Most embedded devices provide a JTAG interface for debugging purposes. However, if left unprotected, this interface can become an important attack vector on the system.
The JTAG port on the STM32MP13 is managed as follows:
-
JTAG port is enabled on open devices
-
JTAG port is initially disabled on closed devices
Although the JTAG port is initially disabled on closed devices, it could be enabled from the secure world.
Optionally, on a closed device, you can secure the JTAG port in two modes:
-
Disable boundary scan: This mode protects boundary scan against control and sampling.
-
Disable JTAG port: This mode disables access to all test outputs (including JTDO). JTDO output and input paths are blocked. JTMS output path (for SWDIO) is blocked.
Disable boundary scan
This mode protects boundary scan against control and sampling.
| You can only disable boundary scan on closed devices. See Set up secure boot for information on securing and closing a device. |
| Disabling boundary scan requires burning e-fuses. This is an irreversible operation. |
To disable boundary scan, run the following command in U-Boot:
=> trustfence prog_jtag disable-bscanDisable JTAG port
This mode disables access to all test outputs (including JTDO). JTDO output and input paths are blocked. JTMS output path (for SWDIO) is blocked.
| You can only disable the JTAG port on closed devices. See Set up secure boot for information on securing and closing a device. |
| Disabling the JTAG port requires burning e-fuses. This is an irreversible operation. |
To disable the JTAG port, run the following command in U-Boot:
=> trustfence prog_jtag disable-jtag
