Yahoo Groups archive

Lpc2000

Index last updated: 2026-04-28 23:31 UTC

Message

re: JTAG on LPC -- hardware or software

2006-02-14 by Jayasooriah

Hi Sean,

The discussion is not quite "academic" as it contains operational security 
assessment those in the "industry" use.

JTAG implementation is hardware, can be enabled or disabled by software.

[See notes on page 120 of 2294 user manual which states: "Important: LOW on 
P1.20 while nRESET is LOW enables pins P1.25:16 to opreate as Trace prot 
after reset" and "Important: LOW on pin P1.26 while nRESET is LOW enables 
P1.32:26 to operate as Debug port after reset". ]

Yes, my boot loader works with JTAG like and any boot loader that does not 
disable JTAG would.

Jaya

--- In lpc2000@yahoogroups.com, Sean <embeddedrelated@...> wrote:
 >
 >
 > Although I am enjoying this academic discussion, I am a little confused
 > here...  Pardon my ignorance in the matter.
 >
 > Is the JTAG implementation hardware or software?
 >
 >  From what I understand it's hardware, but then why then can a toasted boot
 > loader prevent JTAG from functioning?  Based on this statement it appears
 > that the boot loader is required to make JTAG function.  You (Jaya) said
 > that you have written and use your own boot loader.  Does JTAG work with
 > your boot loader?
 >
 > If the boot loader is required to make JTAG function (and thus JTAG is
 > non-functional at power on) then it should be trivial to implement CRP in
 > the boot loader in a secure fashion.  The boot loader simply doesn't enable
 > the JTAG functionality unless CRP is disabled.
 >
 > However all this discussion about how the boot loader will disable JTAG if
 > CRP is enabled (and thus leaves a window open to attack) implies that JTAG
 > is actually functional at power on, so why would a toasted boot loader
 > cause it to stop working if it is enabled before the boot loader even 
starts?
 >
 > It seems to me that if Philips really wanted to make this secure JTAG would
 > simply be nonfunctional until the boot loader has kicked in and verified
 > that CRP is disabled.  Ergo I agree that CRP seems like some afterthought:
 > a hack around JTAG to pretend that they actually have some form of security
 > on the chip.
 >
 > -- Sean

Send instant messages to your online friends http://au.messenger.yahoo.com

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.