read security bits

Technical questions regarding the XTC tools and programming with XMOS.
Post Reply
ingbo
Junior Member
Posts: 5
Joined: Thu Jun 06, 2013 2:00 pm

read security bits

Post by ingbo »

Hello,

Before updating an image I need to determine if the chip is locked - AES module switched on and jtag is disabled.
Is it possible to read the security bits at run time using xc?

And if I have two factory or upgrade image files, and one of the them is encrypted (with key), how can I determine which file is encrypted?
Is there any information about the structure of the files?


Thank you.
IngBo


User avatar
infiniteimprobability
XCore Legend
Posts: 1126
Joined: Thu May 27, 2010 10:08 am
Contact:

Post by infiniteimprobability »

Should be ..
If you take a look at "Processor Status Configuration" in the datasheet you can use:

Code: Select all

int reg = getps(XS1_PS_SECURITY_CONFIG)
to read "Copy of the security register as read from OTP."
ingbo
Junior Member
Posts: 5
Joined: Thu Jun 06, 2013 2:00 pm

Post by ingbo »

Thank you very much.
This works great.

Any idea how to distinguish between "normal" and encrypted image files?
Do both files have the same header information?
User avatar
infiniteimprobability
XCore Legend
Posts: 1126
Joined: Thu May 27, 2010 10:08 am
Contact:

Post by infiniteimprobability »

Any idea how to distinguish between "normal" and encrypted image files?
Do both files have the same header information?
This isn't easy. The first 3 words are the same for encrypted or unencrypted images but thereafter it is either encrypted or not. So you can't easily tell for sure if it is valid data from word 4 or not..

Code: Select all

Offset	Field	Description
0	Image Tag	0x1a551e5 for tools versions Tools12 and below; 0x0FF51DE for tools version Tools13 and above
1	Page CRC	CRC value for 256 bytes (64 words) from offset 3 of the Image Header Table
2	Image CRC	CRC value for the full image from offset 3 of the Image Header Table
Unfortunately there is no flag in there to indicate encryption in the image. What you will get if you either load an encrypted image into an unencrypted device or vice versa is nonsense into the chip (the CRC will be valid). The behaviour will be undefined but likely throw an exception pretty quickly (invalid opcode or similar).

Ultimately it will down to the user to manage images.
maqu67
Member++
Posts: 22
Joined: Tue Jan 23, 2018 3:26 pm

Post by maqu67 »

Hello,

in the XE216-512-TQ128 Datasheet is written:

If bit 5 of the security register (see §9.1) is set, the device boots from OTP.
To get a high value, a 3K3 pull-up resistor should be strapped onto the pin. To assure a low value, a pull-down resistor is required if other external devices are connected to this port.

It' isnt clear to me which is the PIN the datasheet is speaking. Can you show to me?

Best Regards

Massimiliano
Post Reply