Debug authentication on MCXN9XX#
Introduction#
The fundamental principles of debugging, which require access to the system state and system information, conflict with the principles of security, which require the restriction of access to assets. Thus, many products disable debug access completely before deploying the product. To address these challenges, the chip offers a debug authentication protocol as a mechanism to authenticate the debugger (an external entity) has the credentials approved by the product manufacturer before granting debug access to the device. The debug authentication is a challenge-response scheme and assures that only the debugger in possession of the required debug credentials can successfully authenticate over the debug interface and access restricted parts of the device.
The protocol is divided into steps as described below:
The debugger initiates the Debug Mailbox message exchange by setting the CSW[RESYNCH_REQ] bit and CSW[CHIP_RESET_REQ] bit of DM-AP.
The debugger waits (minimum 30 ms) for the devices to restart and enter debug mailbox request handling loop.
The debugger sends Debug Authentication Start command (command code 10h) to the device.
The device responds back with Debug Authentication Challenge (DAC) packet based on the debug access rights preconfigured in CMPA fields, which are collectively referred as Device Credential Constraints Configuration (DCFG_CC). The response packet also contains a 32 bytes random challenge vector.
The debugger responds to the challenge with a Debug Authentication Response (DAR) message by using an appropriate debug certificate, matching the device identifier in the DAC. The DAR packet contains the debug access permission certificate, also referred as Debug Credential (DC), and a cryptographic signature binding the DC and the challenge vector provided in the DAC.
The device on receiving the DAR, validates the contents by verifying the cryptographic signature of the message using the debugger’s public key present in the embedded the Debug Credential (DC). On successful validation of DAR, the device enables access to the debug domains permitted in the DC
WARNING!#
This configuration is used only for demonstration purpose. For final security device configuration go through all configuration possibilities and define your own specific config/keys.
1. Prerequisites#
SPSDK is needed with examples extension.
pip install spsdk[examples]
(Please refer to the installation documentation.)This example uses FRDM-MCXN947 board. This is example board configuration without external debugger. It is also possible to use configuration with external debugger such as JLink debug probe.
The mcxn947 should be in Unsecure life cycle to proper example flow.
1.1 Let’s prepare the environment#
from spsdk.utils.jupyter_utils import YamlDiffWidget
# This env variable sets colored logger output to STDOUT
%env JUPYTER_SPSDK=1
# Set a magic for command execution and echo
%alias execute echo %l && %l
%alias_magic ! execute
WORKSPACE = "workspace/" # change this to path to your workspace
KEYS = "../_data/keys/ecc256/" # change this to path to your keys
INPUTS = "inputs/"
DC_CONFIG = INPUTS + "dc_config.yaml" # DC file config path
CMPA_CONFIG = INPUTS + "cmpa_mcxn9xx_debug_auth.yaml"
CFPA_CONFIG = INPUTS + "cfpa_mcxn9xx_debug_auth.yaml"
CERT_BLOCK_CONFIG = INPUTS + "cert_block_mcxn9xx.yaml"
VERBOSITY = (
"" # verbosity of commands, might be -v or -vv for debug or blank for no additional info
)
# choose family
FAMILY = "mcxn946"
INTERFACE = "pyocd"
env: JUPYTER_SPSDK=1
Created `%!` as an alias for `%execute`.
1.2 Let’s prepare the device#
Erase previous settings and use app nxpdevscan to check if the device is connected to the PC in ISP mode. The goal of device preparation is to have device in “virgin state” => erased, unsecured and ready to communicate over ISP to be able to show all steps to run up the NXP Debug Authentication feature.
# prepare the board so that there is no previous settings
%! nxpdebugmbox $VERBOSITY -f $FAMILY -i $INTERFACE cmd erase
# enter ISP mode
%! nxpdebugmbox $VERBOSITY -f $FAMILY -i $INTERFACE cmd ispmode -m 0
# check if the device is connected and detected by PC
%! nxpdevscan $VERBOSITY
nxpdebugmbox -f mcxn946 -i pyocd cmd erase
# Interface Id Description
----------------------------------------------------------------------------------------------------
0 PyOCD 3NMDBGL2DLIM2 NXP Semiconductors MCU-LINK FRDM-MCXN947 (r0E7) CMSIS-DAP V3.140
Mass flash erase succeeded
nxpdebugmbox -f mcxn946 -i pyocd cmd ispmode -m 0
# Interface Id Description
----------------------------------------------------------------------------------------------------
0 PyOCD 3NMDBGL2DLIM2 NXP Semiconductors MCU-LINK FRDM-MCXN947 (r0E7) CMSIS-DAP V3.140
Entering into ISP mode succeeded
nxpdevscan
-------- Connected NXP USB Devices --------
LPCSIO - NXP Semiconductors
Vendor ID: 0x1fc9
Product ID: 0x0143
Path: HID\VID_1FC9&PID_0143&MI_04\9&5D50897&0&0000
Path Hash: 900a858e
Name:
Serial number: 3NMDBGL2DLIM2
MCU-LINK NXP TRACE - NXP Semiconductors
Vendor ID: 0x1fc9
Product ID: 0x0143
Path: HID\VID_1FC9&PID_0143&MI_01\9&176FAA15&0&0000
Path Hash: 38fa47ea
Name:
Serial number: 3NMDBGL2DLIM2
-------- Connected NXP UART Devices --------
Port: COM116
Type: mboot device
-------- Connected NXP SIO Devices --------
LIBUSBSIO - NXP Semiconductors, LPCSIO
Vendor ID: 0x1fc9
Product ID: 0x0143
Path: HID\VID_1FC9&PID_0143&MI_04\9&5D50897&0&0000
Path Hash: 900a858e
Serial number: 3NMDBGL2DLIM2
Interface number: 4
Release number: 787
-------- Connected NXP UUU Devices --------
# choose USB or UART interface based on the result of nxpdevscan
# USB = "-u 0x1fc9,0x14f"
UART = "-p COM116"
# check if the board responds in ISP mode
%! blhost $VERBOSITY $UART get-property 1
# Response word 2 for get-property 17 is LC_STATE.
%! blhost $VERBOSITY $UART get-property 17
blhost -p COM116 get-property 1
Response status = 0 (0x0) Success.
Response word 1 = 1258488320 (0x4b030200)
Current Version = K3.2.0
blhost -p COM116 get-property 17
Response status = 0 (0x0) Success.
Response word 1 = 1520786085 (0x5aa55aa5)
Response word 2 = 3 (0x3)
Security State = UNSECURE
2. Generate RoT + Debug auth keys#
First we need to generate Root of Trust Keys (RoTKs)/Super Root Keys (SRKs), Debug Credential Key (DCK) and optionally Image Signing Key (ISK). Use nxpcrypto app to generate secp256r1 keys (see How-to-get-keys-using-nxpcrypto). We will need by default create 4 RoTKs, 1 DCK and 1 ISK. At least one RoTK is mandatory for this MCU.
The notebook is using pre-generated keys just for that example purposes from folder _data/keys/ecc256
in root of all SPSDK examples.
3. Generate debug credential file including its configuration file#
First we need to prepare the configuration file for debug credential file
export. Let’s begin by creating a template configuration file using the nxpdebugmbox dat dc get-template
command. To simplify this example, we have already prepared that configuration, which can be found in the ./inputs/dc_config.yaml file. Below, we’ll compare the differences between the template and our customized example to highlight the additions we’ve made.
Note: As is mentioned in introduction, the DC file should be created by owner of RoT credentials.
# Get difference of template and user YAML configuration
YamlDiffWidget("inputs/dc_config.diffc").html
nxpdebugmbox -f mcxn946 dat dc get-template -o workspace/dc_config.yaml --force
The Debug Credentials template for mcxn946 has been saved into workspace/dc_config.yaml YAML file
Configuration Differences
# ================================ Debug Credential file template for mcxn946 family. ================================
# -------------------------------------------------------- Note --------------------------------------------------------
# Debug credential file has following binary structure:
# ============================================
# ============================================
# === Version ===
# ============================================
# === Soc Class ===
# ============================================
# === UUID ===
# ============================================
# === RoT Meta SHA256 of following: ===
# === RoT Key0 SHA256 ===
# === RoT Key1 SHA256 ===
# === RoT Key2 SHA256 ===
# === RoT Key3 SHA256 ===
# ============================================
# === Debugger Key DCK (Pub): ===
# === ===
# ============================================
# === CC SOCU ===
# ============================================
# === CC VU ===
# ============================================
# === CB ===
# ============================================
# === RoT Key (pub) ===
# === ===
# ============================================
# ============================================
# === Signature of all block ===
# === SHA256 of whole block => Sign(RoTK) ===
# ============================================
# ============================================
# ============================================
# Debug Credential Signature
# ============================================
# There are two ways how sign the final DC data blob.
# 1. In case that you is available private pair for rot_meta with index rot_id just use first simple style
# to use it by rotk key. As a second way to do same is use sign_provider (or signProvider - both are accepted) option
# with 'type=file'.
# 2. For case that Debug Credential files are generated in untrusted environment (without access to RoT private keys),
# there is option to use plugin (example how to create own plugin is in: ./SPSDK/examples/dat/hsm/). The plugin
# has simple interface that allows handle DC data blob into plugin with index of RoT meta public key to get back signed
# DC image.
# Those options are exclusive, so only one option could be used to sign the DC.
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# ------------------------------===== The chip family name [Conditionally required] =====-------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s36, lpc55s66, lpc55s69, mcxa132, mcxa133, mcxa142, mcxa143, mcxa144, mcxa145, mcxa146, mcxa152, mcxa153,
# mcxa154, mcxa155, mcxa156, mcxn235, mcxn236, mcxn546, mcxn547, mcxn946, mcxn947, mcxw716a, mcxw716c, mimx8ulp,
# mimx9131, mimx9352, mimx9596, mimxrt1181, mimxrt1182, mimxrt1187, mimxrt1189, mimxrt533s, mimxrt555s, mimxrt595s,
# mimxrt685s, mimxrt798s, nhs52s04, rw610, rw612>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ======================================================================================================================
# == Debug Credential Content ==
# ======================================================================================================================
# ------------------------------------------===== Device UUID [Required] =====------------------------------------------
# Description: 128-bit IETF RFC4122 compliant non-sequential Universally Unique Identifier (UUID)
uuid: '00000000000000000000000000000000' Kept as zero value to enable this DC file works for all devices with this RoT
# -------------------------------------------===== SoC Usage [Required] =====-------------------------------------------
# Description: A CC (constraint) value that is a bit mask, and whose bits are used in an SoCC-specific manner. These
# bits are typically used for controlling which debug domains are accessed via the authentication protocol, but device-
# specific debug options can be managed in this way also.
cc_socu: '0x0FFF' Kept on value 0x0FFF to set everything open. For more info about this value check the documentation
# -----------------------------------------===== Vendor Usage [Required] =====------------------------------------------
# Description: A CC (constraint) value that is opaque to the debug authentication protocol itself but which can be
# leveraged by vendors in product-specific ways.
cc_vu: 0
# ---------------------------------------===== Credential Beacon [Required] =====---------------------------------------
# Description: A value that is passed through the authentication protocol, which is not interpreted by the protocol but
# is instead made visible to the application being debugged. A credential beacon is associated with a DC and is
# therefore vendor/RoT-signed. An authentication beacon is provided and signed by the debugger during the authentication
# process.
cc_beacon: 0 We keep the cc beacon on value zero, it's enough for example purposes
# -----------------------------------------===== RoT meta-data [Required] =====-----------------------------------------
# Description: The RoT meta-data required by the device to corroborate; the ROTID sent in the DAC, the field in this DC,
# and any additional RoT state that is not stored within the device. This allows different RoT identification,
# management and revocation solutions to be handled.
rot_meta: Updated Root Of Trust public keys to used in our example
- ./rotk0.pub
- ./rotk1.pub
- ./rotk2.pub
- ./rotk3.pub
- ../../_data/keys/ecc256/srk0_ecc256.pub
- ../../_data/keys/ecc256/srk1_ecc256.pub
- ../../_data/keys/ecc256/srk2_ecc256.pub
- ../../_data/keys/ecc256/srk3_ecc256.pub
# ----------------------------------------===== RoT Identifier [Required] =====-----------------------------------------
# Description: RoTID allows the debugger to infer which RoT public key(s) are acceptable to the device. If the debugger
# cannot or does not provide such a credential, the authentication process will fail.
rot_id: 0 We keep it same because in our example the private key to sign whole DC file has been chooses with index 0
# -------------------------------------===== Debug Credential Key [Required] =====--------------------------------------
# Description: A user-owned key pair. The public part of the key is associated with a DC, the private part is held by
# the user and used to produce signatures during authentication.
dck: dck.pub Updated Debug Credential public key to used in our example
dck: ../../_data/keys/ecc256/dck_ecc256.pub
# ----------------------------===== RoT signature private key [Conditionally required] =====----------------------------
# Description: Private key for the RoT meta chosen by rot_id to sign the image.
rotk: ../../_data/keys/ecc256/srk0_ecc256.pem
rotk: rotk0.pem Add path to private key file for signing used in our example
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=;key_number= '.
sign_provider: type=sasp;key_number=0
# Copyright 2024 NXP
#
# SPDX-License-Identifier: BSD-3-Clause
# ================================ Debug Credential file template for mcxn946 family. ================================
# -------------------------------------------------------- Note --------------------------------------------------------
# Debug credential file has following binary structure:
# ============================================
# ============================================
# === Version ===
# ============================================
# === Soc Class ===
# ============================================
# === UUID ===
# ============================================
# === RoT Meta SHA256 of following: ===
# === RoT Key0 SHA256 ===
# === RoT Key1 SHA256 ===
# === RoT Key2 SHA256 ===
# === RoT Key3 SHA256 ===
# ============================================
# === Debugger Key DCK (Pub): ===
# === ===
# ============================================
# === CC SOCU ===
# ============================================
# === CC VU ===
# ============================================
# === CB ===
# ============================================
# === RoT Key (pub) ===
# === ===
# ============================================
# ============================================
# === Signature of all block ===
# === SHA256 of whole block => Sign(RoTK) ===
# ============================================
# ============================================
# ============================================
# Debug Credential Signature
# ============================================
# There are two ways how sign the final DC data blob.
# 1. In case that you is available private pair for rot_meta with index rot_id just use first simple style
# to use it by rotk key. As a second way to do same is use sign_provider (or signProvider - both are accepted) option
# with 'type=file'.
# 2. For case that Debug Credential files are generated in untrusted environment (without access to RoT private keys),
# there is option to use plugin (example how to create own plugin is in: ./SPSDK/examples/dat/hsm/). The plugin
# has simple interface that allows handle DC data blob into plugin with index of RoT meta public key to get back signed
# DC image.
# Those options are exclusive, so only one option could be used to sign the DC.
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# ------------------------------===== The chip family name [Conditionally required] =====-------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s36, lpc55s66, lpc55s69, mcxa132, mcxa133, mcxa142, mcxa143, mcxa144, mcxa145, mcxa146, mcxa152, mcxa153,
# mcxa154, mcxa155, mcxa156, mcxn235, mcxn236, mcxn546, mcxn547, mcxn946, mcxn947, mcxw716a, mcxw716c, mimx8ulp,
# mimx9131, mimx9352, mimx9596, mimxrt1181, mimxrt1182, mimxrt1187, mimxrt1189, mimxrt533s, mimxrt555s, mimxrt595s,
# mimxrt685s, mimxrt798s, nhs52s04, rw610, rw612>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ======================================================================================================================
# == Debug Credential Content ==
# ======================================================================================================================
# ------------------------------------------===== Device UUID [Required] =====------------------------------------------
# Description: 128-bit IETF RFC4122 compliant non-sequential Universally Unique Identifier (UUID)
uuid: '00000000000000000000000000000000' Kept as zero value to enable this DC file works for all devices with this RoT
# -------------------------------------------===== SoC Usage [Required] =====-------------------------------------------
# Description: A CC (constraint) value that is a bit mask, and whose bits are used in an SoCC-specific manner. These
# bits are typically used for controlling which debug domains are accessed via the authentication protocol, but device-
# specific debug options can be managed in this way also.
cc_socu: '0x0FFF' Kept on value 0x0FFF to set everything open. For more info about this value check the documentation
# -----------------------------------------===== Vendor Usage [Required] =====------------------------------------------
# Description: A CC (constraint) value that is opaque to the debug authentication protocol itself but which can be
# leveraged by vendors in product-specific ways.
cc_vu: 0
# ---------------------------------------===== Credential Beacon [Required] =====---------------------------------------
# Description: A value that is passed through the authentication protocol, which is not interpreted by the protocol but
# is instead made visible to the application being debugged. A credential beacon is associated with a DC and is
# therefore vendor/RoT-signed. An authentication beacon is provided and signed by the debugger during the authentication
# process.
cc_beacon: 0 We keep the cc beacon on value zero, it's enough for example purposes
# -----------------------------------------===== RoT meta-data [Required] =====-----------------------------------------
# Description: The RoT meta-data required by the device to corroborate; the ROTID sent in the DAC, the field in this DC,
# and any additional RoT state that is not stored within the device. This allows different RoT identification,
# management and revocation solutions to be handled.
rot_meta: Updated Root Of Trust public keys to used in our example
- ../../_data/keys/ecc256/srk0_ecc256.pub
- ../../_data/keys/ecc256/srk1_ecc256.pub
- ../../_data/keys/ecc256/srk2_ecc256.pub
- ../../_data/keys/ecc256/srk3_ecc256.pub
# ----------------------------------------===== RoT Identifier [Required] =====-----------------------------------------
# Description: RoTID allows the debugger to infer which RoT public key(s) are acceptable to the device. If the debugger
# cannot or does not provide such a credential, the authentication process will fail.
rot_id: 0 We keep it same because in our example the private key to sign whole DC file has been chooses with index 0
# -------------------------------------===== Debug Credential Key [Required] =====--------------------------------------
# Description: A user-owned key pair. The public part of the key is associated with a DC, the private part is held by
# the user and used to produce signatures during authentication.
dck: ../../_data/keys/ecc256/dck_ecc256.pub Updated Debug Credential public key to used in our example
# ----------------------------===== RoT signature private key [Conditionally required] =====----------------------------
# Description: Private key for the RoT meta chosen by rot_id to sign the image.
rotk: ../../_data/keys/ecc256/srk0_ecc256.pem Add path to private key file for signing used in our example
Now we generate dc file based on yaml configuration.
DC_FILE_PATH = WORKSPACE + "debug_auth.dc"
%! nxpdebugmbox $VERBOSITY -f $FAMILY dat dc export -c $DC_CONFIG -o $DC_FILE_PATH --force
nxpdebugmbox -f mcxn946 dat dc export -c inputs/dc_config.yaml -o workspace/debug_auth.dc --force
RKTH: e2cca7cf09a45d2f1942969fda1c68ecaad78fad416d143292dad2f618291ddd
Creating Debug credential file succeeded
4. Generate debug authentication configuration file#
In advance we will prepare the configuration file for debug authentication procedure itself. Let’s begin again by creating a template configuration file using the nxpdebugmbox dat get-template
command. To simplify this example, we have already prepared that configuration, which can be found in the ./inputs/dat_config.yaml file. Below, we’ll compare the differences between the template and our customized example to highlight the additions we’ve made.
# Get difference of template and user YAML configuration
YamlDiffWidget("inputs/dat_config.diffc").html
nxpdebugmbox -f mcxn946 dat get-template -o workspace/dat_config.yaml --force
Creating workspace/dat_config.yaml template file.
Configuration Differences
# ============================= Debug Authentication Configuration template for mcxn946. =============================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
revision: latest
# ======================================================================================================================
# == Debug Authentication Content ==
# ======================================================================================================================
# -------------------------------===== Debug Credential Certificate file [Required] =====-------------------------------
# Description: A debug credential binary file provided by owner of Root Keys. The file could be created by 'dc' group of
# commands.
certificate: dc.bin Path to debug credential certificate (that we created in previous step)
certificate: ./workspace/debug_auth.dc
# -------------------------------------===== Authentication beacon [Required] =====-------------------------------------
# Description: Debug authentication process can be extended with beacons. DEBUG_AUTH_BEACON (this field) contain
# information from debug authentication after debugger is successfully authenticated. This register contain data from
# Authentication beacon [31:16] which is defined during authentication session and Credential beacon [15:0] which is
# defined on RoT keys owner side during debug credential file generation and signing. When credential beacon non-zero
# value is used in this field, ROM defers opening debug access to user application. The result of the authentication
# process is written to DBG_FEATURES register while the user application after doing its extended processing, such as
# clean-up of critical keys and secrets, should copy the value to DBG_FEATURES_DP register to enable the debug access.
beacon: 0 The beacon has changed to 1, to check of the proper end of DAT operation
beacon: 1
# -------------------------------------------===== Keys set [Optional] =====--------------------------------------------
# Description: Selection of keys origin.
# Possible options:
srk_set: oem We keep default value on OEM
# ----------------------------===== DCK signature private key [Conditionally required] =====----------------------------
# Description: Private key that match the public key in debug credential file, to sign Debug Authentication response.
dck_private_key: ../../_data/keys/ecc256/dck_ecc256.pem
dck_private_key: dck.pem Updated Debug Credential private key to used in our example
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=;key_number= '.
sign_provider: type=sasp;key_number=0 This is removed, because we are using private key in this example
# Copyright 2024 NXP
#
# SPDX-License-Identifier: BSD-3-Clause
# ============================= Debug Authentication Configuration template for mcxn946. =============================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
revision: latest
# ======================================================================================================================
# == Debug Authentication Content ==
# ======================================================================================================================
# -------------------------------===== Debug Credential Certificate file [Required] =====-------------------------------
# Description: A debug credential binary file provided by owner of Root Keys. The file could be created by 'dc' group of
# commands.
certificate: ./workspace/debug_auth.dc Path to debug credential certificate (that we created in previous step)
# -------------------------------------===== Authentication beacon [Required] =====-------------------------------------
# Description: Debug authentication process can be extended with beacons. DEBUG_AUTH_BEACON (this field) contain
# information from debug authentication after debugger is successfully authenticated. This register contain data from
# Authentication beacon [31:16] which is defined during authentication session and Credential beacon [15:0] which is
# defined on RoT keys owner side during debug credential file generation and signing. When credential beacon non-zero
# value is used in this field, ROM defers opening debug access to user application. The result of the authentication
# process is written to DBG_FEATURES register while the user application after doing its extended processing, such as
# clean-up of critical keys and secrets, should copy the value to DBG_FEATURES_DP register to enable the debug access.
beacon: 1 The beacon has changed to 1, to check of the proper end of DAT operation
# -------------------------------------------===== Keys set [Optional] =====--------------------------------------------
# Description: Selection of keys origin.
# Possible options:
srk_set: oem We keep default value on OEM
# ----------------------------===== DCK signature private key [Conditionally required] =====----------------------------
# Description: Private key that match the public key in debug credential file, to sign Debug Authentication response.
dck_private_key: ../../_data/keys/ecc256/dck_ecc256.pem Updated Debug Credential private key to used in our example
5. Generate CMPA + CFPA chip configuration for debug authentication#
As a next step we need to update MCU configuration to secure chip and its debug interface to final test of whole debug authentication process.
We need to prepare the configuration files for CMPA
and CFPA
blocks export. Let’s begin by creating a template configuration files using the pfr get-template
command. This command we need to call twice to get templates for both type of configuration blocks (-t option
). To simplify this example, we have already prepared that configuration, which can be found in the ./inputs/cmpa_mcxn9xx_debug_auth.yaml, ./inputs/cfpa_mcxn9xx_debug_auth.yaml files. Below, we’ll compare the differences between the templates and our customized examples to highlight the additions we’ve made.
# Get difference of template and user YAML configuration of CMPA
YamlDiffWidget("inputs/cmpa_mcxn9xx_debug_auth.diffc").html
pfr get-template -t cmpa -f mcxn946 -o workspace/cmpa_mcxn9xx_debug_auth.yaml --force
The PFR cmpa template for mcxn946 has been saved into workspace/cmpa_mcxn9xx_debug_auth.yaml YAML file
Configuration Differences
# ========================================= PFR CMPA configuration template ==========================================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s06, lpc55s14, lpc55s16, lpc55s26, lpc55s28, lpc55s36, lpc55s66, lpc55s69, mcxa132, mcxa133, mcxa142, mcxa143,
# mcxa144, mcxa145, mcxa146, mcxa152, mcxa153, mcxa154, mcxa155, mcxa156, mcxn235, mcxn236, mcxn546, mcxn547, mcxn946,
# mcxn947, nhs52s04>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ------------------------------------===== Configuration area type [Optional] =====------------------------------------
# Description: PFR / IFR type
# Possible options:
type: CMPA
# ----------------------------------===== Configuration area Settings [Required] =====----------------------------------
settings: We kept in configuration just settings that are changed compare to defaults, all other are erased because the PFR tool keep them on defaults values.
# ------------------------------------------===== BOOT_CFG [Optional] =====-------------------------------------------
# Description: Offset: 0x00000000, Width: 32b; Boot Configuration
BOOT_CFG:
# -----------------------------------------===== BOOT_SRC [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Primary boot source
# - INTERNAL_FLASH_0b00, (0): Internal flash
# - FLEXSPI_FLASH_XIP, (1): FlexSPI flash XIP image
# - SECONDARY_BOOTLOADER, (2): Secondary Boot loader in Bank1 IFR0 (32KB)
# - INTERNAL_FLASH_0b11, (3): Internal flash
# Possible options:
BOOT_SRC: INTERNAL_FLASH_0b00
# ----------------------------------------===== ISP_BOOT_IF [Optional] =====----------------------------------------
# Description: Offset: 4b, Width: 3b, ISP boot interface
# - AUTO_ISP, (0): Auto ISP
# - UART_ISP, (1): UART ISP
# - SPI_SLAVE, (2): SPI Slave ISP
# - I2C_SLAVE, (3): I2C slave ISP
# - USB0_HID, (4): USB0_HID
# - USB1_HID, (5): USB1_HID
# - CAN_ISP, (6): CAN ISP
# - Reserved, (7): Reserved
# Possible options:
ISP_BOOT_IF: AUTO_ISP
# ---------------------------------------===== REC_BOOT_SRC [Optional] =====----------------------------------------
# Description: Offset: 8b, Width: 2b, Recovery boot source
# - DISABLED, (0): Recovery boot disabled.
# - XIP_IMAGE, (1): XIP image in Bank1 IFR0 (32KB).
# - SB3_IMAGE, (2): SB3 image in 1-bit SPI flash connected to FlexComm. FC7 used for this function by default
# overlaps with FlexSPI A.
# - Reserved, (3): Reserved
# Possible options:
REC_BOOT_SRC: DISABLED
# ----------------------------------------===== BOOT_SPEED [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 2b, Core Clock
# - FRO_48_MHZ, (0): 48Mhz FRO @ 1.0V
# - FRO_72_MHZ, (1): 72MHz FRO @ 1.1V
# - FRO_144_MHZ, (2): 144MHz FRO @ 1.2V
# - PLL_150_MHZ, (3): 150MHz PLL @ 1.2V
# Possible options:
BOOT_SPEED: FRO_48_MHZ
# ------------------------------------------===== HEADER [Optional] =====-------------------------------------------
# Description: Offset: 16b, Width: 16b, CMPA Header marker should be set to 0x5963. After this header is set, all
# non-zero values will take effect; leaving all settings at 0xff will cause undefined behavior. It is recommended to
# set all values to 0x00 before setting the CMPA header value.
HEADER: 22883
# ------------------------------------------===== FLASH_CFG [Optional] =====------------------------------------------
# Description: Offset: 0x00000004, Width: 32b; Flash Configuration
FLASH_CFG:
# -------------------------------------===== FLASH_REMAP_SIZE [Optional] =====--------------------------------------
# Description: Offset: 0b, Width: 5b, Flash remap size.
# FLASH_REMAP_SIZE defines the size of the secondary boot image
# (the range of flash addresses that will be remapped)in internal flash, where remapped
# address end = (FLASH_REMAP_SIZE + 1) * 32 KB. For example, if FLASH_REMAP_SIZE = 2,
# then the first 96KB of addresses will be remapped to flash bank1 instead of flash bank0
# when remap is active. Set this field to 0 if you do not want to use the flash remap feature.
FLASH_REMAP_SIZE: 0
# ------------------------------------===== OEM_BANK1_IFR0_PROT [Optional] =====------------------------------------
# Description: Offset: 5b, Width: 3b, Defines protection for Bank1_IFR0 area based on usage.
# Note, if the SBL / Recovery image size is more than IFR0 size of 32KB then sectors from users flash can be
# associated for extended image size using CMPA.REC_IMG_EXT0/1.
# - OEM_ROM_RWXL_CODE, (0): Not determined by ROM (MBC fields are modified by OEM code)
# - OEM_ROOT_RWXL_1010, (1): Used as OEM Root of Trust image, in other words secondary boot loader (OEM_SBL). MBC
# protection bits set as RWXL = 1010. Updatable by OEM code later.
# - OEM_SBL_RWXL_1011, (2): Used as OEM_SBL. MBC protection bits set as RWXL = 1011.
# - OEM_SBL_RWXL_0011, (3): Used as OEM_SBL. MBC protection bits set as RWXL = 0011.
# - OEM_REC_RWXL_1010, (4): Used as OEM recovery boot image with MBC protection RWXL = 1010 on ROM exiting to
# recovery image. But set to RWXL = 1010 on ROM exiting to user image.
# - OEM_REC_RWXL_1011, (5): Used as OEM_RCVRY_IMG with MBC protection RWXL = 1010 on ROM exiting to recovery image.
# But set to RWXL = 1011 on ROM exiting to user image.
# - OEM_REC_RWXL_0011, (6): Used as OEM_RCVRY_IMG with MBC protection RWXL = 1010 on ROM exiting to recovery image.
# But set to RWXL = 0011 on ROM exiting to user image.
# - OEM_REC_RWXL_0001, (7): Used as OEM_RCVRY_IMG with MBC protection RWXL = 1010 on ROM exiting to recovery image.
# But set to RWXL = 0001 on ROM exiting to user image.
# Possible options:
# OEM_REC_RWXL_1011, OEM_REC_RWXL_0011, OEM_REC_RWXL_0001>
OEM_BANK1_IFR0_PROT: OEM_ROM_RWXL_CODE
# ---------------------------------------===== ISP_PIN_ENTRY [Optional] =====---------------------------------------
# Description: Offset: 8b, Width: 2b, Disable ISP mode entry through pin assertion.
# - ALLOWED_0b00, (0): ISP entry allowed
# - DISABLED_0b01, (1): ISP entry disabled
# - ALLOWED_0b10, (2): ISP entry allowed
# - ALLOWED_0b11, (3): ISP entry allowed
# Possible options:
ISP_PIN_ENTRY: ALLOWED_0b00
# ---------------------------------------===== ISP_DM_ENTRY [Optional] =====----------------------------------------
# Description: Offset: 10b, Width: 2b, Disable ISP mode entry through debug mailbox command.
# - ALLOWED_0b00, (0): ISP entry allowed
# - DISABLED_0b01, (1): ISP entry disabled
# - ALLOWED_0b10, (2): ISP entry allowed
# - ALLOWED_0b11, (3): ISP entry allowed
# Possible options:
ISP_DM_ENTRY: ALLOWED_0b00
# ---------------------------------------===== ISP_API_ENTRY [Optional] =====---------------------------------------
# Description: Offset: 12b, Width: 2b, Disable ISP mode entry through ROM API call.
# ISP mode can be entered through ROM API invocation
# - ALLOWED_0b00, (0): ISP entry allowed
# - DISABLED_0b01, (1): ISP entry disabled
# - ALLOWED_0b10, (2): ISP entry allowed
# - ALLOWED_0b11, (3): ISP entry allowed
# Possible options:
ISP_API_ENTRY: ALLOWED_0b00
# ---------------------------------------===== ISP_FT_ENTRY [Optional] =====----------------------------------------
# Description: Offset: 14b, Width: 2b, Disable ISP mode entry through image authentication failure
# - ALLOWED_0b00, (0): ISP entry allowed
# - DISABLED_0b01, (1): ISP entry disabled
# - ALLOWED_0b10, (2): ISP entry allowed
# - ALLOWED_0b11, (3): ISP entry allowed
# Possible options:
ISP_FT_ENTRY: ALLOWED_0b00
# ---------------------------------------===== BOOT_LED_STATUS [Optional] =====---------------------------------------
# Description: Offset: 0x00000008, Width: 32b; Boot LED Status
BOOT_LED_STATUS:
# ---------------------------------------===== REC_BOOT_LED [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 8b, Assert on recovery boot.
# ROM drives the GPIO pin high, identified by this field whenever primary boot fails and fall through to recovery
# boot source.
# [4:0] GPIO Pin number. P0_0 and P0_1 are not supported.
# [7:5] GPIO port number. Only 0 - 4 ports are allowed.
# If this feature is not use then set this field to 0x00.
REC_BOOT_LED: 0
# ---------------------------------------===== ISP_BOOT_LED [Optional] =====----------------------------------------
# Description: Offset: 8b, Width: 8b, Assert on ISP fall through.
# ROM drives the GPIO pin high identified by this field whenever primary boot fails and execution falls through to
# ISP mode.
# [[4:0] GPIO Pin number. P0_0 and P0_1 are not supported.
# [7:5] GPIO port number. Only 0 - 4 ports are allowed.
# If this feature is not use then set this field to 0x00.
ISP_BOOT_LED: 0
# ---------------------------------------===== BOOT_FAIL_LED [Optional] =====---------------------------------------
# Description: Offset: 16b, Width: 8b, Assert on fatal errors during boot.
# ROM drives the GPIO pin high identified by this field whenever primary boot fails due to fatal errors before
# locking-up/reset.
# [4:0] GPIO Pin number. P0_0 and P0_1 are not supported.
# [7:5] GPIO port number. Only 0 - 4 ports are allowed.
# If this feature is not use then set this field to 0x00.
BOOT_FAIL_LED: 0
# -----------------------------------------===== BOOT_TIMERS [Optional] =====-----------------------------------------
# Description: Offset: 0x0000000C, Width: 32b; Boot Timers
BOOT_TIMERS:
# ----------------------------------===== POWERDOWN_TIMEOUT_SECS [Optional] =====-----------------------------------
# Description: Offset: 0b, Width: 16b, Power down timeout.
# ISP mode peripheral detection timeout value in seconds.
# If a non-zero value is program and peripheral activity is not detected within the number of seconds specified
# here, then the device will go to power down mode to conserve power.
POWERDOWN_TIMEOUT_SECS: 0
# ------------------------------------===== WDOG_TIMEOUT_COUNT [Optional] =====-------------------------------------
# Description: Offset: 16b, Width: 16b, WDOG timeout.
# Upper 16 bits of 24-bit count value in WWDT0_TC register Timeout value in seconds. The lower 8 bits of WWDT0_TC
# are set to 0.
# When a non-zero value is programmed in this field ROM configures the watch dog timer to reset the device on
# timeout before passing execution control to user code.
WDOG_TIMEOUT_COUNT: 0
# --------------------------------------===== FLEXSPI_BOOT_CFG0 [Optional] =====--------------------------------------
# Description: Offset: 0x00000010, Width: 32b; FlexSPI Boot Configuration 0
FLEXSPI_BOOT_CFG0:
# -----------------------------------===== FLEXSPI_AUTO_PROBE_EN [Optional] =====-----------------------------------
# Description: Offset: 0b, Width: 1b, Quad/Octal-SPI flash auto probe feature enable
# - DISABLED, (0): Disable
# - ENABLED, (1): Enable
# Possible options:
FLEXSPI_AUTO_PROBE_EN: DISABLED
# ------------------------------------===== FLEXSPI_PROBE_TYPE [Optional] =====-------------------------------------
# Description: Offset: 1b, Width: 3b, Quad/Octal-SPI flash probe type.
# Note, this field is used when FLEXSPI_AUTO_PROBE_EN is set.
# - QUADSPI_NOR, (0): QuadSPI NOR
# - MACRONIC_OCTAL_FLASH, (1): Macronix Octal FLASH
# - MICRON_OCTAL_FLASH, (2): Micron Octal FLASH
# - ADESTO_OCTAL_FLASH, (3): Adesto Octal FLASH
# - Reserved_0b100, (4): Reserved
# - Reserved_0b101, (5): Reserved
# - Reserved_0b110, (6): Reserved
# - Reserved_0b111, (7): Reserved
# Possible options:
# Reserved_0b101, Reserved_0b110, Reserved_0b111>
FLEXSPI_PROBE_TYPE: QUADSPI_NOR
# ------------------------------------===== FLEXSPI_FLASH_TYPE [Optional] =====-------------------------------------
# Description: Offset: 4b, Width: 3b, Define typical Serial NOR Flash types.
# This field is always used irrespective of FLEXSPI_AUTO_PROBE_EN value.
# - QSPI_ADDR_3B, (0): QSPI_ADDR_3B
# - Reserved_0b001, (1): Reserved
# - HYPER_1V8, (2): HYPER_1V8
# - HYPER_3V3, (3): HYPER_3V3
# - DDR_MXIC, (4): FlexSPI_DDR_MXIC
# - DDR_MICRON, (5): FlexSPI_DDR_MICRON
# - Reserved_0b110, (6): Reserved
# - Reserved_0b111, (7): Reserved
# Possible options:
# Reserved_0b111>
FLEXSPI_FLASH_TYPE: QSPI_ADDR_3B
# -----------------------------------===== FLEXSPI_DUMMY_CYCLES [Optional] =====------------------------------------
# Description: Offset: 7b, Width: 4b, Quad/Octal-SPI dummy cycles for read command.
# If a non-zero value is programmed in this field, then the value is used to override the default number of dummy
# cycles for a fast read command read from the serial flash's SFDP information.
# Note: this field is only used if FLEXSPI_AUTO_PROBE_EN is set.
FLEXSPI_DUMMY_CYCLES: 0
# -------------------------------------===== FLEXSPI_FREQUENCY [Optional] =====-------------------------------------
# Description: Offset: 11b, Width: 3b, Quad/Octal-SPI flash interface frequency.
# Note, this field is used when FLEXSPI_AUTO_PROBE_EN is set.
# - MHZ_75, (0): 75Mhz
# - MHZ_60, (1): 60Mhz
# - MHZ_50, (2): 50Mhz
# - MHZ_100, (3): 100Mhz
# - Reserved_0b100, (4): Reserved
# - Reserved_0b101, (5): Reserved
# - Reserved_0b110, (6): Reserved
# - Reserved_0b111, (7): Reserved
# Possible options:
# Reserved_0b111>
FLEXSPI_FREQUENCY: MHZ_75
# -----------------------------------===== FLEXSPI_RESET_ENABLE [Optional] =====------------------------------------
# Description: Offset: 14b, Width: 1b, Use O/QSPI_RESET_PIN to reset the flash device.
# - NO_RESET, (0): NO_RESET(O/QSPI device reset pin is not connected or available
# - EN_RESET, (1): EN_RESET(O/QSPI device reset pin is connected to a GPIO (QSPI_RESET_PIN)
# Possible options:
FLEXSPI_RESET_ENABLE: NO_RESET
# ----------------------------------===== FLEXSPI_RESET_GPIO_PORT [Optional] =====----------------------------------
# Description: Offset: 15b, Width: 3b, When FLEXSPI_RESET_ENABLE = 1, this field determines the GPIO port number to
# use for O/QSPI reset function.
FLEXSPI_RESET_GPIO_PORT: 0
# ----------------------------------===== FLEXSPI_RESET_GPIO_PIN [Optional] =====-----------------------------------
# Description: Offset: 18b, Width: 5b, When FLEXSPI_RESET_ENABLE = 1, this field determines the GPIO pin number to
# use for O/QSPI reset function.
FLEXSPI_RESET_GPIO_PIN: 0
# -------------------------------------===== FLEXSPI_HOLD_TIME [Optional] =====-------------------------------------
# Description: Offset: 23b, Width: 2b, Delay after reset before accessing Quad/Octal-SPI flash devices.
# Note, for POR in addition to this wait time FLEXSPI_PWR_HOLD_TIME is added.
# - WAIT_500US, (0): Wait for 500 microseconds.
# - WAIT_1MS, (1): Wait for 1 milliseconds.
# - WAIT_3MS, (2): Wait for 3 milliseconds.
# - WAIT_10MS, (3): Wait for 10 milliseconds.
# Possible options:
FLEXSPI_HOLD_TIME: WAIT_500US
# -----------------------------------===== FLEXSPI_PWR_HOLD_TIME [Optional] =====-----------------------------------
# Description: Offset: 25b, Width: 4b, Delay after POR before accessing Quad/Octal-SPI flash devices in addition to
# delay defined by FLEXSPI_HOLD TIME field.
# - NO_DELAY, (0): No delay
# - WAIT_100US, (1): Waits additional 100 microseconds.
# - WAIT_500US, (2): Waits additional 500 microseconds.
# - WAIT_1MS, (3): Waits additional 1 milliseconds.
# - WAIT_10MS, (4): Waits additional 10 milliseconds.
# - WAIT_20MS, (5): Waits additional 20 milliseconds.
# - WAIT_40MS, (6): Waits additional 40 milliseconds.
# - WAIT_60MS, (7): Waits additional 60 milliseconds.
# - WAIT_80MS, (8): Waits additional 80 milliseconds.
# - WAIT_100SM, (9): Waits additional 100 milliseconds.
# - WAIT_120MS, (10): Waits additional 120 milliseconds.
# - WAIT_140MS, (11): Waits additional 140 milliseconds.
# - WAIT_160MS, (12): Waits additional 160 milliseconds.
# - WAIT_180MS, (13): Waits additional 180 milliseconds.
# - WAIT_200MS, (14): Waits additional 200 milliseconds.
# - WAIT_220MS, (15): Waits additional 220 milliseconds.
# Possible options:
# WAIT_80MS, WAIT_100SM, WAIT_120MS, WAIT_140MS, WAIT_160MS, WAIT_180MS, WAIT_200MS, WAIT_220MS>
FLEXSPI_PWR_HOLD_TIME: NO_DELAY
# -----------------------------------------===== PORT_SEL [Optional] =====------------------------------------------
# Description: Offset: 31b, Width: 1b, Defined which FlexSPI portA/B is used for boot.
# - PORT_A, (0): PORT A
# - PORT_B, (1): PORT B
# Possible options:
PORT_SEL: PORT_A
# --------------------------------------===== FLEXSPI_BOOT_CFG1 [Optional] =====--------------------------------------
# Description: Offset: 0x00000014, Width: 32b; FlexSPI Boot Configuration 1
FLEXSPI_BOOT_CFG1:
# ----------------------------------===== FLEXSPI_DELAY_CELL_NUM [Optional] =====-----------------------------------
# Description: Offset: 0b, Width: 7b, Delay cell numbers for Flash read sampling via DQS (either internal loopback
# or external DQS).
# The value provided here is loaded into the FLEXSPIn_DLLnCR.
FLEXSPI_DELAY_CELL_NUM: 0
# -----------------------------------===== FLEXSPI_IMAGE_OFFSET [Optional] =====------------------------------------
# Description: Offset: 7b, Width: 10b, Any offset in memory mapped FlexSPI Flash area could be remapped to offset
# zero to support eXecute In Place (XIP) of image programmed at different offset.
# This allows to build all update images with same RO base address, which are programmed at offset 0 or higher
# offset.
# FLEXSPI_IMAGE_OFFSET field specifies the offset location of the second image. FLEXSPI_REMAP_IMAGE_SIZE field
# specifies the size multiple to determine the size of area to be remapped.
# If this field is left blank boot ROM will not enable FlexSPI remap feature.
# The physical flash offset is computed as below:
# physical offset = FLEXSPI_IMAGE_OFFSET * 256KByte;
FLEXSPI_IMAGE_OFFSET: 0
# ---------------------------------===== FLEXSPI_REMAP_IMAGE_SIZE [Optional] =====----------------------------------
# Description: Offset: 17b, Width: 4b, Any offset in memory mapped FlexSPI Flash area could be remapped to offset
# zero to support eXecute In Place (XIP) of image programmed at different offset. This allows to build all update
# images with same RO base address, which are programmed at offset 0 or higher offset. FLEXSPI_IMAGE_OFFSET field
# specifies the offset location of second image. FLEXSPI_REMAP_IMAGE_SIZE field specifies the size multiple to
# determine the size of area to be remapped.
# NOTE: FlexSPI remap size cannot exceed the start address of boot image 1.
# - SIZE_OFFSET, (0): Remap size = FLEXSPI_IMAGE_OFFSET * 256KByte; '' SIZE_OFFSET ''Size of the remapped area (aka
# second half) is same as first half. It is determined by FLEXSPI_IMAGE_OFFSET Field.
# - SIZE_1MB, (1): Size of remapped area is 1MByte
# - SIZE_2MB, (2): Size of remapped area is 2MByte
# - SIZE_3MB, (3): Size of remapped area is 3MByte
# - SIZE_4MB, (4): Size of remapped area is 4MByte
# - SIZE_5MB, (5): Size of remapped area is 5MByte
# - SIZE_6MB, (6): Size of remapped area is 6MByte
# - SIZE_7MB, (7): Size of remapped area is 7MByte
# - SIZE_8MB, (8): Size of remapped area is 8MByte
# - SIZE_9MB, (9): Size of remapped area is 9MByte
# - SIZE_10MB, (10): Size of remapped area is 10MByte
# - SIZE_11MB, (11): Size of remapped area is 11MByte
# - SIZE_12MB, (12): Size of remapped area is 12MByte
# - SIZE_256KB, (13): Size of remapped area is 256KByte
# - SIZE_512KB, (14): Size of remapped area is 512KByte
# - SIZE_768KB, (15): Size of remapped area is 768KByte
# Possible options:
# SIZE_9MB, SIZE_10MB, SIZE_11MB, SIZE_12MB, SIZE_256KB, SIZE_512KB, SIZE_768KB>
FLEXSPI_REMAP_IMAGE_SIZE: SIZE_OFFSET
# -------------------------------------===== REC_SPI_FLASH_CFG0 [Optional] =====--------------------------------------
# Description: Offset: 0x00000018, Width: 32b; Recovery SPI Flash Configuration 0
REC_SPI_FLASH_CFG0:
# --------------------------------------===== REC_SPI_SCK_PIN [Optional] =====--------------------------------------
# Description: Offset: 0b, Width: 8b, Override default SPI_SCK ISP pin.
# Identifies the pin to be used as SPI_SCK pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
REC_SPI_SCK_PIN: 0
# -----------------------------------===== REC_SPI_SCK_FUNC_SLOT [Optional] =====-----------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# REC_SPI_SCK_PIN.
REC_SPI_SCK_FUNC_SLOT: 0
# --------------------------------------===== REC_SPI_FLEXCOM [Optional] =====--------------------------------------
# Description: Offset: 12b, Width: 4b, Identifies the FlexComm used for SPI ISP mode.
REC_SPI_FLEXCOM: 0
# -------------------------------------===== REC_SPI_MOSI_PIN [Optional] =====--------------------------------------
# Description: Offset: 16b, Width: 8b, Override default SPI_MOSI ISP pin.
# Identifies the pin to be used as SPI_MOSI pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
REC_SPI_MOSI_PIN: 0
# ----------------------------------===== REC_SPI_MOSI_FUNC_SLOT [Optional] =====-----------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# REC_SPI_MOSI_PIN.
REC_SPI_MOSI_FUNC_SLOT: 0
# -------------------------------------===== REC_SPI_FLASH_CFG1 [Optional] =====--------------------------------------
# Description: Offset: 0x0000001C, Width: 32b; Recovery SPI Flash Configuration 1
REC_SPI_FLASH_CFG1:
# -------------------------------------===== REC_SPI_MISO_PIN [Optional] =====--------------------------------------
# Description: Offset: 0b, Width: 8b, Override default SPI_MISO ISP pin.
# Identifies the pin to be used as SPI_MISO pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
REC_SPI_MISO_PIN: 0
# ----------------------------------===== REC_SPI_MISO_FUNC_SLOT [Optional] =====-----------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# REC_SPI_MISO_PIN.
REC_SPI_MISO_FUNC_SLOT: 0
# -------------------------------------===== REC_SPI_SSEL_PIN [Optional] =====--------------------------------------
# Description: Offset: 16b, Width: 8b, Override default SPI_SSEL ISP pin.
# Identifies the pin to be used as SPI_SSEL pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
REC_SPI_SSEL_PIN: 0
# ----------------------------------===== REC_SPI_SSEL_FUNC_SLOT [Optional] =====-----------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# REC_SPI_SSEL_PIN.
REC_SPI_SSEL_FUNC_SLOT: 0
# --------------------------------------===== REC_SPI_SSEL_X [Optional] =====---------------------------------------
# Description: Offset: 28b, Width: 2b, SPI chip select number.
# FlexComm SPI interfaces supports up to four chip selects.
REC_SPI_SSEL_X: 0
# -------------------------------------===== REC_BOOT_PIN_CUST [Optional] =====-------------------------------------
# Description: Offset: 30b, Width: 2b, Use customer defined pins for 1-bit SPI recovery boot pins.
# - DEFAULT_ROM_0b00, (0): Default ROM defined pins.
# - CUSTOMER_DEF_0b01, (1): Customer defined.
# - DEFAULT_ROM_0b10, (2): Default ROM defined pins.
# - DEFAULT_ROM_0b11, (3): Default ROM defined pins.
# Possible options:
REC_BOOT_PIN_CUST: DEFAULT_ROM_0b00
# ----------------------------------------===== ISP_UART_CFG [Optional] =====-----------------------------------------
# Description: Offset: 0x00000020, Width: 32b; ISP UART Configuration
ISP_UART_CFG:
# ----------------------------------------===== UART_RX_PIN [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 8b, Override default UART RX ISP pin.
# Identifies the pin to be used as UART_RX pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
UART_RX_PIN: 0
# -------------------------------------===== UART_RX_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# UART_RX_PIN.
UART_RX_FUNC_SLOT: 0
# -------------------------------------===== UART_ISP_FLEXCOM [Optional] =====--------------------------------------
# Description: Offset: 12b, Width: 4b, Identifies the FlexComm used for UART ISP mode.
UART_ISP_FLEXCOM: 0
# ----------------------------------------===== UART_TX_PIN [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 8b, Override default UART TX ISP pin.
# Identifies the pin to be used as UART_TX pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
UART_TX_PIN: 0
# -------------------------------------===== UART_TX_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# UART_TX_PIN.
UART_TX_FUNC_SLOT: 0
# -----------------------------------------===== ISP_I2C_CFG [Optional] =====-----------------------------------------
# Description: Offset: 0x00000024, Width: 32b; ISP I2C Configuration
ISP_I2C_CFG:
# ----------------------------------------===== I2C_SCL_PIN [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 8b, Override default I2C SCL ISP pin.
# Identifies the pin to be used as I2C_SCL pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
I2C_SCL_PIN: 0
# -------------------------------------===== I2C_SCL_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# I2C_SCL_PIN.
I2C_SCL_FUNC_SLOT: 0
# --------------------------------------===== I2C_ISP_FLEXCOM [Optional] =====--------------------------------------
# Description: Offset: 12b, Width: 4b, Identifies the FlexComm used for I2C ISP mode.
I2C_ISP_FLEXCOM: 0
# ----------------------------------------===== I2C_SDA_PIN [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 8b, Override default I2C SDA ISP pin.
# Identifies the pin to be used as I2C_SDA pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
I2C_SDA_PIN: 0
# -------------------------------------===== I2C_SDA_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# I2C_SDA_PIN.
I2C_SDA_FUNC_SLOT: 0
# -----------------------------------------===== ISP_CAN_CFG [Optional] =====-----------------------------------------
# Description: Offset: 0x00000028, Width: 32b; ISP CAN Configuration
ISP_CAN_CFG:
# ----------------------------------------===== CAN_RX_PIN [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 8b, Override default CAN RX ISP pin.
# Identifies the pin to be used as CAN_RX pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
CAN_RX_PIN: 0
# -------------------------------------===== CAN_RX_FUNC_SLOT [Optional] =====--------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by CAN_RX_PIN.
CAN_RX_FUNC_SLOT: 0
# ---------------------------------------===== CAN_ISP_INST [Optional] =====----------------------------------------
# Description: Offset: 12b, Width: 4b, Identifies the instance used for CAN ISP mode.
# 0: For CAN0.
# 1: For CAN1.
# Others: Reserved.
CAN_ISP_INST: 0
# ----------------------------------------===== CAN_TX_PIN [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 8b, Override default CAN TX ISP pin.
# Identifies the pin to be used as CAN_TX pin.
# [7:5] GPIO port number
# [4:0] GPIO Pin number
CAN_TX_PIN: 0
# -------------------------------------===== CAN_TX_FUNC_SLOT [Optional] =====--------------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# CAN_TX_PIN.
CAN_TX_FUNC_SLOT: 0
# ---------------------------------------===== CAN_BAUD_RATE [Optional] =====---------------------------------------
# Description: Offset: 28b, Width: 4b, CAN baud rate.
# Baud rate configured during CAN ISP mode.
# 2b'0000: Auto baud detection (125K, 250K, 500K, 750K, 1M).
# 2b'0101 and above: 1000 kbps and auto baud detection.
# - AUTO_DETECT, (0): Auto baud detection (125K, 250K, 500K, 750k, 1M).
# - KBPS_125, (1): 125 kbps
# - KBPS_250, (2): 250 kbps
# - KBPS_500, (3): 500 kbps
# - KBPS_750, (4): 750 kbps
# - KBPS_AUTO_0b0101, (5): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b0110, (6): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b0111, (7): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1000, (8): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1001, (9): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1010, (10): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1011, (11): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1100, (12): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1101, (13): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1110, (14): 1000 kbps and auto baud detection
# - KBPS_AUTO_0b1111, (15): 1000 kbps and auto baud detection
# Possible options:
# KBPS_AUTO_0b0111, KBPS_AUTO_0b1000, KBPS_AUTO_0b1001, KBPS_AUTO_0b1010, KBPS_AUTO_0b1011, KBPS_AUTO_0b1100,
# KBPS_AUTO_0b1101, KBPS_AUTO_0b1110, KBPS_AUTO_0b1111>
CAN_BAUD_RATE: AUTO_DETECT
# ----------------------------------------===== ISP_SPI_CFG0 [Optional] =====-----------------------------------------
# Description: Offset: 0x0000002C, Width: 32b; ISP SPI Configuration 0
ISP_SPI_CFG0:
# ----------------------------------------===== SPI_SCK_PIN [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 8b, Override default SPI_SCK ISP pin.
# Identifies the pin to be used as SPI_SCK pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
SPI_SCK_PIN: 0
# -------------------------------------===== SPI_SCK_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# SPI_SCK_PIN.
SPI_SCK_FUNC_SLOT: 0
# --------------------------------------===== SPI_ISP_FLEXCOM [Optional] =====--------------------------------------
# Description: Offset: 12b, Width: 4b, Identifies the FlexComm used for SPI ISP mode.
SPI_ISP_FLEXCOM: 0
# ---------------------------------------===== SPI_MOSI_PIN [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 8b, Override default SPI_MOSI ISP pin.
# Identifies the pin to be used as SPI_MOSI pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
SPI_MOSI_PIN: 0
# ------------------------------------===== SPI_MOSI_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# SPI_MOSI_PIN.
SPI_MOSI_FUNC_SLOT: 0
# ----------------------------------------===== ISP_SPI_CFG1 [Optional] =====-----------------------------------------
# Description: Offset: 0x00000030, Width: 32b; ISP SPI Configuration 1
ISP_SPI_CFG1:
# ---------------------------------------===== SPI_MISO_PIN [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 8b, Override default SPI_MISO ISP pin.
# Identifies the pin to be used as SPI_MISO pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
SPI_MISO_PIN: 0
# ------------------------------------===== SPI_MISO_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# SPI_MISO_PIN.
SPI_MISO_FUNC_SLOT: 0
# ---------------------------------------===== SPI_SSEL_PIN [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 8b, Override default SPI_SSEL ISP pin.
# Identifies the pin to be used as SPI_SSEL pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
SPI_SSEL_PIN: 0
# ------------------------------------===== SPI_SSEL_FUNC_SLOT [Optional] =====-------------------------------------
# Description: Offset: 24b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# SPI_SSEL_PIN.
SPI_SSEL_FUNC_SLOT: 0
# --------------------------------------===== ISP_SPI_SSEL_X [Optional] =====---------------------------------------
# Description: Offset: 28b, Width: 2b, SPI chip select number.
# FlexComm SPI interfaces supports up to four chip selects.
ISP_SPI_SSEL_X: 0
# -----------------------------------------===== ISP_USB_ID [Optional] =====------------------------------------------
# Description: Offset: 0x00000034, Width: 32b; ISP USB Identification
ISP_USB_ID:
# ---------------------------------------===== USB_Vendor_ID [Optional] =====---------------------------------------
# Description: Offset: 0b, Width: 16b, Customer defined USB vendor ID used during USB-ISP mode device enumeration.
USB_Vendor_ID: 0
# --------------------------------------===== USB_Product_ID [Optional] =====---------------------------------------
# Description: Offset: 16b, Width: 16b, Customer defined USB product ID used during USB-ISP mode device enumeration.
USB_Product_ID: 0
# -----------------------------------------===== ISP_USB_CFG [Optional] =====-----------------------------------------
# Description: Offset: 0x00000038, Width: 32b; ISP USB Configuration
ISP_USB_CFG:
# ---------------------------------------===== USB0_VBUS_PIN [Optional] =====---------------------------------------
# Description: Offset: 0b, Width: 8b, Override default USBx_VBUS_DETECT ISP pin.
# Identifies the pin to be used as USBx_VBUS detect pin.
# [4:0] GPIO Pin number
# [7:5] GPIO port number
USB0_VBUS_PIN: 0
# ------------------------------------===== USB0_VBUS_FUNC_SLOT [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 4b, Identifies the ALT pin mux function to use for the pin selected by
# USBx_VBUS_PIN.
USB0_VBUS_FUNC_SLOT: 0
# ---------------------------------------===== EXT_XTAL_CLK [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 3b, USB PHY input clock frequency.
# For USB high speed PHY external XTAL input is needed. This field specifies the frequency of XTAL used on board.
# - XTAL_24MHZ, (0): 24MHz input clock (Divide by 20)
# - XTAL_30MHZ, (1): 30MHz input clock (Divide by 16)
# - XTAL_32MHZ, (2): 32MHz input clock (Divide by 15)
# - Reserved, (3): Reserved
# - XTAL_20MHZ, (4): 20MHz input clock (Divide by 24)
# - XTAL_19_2MHZ, (5): 19.2MHz input clock (Divide by 25)
# - XTAL_16MHZ, (6): 16MHz input clock (Divide by 30) - Default option when CMPA is blank.
# - XTAL_12MHZ, (7): 12MHz input clock (Divide by 40)
# Possible options:
EXT_XTAL_CLK: XTAL_24MHZ
# ------------------------------------------===== PRE_DIV [Optional] =====------------------------------------------
# Description: Offset: 19b, Width: 1b, Enable Pre-divider.
# Needed to support 48MHz and other high speed crystals.
# - DISABLED, (0): Disable
# - ENABLED, (1): Enable
# Possible options:
PRE_DIV: DISABLED
# ----------------------------------------===== ISP_MISC_CFG [Optional] =====-----------------------------------------
# Description: Offset: 0x0000003C, Width: 32b; ISP Miscellaneous Configuration
ISP_MISC_CFG:
# --------------------------------------===== I2C_SLAVE_ADDR [Optional] =====---------------------------------------
# Description: Offset: 0b, Width: 8b, I2C slave address.
# A 7-bit Address used for selecting our device on shared I2C bus system.
# By default ROM uses 0x10 as slave address. If this address conflicts with another slave on board customer could
# use this field to override the address.
I2C_SLAVE_ADDR: 0
# ---------------------------------------===== ISP_USB_CUST [Optional] =====----------------------------------------
# Description: Offset: 22b, Width: 2b, Use customer defined GPIO for USB VBUS detect function during ISP mode.
# - DEDICATED, (0): Use dedicated VBUS pins.
# - USB0_VBUS, (1): Customer defined GPIO for USB0_VBUS detect.
# - USB1_VBUS, (2): Customer defined GPIO for USB1_VBUS detect.
# - VDD_USB, (3): Use VDD_USB for VBUS presence. On board regulator should generate VDD_USB voltage using 5V input
# fo VBUS pin on connector.
# Possible options:
ISP_USB_CUST: DEDICATED
# ---------------------------------------===== ISP_CAN_CUST [Optional] =====----------------------------------------
# Description: Offset: 24b, Width: 2b, Use customer defined CAN ISP pins.
# - DEFAULT_0b00, (0): Default ROM defined pins.
# - CUST_DEF_0b01, (1): Customer defined.
# - DEFAULT_0b10, (2): Default ROM defined pins.
# - DEFAULT_0b11, (3): Default ROM defined pins.
# Possible options:
ISP_CAN_CUST: DEFAULT_0b00
# ---------------------------------------===== ISP_SPI_CUST [Optional] =====----------------------------------------
# Description: Offset: 26b, Width: 2b, Use customer defined SPI ISP pins.
# - DEFAULT_0b00, (0): Default ROM defined pins.
# - CUST_DEF_0b01, (1): Customer defined.
# - DEFAULT_0b10, (2): Default ROM defined pins.
# - DEFAULT_0b11, (3): Default ROM defined pins.
# Possible options:
ISP_SPI_CUST: DEFAULT_0b00
# ---------------------------------------===== ISP_I2C_CUST [Optional] =====----------------------------------------
# Description: Offset: 28b, Width: 2b, Use customer defined I2C ISP pins.
# - DEFAULT_0b00, (0): Default ROM defined pins.
# - CUST_DEF_0b01, (1): Customer defined.
# - DEFAULT_0b10, (2): Default ROM defined pins.
# - DEFAULT_0b11, (3): Default ROM defined pins.
# Possible options:
ISP_I2C_CUST: DEFAULT_0b00
# ---------------------------------------===== ISP_UART_CUST [Optional] =====---------------------------------------
# Description: Offset: 30b, Width: 2b, Use customer defined UART ISP pins.
# - DEFAULT_0b00, (0): Default ROM defined pins.
# - CUST_DEF_0b01, (1): Customer defined.
# - DEFAULT_0b10, (2): Default ROM defined pins.
# - DEFAULT_0b11, (3): Default ROM defined pins.
# Possible options:
ISP_UART_CUST: DEFAULT_0b00
# --------------------------------------===== DCFG_CC_SOCU_PIN [Optional] =====---------------------------------------
# Description: Offset: 0x00000040, Width: 32b; Credential Constraints for SoC specific Use Pinned
DCFG_CC_SOCU_PIN:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
NIDEN: USE_DAP
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DBGEN: USE_DAP
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPNIDEN: USE_DAP
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPIDEN: USE_DAP
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DSP_DBGEN: USE_DAP
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ISP_CMD_EN: USE_DAP Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ISP_CMD_EN: FIXED_STATE
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
FA_CMD_EN: USE_DAP Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
FA_CMD_EN: FIXED_STATE
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ME_CMD_EN: USE_DAP Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ME_CMD_EN: FIXED_STATE
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_NIDEN: USE_DAP
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_DBGEN: USE_DAP
# ----------------------------------------===== UUID_CHECK [Optional] =====-----------------------------------------
# Description: Offset: 15b, Width: 1b, Enforce UUID match during Debug authentication.
# - DISABLED, (0): Debug certificate can be used with all devices.
# - ENABLED, (1): Debug certificate per device with matching UUID is needed.
# Possible options:
UUID_CHECK: DISABLED
# --------------------------------------===== DCFG_CC_SOCU_DFLT [Optional] =====--------------------------------------
# Description: Offset: 0x00000044, Width: 32b; Credential Constraints for SoC specific Use Debug Filter
DCFG_CC_SOCU_DFLT:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
NIDEN: DISABLED
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DBGEN: DISABLED
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPNIDEN: DISABLED
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPIDEN: DISABLED
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DSP_DBGEN: DISABLED
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ISP_CMD_EN: DISABLED Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ISP_CMD_EN: ENABLED
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
FA_CMD_EN: DISABLED Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
FA_CMD_EN: ENABLED
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ME_CMD_EN: DISABLED Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ME_CMD_EN: ENABLED
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_NIDEN: DISABLED
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_DBGEN: DISABLED
# ----------------------------------------===== VENDOR_USAGE [Optional] =====-----------------------------------------
# Description: Offset: 0x00000048, Width: 32b; Vendor Usage
VENDOR_USAGE:
# ---------------------------------------===== VENDOR_USAGE [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 16b, Vendor Usage [31:16].
# Upper 16 bits of vendor usage field defined in DAP. Lower 16-bits come from customer field area
# (CFPA.DBG_REVOKE_VU).
VENDOR_USAGE: 0
# ---------------------------------------===== SECURE_BOOT_CFG [Optional] =====---------------------------------------
# Description: Offset: 0x00000050, Width: 32b; Secure Boot Configuration
SECURE_BOOT_CFG:
# ----------------------------------------===== SEC_BOOT_EN [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 2b, Secure boot enforcement.
# This field defines the minimum image verification procedure (CRC32, CMAC, ECDSA sign).
# The Image type field in header indicates the type of verification data (checksum or signature) included in it.
# Note: Plain < CRC32 < CMAC < ECDSA
# - ALL_IMAGES, (0): All Image types are allowed.
# - CRC32_IMAGES, (1): Only CRC32 or signed (CMAC or ECDSA) images are allowed.
# - SIGNED_IMAGES, (2): Only Signed (CMAC or ECDSA) images are allowed.
# - ECDSA_SIGNED, (3): Only ECDSA signed images are allowed.
# Possible options:
SEC_BOOT_EN: ALL_IMAGES
# ----------------------------------------===== LP_SEC_BOOT [Optional] =====----------------------------------------
# Description: Offset: 3b, Width: 2b, Secure boot option for low-power wake from power-down and deep-powerdown. For
# CFPA/CMPA do CRC check always.
# - COLD_BOOT, (0): Same as cold boot
# - CHECK_CRC32, (1): CRC check for PFR and CRC32 check of active image
# - CHECK_JUMP, (2): CRC check for PFR and jump to vector address specified in CFPA.
# - CMAC_CHECK, (3): CRC check for PFR and CMAC check of active image
# Possible options:
LP_SEC_BOOT: COLD_BOOT
# -----------------------------------------===== ENF_CNSA [Optional] =====------------------------------------------
# Description: Offset: 8b, Width: 2b, Enforce CNSA suite approved algorithms for secure boot, secure update and
# debug authentication.
# Note, CMAC image authentication is only allowed in 2b'00 setting.
# - ALL_ALLOWED_0b00, (0): All algorithms allowed.
# - LIMITED_0b01, (1): Only ECC P-384 keys, SHA384 and AES256 algorithms are used.
# - LIMITED_0b10, (2): Only ECC P-384 keys, SHA384 and AES256 algorithms are used.
# - LIMITED_0b11, (3): Only ECC P-384 keys, SHA384 and AES256 algorithms are used.
# Possible options:
ENF_CNSA: ALL_ALLOWED_0b00
# --------------------------------------===== ENF_TZM_PRESET [Optional] =====---------------------------------------
# Description: Offset: 10b, Width: 2b, Enforce TrustZone-M mode.
# - IGNORE_0b00, (0): Ignored
# - ENFORCE_0b01, (1): Enforce preset TZM data in image manifest.
# - ENFORCE_0b10, (2): Enforce preset TZM data in image manifest.
# - ENFORCE_0b11, (3): Enforce preset TZM data in image manifest.
# Possible options:
ENF_TZM_PRESET: IGNORE_0b00
# ---------------------------------------===== ITRC_ZEROIZE [Optional] =====----------------------------------------
# Description: Offset: 12b, Width: 2b, RAM zeroize on ITRC event.
# Zeroize long-term storage RAM (RAMA) on subsequent boot when Intrusion and Tamper control signals an intrusion
# event (ITRC_OUT3).
# Note, when ITRC is re-configured in application then ITRC_OUT4 (CHIP_RESET) should be triggered with at least same
# events as ITRC_OUT3 (RAM_ZEROIZE).
# - NO_ACTION, (0): No action.
# - PKC_RAM_ON_ITRC, (1): Always Zeroize PKC RAM on ITRC event only.
# - PKC_RAMA_ON_ITRC, (2): Zeroize PKC and RAMA on ITRC event only.
# - PKC_RAMA_ALL_RESET, (3): Always Zeroize PKC and RAMA on all reset boot.
# Possible options:
ITRC_ZEROIZE: NO_ACTION
# --------------------------------------===== ACTIVE_IMG_PROT [Optional] =====--------------------------------------
# Description: Offset: 14b, Width: 2b, Protection of active image.
# This field defines protection of flash area occupied by the active image. Only applicable to internal flash.
# - FLASH_ACL_PROTECTION, (0): Protection is defined using the CFPA FLASH_ACL settings.
# - WITH_STICKY_LOCK, (1): Write protect active image area with sticky lock. GLBAC2 is used. FLASH_ACL settings are
# ignored.
# - NO_STICKY_LOCK, (2): Write protect active image area without sticky lock. GLBAC4 is used. FLASH_ACL settings are
# ignored.
# - XOM_PROTECTION, (3): XOM protect active image area with sticky lock. GLBAC6 is used. FLASH_ACL settings are
# ignored.
# Possible options:
ACTIVE_IMG_PROT: FLASH_ACL_PROTECTION
# ---------------------------------------===== FIPS_SHA_STEN [Optional] =====---------------------------------------
# Description: Offset: 16b, Width: 2b, Enable self-test for SHA2 block on power-up. Needed for FIPS certification.
# If this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_SHA_STEN: NOT_INCLUDE
# ---------------------------------------===== FIPS_AES_STEN [Optional] =====---------------------------------------
# Description: Offset: 18b, Width: 2b, Enable self-test for AES block on power-up. Needed for FIPS certification. If
# this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_AES_STEN: NOT_INCLUDE
# --------------------------------------===== FIPS_ECDSA_STEN [Optional] =====--------------------------------------
# Description: Offset: 20b, Width: 2b, Enable self-test for ECDSA block on power-up. Needed for FIPS certification.
# If this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_ECDSA_STEN: NOT_INCLUDE
# --------------------------------------===== FIPS_DRBG_STEN [Optional] =====---------------------------------------
# Description: Offset: 22b, Width: 2b, Enable self-test for DRBG block on power-up. Needed for FIPS certification.
# If this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_DRBG_STEN: NOT_INCLUDE
# --------------------------------------===== FIPS_CMAC_STEN [Optional] =====---------------------------------------
# Description: Offset: 24b, Width: 2b, Enable self-test for CMAC block on power-up. Needed for FIPS certification.
# If this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_CMAC_STEN: NOT_INCLUDE
# ---------------------------------------===== FIPS_KDF_STEN [Optional] =====---------------------------------------
# Description: Offset: 26b, Width: 2b, Enable self-test for KDF block on power-up. Needed for FIPS certification. If
# this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_KDF_STEN: NOT_INCLUDE
# ---------------------------------------===== FIPS_PUF_STEN [Optional] =====---------------------------------------
# Description: Offset: 28b, Width: 2b, Enable self-test for PUF block on power-up. Needed for FIPS certification. If
# this field is non-zero run self-test and log result in SYSCON->ELS_AS_BOOT_LOG1[FIPS].
# - NOT_INCLUDE, (0): Not included
# - FAILURE_BOOT, (1): On failure continue to boot.
# - FAILURE_ISP, (2): On failure enter ISP mode for recovery.
# - FAILURE_ENF_POWER, (3): On failure lock the device to enforce power-cycle.
# Possible options:
FIPS_PUF_STEN: NOT_INCLUDE
# -----------------------------------------===== RoTK_USAGE [Optional] =====------------------------------------------
# Description: Offset: 0x00000054, Width: 32b; Root of Trust Key Usage
RoTK_USAGE:
# ----------------------------------------===== RoTK0_Usage [Optional] =====----------------------------------------
# Description: Offset: 0b, Width: 3b, RoT key 0 usage properties.
# - USABLE, (0): Usable as debug CA, image CA, FW CA, image and FW key.
# - DEBUG, (1): Usable as debug CA only.
# - IMG_BOOT_FW, (2): Usable as image (boot and FW) CA only.
# - DEBUG_BOOT_FW_IMG, (3): Usable as debug, boot and FW image CA.
# - IMG_FW_UPDATE_KEY, (4): Usable as image key and FW update key only.
# - BOOT_IMAGE_KEY, (5): Usable as boot image key only.
# - FW_UPDATE_IMG_KEY, (6): Usable as FW update image key only.
# - KEY_SLOT_NOT_USED, (7): Key slot is not used.
# Possible options:
# FW_UPDATE_IMG_KEY, KEY_SLOT_NOT_USED>
RoTK0_Usage: USABLE
# ----------------------------------------===== RoTK1_Usage [Optional] =====----------------------------------------
# Description: Offset: 3b, Width: 3b, RoT key 1 usage properties.
# - USABLE, (0): Usable as debug CA, image CA, FW CA, image and FW key.
# - DEBUG, (1): Usable as debug CA only.
# - IMG_BOOT_FW, (2): Usable as image (boot and FW) CA only.
# - DEBUG_BOOT_FW_IMG, (3): Usable as debug, boot and FW image CA.
# - IMG_FW_UPDATE_KEY, (4): Usable as image key and FW update key only.
# - BOOT_IMAGE_KEY, (5): Usable as boot image key only.
# - FW_UPDATE_IMG_KEY, (6): Usable as FW update image key only.
# - KEY_SLOT_NOT_USED, (7): Key slot is not used.
# Possible options:
# FW_UPDATE_IMG_KEY, KEY_SLOT_NOT_USED>
RoTK1_Usage: USABLE
# ----------------------------------------===== RoTK2_Usage [Optional] =====----------------------------------------
# Description: Offset: 6b, Width: 3b, RoT key 2 usage properties.
# - USABLE, (0): Usable as debug CA, image CA, FW CA, image and FW key.
# - DEBUG, (1): Usable as debug CA only.
# - IMG_BOOT_FW, (2): Usable as image (boot and FW) CA only.
# - DEBUG_BOOT_FW_IMG, (3): Usable as debug, boot and FW image CA.
# - IMG_FW_UPDATE_KEY, (4): Usable as image key and FW update key only.
# - BOOT_IMAGE_KEY, (5): Usable as boot image key only.
# - FW_UPDATE_IMG_KEY, (6): Usable as FW update image key only.
# - KEY_SLOT_NOT_USED, (7): Key slot is not used.
# Possible options:
# FW_UPDATE_IMG_KEY, KEY_SLOT_NOT_USED>
RoTK2_Usage: USABLE
# ----------------------------------------===== RoTK3_Usage [Optional] =====----------------------------------------
# Description: Offset: 9b, Width: 3b, RoT key 3 usage properties.
# - USABLE, (0): Usable as debug CA, image CA, FW CA, image and FW key.
# - DEBUG, (1): Usable as debug CA only.
# - IMG_BOOT_FW, (2): Usable as image (boot and FW) CA only.
# - DEBUG_BOOT_FW_IMG, (3): Usable as debug, boot and FW image CA.
# - IMG_FW_UPDATE_KEY, (4): Usable as image key and FW update key only.
# - BOOT_IMAGE_KEY, (5): Usable as boot image key only.
# - FW_UPDATE_IMG_KEY, (6): Usable as FW update image key only.
# - KEY_SLOT_NOT_USED, (7): Key slot is not used.
# Possible options:
# FW_UPDATE_IMG_KEY, KEY_SLOT_NOT_USED>
RoTK3_Usage: USABLE
# -----------------------------------------===== SKIP_DICE [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 1b, Skip DICE computation.
# - ENABLE_DICE, (0): Enable DICE
# - DISABLE_DICE, (1): Disable DICE
# Possible options:
SKIP_DICE: ENABLE_DICE
# -------------------------------------===== DICE_INC_NXP_CFG [Optional] =====--------------------------------------
# Description: Offset: 13b, Width: 1b, Include NXP area (IFR1) containing specific part configuration data defined
# during chip manufacturing process in DICE computation.
# - NOT_INCLUDED, (0): Not included
# - INCLUDED, (1): Included
# Possible options:
DICE_INC_NXP_CFG: NOT_INCLUDED
# -------------------------------------===== DICE_INC_CUST_CFG [Optional] =====-------------------------------------
# Description: Offset: 14b, Width: 1b, Include data from CMPA page (512 bytes) in DICE computation.
# - NOT_INCLUDED, (0): Not included
# - INCLUDED, (1): Included
# Possible options:
DICE_INC_CUST_CFG: NOT_INCLUDED
# ------------------------------------===== REG0_ERASE_CHECK_EN [Optional] =====------------------------------------
# Description: Offset: 16b, Width: 2b, Enable erase check for NPX PRINCE context 0.
# When erase check is enabled ROM API will enforce a check to guarantee that all sectors selected in the context are
# erased together.
# When erase check is enabled only contiguous sectors can be selected in context bitmap.
# 0x - ROM API will not perform erase check.
# 1x - ROM API will perform erase check.
# - DISABLED_0b00, (0): Erase check is disabled
# - DISABLED_0b01, (1): Erase check is disabled
# - ENABLED_0b10, (2): Erase heck is enabled
# - ENABLED_0b11, (3): Erase check is enabled
# Possible options:
REG0_ERASE_CHECK_EN: DISABLED_0b00
# ------------------------------------===== REG1_ERASE_CHECK_EN [Optional] =====------------------------------------
# Description: Offset: 18b, Width: 2b, Enable erase check for NPX PRINCE context 1.
# When erase check is enabled ROM API will enforce a check to guarantee that all sectors selected in the context are
# erased together.
# When erase check is enabled only contiguous sectors can be selected in context bitmap.
# 0x - ROM API will not perform erase check.
# 1x - ROM API will perform erase check.
# - DISABLED_0b00, (0): Erase check is disabled
# - DISABLED_0b01, (1): Erase check is disabled
# - ENABLED_0b10, (2): Erase heck is enabled
# - ENABLED_0b11, (3): Erase check is enabled
# Possible options:
REG1_ERASE_CHECK_EN: DISABLED_0b00
# ------------------------------------===== REG2_ERASE_CHECK_EN [Optional] =====------------------------------------
# Description: Offset: 20b, Width: 2b, Enable erase check for NPX PRINCE context 2.
# When erase check is enabled ROM API will enforce a check to guarantee that all sectors selected in the context are
# erased together.
# When erase check is enabled only contiguous sectors can be selected in context bitmap.
# 0x - ROM API will not perform erase check.
# 1x - ROM API will perform erase check.
# - DISABLED_0b00, (0): Erase check is disabled
# - DISABLED_0b01, (1): Erase check is disabled
# - ENABLED_0b10, (2): Erase heck is enabled
# - ENABLED_0b11, (3): Erase check is enabled
# Possible options:
REG2_ERASE_CHECK_EN: DISABLED_0b00
# ------------------------------------===== REG3_ERASE_CHECK_EN [Optional] =====------------------------------------
# Description: Offset: 22b, Width: 2b, Enable erase check for NPX PRINCE context 3.
# When erase check is enabled ROM API will enforce a check to guarantee that all sectors selected in the context are
# erased together.
# When erase check is enabled only contiguous sectors can be selected in context bitmap.
# 0x - ROM API will not perform erase check.
# 1x - ROM API will perform erase check.
# - DISABLED_0b00, (0): Erase check is disabled
# - DISABLED_0b01, (1): Erase check is disabled
# - ENABLED_0b10, (2): Erase heck is enabled
# - ENABLED_0b11, (3): Erase check is enabled
# Possible options:
REG3_ERASE_CHECK_EN: DISABLED_0b00
# ---------------------------------------===== NPX_LOCK_CTX0 [Optional] =====---------------------------------------
# Description: Offset: 24b, Width: 2b, Lock on-chip flash NPX PRINCE context 0 settings.
# Note: when locking a region recommendation is to also enable erase checking using the REG0_ERASE_CHECK_EN field.
# - NOT_LOCKED_0b00, (0): Region is not locked.
# - LOCKED_0b01, (1): Region is locked.
# - LOCKED_0b10, (2): Region is locked.
# - LOCKED_0b11, (3): Region is locked.
# Possible options:
NPX_LOCK_CTX0: NOT_LOCKED_0b00
# ---------------------------------------===== NPX_LOCK_CTX1 [Optional] =====---------------------------------------
# Description: Offset: 26b, Width: 2b, Lock on-chip flash NPX PRINCE context 1 settings.
# Note: when locking a region recommendation is to also enable erase checking using the REG1_ERASE_CHECK_EN field.
# - NOT_LOCKED_0b00, (0): Region is not locked.
# - LOCKED_0b01, (1): Region is locked.
# - LOCKED_0b10, (2): Region is locked.
# - LOCKED_0b11, (3): Region is locked.
# Possible options:
NPX_LOCK_CTX1: NOT_LOCKED_0b00
# ---------------------------------------===== NPX_LOCK_CTX2 [Optional] =====---------------------------------------
# Description: Offset: 28b, Width: 2b, Lock on-chip flash NPX PRINCE context 2 settings.
# Note: when locking a region recommendation is to also enable erase checking using the REG2_ERASE_CHECK_EN field.
# - NOT_LOCKED_0b00, (0): Region is not locked.
# - LOCKED_0b01, (1): Region is locked.
# - LOCKED_0b10, (2): Region is locked.
# - LOCKED_0b11, (3): Region is locked.
# Possible options:
NPX_LOCK_CTX2: NOT_LOCKED_0b00
# ---------------------------------------===== NPX_LOCK_CTX3 [Optional] =====---------------------------------------
# Description: Offset: 30b, Width: 2b, Lock on-chip flash NPX PRINCE context 3 settings.
# Note: when locking a region recommendation is to also enable erase checking using the REG3_ERASE_CHECK_EN field.
# - NOT_LOCKED_0b00, (0): Region is not locked.
# - LOCKED_0b01, (1): Region is locked.
# - LOCKED_0b10, (2): Region is locked.
# - LOCKED_0b11, (3): Region is locked.
# Possible options:
NPX_LOCK_CTX3: NOT_LOCKED_0b00
# --------------------------------------------===== ROTKH [Optional] =====--------------------------------------------
# Description: Offset: 0x00000060, Width: 384b; ROTKH field is compounded by 12 32-bit fields and contains Root key
# table hash. Root of Trust Key Hash is SHA256 or SHA384 of RoTK public. Hash algorithm is selected based on RoTK EC
# type (secp256r1 -> SHA256 or secp384r1 -> SHA384). Same RoTKs and RoTKTH values are shared between debug
# authentication, SB3.1 firmware updates container and signed boot image based on CMPA.RoTKx_Usage.
ROTKH: '0000000000000000000000000000000000000000000000000000000000000000'
# ----------------------------------------===== NPX_CTX0_WD0 [Optional] =====-----------------------------------------
# Description: Offset: 0x00000090, Width: 32b; Bitmap mask for NPX Prince context 0 (sectors 0 - 31).
# ROM copies this value to NPX->VMAPCTX0_WD0 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX0 key and IV.
NPX_CTX0_WD0: '0x00000000'
# ----------------------------------------===== NPX_CTX0_WD1 [Optional] =====-----------------------------------------
# Description: Offset: 0x00000094, Width: 32b; Bitmap mask for NPX Prince context 0 (sectors 32 - 63).
# ROM copies this value to NPX->VMAPCTX0_WD1 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX0 key and IV.
NPX_CTX0_WD1: '0x00000000'
# ----------------------------------------===== NPX_CTX1_WD0 [Optional] =====-----------------------------------------
# Description: Offset: 0x00000098, Width: 32b; Bitmap mask for NPX Prince context 1 (sectors 0 - 31).
# ROM copies this value to NPX->VMAPCTX1_WD0 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX1 key and IV.
NPX_CTX1_WD0: '0x00000000'
# ----------------------------------------===== NPX_CTX1_WD1 [Optional] =====-----------------------------------------
# Description: Offset: 0x0000009C, Width: 32b; Bitmap mask for NPX Prince context 1 (sectors 32 - 63).
# ROM copies this value to NPX->VMAPCTX1_WD1 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX1 key and IV.
NPX_CTX1_WD1: '0x00000000'
# ----------------------------------------===== NPX_CTX2_WD0 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A0, Width: 32b; Bitmap mask for NPX Prince context 2 (sectors 0 - 31).
# ROM copies this value to NPX->VMAPCTX2_WD0 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX2 key and IV.
NPX_CTX2_WD0: '0x00000000'
# ----------------------------------------===== NPX_CTX2_WD1 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A4, Width: 32b; Bitmap mask for NPX Prince context 2 (sectors 32 - 63).
# ROM copies this value to NPX->VMAPCTX2_WD1 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX2 key and IV.
NPX_CTX2_WD1: '0x00000000'
# ----------------------------------------===== NPX_CTX3_WD0 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A8, Width: 32b; Bitmap mask for NPX Prince context 3 (sectors 0 - 31).
# ROM copies this value to NPX->VMAPCTX3_WD0 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX3 key and IV.
NPX_CTX3_WD0: '0x00000000'
# ----------------------------------------===== NPX_CTX3_WD1 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000AC, Width: 32b; Bitmap mask for NPX Prince context 3 (sectors 32 - 63).
# ROM copies this value to NPX->VMAPCTX3_WD1 register during flash initialization. This bitmask indicates which 32KB
# block is encrypted/decrypted using CTX3 key and IV.
NPX_CTX3_WD1: '0x00000000'
# -----------------------------------------===== IPED0_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000B0, Width: 32b; IPED region 0 Start
IPED0_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX0_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 0 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX0_START_ADDR: 0
# ------------------------------------------===== IPED0_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000B4, Width: 32b; IPED region 0 End
IPED0_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX0_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 0 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX0_END_ADDR: 0
# -----------------------------------------===== IPED1_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000B8, Width: 32b; IPED region 1 Start
IPED1_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX1_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 1 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX1_START_ADDR: 0
# ------------------------------------------===== IPED1_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000BC, Width: 32b; IPED region 1 End
IPED1_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX1_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 1 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX1_END_ADDR: 0
# -----------------------------------------===== IPED2_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000C0, Width: 32b; IPED region 2 Start
IPED2_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX2_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 2 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX2_START_ADDR: 0
# ------------------------------------------===== IPED2_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000C4, Width: 32b; IPED region 2 End
IPED2_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX2_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 2 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX2_END_ADDR: 0
# -----------------------------------------===== IPED3_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000C8, Width: 32b; IPED region 3 Start
IPED3_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX3_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 3 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX3_START_ADDR: 0
# ------------------------------------------===== IPED3_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000CC, Width: 32b; IPED region 3 End
IPED3_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX3_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 3 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX3_END_ADDR: 0
# -----------------------------------------===== IPED4_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000D0, Width: 32b; IPED region 4 Start
IPED4_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX4_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 4 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX4_START_ADDR: 0
# ------------------------------------------===== IPED4_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000D4, Width: 32b; IPED region 4 End
IPED4_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX4_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 4 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX4_END_ADDR: 0
# -----------------------------------------===== IPED5_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000D8, Width: 32b; IPED region 5 Start
IPED5_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX5_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 5 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX5_START_ADDR: 0
# ------------------------------------------===== IPED5_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000DC, Width: 32b; IPED region 5 End
IPED5_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX5_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 5 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX5_END_ADDR: 0
# -----------------------------------------===== IPED6_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000E0, Width: 32b; IPED region 6 Start
IPED6_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX6_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 6 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX6_START_ADDR: 0
# ------------------------------------------===== IPED6_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000E4, Width: 32b; IPED region 6 End
IPED6_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX6_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 6 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX6_END_ADDR: 0
# -----------------------------------------===== IPED7_START [Optional] =====-----------------------------------------
# Description: Offset: 0x000000E8, Width: 32b; IPED region 7 Start
IPED7_START:
# -----------------------------------------===== GCM_MODE [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 1b, GCM mode enable.
# - ENABLE_CTR_MODE, (0): Region is enabled in CTR mode.
# - ENABLE_GCM_MODE, (1): Region is enabled in GCM mode.
# Possible options:
GCM_MODE: ENABLE_CTR_MODE
# ----------------------------------------===== AHBERR_DIS [Optional] =====-----------------------------------------
# Description: Offset: 1b, Width: 1b, Disable AHB bus error. If GCM authentication fails generates bus error or not.
# - ENABLED, (0): Bus error enabled
# - DISABLED, (1): Bus error disabled
# Possible options:
AHBERR_DIS: ENABLED
# -----------------------------------===== IPED_CTX7_START_ADDR [Optional] =====------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 7 start address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX7_START_ADDR: 0
# ------------------------------------------===== IPED7_END [Optional] =====------------------------------------------
# Description: Offset: 0x000000EC, Width: 32b; IPED region 7 End
IPED7_END:
# ------------------------------------------===== LOCK_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Lock the external PRINCE context settings.
# - NOT_LOCKED_0b00, (0): Region is not locked
# - LOCKED_0b01, (1): Region is locked
# - LOCKED_0b10, (2): Region is locked
# - LOCKED_0b11, (3): Region is locked
# Possible options:
LOCK_EN: NOT_LOCKED_0b00
# ------------------------------------===== IPED_CTX7_END_ADDR [Optional] =====-------------------------------------
# Description: Offset: 8b, Width: 32b, Upper 24-bits of IPED region 7 end address. Lower 8 address bits are always
# 0.
# NOTE: ROM only uses upper 24bits to address IPED region. In config file use full 32b address.
IPED_CTX7_END_ADDR: 0
# ----------------------------------------===== REC_IMG_EXT0 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000F0, Width: 32b; Bitmap mask to indicate sectors included in recovery image (sectors 8 -
# 31).
# Recovery image is programmed in BANK1_IFR0. But if the image size is more than 32KB, this field can be used to
# indicate sectors to include in recovery image.
# ROM will configure flash protection setting for these sectors the same as BANK1_IFR0 before exiting to user code.
# The protection settings are managed through CMPA.OEM_BANK1_IFR0_PROT. The lower 8 sectors are excluded from this
# mask to avoid conflicts with dual image boot feature.
REC_IMG_EXT0:
# ---------------------------------------===== REC_IMG_EXT0 [Optional] =====----------------------------------------
# Description: Offset: 8b, Width: 24b, Bitmap mask to indicate sectors included in recovery image.
REC_IMG_EXT0: 0
# ----------------------------------------===== REC_IMG_EXT1 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000F4, Width: 32b; Bitmap mask to indicate sectors included in recovery image (sectors 40
# - 63).
# Recovery image is programmed in BANK1_IFR0. But if the image size is more than 32KB, this field can be used to
# indicate sectors to include in recovery image.
# ROM will configure flash protection setting for these sectors the same as BANK1_IFR0 before exiting to user code.
# The protection settings are managed through CMPA.OEM_BANK1_IFR0_PROT. The lower 8 sectors are excluded from this
# mask to avoid conflicts with dual image boot feature.
REC_IMG_EXT1:
# ---------------------------------------===== REC_IMG_EXT1 [Optional] =====----------------------------------------
# Description: Offset: 8b, Width: 24b, Bitmap mask to indicate sectors included in recovery image.
REC_IMG_EXT1: 0
# --------------------------------------===== QUICK_SET_GPIO_0 [Optional] =====---------------------------------------
# Description: Offset: 0x00000120, Width: 32b; Drive GPIO 0 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_0 and QUICK_CLR_GPIO_0 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_0: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_0 [Optional] =====---------------------------------------
# Description: Offset: 0x00000124, Width: 32b; Drive GPIO 0 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_0 and QUICK_CLR_GPIO_0 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_0: '0x00000000'
# --------------------------------------===== QUICK_SET_GPIO_1 [Optional] =====---------------------------------------
# Description: Offset: 0x00000128, Width: 32b; Drive GPIO 1 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_1 and QUICK_CLR_GPIO_1 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_1: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_1 [Optional] =====---------------------------------------
# Description: Offset: 0x0000012C, Width: 32b; Drive GPIO 1 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_1 and QUICK_CLR_GPIO_1 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_1: '0x00000000'
# --------------------------------------===== QUICK_SET_GPIO_2 [Optional] =====---------------------------------------
# Description: Offset: 0x00000130, Width: 32b; Drive GPIO 2 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_2 and QUICK_CLR_GPIO_2 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_2: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_2 [Optional] =====---------------------------------------
# Description: Offset: 0x00000134, Width: 32b; Drive GPIO 2 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_2 and QUICK_CLR_GPIO_2 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_2: '0x00000000'
# --------------------------------------===== QUICK_SET_GPIO_3 [Optional] =====---------------------------------------
# Description: Offset: 0x00000138, Width: 32b; Drive GPIO 3 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_3 and QUICK_CLR_GPIO_3 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_3: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_3 [Optional] =====---------------------------------------
# Description: Offset: 0x0000013C, Width: 32b; Drive GPIO 3 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_3 and QUICK_CLR_GPIO_3 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_3: '0x00000000'
# --------------------------------------===== QUICK_SET_GPIO_4 [Optional] =====---------------------------------------
# Description: Offset: 0x00000140, Width: 32b; Drive GPIO 4 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_4 and QUICK_CLR_GPIO_4 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_4: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_4 [Optional] =====---------------------------------------
# Description: Offset: 0x00000144, Width: 32b; Drive GPIO 4 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_4 and QUICK_CLR_GPIO_4 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_4: '0x00000000'
# --------------------------------------===== QUICK_SET_GPIO_5 [Optional] =====---------------------------------------
# Description: Offset: 0x00000148, Width: 32b; Drive GPIO 5 port [31:0] pins high after reset.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_5 and QUICK_CLR_GPIO_5 fields then pin will be set to high-level
# with quick transition to low.
QUICK_SET_GPIO_5: '0x00000000'
# --------------------------------------===== QUICK_CLR_GPIO_5 [Optional] =====---------------------------------------
# Description: Offset: 0x0000014C, Width: 32b; Drive GPIO 5 port [31:0] pins low.
# Each bit corresponds to the pin in GPIO port 0. When set ROM drives the corresponding pin high as soon as possible.
# By default most pins come-up as tri-stated inputs.
# This feature allows customer to specify active drive pins soon after reset instead of waiting till complete boot.
# Note, if a pin is selected in both QUICK_SET_GPIO_5 and QUICK_CLR_GPIO_5 fields then pin will be set to high-level
# with quick transition to low.
QUICK_CLR_GPIO_5: '0x00000000'
# -------------------------------------===== CUST_MK_SK_KEY_BLOB [Optional] =====-------------------------------------
# Description: Offset: 0x00000160, Width: 384b; CUST_MK_SK key blob. CUST_MK_SK is stored in form of RFC3394 blob and
# it is used by bootloader to decrypt SB3.1 encryption key during processing of SB file by bootloader. CUST_MK_SK is
# generated during device provisioning process by HSM_KEY_GEN (random key) or by HSM_STORE_KEY (user defined key)
# commands. To store this key into CMPA, SB_STORE_KEY command should be used.
CUST_MK_SK_KEY_BLOB: '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
# -----------------------------------------===== CMPA_CRC32 [Optional] =====------------------------------------------
# Description: Offset: 0x000001EC, Width: 32b; CRC32 of CMPA page data from offset 0x00 to 0x1EB. ROM updates this
# field along with CMPA_CMAC. ROM uses this field based on CMPA.LP_SEC_BOOT field option.
CMPA_CRC32: '0x00000000'
# -----------------------------------------===== CMPA_CMAC0 [Optional] =====------------------------------------------
# Description: Offset: 0x000001F0, Width: 32b; CMAC[31:0] of CMPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CMPA_CMAC0: '0x00000000'
# -----------------------------------------===== CMPA_CMAC1 [Optional] =====------------------------------------------
# Description: Offset: 0x000001F4, Width: 32b; CMAC[63:32] of CMPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CMPA_CMAC1: '0x00000000'
# -----------------------------------------===== CMPA_CMAC2 [Optional] =====------------------------------------------
# Description: Offset: 0x000001F8, Width: 32b; CMAC[95:64] of CMPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CMPA_CMAC2: '0x00000000'
# -----------------------------------------===== CMPA_CMAC3 [Optional] =====------------------------------------------
# Description: Offset: 0x000001FC, Width: 32b; CMAC[127:96] of CMPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CMPA_CMAC3: '0x00000000'
# Copyright 2024 NXP
#
# SPDX-License-Identifier: BSD-3-Clause
# ========================================= PFR CMPA configuration template ==========================================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s06, lpc55s14, lpc55s16, lpc55s26, lpc55s28, lpc55s36, lpc55s66, lpc55s69, mcxa132, mcxa133, mcxa142, mcxa143,
# mcxa144, mcxa145, mcxa146, mcxa152, mcxa153, mcxa154, mcxa155, mcxa156, mcxn235, mcxn236, mcxn546, mcxn547, mcxn946,
# mcxn947, nhs52s04>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ------------------------------------===== Configuration area type [Optional] =====------------------------------------
# Description: PFR / IFR type
# Possible options:
type: CMPA
# ----------------------------------===== Configuration area Settings [Required] =====----------------------------------
settings: We kept in configuration just settings that are changed compare to defaults, all other are erased because the PFR tool keep them on defaults values.
# --------------------------------------===== DCFG_CC_SOCU_PIN [Optional] =====---------------------------------------
# Description: Offset: 0x00000040, Width: 32b; Credential Constraints for SoC specific Use Pinned
DCFG_CC_SOCU_PIN:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
NIDEN: USE_DAP
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DBGEN: USE_DAP
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPNIDEN: USE_DAP
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPIDEN: USE_DAP
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DSP_DBGEN: USE_DAP
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ISP_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
FA_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ME_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_NIDEN: USE_DAP
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_DBGEN: USE_DAP
# ----------------------------------------===== UUID_CHECK [Optional] =====-----------------------------------------
# Description: Offset: 15b, Width: 1b, Enforce UUID match during Debug authentication.
# - DISABLED, (0): Debug certificate can be used with all devices.
# - ENABLED, (1): Debug certificate per device with matching UUID is needed.
# Possible options:
UUID_CHECK: DISABLED
# --------------------------------------===== DCFG_CC_SOCU_DFLT [Optional] =====--------------------------------------
# Description: Offset: 0x00000044, Width: 32b; Credential Constraints for SoC specific Use Debug Filter
DCFG_CC_SOCU_DFLT:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
NIDEN: DISABLED
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DBGEN: DISABLED
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPNIDEN: DISABLED
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPIDEN: DISABLED
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DSP_DBGEN: DISABLED
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ISP_CMD_EN: ENABLED Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
FA_CMD_EN: ENABLED Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ME_CMD_EN: ENABLED Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_NIDEN: DISABLED
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_DBGEN: DISABLED
# Get difference of template and user YAML configuration of CFPA
YamlDiffWidget("inputs/cfpa_mcxn9xx_debug_auth.diffc").html
pfr get-template -t cfpa -f mcxn946 -o workspace/cfpa_mcxn9xx_debug_auth.yaml --force
The PFR cfpa template for mcxn946 has been saved into workspace/cfpa_mcxn9xx_debug_auth.yaml YAML file
Configuration Differences
# ========================================= PFR CFPA configuration template ==========================================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s06, lpc55s14, lpc55s16, lpc55s26, lpc55s28, lpc55s36, lpc55s66, lpc55s69, mcxn235, mcxn236, mcxn546, mcxn547,
# mcxn946, mcxn947, nhs52s04>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ------------------------------------===== Configuration area type [Optional] =====------------------------------------
# Description: PFR / IFR type
# Possible options:
type: CFPA
# ----------------------------------===== Configuration area Settings [Required] =====----------------------------------
settings: We kept in configuration just settings that are changed compare to defaults, all other are erased because the PFR tool keep them on defaults values.
# -------------------------------------------===== HEADER [Optional] =====--------------------------------------------
# Description: Offset: 0x00000000, Width: 32b; CFPA Header
HEADER:
# ---------------------------------------===== CFPA_LC_STATE [Optional] =====---------------------------------------
# Description: Offset: 0b, Width: 8b, Life cycle state.
# This field can be used to advance life cycle state to 0x7, 0xF or 0xCF during development (OTP_LC_STATE = 0x3) for
# testing deployed states without programming OTP fuse.
# When CFPA is used to advance LC state, then application code should implement hooks, to revert CFPA_LC_STATE field
# to 0x3 to bring the device back to OEM_DEVELOP state (0x03). One such example is a GPIO interrupt handler invoked
# on a button press which modified the CFPA_LC_STATE to 0x3.
# Below are the allowed values for this field. Use of other values may lead to bricked state.
# - USE_LC_STATE_OTP, (0): Use LC state from OTP.
# - DEVELOP, (3): Develop state
# - DEVELOP2, (7): Develop 2 state
# - IN_FIELD, (15): In-field state
# - IN_FIELD_LOCKED, (207): In-field locked state
# Possible options:
CFPA_LC_STATE: USE_LC_STATE_OTP
# ----------------------------------------===== CFPA_HEADER [Optional] =====----------------------------------------
# Description: Offset: 16b, Width: 16b, CFPA Header marker should be set to 0x9635.
# After this header is set, all non-zero values will take effect; leaving all values set to 0xff will cause
# undefined behavior.
# It is recommended to set all values to 0x00 before setting the CFPA header.
CFPA_HEADER: 38453
# --------------------------------------===== CFPA_PAGE_VERSION [Optional] =====--------------------------------------
# Description: Offset: 0x00000004, Width: 32b; CFPA Page Version.
CFPA_PAGE_VERSION: Updated CFPA version to new one, must be increased with each write to protect against downgrading of settings.
# -------------------------------------===== CFPA_PAGE_VERSION [Optional] =====-------------------------------------
# Description: Offset: 0b, Width: 24b, CFPA page version.
# Boot ROM uses this field to determine the active CFPA page by comparing the values in this field for the two CFPA
# pages. The page with higher version number is picked as active page if it passes the CMAC authentication. This
# field is updated by ROM whenever CFPA page is updated.
# Write '0xFF_FFFF' to auto increment current CFPA page version value (by ROM).
CFPA_PAGE_VERSION: 0 Updated CFPA version to new one, must be increased with each write to protect against downgrading of settings.
CFPA_PAGE_VERSION: 0xFF_FFFF
# ------------------------------------------===== IMG_UPD [Optional] =====------------------------------------------
# Description: Offset: 24b, Width: 2b, Image updated.
# Note: CMAC boot is only supported for internal flash. If using a FlexSPI flash XIP image, then this field should
# always be left as zero.
# - NOTHING_CHANGED, (0): No action
# - IMAGE0_CMAC_UPDATE, (1): Update image 0 CMAC
# - IMAGE1_CMAC_UPDATE, (2): Update image 1 CMAC
# - SBL_IMG_CMAC_UPDATE, (3): Update SBL Image CMAC (image in IFR0 0x0100_8000). Value written in IMG0_CMAC field.
# Possible options:
IMG_UPD: NOTHING_CHANGED
# -----------------------------------------===== CMPA_UPD [Optional] =====------------------------------------------
# Description: Offset: 27b, Width: 3b, CMPA page updated through ROM API. Thus compute CMAC on sub-sequent boot.
# This field is checked only in Develop (0x3) LC state.
# All other combinations update CMAC field in CMPA page.
# - NO_ACTION, (0): No action
# - UPDATE_IN_CMPA, (2): Update CMAC field in CMPA page.
# - TO_OEM_SECURE, (3): Update CMAC field in CMPA page and OTP. Advance OTP_LC_STATE to Develop2 (0x7)
# - TO_OEM_CLOSED, (5): Update CMAC field in CMPA page and OTP. Advance OTP_LC_STATE to In-Field (0xF).
# - TO_OEM_LOCKED, (6): Update CMAC field in CMPA page and OTP. Advance OTP_LC_STATE to In-Field Locked (0xCF).
# Possible options:
CMPA_UPD: NO_ACTION
# -----------------------------------------===== DICE_UPD [Optional] =====------------------------------------------
# Description: Offset: 31b, Width: 1b, Update DICE certificate during next boot.
# - NO_ACTION, (0): No action
# - GENERATE_CERTIFICATE, (1): Generate certificate.
# Possible options:
DICE_UPD: NO_ACTION
# --------------------------------------===== Secure_FW_Version [Optional] =====--------------------------------------
# Description: Offset: 0x00000008, Width: 32b; Secure Firmware version.
# This monotonic counter field tracks the firmware version of secure partition.
# ROM uses this field to enforce anti-rollback checking during secure boot and secure update (SB3 header).
# For image authentication pass during secure boot the FW version in image manifest must be equal or greater than this
# value.
# During secure update and recovery boot the version number in SB3 header Must be equal or greater than the value in
# this field.
# Apart from SB3 header check, user can enforce anti-rollback check during SB3 processing by using
# 'kSB3_COMMAND_fwVersionCheck' SB command with 'kNBOOT_CNT_secure' counter ID parameter, in SB3 file.
Secure_FW_Version: '0x00000000'
# ----------------------------------------===== NS_FW_Version [Optional] =====----------------------------------------
# Description: Offset: 0x0000000C, Width: 32b; Non-Secure Firmware version.
# This monotonic counter field can be used to track the firmware version of non-secure partition. An anti-rollback
# check can be enforced during update by using this field and 'kSB3_COMMAND_fwVersionCheck' SB command with
# 'kNBOOT_CNT_nonsecure' counter ID parameter, in SB3 file.
NS_FW_Version: '0x00000000'
# ----------------------------------------===== SECBOOT_FLAGS [Optional] =====----------------------------------------
# Description: Offset: 0x00000014, Width: 32b; Secure BOOT Flags.
SECBOOT_FLAGS:
# -----------------------------------------===== RoTK0_EN [Optional] =====------------------------------------------
# Description: Offset: 0b, Width: 2b, Root of Trust Key 0 Enable. Determines if ROTK0 can be used during secure
# boot.
# - ENABLED_0, (0): Enabled
# - ENABLED_1, (1): Enabled
# - KEY_REVOKED_2, (2): Key Revoked
# - KEY_REVOKED_3, (3): Key Revoked
# Possible options:
RoTK0_EN: ENABLED_0
# -----------------------------------------===== RoTK1_EN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 2b, Root of Trust Key 1 Enable. Determines if ROTK1 can be used during secure
# boot.
# - ENABLED_0, (0): Enabled
# - ENABLED_1, (1): Enabled
# - KEY_REVOKED_2, (2): Key Revoked
# - KEY_REVOKED_3, (3): Key Revoked
# Possible options:
RoTK1_EN: ENABLED_0
# -----------------------------------------===== RoTK2_EN [Optional] =====------------------------------------------
# Description: Offset: 4b, Width: 2b, Root of Trust Key 2 Enable. Determines if ROTK2 can be used during secure
# boot.
# - ENABLED_0, (0): Enabled
# - ENABLED_1, (1): Enabled
# - KEY_REVOKED_2, (2): Key Revoked
# - KEY_REVOKED_3, (3): Key Revoked
# Possible options:
RoTK2_EN: ENABLED_0
# -----------------------------------------===== RoTK3_EN [Optional] =====------------------------------------------
# Description: Offset: 6b, Width: 2b, Root of Trust Key 3 Enable. Determines if ROTK3 can be used during secure
# boot.
# - ENABLED_0, (0): Enabled
# - ENABLED_1, (1): Enabled
# - KEY_REVOKED_2, (2): Key Revoked
# - KEY_REVOKED_3, (3): Key Revoked
# Possible options:
RoTK3_EN: ENABLED_0
# -----------------------------------===== OEM_RETURN_ERASE_DONE [Optional] =====-----------------------------------
# Description: Offset: 28b, Width: 4b, OEM assets erase done flag.
# ROM sets this field to 0xA after erasing the user flash and OEM assets. This operation is done on first boot after
# OTP_LC_STATE is advanced to 0x1F or higher states.
# On every boot ROM checks if LC_STATE is greater or equal to 0x1F and this field is empty in active CFPA page, then
# it erases OEM assets and updates this field in CFPA before freezing CFPA pages and enabling debug access. If the
# field is already set to 0xA then it proceeds without erasing user flash area.
OEM_RETURN_ERASE_DONE: 0
# --------------------------------------===== IMAGE_KEY_REVOKE [Optional] =====---------------------------------------
# Description: Offset: 0x00000018, Width: 32b; Image Key Revoke
IMAGE_KEY_REVOKE:
# ----------------------------------===== IMAGE_KEY_REVOCATION_ID [Optional] =====----------------------------------
# Description: Offset: 0b, Width: 24b, Image signing key revocation counter.
# This monotonic counter field is used by boot ROM to enforce image signing key (ISK) certificate revocation policy.
# Boot ROM accepts an ISK certificate as valid only if the 'constraint' field in ISK certificate is the same or
# greater than the ISK revocation counter.
# The 32-bit ISK revocation counter is formed using 8 bits of IMAGE_KEY_REVOKE[7:0] field in OTP as MSB bits and
# lower 24 bits from this field.
# ISK certificate validation is done as part of boot, FW update (SB3) and recovery (SB3) image authentication.
IMAGE_KEY_REVOCATION_ID: 0
# ---------------------------------------===== LP_VECTOR_ADDR [Optional] =====----------------------------------------
# Description: Offset: 0x0000001C, Width: 32b; Vector address when waking from power-down and deep power down states
# when CMPA.LP_SEC_BOOT is set to 2b'10.
LP_VECTOR_ADDR: '0x00000000'
# ----------------------------------------===== DBG_REVOKE_VU [Optional] =====----------------------------------------
# Description: Offset: 0x00000020, Width: 32b; Debug Revoke Vendor Usage.
DBG_REVOKE_VU:
# -------------------------------------------===== FIELD [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 16b, Debug certificate revocation counter.
# This monotonic counter field is used for revoking debug certificates.
# As part of debug authentication, CC_VU field in debug certificate/credential is checked against DCFG_VENDOR_USAGE
# value.
# The 32-bit DCFG_VENDOR_USAGE is formed using upper 16 bit of CMPA.VENDOR_USAGE and lower 16 bits of this field.
FIELD: 0
# -------------------------------------===== DCFG_CC_SOCU_NS_PIN [Optional] =====-------------------------------------
# Description: Offset: 0x00000024, Width: 32b; Device Configuration Credential Constraints for SoC specific Use
# Pinned.
# With TZ-M, the part can be sold by level 1 customers (secure code developer) to level-2 customers who develops non-
# secure code only.
# - In this scenario, for ease of development, Level 1 customer releases the part to always allow non-secure debug.
# - To allow level-2 customers to further seal the part DCFG_CC_SOCU_NS is used.
# - ROM will use this word to further restrict the debug access.
DCFG_CC_SOCU_NS_PIN:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
NIDEN: USE_DAP
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DBGEN: USE_DAP
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPNIDEN: USE_DAP
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPIDEN: USE_DAP
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DSP_DBGEN: USE_DAP
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ISP_CMD_EN: USE_DAP Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ISP_CMD_EN: FIXED_STATE
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
FA_CMD_EN: USE_DAP Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
FA_CMD_EN: FIXED_STATE
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ME_CMD_EN: USE_DAP Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ME_CMD_EN: FIXED_STATE
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_NIDEN: USE_DAP
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_DBGEN: USE_DAP
# ----------------------------------------===== UUID_CHECK [Optional] =====-----------------------------------------
# Description: Offset: 15b, Width: 1b, Enforce UUID match during Debug authentication
# - DISABLED, (0): Debug certificate can be used with all devices.
# - ENABLED, (1): Debug certificate per device with matching UUID is needed.
# Possible options:
UUID_CHECK: DISABLED
# ------------------------------------===== DCFG_CC_SOCU_NS_DFLT [Optional] =====-------------------------------------
# Description: Offset: 0x00000028, Width: 32b; Device Configuration Credential Constraints for SoC specific Use Debug
# Filter.
# With TZ-M, the part can be sold by level 1 customers (secure code developer) to level-2 customers who develops non-
# secure code only.
# - In this scenario, or easy of development, Level-I customer releases the part to always allow non-secure debug.
# - To allow level-2 customers to further seal the part DCFG_CC_SOCU_NS is used.
# - ROM will use this word to further restrict the debug access.
DCFG_CC_SOCU_NS_DFLT:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
NIDEN: DISABLED
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DBGEN: DISABLED
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPNIDEN: DISABLED
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPIDEN: DISABLED
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DSP_DBGEN: DISABLED
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ISP_CMD_EN: DISABLED Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ISP_CMD_EN: ENABLED
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
FA_CMD_EN: DISABLED Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
FA_CMD_EN: ENABLED
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ME_CMD_EN: DISABLED Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
ME_CMD_EN: ENABLED
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_NIDEN: DISABLED
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_DBGEN: DISABLED
# ----------------------------------------===== MCTR_NPX_CTX0 [Optional] =====----------------------------------------
# Description: Offset: 0x00000030, Width: 32b; Erase counter for Prince region 0.
# Monotonic erase counter for NPX region 0. This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by NPX for encryption/decryption is computed by ROM bootloader and incorporates
# device UUID, NPX region number and MCTR_NPX_CTX0.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_NPX_CTX0: '0x00000000'
# ----------------------------------------===== MCTR_NPX_CTX1 [Optional] =====----------------------------------------
# Description: Offset: 0x00000034, Width: 32b; Erase counter for Prince region 1.
# Monotonic erase counter for NPX region 1. This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by NPX for encryption/decryption is computed by ROM bootloader and incorporates
# device UUID, NPX region number and MCTR_NPX_CTX1.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_NPX_CTX1: '0x00000000'
# ----------------------------------------===== MCTR_NPX_CTX2 [Optional] =====----------------------------------------
# Description: Offset: 0x00000038, Width: 32b; Erase counter for Prince region 2.
# Monotonic erase counter for NPX region 2. This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by NPX for encryption/decryption is computed by ROM bootloader and incorporates
# device UUID, NPX region number and MCTR_NPX_CTX2.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_NPX_CTX2: '0x00000000'
# ----------------------------------------===== MCTR_NPX_CTX3 [Optional] =====----------------------------------------
# Description: Offset: 0x0000003C, Width: 32b; Erase counter for Prince region 3.
# Monotonic erase counter for NPX region 3. This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by NPX for encryption/decryption is computed by ROM bootloader and incorporates
# device UUID, NPX region number and MCTR_NPX_CTX3.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_NPX_CTX3: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX0 [Optional] =====----------------------------------------
# Description: Offset: 0x00000040, Width: 32b; Monotonic erase counter for IPED region 0.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX0.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX0: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX1 [Optional] =====----------------------------------------
# Description: Offset: 0x00000044, Width: 32b; Monotonic erase counter for IPED region 1.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX1.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX1: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX2 [Optional] =====----------------------------------------
# Description: Offset: 0x00000048, Width: 32b; Monotonic erase counter for IPED region 2.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX2.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX2: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX3 [Optional] =====----------------------------------------
# Description: Offset: 0x0000004C, Width: 32b; Monotonic erase counter for IPED region 3.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX3.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX3: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX4 [Optional] =====----------------------------------------
# Description: Offset: 0x00000050, Width: 32b; Monotonic erase counter for IPED region 4.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX4.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX4: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX5 [Optional] =====----------------------------------------
# Description: Offset: 0x00000054, Width: 32b; Monotonic erase counter for IPED region 5.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX5.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX5: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX6 [Optional] =====----------------------------------------
# Description: Offset: 0x00000058, Width: 32b; Monotonic erase counter for IPED region 6.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX6.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX6: '0x00000000'
# ---------------------------------------===== MCTR_IPED_CTX7 [Optional] =====----------------------------------------
# Description: Offset: 0x0000005C, Width: 32b; Monotonic erase counter for IPED region 7.
# This value is used by bootloader to dynamically compute region IV.
# This counter will increment by one, during each erase cycle of the corresponding flash region.
# User should not write anything in this field. This field is entirely handled by ROM.
# Final IV value for given region used by IPED for encryption/decryption is computed by ROM bootloader and
# incorporates device UUID, IPED region number and MCTR_IPED_CTX7.
# Application should always use ROM APIs to erase whole Prince region to keep IV consistent.
MCTR_IPED_CTX7: '0x00000000'
# -------------------------------------===== ERR_AUTH_FAIL_COUNT [Optional] =====-------------------------------------
# Description: Offset: 0x00000060, Width: 32b; Authentication failure counter.
# This monotonic counter field is incremented by boot ROM on authentication failure during boot, SB3, or debug
# authentication (Monotonic counter).
ERR_AUTH_FAIL_COUNT: '0x00000000'
# ---------------------------------------===== ERR_ITRC_COUNT [Optional] =====----------------------------------------
# Description: Offset: 0x00000064, Width: 32b; Tamper event counter.
# This monotonic counter field is incremented by boot ROM whenever the reset cause during boot is detected as
# - ITRC reset caused by security sensors or
# - WDT 0/1 reset or
# - Tamper pin reset.
ERR_ITRC_COUNT: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR0 [Optional] =====----------------------------------------
# Description: Offset: 0x00000080, Width: 32b; Customer defined Monotonic counter 0 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR0: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR1 [Optional] =====----------------------------------------
# Description: Offset: 0x00000084, Width: 32b; Customer defined Monotonic counter 1 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR1: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR2 [Optional] =====----------------------------------------
# Description: Offset: 0x00000088, Width: 32b; Customer defined Monotonic counter 2 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR2: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR3 [Optional] =====----------------------------------------
# Description: Offset: 0x0000008C, Width: 32b; Customer defined Monotonic counter 3 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR3: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR4 [Optional] =====----------------------------------------
# Description: Offset: 0x00000090, Width: 32b; Customer defined Monotonic counter 4 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR4: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR5 [Optional] =====----------------------------------------
# Description: Offset: 0x00000094, Width: 32b; Customer defined Monotonic counter 5 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR5: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR6 [Optional] =====----------------------------------------
# Description: Offset: 0x00000098, Width: 32b; Customer defined Monotonic counter 6 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR6: '0x00000000'
# ---------------------------------------===== MCTR_CUST_CTR7 [Optional] =====----------------------------------------
# Description: Offset: 0x0000009C, Width: 32b; Customer defined Monotonic counter 7 for application use.
# ROM enforces monotonic increment check during CFPA-CMAC page update.
# If the new counter value is less than the value in active CFPA page, then the update is rejected and CMAC signing is
# skipped.
MCTR_CUST_CTR7: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_0 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A0, Width: 32b; Customer defined Monotonic flags 0 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_0: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_1 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A4, Width: 32b; Customer defined Monotonic flags 1 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_1: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_2 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000A8, Width: 32b; Customer defined Monotonic flags 2 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_2: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_3 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000AC, Width: 32b; Customer defined Monotonic flags 3 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_3: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_4 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000B0, Width: 32b; Customer defined Monotonic flags 4 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_4: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_5 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000B4, Width: 32b; Customer defined Monotonic flags 5 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_5: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_6 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000B8, Width: 32b; Customer defined Monotonic flags 6 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_6: '0x00000000'
# ----------------------------------------===== MFLAG_CUST_7 [Optional] =====-----------------------------------------
# Description: Offset: 0x000000BC, Width: 32b; Customer defined Monotonic flags 7 for application use.
# Once a bit is set in this field it should be set on sub-sequent updates of the page. ROM emulates One Time
# Programmable (OTP) bits behavior during CFPA-CMAC update.
# Compared to current value, if the new value has bit cleared, then the update is rejected and CMAC signing is
# skipped.
MFLAG_CUST_7: '0x00000000'
# ----------------------------------------===== FLASH_ACL_0_7 [Optional] =====----------------------------------------
# Description: Offset: 0x000000C0, Width: 32b; Access control for flash sector 0-7.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_0_7:
# -----------------------------------------===== ACL_SEC_0 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x00_0000 - 0x00_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_0: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_1 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x00_8000 - 0x00_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_1: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_2 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x01_0000 - 0x01_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_2: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_3 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x01_8000 - 0x01_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_3: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_4 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x02_0000 - 0x02_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_4: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_5 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x02_8000 - 0x02_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_5: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_6 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x03_0000 - 0x03_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_6: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_7 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x03_8000 - 0x03_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_7: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_8_15 [Optional] =====----------------------------------------
# Description: Offset: 0x000000C4, Width: 32b; Access control for flash sector 8-15.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_8_15:
# -----------------------------------------===== ACL_SEC_8 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x04_0000 - 0x04_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_8: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== ACL_SEC_9 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x04_8000 - 0x04_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_9: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_10 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x05_0000 - 0x05_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_10: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_11 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x05_8000 - 0x05_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_11: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_12 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x06_0000 - 0x06_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_12: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_13 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x06_8000 - 0x06_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_13: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_14 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x07_0000 - 0x07_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_14: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_15 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x07_8000 - 0x07_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_15: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_16_23 [Optional] =====---------------------------------------
# Description: Offset: 0x000000C8, Width: 32b; Access control for flash sector 16-23.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_16_23:
# ----------------------------------------===== ACL_SEC_16 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x08_0000 - 0x08_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_16: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_17 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x08_8000 - 0x08_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_17: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_18 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x09_0000 - 0x09_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_18: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_19 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x09_8000 - 0x09_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_19: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_20 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x0A_0000 - 0x0A_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_20: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_21 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x0A_8000 - 0x0A_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_21: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_22 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x0B_0000 - 0x0B_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_22: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_23 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x0B_8000 - 0x0B_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_23: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_24_31 [Optional] =====---------------------------------------
# Description: Offset: 0x000000CC, Width: 32b; Access control for flash sector 24-31.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_24_31:
# ----------------------------------------===== ACL_SEC_24 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x0C_0000 - 0x0C_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_24: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_25 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x0C_8000 - 0x0C_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_25: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_26 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x0D_0000 - 0x0D_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_26: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_27 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x0D_8000 - 0x0D_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_27: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_28 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x0E_0000 - 0x0E_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_28: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_29 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x0E_8000 - 0x0E_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_29: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_30 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x0F_0000 - 0x0F_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_30: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_31 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x0F_8000 - 0x0F_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_31: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_32_39 [Optional] =====---------------------------------------
# Description: Offset: 0x000000D0, Width: 32b; Access control for flash sector 32-39.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_32_39:
# ----------------------------------------===== ACL_SEC_32 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x10_0000 - 0x10_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_32: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_33 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x10_8000 - 0x10_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_33: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_34 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x11_0000 - 0x11_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_34: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_35 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x11_8000 - 0x11_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_35: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_36 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x12_0000 - 0x12_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_36: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_37 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x12_8000 - 0x12_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_37: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_38 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x13_0000 - 0x13_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_38: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_39 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x13_8000 - 0x13_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_39: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_40_47 [Optional] =====---------------------------------------
# Description: Offset: 0x000000D4, Width: 32b; Access control for flash sector 40-47.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_40_47:
# ----------------------------------------===== ACL_SEC_40 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x14_0000 - 0x14_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_40: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_41 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x14_8000 - 0x14_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_41: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_42 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x15_0000 - 0x15_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_42: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_43 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x15_8000 - 0x15_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_43: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_44 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x16_0000 - 0x16_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_44: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_45 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x16_8000 - 0x16_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_45: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_46 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x17_0000 - 0x17_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_46: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_47 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x17_8000 - 0x17_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_47: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_48_55 [Optional] =====---------------------------------------
# Description: Offset: 0x000000D8, Width: 32b; Access control for flash sector 48-55.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_48_55:
# ----------------------------------------===== ACL_SEC_48 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x18_0000 - 0x18_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_48: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_49 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x18_8000 - 0x18_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_49: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_50 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x19_0000 - 0x19_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_50: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_51 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x19_8000 - 0x19_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_51: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_52 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x1A_0000 - 0x1A_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_52: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_53 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x1A_8000 - 0x1A_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_53: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_54 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x1B_0000 - 0x1B_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_54: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_55 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x1B_8000 - 0x1B_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_55: DEFAULT_RW_UNLOCKED
# ---------------------------------------===== FLASH_ACL_56_63 [Optional] =====---------------------------------------
# Description: Offset: 0x000000DC, Width: 32b; Access control for flash sector 56-63.
# Select one of the 8 pre-defined access control attributes for the given sector. Access attributes control read,
# write and execute access along with sticky lock protection.
# After a locked access level is selected, the sub-sequent updates of this field can be done with higher lock level
# only.
# - If current sector ACL value (GLBACn index) is greater than the new value, then it is permitted except if the new
# value is 4 or 5.
# - 7 (___L) > 6 (__XL) > 3 (R__L) > 2 (R_XL) > 1 (RW_L) > 0 (RWX_)
# - If current sector ACL value is 0, 4, or 5 then any new value is permitted.
FLASH_ACL_56_63:
# ----------------------------------------===== ACL_SEC_56 [Optional] =====-----------------------------------------
# Description: Offset: 0b, Width: 3b, Access control for flash sector (offset range 0x1C_0000 - 0x1C_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_56: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_57 [Optional] =====-----------------------------------------
# Description: Offset: 4b, Width: 3b, Access control for flash sector (offset range 0x1C_8000 - 0x1C_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_57: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_58 [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 3b, Access control for flash sector (offset range 0x1D_0000 - 0x1D_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_58: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_59 [Optional] =====-----------------------------------------
# Description: Offset: 12b, Width: 3b, Access control for flash sector (offset range 0x1D_8000 - 0x1D_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_59: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_60 [Optional] =====-----------------------------------------
# Description: Offset: 16b, Width: 3b, Access control for flash sector (offset range 0x1E_0000 - 0x1E_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_60: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_61 [Optional] =====-----------------------------------------
# Description: Offset: 20b, Width: 3b, Access control for flash sector (offset range 0x1E_8000 - 0x1E_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_61: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_62 [Optional] =====-----------------------------------------
# Description: Offset: 24b, Width: 3b, Access control for flash sector (offset range 0x1F_0000 - 0x1F_7FFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_62: DEFAULT_RW_UNLOCKED
# ----------------------------------------===== ACL_SEC_63 [Optional] =====-----------------------------------------
# Description: Offset: 28b, Width: 3b, Access control for flash sector (offset range 0x1F_8000 - 0x1F_FFFF).
# - DEFAULT_RW_UNLOCKED, (0): Default flash memory behavior (R/W unlocked)
# - DATA_RW_LOCKED, (1): Data flash memory with this setting: R/W + locked
# - ROM_RX_LOCKED, (2): ROM with this setting: RX + locked
# - DATA_ROM_LOCKED, (3): Data read-only memory (DROM) with this setting: ROM + locked
# - ROM_RX_UNLOCKED, (4): ROM with this setting: RX unlocked
# - XOM_UNLOCKED, (5): XOM with this setting: XOM unlocked
# - XOM_LOCKED, (6): XOM with this setting: XOM + locked
# - NO_ACCESS_LOCKED, (7): Hidden (no access + locked)
# Possible options:
# XOM_UNLOCKED, XOM_LOCKED, NO_ACCESS_LOCKED>
ACL_SEC_63: DEFAULT_RW_UNLOCKED
# -----------------------------------------===== IMG0_CMAC0 [Optional] =====------------------------------------------
# Description: Offset: 0x000000E0, Width: 32b; Die unique CMAC[31:0] of image 0.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 0 range when IMG_UPD field is set to 2b'01.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG0_CMAC0: '0x00000000'
# -----------------------------------------===== IMG0_CMAC1 [Optional] =====------------------------------------------
# Description: Offset: 0x000000E4, Width: 32b; Die unique CMAC[63:32] of image 0.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 0 range when IMG_UPD field is set to 2b'01.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG0_CMAC1: '0x00000000'
# -----------------------------------------===== IMG0_CMAC2 [Optional] =====------------------------------------------
# Description: Offset: 0x000000E8, Width: 32b; Die unique CMAC[95:64] of image 0.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 0 range when IMG_UPD field is set to 2b'01.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG0_CMAC2: '0x00000000'
# -----------------------------------------===== IMG0_CMAC3 [Optional] =====------------------------------------------
# Description: Offset: 0x000000EC, Width: 32b; Die unique CMAC[127:96] of image 0.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 0 range when IMG_UPD field is set to 2b'01.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG0_CMAC3: '0x00000000'
# -----------------------------------------===== IMG1_CMAC0 [Optional] =====------------------------------------------
# Description: Offset: 0x000000F0, Width: 32b; Die unique CMAC[31:0] of image 1.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 1 range when IMG_UPD field is set to 2b'10.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG1_CMAC0: '0x00000000'
# -----------------------------------------===== IMG1_CMAC1 [Optional] =====------------------------------------------
# Description: Offset: 0x000000F4, Width: 32b; Die unique CMAC[63:32] of image 1.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 1 range when IMG_UPD field is set to 2b'10.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG1_CMAC1: '0x00000000'
# -----------------------------------------===== IMG1_CMAC2 [Optional] =====------------------------------------------
# Description: Offset: 0x000000F8, Width: 32b; Die unique CMAC[95:64] of image 1.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 1 range when IMG_UPD field is set to 2b'10.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG1_CMAC2: '0x00000000'
# -----------------------------------------===== IMG1_CMAC3 [Optional] =====------------------------------------------
# Description: Offset: 0x000000FC, Width: 32b; Die unique CMAC[127:96] of image 1.
# This field is managed by ROM and user application should not modify it.
# ROM calculates and stores die specific CMAC for image 1 range when IMG_UPD field is set to 2b'10.
# ROM calculates image CMAC only if the image passes ECDSA authentication check.
# On sub-sequent boots image authentication done using CMAC, based on SECURE_BOOT_CFG setting.
IMG1_CMAC3: '0x00000000'
# --------------------------------------===== DICE_Certificate [Optional] =====---------------------------------------
# Description: Offset: 0x00000100, Width: 1152b; DICE Certificate field is compounded by 36 32-bit fields and contains
# value of DICE Certificate generated by ROM
DICE_Certificate: '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
# --------------------------------------===== IPED_GCM_AAD_CTX0 [Optional] =====--------------------------------------
# Description: Offset: 0x00000190, Width: 32b; Additional Authentication Data for IPED context 0. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX0: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX1 [Optional] =====--------------------------------------
# Description: Offset: 0x00000194, Width: 32b; Additional Authentication Data for IPED context 1. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX1: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX2 [Optional] =====--------------------------------------
# Description: Offset: 0x00000198, Width: 32b; Additional Authentication Data for IPED context 2. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX2: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX3 [Optional] =====--------------------------------------
# Description: Offset: 0x0000019C, Width: 32b; Additional Authentication Data for IPED context 3. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX3: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX4 [Optional] =====--------------------------------------
# Description: Offset: 0x000001A0, Width: 32b; Additional Authentication Data for IPED context 4. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX4: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX5 [Optional] =====--------------------------------------
# Description: Offset: 0x000001A4, Width: 32b; Additional Authentication Data for IPED context 5. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX5: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX6 [Optional] =====--------------------------------------
# Description: Offset: 0x000001A8, Width: 32b; Additional Authentication Data for IPED context 6. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX6: '0x00000000'
# --------------------------------------===== IPED_GCM_AAD_CTX7 [Optional] =====--------------------------------------
# Description: Offset: 0x000001AC, Width: 32b; Additional Authentication Data for IPED context 7. Use CRC32 value of
# any un-encrypted data associated with this context.
IPED_GCM_AAD_CTX7: '0x00000000'
# -----------------------------------------===== CFPA_CRC32 [Optional] =====------------------------------------------
# Description: Offset: 0x000001EC, Width: 32b; CRC32 of CFPA page data from offset 0x00 to 0x1EB. ROM updates this
# field along with CFPA_CMAC on subsequent boot after page update. ROM uses this field based on CMPA.LP_SEC_BOOT field
# option.
CFPA_CRC32: '0x00000000'
# -----------------------------------------===== CFPA0_CMAC0 [Optional] =====-----------------------------------------
# Description: Offset: 0x000001F0, Width: 32b; CMAC[31:0] of CFPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CFPA0_CMAC0: '0x00000000'
# -----------------------------------------===== CFPA0_CMAC1 [Optional] =====-----------------------------------------
# Description: Offset: 0x000001F4, Width: 32b; CMAC[63:32] of CFPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CFPA0_CMAC1: '0x00000000'
# -----------------------------------------===== CFPA0_CMAC2 [Optional] =====-----------------------------------------
# Description: Offset: 0x000001F8, Width: 32b; CMAC[95:64] of CFPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CFPA0_CMAC2: '0x00000000'
# -----------------------------------------===== CFPA0_CMAC3 [Optional] =====-----------------------------------------
# Description: Offset: 0x000001FC, Width: 32b; CMAC[127:96] of CFPA page data from offset 0x00 to 0x1EB. ROM updates
# this field on subsequent boot after page update.
CFPA0_CMAC3: '0x00000000'
# Copyright 2024 NXP
#
# SPDX-License-Identifier: BSD-3-Clause
# ========================================= PFR CFPA configuration template ==========================================
# ======================================================================================================================
# == General Options ==
# ======================================================================================================================
# -------------------------------------===== The chip family name [Required] =====--------------------------------------
# Description: NXP chip family identifier.
# Possible options:
# lpc55s06, lpc55s14, lpc55s16, lpc55s26, lpc55s28, lpc55s36, lpc55s66, lpc55s69, mcxn235, mcxn236, mcxn546, mcxn547,
# mcxn946, mcxn947, nhs52s04>
family: mcxn946
# -----------------------------------------===== MCU revision [Optional] =====------------------------------------------
# Description: Revision of silicon. The 'latest' name, means most current revision.
# Possible options:
revision: latest
# ------------------------------------===== Configuration area type [Optional] =====------------------------------------
# Description: PFR / IFR type
# Possible options:
type: CFPA
# ----------------------------------===== Configuration area Settings [Required] =====----------------------------------
settings: We kept in configuration just settings that are changed compare to defaults, all other are erased because the PFR tool keep them on defaults values.
# --------------------------------------===== CFPA_PAGE_VERSION [Optional] =====--------------------------------------
# Description: Offset: 0x00000004, Width: 32b; CFPA Page Version.
CFPA_PAGE_VERSION: Updated CFPA version to new one, must be increased with each write to protect against downgrading of settings.
# -------------------------------------===== CFPA_PAGE_VERSION [Optional] =====-------------------------------------
# Description: Offset: 0b, Width: 24b, CFPA page version.
# Boot ROM uses this field to determine the active CFPA page by comparing the values in this field for the two CFPA
# pages. The page with higher version number is picked as active page if it passes the CMAC authentication. This
# field is updated by ROM whenever CFPA page is updated.
# Write '0xFF_FFFF' to auto increment current CFPA page version value (by ROM).
CFPA_PAGE_VERSION: 0xFF_FFFF Updated CFPA version to new one, must be increased with each write to protect against downgrading of settings.
# -------------------------------------===== DCFG_CC_SOCU_NS_PIN [Optional] =====-------------------------------------
# Description: Offset: 0x00000024, Width: 32b; Device Configuration Credential Constraints for SoC specific Use
# Pinned.
# With TZ-M, the part can be sold by level 1 customers (secure code developer) to level-2 customers who develops non-
# secure code only.
# - In this scenario, for ease of development, Level 1 customer releases the part to always allow non-secure debug.
# - To allow level-2 customers to further seal the part DCFG_CC_SOCU_NS is used.
# - ROM will use this word to further restrict the debug access.
DCFG_CC_SOCU_NS_PIN:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
NIDEN: USE_DAP
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DBGEN: USE_DAP
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPNIDEN: USE_DAP
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
SPIDEN: USE_DAP
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
DSP_DBGEN: USE_DAP
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ISP_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
FA_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
ME_CMD_EN: FIXED_STATE Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_NIDEN: USE_DAP
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Enable
# - USE_DAP, (0): Use DAP to enable
# - FIXED_STATE, (1): Fixed state
# Possible options:
CPU1_DBGEN: USE_DAP
# ----------------------------------------===== UUID_CHECK [Optional] =====-----------------------------------------
# Description: Offset: 15b, Width: 1b, Enforce UUID match during Debug authentication
# - DISABLED, (0): Debug certificate can be used with all devices.
# - ENABLED, (1): Debug certificate per device with matching UUID is needed.
# Possible options:
UUID_CHECK: DISABLED
# ------------------------------------===== DCFG_CC_SOCU_NS_DFLT [Optional] =====-------------------------------------
# Description: Offset: 0x00000028, Width: 32b; Device Configuration Credential Constraints for SoC specific Use Debug
# Filter.
# With TZ-M, the part can be sold by level 1 customers (secure code developer) to level-2 customers who develops non-
# secure code only.
# - In this scenario, or easy of development, Level-I customer releases the part to always allow non-secure debug.
# - To allow level-2 customers to further seal the part DCFG_CC_SOCU_NS is used.
# - ROM will use this word to further restrict the debug access.
DCFG_CC_SOCU_NS_DFLT:
# -------------------------------------------===== NIDEN [Optional] =====-------------------------------------------
# Description: Offset: 0b, Width: 1b, Non-secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
NIDEN: DISABLED
# -------------------------------------------===== DBGEN [Optional] =====-------------------------------------------
# Description: Offset: 1b, Width: 1b, Non-secure Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DBGEN: DISABLED
# ------------------------------------------===== SPNIDEN [Optional] =====------------------------------------------
# Description: Offset: 2b, Width: 1b, Secure Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPNIDEN: DISABLED
# ------------------------------------------===== SPIDEN [Optional] =====-------------------------------------------
# Description: Offset: 3b, Width: 1b, Secure Invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
SPIDEN: DISABLED
# -----------------------------------------===== DSP_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 5b, Width: 1b, DSP Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
DSP_DBGEN: DISABLED
# ----------------------------------------===== ISP_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 6b, Width: 1b, ISP Boot Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ISP_CMD_EN: ENABLED Keep enabled debug mailbox command "Switch to ISP mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== FA_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 7b, Width: 1b, FA Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
FA_CMD_EN: ENABLED Keep enabled debug mailbox command "FA mode" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# -----------------------------------------===== ME_CMD_EN [Optional] =====-----------------------------------------
# Description: Offset: 8b, Width: 1b, Flash Mass Erase Command Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
ME_CMD_EN: ENABLED Keep enabled debug mailbox command "Mass erase" when the debug access is locked. (Just for better testing purposes. In real application it must be set to fit the final use.)
# ----------------------------------------===== CPU1_NIDEN [Optional] =====-----------------------------------------
# Description: Offset: 9b, Width: 1b, Second CM33 Non-invasive Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_NIDEN: DISABLED
# ----------------------------------------===== CPU1_DBGEN [Optional] =====-----------------------------------------
# Description: Offset: 10b, Width: 1b, Second CM33 Debug Fixed State
# - DISABLED, (0): Disabled
# - ENABLED, (1): Enabled
# Possible options:
CPU1_DBGEN: DISABLED
5.1 Generate final PFR binaries#
# Generate PFR binaries
CMPA_BINARY_OUTPUT = WORKSPACE + "cmpa_mcxn9xx.bin"
CFPA_BINARY_OUTPUT = WORKSPACE + "cfpa_mcxn9xx.bin"
%! pfr $VERBOSITY generate-binary -c $CMPA_CONFIG -e $CERT_BLOCK_CONFIG -o $CMPA_BINARY_OUTPUT
%! pfr $VERBOSITY generate-binary -c $CFPA_CONFIG -o $CFPA_BINARY_OUTPUT
pfr generate-binary -c inputs/cmpa_mcxn9xx_debug_auth.yaml -e inputs/cert_block_mcxn9xx.yaml -o workspace/cmpa_mcxn9xx.bin
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (613ms since start, pfr.py:206)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (613ms since start, pfr.py:206)
Success. (PFR binary has been generated)
pfr generate-binary -c inputs/cfpa_mcxn9xx_debug_auth.yaml -o workspace/cfpa_mcxn9xx.bin
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (596ms since start, pfr.py:206)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (596ms since start, pfr.py:206)
Success. (PFR binary has been generated)
6. Load binary image + debug auth config into PFR#
IMAGE = INPUTS + "frdm_mcxn947_led_blinky.bin"
# Write test image to flash
%! blhost $UART write-memory 0x0 $IMAGE
# Write CMPA / CFPA configuration blocks to flash
%! pfr $VERBOSITY write $UART -t cfpa -f $FAMILY -b $CFPA_BINARY_OUTPUT
%! pfr $VERBOSITY write $UART -t cmpa -f $FAMILY -b $CMPA_BINARY_OUTPUT
# Reset to device to run test application and apply settings of configuration blocks
%! blhost $UART reset
blhost -p COM116 write-memory 0x0 inputs/frdm_mcxn947_led_blinky.bin
Writing memory
Response status = 0 (0x0) Success.
Response word 1 = 4072 (0xfe8)
pfr write -p COM116 -t cfpa -f mcxn946 -b workspace/cfpa_mcxn9xx.bin
CFPA page address on mcxn946 is 0x1000000
CFPA data written to device.
pfr write -p COM116 -t cmpa -f mcxn946 -b workspace/cmpa_mcxn9xx.bin
CMPA page address on mcxn946 is 0x1004000
CMPA data written to device.
blhost -p COM116 reset
Response status = 0 (0x0) Success.
7. Test debug authentication#
Now we can call authentication command for nxpdebugmbox. Since the board is in the LC=0x3, we need to set value for beacon in order to verify that the authentication truly succeeded. Let’s set beacon to 1.
DAT_CONFIG = INPUTS + "dat_config.yaml"
%! nxpdebugmbox $VERBOSITY -f $FAMILY -i $INTERFACE dat auth -c $DAT_CONFIG
nxpdebugmbox -f mcxn946 -i pyocd dat auth -c inputs/dat_config.yaml
# Interface Id Description
----------------------------------------------------------------------------------------------------
0 PyOCD 3NMDBGL2DLIM2 NXP Semiconductors MCU-LINK FRDM-MCXN947 (r0E7) CMSIS-DAP V3.140
Debug Authentication ends successfully.
Now read beacon from the memory. The value from the memory should have same values as the value from the config file.
%! nxpdebugmbox $VERBOSITY -f $FAMILY -i $INTERFACE mem-tool read-memory -a 0x40000FC0 -c 4
nxpdebugmbox -f mcxn946 -i pyocd mem-tool read-memory -a 0x40000FC0 -c 4
# Interface Id Description
----------------------------------------------------------------------------------------------------
0 PyOCD 3NMDBGL2DLIM2 NXP Semiconductors MCU-LINK FRDM-MCXN947 (r0E7) CMSIS-DAP V3.140
00 00 01 00