• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Subscribers 99 subscribers
  • Views 1281 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

C6748 secure boot

an nguyen
Prodigy 75 points
Other Parts Discussed in Thread: OMAP-L138

Hi,

This application is flashed and operates well on NON-secure C6748.

Now, I am trying to run it on SECURE C6748.

Firstly, compose an ini file, where genKeyHeaderFileName is not specified, on attached file.

Then create secure AIS with SecureHexAIS_OMAP-L138.exe.

Finally, I used GenericSecureUartHost.exe to boot that AIS file, and it seemed completed successfully as following log. However, the application does not operate.

What's wrong with my process!!!???

"

(File IO): Read 398648 bytes from file E:\secure\pack\CAM_ext.ais.
(Serial Port): Opening COM3 at 115200 baud...
(AIS Parse): Read magic word 0x41504954.
(AIS Parse): Waiting for BOOTME... (power on or reset target now)
(AIS Parse): BOOTME received!
(AIS Parse): Performing Start-Word Sync...
(AIS Parse): Performing Ping Opcode Sync...
(AIS Parse): Processing command 0: 0x58535920.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Secure key loading, entering secure mode.
(AIS Parse): Processing command 1: 0x58535923.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Setting boot exit mode...
(AIS Parse): Set exit mode to 0x00000000.
(AIS Parse): Processing command 2: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 3: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 4: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 5: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 6: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 7: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 8: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 9: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 10: 0x5853590D.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Executing function...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): Processing command 11: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 216-Byte section to address 0xC0000000.
(AIS Parse): Processing command 12: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 24-Byte section to address 0xC0AA3EC8.
(AIS Parse): Processing command 13: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 992-Byte section to address 0xC0ADBC20.
(AIS Parse): Processing command 14: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 363392-Byte section to address 0xC0ADC000.
(AIS Parse): Processing command 15: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 27272-Byte section to address 0xC0B43B80.
(AIS Parse): Processing command 16: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 512-Byte section to address 0xC0B4BC00.
(AIS Parse): Processing command 17: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 1224-Byte section to address 0xC0B4BE00.
(AIS Parse): Processing command 18: 0x58535921.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Loading encoded section...
(AIS Parse): Loaded 4364-Byte section to address 0xC0B4C480.
(AIS Parse): Processing command 19: 0x58535906.
(AIS Parse): Performing Opcode Sync...
(AIS Parse): Performing jump and close...
(AIS Parse): Secure mode; sending signature.
(AIS Parse): AIS complete. Jump to address 0xC0B30D60.
(AIS Parse): Waiting for DONE...
(AIS Parse): Boot completed successfully.
(Serial Port): Closing COM3.

"

Thank you very much in advance for you help!

An.

http://e2e.ti.com/cfs-file.ashx/__key/communityserver-discussions-components-files/115/1616.OMAP_2D00_L138_5F00_generic_5F00_secure.ini

  • 0
    TI__Guru** 116770 points

    An,

    From your boot log it appears that the ROM boot did complete and I compared your file with the generic ini file provided in the package. I have few questions for you to better understand your setup.

    • Did you mean that you have included a key in your ini file but for privacy reasons have taken out the key from the attached file. I am just trying to make sure that you did provide the encryption key in the file
    • What does your boot image consist of , a secondary loader and a application?
    • Are you using any secure kernel APIs in your code? If yes, you need to specify exit type as SECURE.
    • Have you tried to configuring the tap registers to 0x0000FFFF in the ini file, this will allow you to connect to your device after the primary bootloader has completed to see if the system configuration registers have been configured correctly and will also tell you where the code is stuck?

    I am assuming this is your first boot and the image is not yet bound to the device. Do you have the binding code in your application?

    Regards,

    Rahul

    PS: If you don`t feel comfortable discussing security details on the forums, please accept the friend request I have sent you on the forum so that we can look at this offline.

  • 0 in reply to Rahul Prabhu
    Prodigy 75 points

    Hi Rahul,

    As a newbie, so I try to answer as much as what I could understand.

    • I did not use any encryption key. rsaKeyFileName and genKeyHeaderFileName were not applied.
    • The input file for SecureHexAIS_OMAP-L138.exe is an application, so I guest boot image must have include an application.
    • No secure kernel APIs used.
    • I have no idea of using the debug TAPs of device.

    For your last question, in fact, I don't know how to bind that!!! However, when using sfh_OMAP-L138.exe, it helps me this step. Am I correct?

    Thank you very much for your help!

    Best regards,

    An.

  • 0 in reply to an nguyen
    TI__Guru** 116770 points

    An,

    Since we are handling this offline, feel free to close the thread when your questions have been answered.

    Regards,

    Rahul

  • 0 in reply to Rahul Prabhu
    Prodigy 75 points

    Hi Prabhu,

    Thank you very much!

  • 0 in reply to an nguyen
    Intellectual 345 points
    Hi an nguyen,

    I have ran into the same problem with you too.
    Could you please show me how to solve that?

    Thank in advance,