Secure Flash Interface

[smuraski]

Is it possible to use hardware other than a standard SPI port on a single chip to boot in secure mode?

Where are the specs for the SPI Flash device?

[bsmithyman]

Is it possible to use hardware other than a standard SPI port on a single chip to boot in secure mode?

Where are the specs for the SPI Flash device?

Hi smuraski,

There are a number of SPI flash devices supported; the list of devices is in the flash.h header in the /target/include subdirectory of the XMOS tools installation.

Code: Select all

typedef enum {
  UNKNOWN = 0, /**< Unknown flash device. */
  ALTERA_EPCS1, /**< Altera EPCS1. */
  ATMEL_AT25DF041A, /**< Atmel AT25DF041A. */
  ST_M25PE10, /**< ST M25PE10. */
  ST_M25PE20, /**< ST M25PE20. */
  ATMEL_AT25FS010, /**< ATMEL AT25FS010. */
  WINBOND_W25X40BV, /**< Winbond W25X40BV. */
}

The interface specifications for each chip (e.g. how to write protect the device) are set up in this file. It's also possible to specify the settings for a new device to allow the xflash tool to talk to it. My understanding is that the device needs to support the relatively standard JEDEC SPI flash spec, and have a page program opcode. Perhaps someone could correct me on this if there are more criteria?

As far as secure boot goes, that refers to loading a program into the one-time programmable (OTP) memory of an xcore. You can set the chip to only boot from that memory, and it is internal to the chip so there is no interfacing to do. The memory size is limited, and it is not rewritable. For example, you could place a bootloader on the OTP that loads an encrypted program from SPI or another interface and decodes it. From this point of view, you could boot from just about anything if you write the code to do it (e.g. I2C or SD card). The SPI boot mode is the only off-core boot mode supported by the G-series devices, and the L-series devices support booting via SPI or an XLink. Neither of these is secure though, so it seems likely you're looking for the method using either only OTP memory or a bootloader in OTP to decrypt the software.

[smuraski]

Hello Brendan,

Thanks for the feedback. I was fairly certain this was the case, but being new to the XMOS world I wanted to get some other opinions. I have only had 2 days exposure and information spread out accross all sorts of docs. Appreciate your input.

[bsmithyman]

Hello Brendan,

Thanks for the feedback. I was fairly certain this was the case, but being new to the XMOS world I wanted to get some other opinions. I have only had 2 days exposure and information spread out accross all sorts of docs. Appreciate your input.

No worries, glad to help! I'm just using development boards at the moment for personal projects, so I don't know all the ins and outs of the secure boot options. However, there are definitely encryption options including 128-bit AES available for free in the projects section, and a number of people have discussed bootloaders. I'm sure if you have specific questions the XMOS people can help, and the forums are a great place to get a feel for the community contributions.

Cheers,
Brendan

[m_y]

Is it possible to use hardware other than a standard SPI port on a single chip to boot in secure mode?

I'm not quite sure what you're asking there. Yes, you can use a SPI flash device on non-standard ports (i.e. not the ones expected by the boot ROM). There are no facilities for it to use anything other than a SPI flash device.