Hi,
i am running into some problems trying to implement our secure boot procedures for production.
I am currently trying to use the Secure Kernel API to bind a firmware image to a device.
For development i tried to use the secure kernel during a debug session. Is this possible?
I did it like this:
I have a dummy application binary (it just toggles a GPIO) that i convert to
a SecureAIS file. I have the ini file setup, so JTAG is activated and i can access the device.
First thing i notice when i create the image with bootExitType = SECUREWITHSK
is that the GPIO doesn't toggle anymore. Has this to do with limitations of the exit mode?
After i connect to the device in CCS i load an application that tries to call into the Secure Kernel.
I used the examples given in the OMAP-L138 Security User Guide (SPRUGQ9).
I also make sure not to use the first and second 16KB of L2 RAM in my application.
Whenever a Secure Kernel API call happens, the processor seems to be unresponsive.
I also cannot halt execution via CCS at this point. I have noticed that the generated assembler
for the API calls seems malformed to me. In the documentation it is mentioned, that the syscall code should be
loaded into B0 before executing the SWE instruction. I can single step the assembler until the SWE instruction and
B0 never seems to get loaded.
Are there any working examples available? They are sometimes talked about, but seem to be unobtainable.
Any help is greatly appreciated!
Thanks,
Marc F.
