• State Resolved
  • Locked Locked
  • Replies 3 replies
  • Subscribers 98 subscribers
  • Views 611 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Original question:

[FAQ] TDA4VM: HS: Building & booting on HS devices on latest Linux SDK

TDA4VM: TDA4VM: HS: Building & booting on HS-FS devices on QNX SDK 8.0

Frank DU
Prodigy 190 points
Part Number: TDA4VM

I have a HS-FS device instead of HS-SE-TIDK now. How can I program OTP on it to convert it to a HS-SE-TIDK device? According to the <Jacinto7 High Security Device Development>, I need to use the TI dummy keys to complete the key programming.

Please provide instructions for building and booting for HS-FS devices on QNX SDK 8.0

And please help to confirm that if secure boot is disabled on a HS-FS device (which means that a signed SBL is unnecessary), or I have to program TI dummy key into HS-FS device via JTAG?

  • 0
    TI__Guru** 112015 points

    Hi Frank,

    Are you trying to program TI Dummy Keys or your own customer keys? Once you program the keys, they cannot be re-programmed.

    The first thing you need to do on a HS-FS device is to run the KeyWriter application to blow your keys to convert the HS-FS device to a HS-SE device. The DMSC M3 JTAG port is locked on HS-FS devices, please see the Secure Debug User Guide section of the TI-SCI documentation for additional details.

    Please see the documentation on the Keywriter application within the RTOS PDK. 

    regards

    Suman

  • 0 in reply to Suman Anna
    Prodigy 190 points

    I'm wondering how a HS-FS device auth the KeyWriter application. All I have to do is build the KeyWriter with the instruction in Jacinto7 High Security Device Development. Is this the right way?

  • +1 in reply to Frank DU
    TI__Guru** 112015 points

    Hi Frank,

    Correct, the KeyWriter needs to be run first to program the keys into the OTP to convert the HS-FS to HS-SE.

    The programming of efuses still requires that the device be booted and running a TIFS. The KeyWriter application uses a specially signed TIFS binary used for programming the efuses. The TIFS binary is signed with TI MPK, and is authenticated by the Secure ROM. The authenticated TIFS then is used for programming the efuses using the 

    The KeyWriter package needs to be downloaded separately (NDA access).

    regards

    Suman