SPRADK2 November   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
  5. 2Supplemental Online Information
  6. 3SSU Overview
  7. 4Key Concept Definitions
  8. 5Safety and Security Goals
  9. 6System Design
  10. 7Configuring the SSU
    1. 7.1 Flash SECCFG Region
    2. 7.2 SSU Development Life Cycle
    3. 7.3 Using the SysConfig Tool
      1. 7.3.1 Enabling System Security Configuration
      2. 7.3.2 Configuring Application Modules
      3. 7.3.3 Configuring Special Modules
        1. 7.3.3.1 LINK2 Configuration
        2. 7.3.3.2 LINK1 Configuration
        3. 7.3.3.3 Adding Shared Memory
      4. 7.3.4 Defining Sandboxes
  11. 8Summary
  12. 9References

7.1 Flash SECCFG Region

The Flash SECCFG region is used for storing the User Protection Policy (UPP). This is a special NONMAIN region of the C29 application Flash banks that is dedicated to SSU configuration and boot settings. The settings programmed into SECCFG are loaded at device start-up into SSU memory-mapped registers, and, in most cases, locked until the next device reset. For each primary CPU in the device (that is, odd-numbered C29 CPU, for example: CPU1, CPU3), there are two SECCFG sectors: the base sector, and the reserve sector. These are designed such that one sector can be erased and programmed with new configuration values while the other is active.

Note: Do not try to erase and reprogram a currently active SECCFG sector. If a device reset occurs during the process of erasing and programming, the device subsequently fails to boot and becomes inoperable. Always program new configurations into the alternate SECCFG sector address. The Flash address translation logic automatically routes this address to the current inactive SECCFG sector during program and erase operations. The SysConfig tool automatically allocates the SECCFG image to the alternate sector in the generated .out file to enable the correct update procedure.

To protect the integrity of the SSU user protection policy, the SECCFG sector includes a CRC value that is checked at boot time. This CRC covers access protection settings, LINK and STACK configuration, Flash write and Flash erase protections, Flash update permissions, debug settings, boot settings, and the SSU operating mode. Debug passwords are excluded from this CRC computation.

A comprehensive map of the SECCFG sector is available in the device technical reference manual.