SPRZ487E May   2022  – June 2024 AM620-Q1 , AM623 , AM625 , AM625-Q1 , AM625SIP

 

  1.   1
  2. 1Usage Notes and Advisories Matrices
    1. 1.1 Devices Supported
  3. 2Silicon Usage Notes and Advisories
    1. 2.1 Silicon Usage Notes
      1.      i2351
      2.      i2372
    2. 2.2 Silicon Advisories
      1.      i2049
      2.      i2062
      3.      i2097
      4.      i2103
      5.      i2134
      6.      i2189
      7.      i2196
      8.      i2232
      9.      i2244
      10.      i2310
      11.      i2311
      12.      i2327
      13.      i2328
      14.      i2279
      15.      i2307
      16.      i2320
      17.      i2329
      18.      i2208
      19.      i2249
      20.      i2278
      21.      i2312
      22.      i2366
      23.      i2371
      24.      i2253
      25.      i2283
      26.      i2383
      27.      i2401
      28.      i2407
      29.      i2409
      30.      i2410
      31.      i2413
      32.      i2414
      33.      i2415
      34.      i2416
      35.      i2417
      36.      i2418
      37.      i2419
      38.      i2420
      39.      i2421
      40.      i2422
      41.      i2423
      42.      i2435
  4.   Trademarks
  5.   Revision History

i2415

Boot: UART Backup Boot Authentication Failure w/ xSPI Primary Boot Mode

Details:

On HS-SE device type using a flash based primary boot mode which support redundant boot address like OSPI boot mode and a secondary boot mode like UART. Under the following condition:

Boot a valid image from backup boot media (UART) with below configuration:

  1. Primary Image at 0x0 => Bad Image (fails authentication)
  2. Redundant Image at 0x40_0000 => Valid TIFS image but not a ROM boot (fails authentication)
  3. Backup boot mode => Valid Image (Expected Image to boot)

ROM is not able to boot the Valid image from the secondary boot mode, like UART boot media.

Under normal circumstance,  after each time an image failed to boot, Secure ROM has to reset all the internal state machine for the next Retry operation.

When trying operate on the TIFS certificate, Secure ROM doesn’t reset all the necessary variables after the Image failed at Redundant offset.

Hence, during Backup boot flow Secure ROM was not able to authenticate the Certificate/Image binary.

Due to this, Boot fails at UART backup boot for a Valid Image binary as well.

Workaround(s):

None, other than making sure the image located at the redundant offset is a complete boot certificate and not just a TIFS/SYSFW certificate.