Attention: For security reasons,please choose a user name *different* from your login name.
Also make sure to choose a secure password and change it regularly.

Main Menu

Booting only works from QSPI after programming authentication fuses

Started by m.asy, September 23, 2019, 03:36:28 AM

Previous topic - Next topic



We're using the TE0820 Board and trying to configure it for Secure Boot, after programming the RSA Authentication eFuses (RSA_EN specifically), we lost access to the JTAG port (without disabling it through fuses, we know that it is possible and we chose not to do it for now) and are thus unable to program a different design into the board, after researching the issue we found that it can happen and a new FSBL with some lines of code added needs to be programmed to unlock the JTAG interface, we changed the carrier board to one that supports SD booting (TE0703) to do so, but even SD booting is not working for the board (nothing on UART interface) even though it is working for non-secure images on other boards on which the fuses haven't been programmed. the device is basically a brick now and we're wondering if you can help us debug why it is not booting.


Antti Lukats


everything related to secure boot and encryption should be tested with BBRAM based keys before doing any attempts to blow EFUSES. If EFUSE is blown by the customer we no longer can help in most cases. When working with EFUSE, it has to be taken into account that "bricking" may happen, and that it may also permanent with no recovery.

In your case, it seems that it may be possible to "unbrick" but in order to really support this case, we should duplicate all the steps you have done, and "brick" some of the SoM's just for this tests.

Some hints:

if JTAG to FPGA and PS is dead, but the BOUNDARY SCAN is still alive, then it maybe possible to rewrite the spi -flash with new recovery fsbl over boundary scan, but if jtag is totally unresponive this would not be option

There are ERROR LED'S they should have a programmed sequence on failure, this may help understand why the sd card image is not booting

on other setup with same SoM make same security settings in BBRAM, then create encrypet sd card image and get it to boot, then try that sd card with the bricked one

there are maybe some more things to try




We've already done tests with BBRAM encryption, and Bootheader Authentication, we only moved to eFuses after our trials with those were successful,
Could you clarify what you mean by Boundary scan being still alive and how is it different from normal Jtag access? what are the steps to be done?
as for the LEDs, nothing on either boards (the MPSoC one or the carrier one) is shown during booting. we observe no sequence whatsoever.