• State Resolved
  • Locked Locked
  • Replies 3 replies
  • Subscribers 82 subscribers
  • Views 1282 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS320F28379D: code security module

Howard Zou
Genius 12365 points
Part Number: TMS320F28379D


Hi,

I figured out that the passwords of F2837x/F2807x devices are located in OTP other than flash like our older parts. After writing a password to lock the device, we can never bring it back to unlocked state.

1. why do we have such a change?

2. what's the point to have dual code security module?

  • 0
    TI__Guru** 115881 points

    Hi Zou,

    I figured out that the passwords of F2837x/F2807x devices are located in OTP other than flash like our older parts.

    Yes, that is correct. This was done to avoid accidental locking the device while programming/erasing the main flash array.

    After writing a password to lock the device, we can never bring it back to unlocked state.

    I did not understand this question. Security settings are stored in Zone Select Block based on the LINK POINTER value. User can change the settings by changing the LINK POINTER VALUE to point to new Zone Select Block (please refer section "2.13.1.5 Link Pointer and Zone Select" of device document). So if you want to remove the security from device then change the LINK POINTER VALUE to next Zone Select Block and leave new Zone Select Block un-programmed (ALL_1). That will keep the device unsecure/unlock.

    2. what's the point to have dual code security module?

    Dual Zone security enables 3rd party development in secure environment without sharing the passwords. E.g. team A and team B can have their own secure zones to secure their IP/code on device but still allow each other to use the functions.

    Regards,

    Vivek Singh

  • 0 in reply to Vivek Singh
    TI__Genius 12365 points

    Vivek,

    thanks for your answer.

    I want to make it clear.

    For each zone, say zone1, we have Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2, Z1OTP_LINKPOINTER3 registers in OTP(which is one time programmable), and we also have Z1_LINKPOINTER in flash.

    Z1_LINKPOINTER can not be written but only readable, it's a result by comparing Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 in hardware, and it determines which ZoneSelectBlock we choose, right?

    In TRM it's said that

    The final value of the link pointer is resolved in hardware when a dummy read is done to all the link pointers by comparing all the three values (bit-wise voting logic).

    Bit-wise voting logic is for example,

    if bitn in Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 is two 0s and one 1, the final bitn of Z1_LINKPOINTER is 0,

    if bitn in Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 is two 1s and one 0, the final bitn of Z1_LINKPOINTER is 1, right?

    When will the dummy read of Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 be done? Do I have to write the code to read these registers in my program?

    Howard

  • 0 in reply to Howard Zou
    TI__Guru** 115881 points

    Hi Zou,

    Z1_LINKPOINTER can not be written but only readable, it's a result by comparing Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 in hardware, and it determines which ZoneSelectBlock we choose, right?

    Yes, that is correct. Please note Z1-LINKPOINTER is normal read only register and not in Flash.

    if bitn in Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 is two 0s and one 1, the final bitn of Z1_LINKPOINTER is 0,

    if bitn in Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 is two 1s and one 0, the final bitn of Z1_LINKPOINTER is 1, right?

    That is correct.

    When will the dummy read of Z1OTP_LINKPOINTER1, Z1OTP_LINKPOINTER2 and Z1OTP_LINKPOINTER3 be done? Do I have to write the code to read these registers in my program?

    BOOTROM code does security initialization after every reset which has this step. If running with debugger connected then Gel file has the security initialization sequence which get executed after debug reset.

    Regards,

    Vivek Singh