• State Resolved
  • Locked Locked
  • Replies 9 replies
  • Subscribers 98 subscribers
  • Views 213 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

DRA821U-Q1: About Keywriter application error codes

user4852186
Intellectual 340 points
Part Number: DRA821U-Q1
Other Parts Discussed in Thread: J7200XSOMXEVM

Tool/software:

Hi,

We have designed a custom board based on the J7200XSOMXEVM reference design.

We ran the key writer using the following software version and it returned an error.

ADDON:OTP_KEYWRITER_ADD_ON_j7200_sr2_v2022.01
SDK:ti-processor-sdk-rtos-j7200-evm-08_01_00_11

The UART log at the time of the error is shown below.

 OTP Keywriter ver: 22.1.1--v2022.01 (Terrific Llam
OTP_VppEn
test_pmic_i2c_lld_intf_setup(): 493: PMIC_MAIN_INST I2C Setup...
test_pmic_i2c_lld_intf_setup(): 533: done...
I2C1: Passed for address 0x4c !!!
I2C1: Passed for address 0x4c !!!
Pmic_gpioSetValue ret: 0 Works!!!
Key programming sequence initialted
Taking OTP certificate from 0x41c73004
Sciclient_otpProcessKeyCfg returns: -1
Debug response: 0x10000
Key programming sequence completed

We have confirmed that 1.8V is being supplied to VPP_CORE and VPP_MCU.

The key data was generated using the following command.

~$ ./gen_keywr_cert.sh -t ti_fek_public.pem -s keys/smpk.pem --smek keys/smek.key -a keys/aes256.key --keycnt 1 --keyrev 1

What causes "Sciclient_otpProcessKeyCfg returns: -1" and "Debug response: 0x10000"?

Regards,

mizutani

  • 0
    TI__Guru 57115 points

    Hi mizutani

    user4852186 said:
    What causes "Sciclient_otpProcessKeyCfg returns: -1" and "Debug response: 0x10000"?

    In this 16th bit is set (0x10000) , as per the error code definition it is failed to program SMPKH on the device.

    Ref:software-dl.ti.com/.../keywriter.html

    As an experiment can you try writing MSV value with override flag, with this we can verify the setup is good or not( (Example certificate generation command for MSV with override flag :./gen_keywr_cert.sh -t ti_fek_public.pem --msv 0xC0FFE --msv-ovrd)).

    Also share the TIFS traces along with keywriter application logs. TIFS traces will come in Wakeup UART

    Regards
    Diwakar

  • 0 in reply to Diwakar Dhyani
    Intellectual 340 points

    Hi

    Diwakar Dhyani said:
    As an experiment can you try writing MSV value with override flag, with this we can verify the setup is good or not( (Example certificate generation command for MSV with override flag :./gen_keywr_cert.sh -t ti_fek_public.pem --msv 0xC0FFE --msv-ovrd)).

    We will report the results of trying the above.

    OTP Keywriter ver: 22.1.1--v2022.01 (Terrific Llam
OTP_VppEn
test_pmic_i2c_lld_intf_setup(): 493: PMIC_MAIN_INST I2C Setup...
test_pmic_i2c_lld_intf_setup(): 533: done...
I2C1: Passed for address 0x4c !!!
I2C1: Passed for address 0x4c !!!
Pmic_gpioSetValue ret: 0 Works!!!
Key programming sequence initialted
Taking OTP certificate from 0x41c73004
Sciclient_otpProcessKeyCfg returns: 0
Debug response: 0x2000000
Key programming sequence completed

    From the contents of the "debug response", We can determine that "KEYWR_ERR_PROGR_MSV" has occurred.
    What is the cause?

    Also, our board does not use WKUP_UART.
    Therefore, we cannot check the log using WKUP_UART.
    Is it possible to identify the cause using JTAG, etc.?

    Regards
    mizutani

  • 0 in reply to user4852186
    TI__Guru 57115 points

    Hi mizutani

    I am  still suspecting VPP supply if the certificate parsing is successful. To confirm this we can use TIFS trace memory to dump logs.

    You can connect to R5 core and dump the 4KB data starting from 0x44083000.

    Ref:https://software-dl.ti.com/tisci/esd/latest/4_trace/trace.html#trace-memory-buffer-location

    Regards
    Diwakar

  • 0 in reply to Diwakar Dhyani
    Intellectual 340 points

    Hi,

    Thank you for your reply.
    We will investigate any potential issues with the VPP supply.

    Furthermore, could you please clarify why the certificate analysis failed (Sciclient_otpProcessKeyCfg returns: -1)?
    We are particularly interested in understanding the potential causes of a parsing error in the certificate generated by the following command.

    ~$ ./gen_keywr_cert.sh -t ti_fek_public.pem -s keys/smpk.pem --smek keys/smek.key -a keys/aes256.key --keycnt 1 --keyrev 1

    Regards
    mizutani

  • 0 in reply to user4852186
    TI__Guru 57115 points

    Hi mizutani,

    user4852186 said:
    Furthermore, could you please clarify why the certificate analysis failed (Sciclient_otpProcessKeyCfg returns: -1)?

    I dont think certificate parsing in this case as well, just to confirm that i suggested you to do the MSV write test. Which we did earlier.

    Diwakar Dhyani said:

    You can connect to R5 core and dump the 4KB data starting from 0x44083000.

    If we can get the TIFS logs as suggested , we can confirm that the parsing is done or not inside TIFS.

    Regards
    Diwakar

  • 0 in reply to Diwakar Dhyani
    Intellectual 340 points

    Hi,

    The cause was incorrect VPP supply handling.

    I was able to make it an HSSE device.

    -----------------------

SoC ID Header Info:

-----------------------

NumBlocks            : 2

-----------------------

SoC ID Public ROM Info:

-----------------------

SubBlockId           : 1

SubBlockSize         : 26

DeviceName           : j7vcl

DeviceType           : HSSE

DMSC ROM Version     : [0, 2, 0, 0]

R5 ROM Version       : [0, 2, 0, 0]

    but it seems that JTAG remains enabled.

    How can I disable JTAG?

    Regards
    mizutani

  • 0 in reply to user4852186
    TI__Guru 57115 points

    Hi mizutani 

    Are you loading boot loader image and then connecting to A72 ? If yes make sure your bootloader certificate doesn't have debug extension.

    Regards
    Diwakar

  • 0 in reply to Diwakar Dhyani
    Intellectual 340 points

    Hi,

    We managed to boot the kernel by referring to the following forum.

    https://e2e.ti.com/support/processors-group/processors/f/processors-forum/1445146/sk-am62b-p1-fit-signature---secure-boot-clarification/5596064?tisearch=e2e-sitesearch&keymatch=custMpk.pem#5596064

    Diwakar Dhyani said:
    If yes make sure your bootloader certificate doesn't have debug extension.

    By "bootloader certificate" do you mean "custMpk.crt"? Or "prim_cert_config.txt"? Or maybe another file?

    How can I be sure that I don't have any "debug extensions"?

    Regards
    mizutani

  • +1 in reply to user4852186
    TI__Guru 57115 points

    Hi mizutani,

    user4852186 said:

    By "bootloader certificate" do you mean "custMpk.crt"? Or "prim_cert_config.txt"? Or maybe another file?

    Certificate of tiboot3.bin binary.

    user4852186 said:
    How can I be sure that I don't have any "debug extensions"?

    Does your x509 cert template contain OID  1.3.6.1.4.1.294.1.8.

    If it is present in the bootloader certificate will try to open the debug ports.

    Regards
    Diwakar