the timers are initialized or way back in the start after initsysctrl()?

    To use the generic code in the literature I was going to run 

    void dspUnsecure (void)
{
    volatile int *CSM = (volatile int *)0x000AE0; //CSM register file
    volatile int *PWL = (volatile int *)0x003F7FF8; //Password location
    volatile int tmp;
    int I;
    // Read the 128-bits of the password locations (PWL)
    // in flash at address 0x3F 7FF8 - 0x3F 7FFF
    // If the device is secure, then the values read will
    // not actually be loaded into the temp variable, so
    // this is called a dummy read.
    for (I=0; I<8; I++) tmp = *PWL++;
    // If the password locations (PWL) are all = ones (0xFFFF),
    // then the device will now be unsecure. If the password
    // is not all ones (0xFFFF), then the code below is required
    // to unsecure the CSM.
    // Write the 128-bit password to the KEY registers
    // If this password matches that stored in the
    // PWL then the CSM will become unsecure. If it does not
    // match, then the device will remain secure.
    // An example password of:
    // 0x11112222333344445555666677778888 is used.
    EALLOW; // Key registers are EALLOW protected
    *CSM++ = 0x1111; // Register KEY0 at 0xAE0
    *CSM++ = 0x2222; // Register KEY1 at 0xAE1
    *CSM++ = 0x3333; // Register KEY2 at 0xAE2
    *CSM++ = 0x4444; // Register KEY3 at 0xAE3
    *CSM++ = 0x5555; // Register KEY4 at 0xAE4
    *CSM++ = 0x6666; // Register KEY5 at 0xAE5
    *CSM++ = 0x7777; // Register KEY6 at 0xAE6
    *CSM++ = 0x8888; // Register KEY7 at 0xAE7
    EDIS;


}

    Is the entire code also stored in the boot loader and in a specific memory location "

    0x003F7FF8" I am pretty confused on how to implement this

    Thanks 

    Bill
  • 0 in reply to William Dussault87
    TI__Mastermind 32995 points
    The question is unclear to me. You can unlock the device whenever you need to unlock it.

    Why do you need to unlock the device?

    sal