Because of the holidays, TI E2E™ design support forum responses will be delayed from Dec. 25 through Jan. 2. Thank you for your patience.

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

0x0000 on CSM password locations

The Code Security Module Documentation has two statements:

1- "Do not use 128 bits of all zeros as the password. This automatically secures the device, regardless of the contents of the KEY register. The device is not debuggable nor reprogrammable."

2- "If a device is reset while the password locations are all zero or an unknown value, the device will be permanently locked unless a method to run the flash erase routine from secure SARAM is embedded into the flash or OTP."

Does this mean that, even though the 128 bits password are all zeros, a "dedicated" bootloader programmed on flash and running on secure SARAM can still reprogramm the flash ?

Is my understanding right ?Thank you for your attention.

  • Yes.  If the passwords are unknown or all 0x0000, and you already have the flash erase API routine programmed in flash and have a way to get the code to execute it properly (i.e., copy to RAM and run from there), it can erase the flash along with the unknown or 0x0000 passwords.

    Regards,

    David

     

  • Hi David,

    I don not have flash erase API routine programmed in flash. Is there any other way to erase the flash and unlock it?

    I have checked the MAP file; There is no record of the password locations getting overwritten. I was unable to understand the reason for Processor getting auto locked.

    Regards,

    kirankumar. 

  • Hello Kirankumar,

    If you don't know the values the password locations contain, and you don't already have the ERASE algorithm in secure memory, you cannot get back in to the device.

    The password locations are part of flash sector A.  They get cleared to 0's and then set back to 1's when you erase flash sector A.  If something happens during that process (e.g., power loss, or sometime hiccup in the debugger connection/setup) the passwords can get corrupt.  It does happen sometimes, and users generally do not know what or when it happened.

    Sorry.

    David

    P.S.  On the latest C2000 devices (e.g, F2805x, F2837x), the password locations are located in OTP memory instead of flash.  That will avoid the possibility of password corruption when working with the flash.