SPRADN0 December   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Programming Fundamentals
  5. 2Introduction
    1. 2.1 Hardware Security Module
    2. 2.2 ROM Bootloader
    3. 2.3 Combined Image with X.509 Certificate
  6. 3Flash Kernel Implementation
    1. 3.1 CPU1 Firmware Upgrade (HS-FS)
    2. 3.2 Key Provision (HS-FS to HS-KP)
    3. 3.3 CPU1 Secure Firmware Upgrade (HS-KP/SE to HS-SE)
    4. 3.4 HSM Firmware Upgrade (HS-KP/SE to HS-SE)
    5. 3.5 SECCFG Code Provisioning (HS-KP/SE to HS-SE)
  7. 4Host Application: UART Flash Programmer
    1. 4.1 Overview
    2. 4.2 Build UART Flash Programmer with Visual Studio
    3. 4.3 Build UART Flash Programmer with CMake
    4. 4.4 Packet Format
    5. 4.5 Kernel Commands
  8. 5Example Usage
    1. 5.1 Loading the Flash Kernel onto the Device
      1. 5.1.1 Hardware Setup
      2. 5.1.2 Running the UART Flash Programmer
    2. 5.2 CPU1 Device Firmware Upgrade (HS-FS only)
    3. 5.3 Convert HS-FS to HS-SE
    4. 5.4 Loading a RAM-based HSMRt Image
    5. 5.5 Key Provision (HS-FS to HS-KP)
    6. 5.6 Code Provision (HS-KP/SE to HS-SE)
  9. 6Troubleshooting
    1. 6.1 General
    2. 6.2 UART Boot
    3. 6.3 Application Load
  10. 7Summary
  11. 8References

4.5 Kernel Commands

A brief description of the commands and the associated kernel behavior are provided in Table 4-4.

Table 4-4 CPU1 Kernel Command Flows
Kernel CommandsCommand CodeDescription
DFU CPU10x011. Receive the command packet with no data
2. Receive the flash application byte-by-byte
3. Program and verify the application
4. Send flash status packet
5. Send message for the final status
Load HSMRt Image0x0B1. Receive the command packet with no data
2. Receive the HSMRt byte-by-byte
3. Place HSMRt in shared LDAx RAM
4. Send flash status packet
5. Wait to receive status of the HSM client
6. Send message for the final status
Load HSM Keys

0x0E

1. Receive the command packet with no data
2. Receive the HSMRt byte-by-byte
3. Place key certificate in shared LDAx RAM so the HSM can program them
4. Waits for HSM authentication status in forms of IPC message
5. Send status packet
6. Forward the status log messages from HSM
Load

HSM Code Provisioning Image (firmware upgrade for HSM)

0x0D

1. Receive the command packet with no data
2. Receive HSM firmware byte-by-byte, send the included key certificate for HSM validate
3. Proceed to store the firmware in shared LDAx RAM for HSM to validate in chunks (if the firmware exceeds the size of RAM)
4. Waits for HSM to perform integrity checks on the programmed firmware
5. Send flash status packet
6. Send status log message
Load C29 Code Provisioning Image (firmware upgrade for HS-SE C29)

0x10

Identical to HSM Code Provisioning Image

Program SECCFG section (HS-SE)

0x0C

 1. Receive the command packet with no data
2. Receive SECCFG image byte-by-byte and store in shared RAM for the HSM to validate
3. Send status packet
4. Send status log message

Run CPU1

0x09

 1. Receive the packet with no data
2. Branch to application entry point

Reset CPU1

0x0A

 1. Receive the packet with no data
2. Enable WatchDog and allow to cause a reset