• State Resolved
  • Locked Locked
  • Replies 8 replies
  • Subscribers 83 subscribers
  • Views 1123 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Original question:

TMS320F280049: DCSM LinkPointer address

TMS320F280049: DCSM example

Jack Tan80
Mastermind 7130 points
Part Number: TMS320F280049
Other Parts Discussed in Thread: UNIFLASH, C2000WARE

Dear C2000 expert,

It looks that DCSM are very complicated in F28004x device compared with previous F2803x and F2802x device. Since I'm afraid that the device will be locked if the operations are not correct. 

What I want is that protect the flash content from copying by JTAG, and device could be unlocked by user code.

Is there any examples that describe how to program password into device step by step? And how to unlock device step by step?

And I have some questions because TRM seems not describe very clearly.

1. How to use linkpointer in OTP? What's the relationship with the ZxOTP_CSMPSWD0?
2. The CSMPSWD seems stores in OTP, but the address of CSMPSWD in Uniflash can't match with OTP address range, why?

  • 0
    TI__Guru** 115411 points

    Jack,

    We have a security tool to choose the security configuration and generate the ASM/CMD file accordingly. Please see the detail about the tool in this appnote

     

     1. How to use linkpointer in OTP? What's the relationship with the ZxOTP_CSMPSWD0?

    Linkpoitner value defines the address for active Zone Select Block in OTP which contains different security configuration including 128 bit password. Since OTP can not be changed (it's One Time Programmable) hence we have provided link pointer method to change the address for valid security configuration to re-program new security settings if needed.

     2. The CSMPSWD seems stores in OTP, but the address of CSMPSWD in Uniflash can't match with OTP address range, why?

    That address is for KEYx registers which user can update with correct password value to unlock the Zone. 

    Regards,

    Vivek Singh

  • 0 in reply to Vivek Singh
    Mastermind 7130 points

    Hi Vivek,

    Thanks for this appnote.

    1. This appnote are for F28037x device, so is it the same for F28004x device? Is it possible just to copy the same syscfg file into F28004x project?

    2. If the final .out/.hex file contains the OTP contents for DCSM, how to program it(.out/.hex file) to OTP in uniflash? Any special configurations required in uniflash? Because there are a seperate page "Setting and Untilities " in uniflash for OTP configuration.

    3. If do not set flash&RAM as EXEONLY state, is it possible to protect flash & RAM contents from jtag reading or debug? Since TRM mentioned that safe code copy and safe CRC are required for EXEONLY flash and RAM if copy the flash to ram and runs in ram for better performance, and I don't want to have that operation.

    4. If #3 are possible, is it means the keep the related bits as 1?

  • 0 in reply to Jack Tan80
    TI__Guru** 115411 points

    Hi,

     1. This appnote are for F28037x device, so is it the same for F28004x device? Is it possible just to copy the same syscfg file into F28004x project?

    Appnote is for how to use the security tool and it's applicable for F28004x device as well though there are some change in security feature on F28004x device wrt F28377x device.

     2. If the final .out/.hex file contains the OTP contents for DCSM, how to program it(.out/.hex file) to OTP in uniflash? Any special configurations required in uniflash? Because there are a seperate page "Setting and Untilities " in uniflash for OTP configuration.

    You can program it like normal .out file as long as you are programming a fresh device. If you are programming a device which already has security settings programmed then you need to provide correct password in GUI to unlock the security before trying to program the .out file.

     

     3. If do not set flash&RAM as EXEONLY state, is it possible to protect flash & RAM contents from jtag reading or debug? Since TRM mentioned that safe code copy and safe CRC are required for EXEONLY flash and RAM if copy the flash to ram and runs in ram for better performance, and I don't want to have that operation.

    Yes, secure Flash/RAM memories are protected from JTAG access even if these are not configured as EXEONLY. EXEONLY is additional security feature to block read/write even from secure code. If memories are not configured as EXEONLY then user don't have to use TI provided safe copy and safe CRC function because they can have their own safe copy and safe CRC function in their secure code, if needed.

     4. If #3 are possible, is it means the keep the related bits as 1?

    Yes. just leave the EXEONLY settings as default if not needed.

    Regards,

    Vivek Singh

  • 0 in reply to Vivek Singh
    Mastermind 7130 points

    Hi Vivek,

    Thanks for supporting here.

    I've tryed to add 28004x_dcsm_lnk.cmd and f28004x_dcsm_z1otp.asm from C2000ware into my project, since I just want to secure flash bank0 and LSRAM, and set them to zone1, so only f28004x_dcsm_z1otp.asm was updated, and attached the asm file.

    And cmd file remove the type = DSECT for linker pointer and otp zone blocks. Here are the asm file, cmd file, and execute file.DCSMconfig.zip

    But the device seems can't be unlock through uniflash and JTAG even I using correct key to unlock it, It shows a message as below, can you please help me know how to unlock device?

    It shows a error message after click on "Unlock" botton,

    When I using CCS for testing connection, it could connect correctly.

    -----[Perform the Integrity scan-test on the JTAG IR]------------------------

    This test will use blocks of 64 32-bit words.
    This test will be applied just once.

    Do a test using 0xFFFFFFFF.
    Scan tests: 1, skipped: 0, failed: 0
    Do a test using 0x00000000.
    Scan tests: 2, skipped: 0, failed: 0
    Do a test using 0xFE03E0E2.
    Scan tests: 3, skipped: 0, failed: 0
    Do a test using 0x01FC1F1D.
    Scan tests: 4, skipped: 0, failed: 0
    Do a test using 0x5533CCAA.
    Scan tests: 5, skipped: 0, failed: 0
    Do a test using 0xAACC3355.
    Scan tests: 6, skipped: 0, failed: 0
    All of the values were scanned correctly.

    The JTAG IR Integrity scan-test has succeeded.

    -----[Perform the Integrity scan-test on the JTAG DR]------------------------

    This test will use blocks of 64 32-bit words.
    This test will be applied just once.

    Do a test using 0xFFFFFFFF.
    Scan tests: 1, skipped: 0, failed: 0
    Do a test using 0x00000000.
    Scan tests: 2, skipped: 0, failed: 0
    Do a test using 0xFE03E0E2.
    Scan tests: 3, skipped: 0, failed: 0
    Do a test using 0x01FC1F1D.
    Scan tests: 4, skipped: 0, failed: 0
    Do a test using 0x5533CCAA.
    Scan tests: 5, skipped: 0, failed: 0
    Do a test using 0xAACC3355.
    Scan tests: 6, skipped: 0, failed: 0
    All of the values were scanned correctly.

    The JTAG DR Integrity scan-test has succeeded.

    [End: Texas Instruments XDS110 USB Debug Probe]

  • 0 in reply to Jack Tan80
    Mastermind 7130 points

    When I trying to connect device through CCS debug session, it reminds the device is in low power mode.

    I'm pretty sure that device is runing since I could communicate with device via UART.

  • 0 in reply to Jack Tan80
    TI__Guru** 115411 points

    Jack,

    If you have programmed the security setting in device then you need to change the BOOTMODE pin setting to be in WaitBoot (please refer BOOT ROM section in TRM for detail on bootmodes) and then try to connect after reset (power cycling the board).

    Regards,

    Vivek Singh

  • 0 in reply to Vivek Singh
    Mastermind 7130 points

    Hi Vivek,

    Thanks for your suggestion.

    I figured out this relates to my code that calls ROM flash api. It looks that it has to unlock device before call rom flash api, but rom is unsecure. Is it possible to set ROM as secure to zone1?

  • 0 in reply to Jack Tan80
    TI__Guru** 115411 points

    Hi Jack,

    No, we can not secure the ROM. You have to load the flash API in one of your flash sector if want to perform secure flash operations.

    Regards,

    Vivek Singh