Post Go back to editing

Custom Boot Mode with SD card

Category: Software
Product Number: ADSP-SC589

Hi,

We want to be able to have a second stage bootloader on QSPI flash, that loads the loader stream from SD card which also supports secure boot.

I've been looking at EE447, but the example provided here doesn't hook into adi_rom_BootKernel but instead uses adi_rom_Boot on octal SPI, for reasons that I don't understand.

My understanding is that i'd need to use adi_rom_BootKernel and provide a pBootConfig struct to this, but it also isn't clear what options I need to set in pBootConfig.

Thanks,

Liam

  • Hi,

    Application Note EE-447 is for ADSP-2156x and ADSP-SC59x processor and SD card booting is supported in ADSP-SC598. But in the above you have mentioned ADSP-SC589 as processor.

    To assist you better, can you please confirm which processor are you using? Also please confirm that you want boot from Flash using Quad boot then you want to load secure ldr from SDcard using adi_rom_boot.

    Regards,
    Ranjitha R

  • Hi, thanks for getting back to me

    Yes that's correct, we're currently using ADSP-SC589 on the ADSZ-SC589-MINI for development, but final product will be using ADSP-SC587.

    I was looking at EE-447 as a basis to port over to ADSP-SC589, as I was unable to find any examples for this for ADSP-SC589.

    Thanks,

    Liam

  • Hi Liam,

    We recommend referring application note “EE384:Tips and Tricks Using the ADSP-SC58x/ADSP-2158x Processor Boot ROM” for SC589:

    https://www.analog.com/media/en/technical-documentation/application-notes/EE384v01.pdf

    https://www.analog.com/media/en/technical-documentation/application-notes/EE384v01.zip

     

    Also, SC589 doesn’t support boot from SD Card. Please refer “Table 9. Boot Modes” for available boot modes in SC58x processor in the below linked datasheet:

    https://www.analog.com/media/en/technical-documentation/data-sheets/adsp-sc582_583_584_587_589_adsp-21583_584_587.pdf

    Regards,
    Ranjitha R

  • Hi

    Thanks for getting back to me, I have been reading EE384 and looking at the sample code.

    I know that SD card boot is not available by default, however from what I understand from your technical documentation, that the use of the adi_rom_BootKernel function and associated load function callback, that this can be used to boot from non-standard peripherals (i.e. SD card).

    I have been unable to find any good examples from yourselves as to how to use adi_rom_BootKernel.

    I had managed to find some small examples from your github links:

    https://github.com/analogdevicesinc/micropython

    https://github.com/analogdevicesinc/runtime-sharc-loader

    And had managed to convert a .ldr file to a byte array, load this using adi_rom_BootKernel, but having issues jumping to the RCU0_SVECT0 as it is not clear what preparation needs to occur to jump to the RCU0_SVECT0.

    If you could provide any additional information that would be useful.

    Thanks,

    Liam

  • Hi,

    Do you have any further updates for me?

    I am able to boot and jump correctly with an unsigned loader stream.

    I would like to do this with a signed loader stream.

    Following the example in EE366, I have a .ldr file signed in blp mode.

    I'm setting 

    bootConfig.bootType = ADI_ROM_SECURE_BOOT;
    bootConfig.keyType = ADI_ROM_CUSTOM_SECURITY;

    and assigning the public key that the .ldr file was signed with to bootConfig.publicKey to the bootconfig that is sent to adi_rom_BootKernel.

    However i'm getting a fault when trying to load the signed .ldr file.

    With the same settings an unsigned .ldr file loads correctly.

    Any ideas?

    Thanks,

    Liam

  • Hi,

    1)What issue are you facing while loading a signed .ldr file? are you facing any error or exception?
    2)How you are generating the signed .ldr and can you please share the comments also?
    3)Please confirm whether you have checking your application using "SecureBoot_OpenPart" example ? or did you tried by writing the OTP memory?
    4)Did you use the initialization code in Secure Boot? If yes, Please try without init code
    For more information : Please check the "Unsupported Boot Stream Blocks" {Page No: 3475/3973} in ADSP-SC58x Hardware reference manual in the below link,
    www.analog.com/.../SC58x-2158x-hrm.pdf

    Regards,
    Ranjitha R

  • Hi Ranjitha,

    Thanks for getting back to me.

    1) With the signed loader file, the FAULT led illuminates on my EZ-MINI kit, and I can see that the signed loader file hasn't executed. The loader file is the "LedBlink" from EE366v02

    2) The signed loader file is generated using the post build step of the EE366v02 "LedBlink" project, which results in having LedBlink_Core0.blpldr, .blxldr, .blwldr and .ldr files generated. 

    3) I am not using OTP memory - I don't want to pre-emptively lock my development kit at this stage of development. I have checked the signed loader file works by flashing it to SPI flash, and loading using the SecureBoot_OpenPart example, and this loads the .blpldr file properly.

    4) No initialisation blocks are used, neither the LedBlink project or the bootloader have initialisation blocks.

    I can share the code below, which is based on the limited code found above on github, and bringing in elements of the SecureBoot_OpenPart example project.

    The .blpldr file is loaded into an array "LedBlink_Core0" which is passed as the source to the bootconfig. I have checked that the contents of this array and the .blpldr are binary equivalent.

    Thanks in advance for your help.

    static void mBootLoad(ADI_ROM_BOOT_CONFIG *pBootConfig)
    {
    
    	if(pBootConfig->dByteCount == 0)
    	{
    		asm("nop");
    		return;
    	}
    
    	uint8_t *src, *dst;
    	src = pBootConfig->pSource;
    	dst = pBootConfig->pDestination;
    
    	for(int32_t i = 0; i < pBootConfig->dByteCount; ++i)
    	{
    		*dst++ = *src++;
    	}
    
    	pBootConfig->pSource = (void *) pBootConfig->pSource + (pBootConfig->uwSrcModifyMult * pBootConfig->dByteCount);
    }
    
    static void InitBootConfig()
    {
    	/* The boot config was sourced as an example from
    	 * https://github.com/analogdevicesinc/micropython/blob/b17791276de4a4ccf1d14e96b80b0c13d53a8d0f/ports/sc5xx/modules/sharc/modsharc.c
    	 * The same code is almost identical to
    	 * https://github.com/analogdevicesinc/runtime-sharc-loader/blob/bbb85bb59b203f4219a831814a721f7646f27498/SharcBooter/src/memboot.c#L168
    	 */
    
        bootConfig.errorReturn   	= 0;
        bootConfig.pSource       	= LedBlink_Core0;
        bootConfig.dBootCommand  	= 0;
        bootConfig.dFlags        	= 0;
        bootConfig.ulBlockCount  	= 0;
        bootConfig.pHeader       	= &bootHeader;
        bootConfig.pLogBuffer    	= 0;
        bootConfig.pLogCurrent   	= 0;
        bootConfig.dLogByteCount 	= 0;
        bootConfig.pForwardFunction = 0;
        bootConfig.pCrcFunction  	= 0;
        bootConfig.pErrorFunction 	= 0;
        bootConfig.uwDataWidth   	= 0;
        bootConfig.uwUserShort   	= 0;
        bootConfig.dUserLong     	= 0;
        bootConfig.dReserved     	= 0;
        bootConfig.pControlRegister = 0;
        bootConfig.uwDstModifyMult 	= 1;
        bootConfig.uwSrcModifyMult	= 1;
        bootConfig.pDmaBaseRegister = 0;
        bootConfig.uwDataWidth   	= 0;
        bootConfig.pDestination  	= 0;
        bootConfig.dByteCount    	= 0;
        bootConfig.loadType			= ROM_DMA_DONE_POLL_IRQDONE;
    
        bootConfig.bootType = ADI_ROM_SECURE_BOOT;
        bootConfig.keyType = ADI_ROM_CUSTOM_SECURITY;
        bootConfig.secureBootImageType = ROM_SB_IMAGE_BLP;
        bootConfig.pSecureHeader = &secureBootHeader;
    
        uint8_t * pKey = (uint8_t *)&bootConfig.publicKey;
        uint8_t i;
    
        for(i = 0; i < 56; i++) {
          pKey[i] = secure_boot_public_key[i];
        }
    
        bootConfig.bootRegistry.pLoadFunction = mBootLoad;
    }
    
    int main()
    {
    	InitBootConfig();
    	adi_rom_BootKernel(&bootConfig);
    	// Need to jump to application now? Where does it live? RCU_SVECT0
    
    	uint32_t svect0 = *pREG_RCU0_SVECT0;
    	int (*app)(void);
    	app = svect0;
    	app();
    	
    	while(1);

  • Hi Liam,

    We understand that the Fault LED is glowing after you have flashed the secure loader successfully. Normally the fault led will be triggered after the successful flashing of signed boot loader. if we reset the processor, it will execute the actual application after decrypting the secure boot stream using the keys in OTP memory.

    Or you can verify this using the secure_openpart example. Since the part has not been locked (security is not enabled), the boot kernel will not boot the secure boot stream upon reset. But, when the boot API is used and configured for secure booting, the secure boot stream will be verified and booted, and the LEDs will start blinking.

    Also the signed loader file in EE366v02 "LedBlink" project is for ADSP-SC589 ezkit. So, please create a simple led blink application for ADSP-SC589 mini, generate the secure loader file as per EE-366 application note and please let us know the response.
                           
    Regards,
    Ranjitha R

  • Hi Ranjitha,

    Thanks for getting back to me.

    I think there is some confusion, let me try to explain a bit better.

    I have Bootloader application on SPI flash that uses the adi_rom_BootKernel function in the code above.

    I have LedBlink.ldr file that is stored on SD card, I load this into RAM, and use adi_rom_BootKernel to boot.

    If LedBlink.ldr is unsigned then the Bootloader is able to load LedBlink successfully and I can see my Led's blink on my development kit - I modified the original EE-366 code to change the used ports.

    If LedBlink.ldr is signed, then the bootloader fails to load LedBlink, and the fault LED illuminates.

    I would you to verify that the BootConfig I supply to adi_rom_BootKernel is correct, or whether I need to make changes.

    If this is better handled in private support, please let me know.

    We need to move forwards on this quickly.

    Thanks,

    Liam

  • Hi, is there any update?

    Thanks