OTP whitelabel options for RP2350 boards

I’m going to have to presume that the ECC bits reported are correct, as I don’t see where the ECC correction algorithm is listed, nor where they document the other two bits’ purpose.

Row 0x010: 2BC9 === 2BC9 === C9 2B [22] (.+)
Row 0x011: 7F51 === 7F51 === 51 7F [09] (Q.)
Row 0x018: 0030 === 0030 === 30 00 [03] (0.)
Row 0x036: 7425 === 7425 === 25 74 [15] (%t)
Row 0x037: 6DE2 === 6DE2 === E2 6D [1C] (.m)
Row 0xF80: 3F37 === 3F37 =?= 3F 3F [3F] (7?)
Row 0xF81: 1505 === 1505 =?= 15 15 [15] (..)
Row 0xF83: 0504 === 0504 =?= 04 04 [04] (..)
Row 0xF85: 0504 === 0504 =?= 04 04 [04] (..)
Row 0xFFD: 0504 === 0504 =?= 04 04 [04] (..)
Row 0xFFF: 1410 === 1410 =?= 14 14 [14] (..)

Page 0xF80…0xFFF store the lock bits for the OTP pages 0…63. Since the lock bits must be programmable multiple times (to go from read/write → read-only → no-access), they do not use the harware ECC support. Instead, they are read (and written) in raw form only. Instead, each row stores 3x copies of a single byte. This allows a later programming request to set additional bits, which would be prevented when using ECC codes.

I will have to update the code to show rows 0xF80…0xFFF as 100% OK when they store three identical bytes. Moreover, the ECC-corrected reads do not have valid meaning, so I will update those to be masked from the output.

I also found the SDK code (and adapted it) to verify the ECC from the data read in raw form, and verified its functionality on godbolt.org. Thus, can simplify the code further.

There is still a few edge cases which make it impossible to 100% reliably auto-detect that the data was stored in triplicate vs. stored with ECC. Specifically, there are two values that, when stored as triple-encoded bytes, have valid ECC byte. If allowing for the OTP row to have a single-bit error, then there are an additional sixteen (16) values that, when read from the OTP row with a single-bit error, might be either valid ECC stored values, or a triple-encoded byte.

The situations I considered can be found on godbolt.org. This shows a very strong indicator can be determined, just from the raw data, as to whether the data was intended to be stored with ECC, or intended to be stored as a triple-encoded single byte.

Pages from 0xF80 … 0xFFF are always 3x-byte encoded.
User pages will need a “best guess”?

That’s awesome, thanks for checking! Maybe I’ll program it to have serial 68656E7279676162, or maybe I’ll keep it around unprogrammed as a piece of history. I don’t have a 5XL, so … that’ll also complete my collection of internal-flash models.

Looking at the code, the most likely cause (by way of elimination) is that the parse_otp_command_line() function is setting the start address to zero (when it should not)? I am unlikely to be able to debug this work week, but will have it on my list.

It was neat to read the values three ways, but I now can validate the ECC code directly (the SDK’s ECC generation function works correctly). Thus, there is only a need to read using bootrom API if the ECC is not correct.

Also, I want to update the display to indicate when it’s highly probable that the data is being stored as 3x copies of the same byte (with up to 1 bit error permitted). I have exhaustively checked the possibilities, and found only 18x 24-bit patterns where the values could be both 3x-stored single byte (with up to 1 bit error), and could also be ECC-stored data (with up to 1 bit error). So, that’s pretty good basis for a heuristic flag to be displayed.

I also want to force a few edge cases, to test & verify the code.

Burn 256 rows …

1. Write RAW all 256 possible triple-encoded single-byte values.
2. Read those same sectors back as if they were ECC-corrected.
3. Determine what the hardware ECC correction is doing, and verify it reports errors

Force use of BRBP (and test our dumping of the same)

1. Choose 16-bit value to write to the OTP (e.g., 0x6D6F)
2. Write a single bit that should be zero in that intended value. In this example, maybe this could be 0x0080.
3. Using RAW OTP write method (to prevent ECC from being written), use bootrom API or picotool to write that single bit (0x000080)to an OTP row.
4. Using ECC OTP write method (to cause ECC to be used when writing to the row), use bootrom API or picotool to write the chosen value to that same OTP row (0x6D6F). This should succeed.
5. Read back the result using RAW mode.

Expected data:
0x00 0x90 0x92 0xFD
Since the correction byte’s top two bits are set to one, the value should be inverted to get actual data:
0x00 0x6F 0x6D 0x32

Unfortunately, there was a delay getting the Pico boards shipped, so they won’t be here until next week. I don’t want to burn fuses on my BP6 boards for experimentation, so … I will also delayed doing the above edge-case tests.

NOTE: I have code for the above edge cases essentially written. Once verified how the hardware responds, I can simplify the code significantly, and ensure the display is outputing reasonable data (even in the BRBP cases).

• Force use of, and test reading of, OTP written using BRBP.
• Write function to calculate (and thus detect) single-bit and dual-bit errors.
• Write various bit patterns (using RAW) and read back (using ECC) to verify hardware reports two-bit errors.
• Modify command to be otp dump (two words), so can add other OTP sub-commands later.

It appears picotool silently (automagically?) writes to multiple rows, when asking it to write to a row that is RBIT-3 (voting algorithm amongst multiple rows) … or maybe it’s the bootrom itself?

As an example, when using picotool to write to Row 0x59, it appears to also automatically write to rows 0x5A and 0x5B.

I’ve messed up two RP2350 board’s OTP thus far:

• In one, I accidentally writing to reserved areas of the OTP (Rows 0x064 onwards) … so while the settings worked in bootrom, no telling what settings I destroyed, so it’s only usable for OTP testing in bootrom.
• In the other, I forgot to update whitelabel address offsets after re-arranging the string order. Oops. Works, but with some unexpected / odd / null-enclosing strings in places.

I should have an update in the next couple days, with a focus on verifying the steps to be taken during manufacturing.

I have verified a simple way to program all but one string (the manufacturing details) per-product line (e.g., BP5XL, BP6, BP7), and to add the string containing the manufacturing details later.

Thus, a first script can run identically on all devices (of a given type), causing the USB white label of the bootrom to be tested as part of QA.

A second script can be run after QA, to store the variable portions of the data, and lock the USB whitelabel page.
This reduces the complexity of the script for the variable data portion, which I consider a “Good Thing ™”.

• Modify command to be otp dump (two words), so can add other OTP sub-commands later
• Add directory entry for the portions of the OTP used for the whitelabel customization. (yes, even though it’s duplicative of Rows 0x59…0x5C, … it’s a start).
• document edge cases when reading OTP having various errors using bootrom vs. memory-mapped regions … do all methods report errors?
  • Reading non-ECC pages as ECC protected
  • Reading ECC-protected pages with 1-bit error
  • Reading ECC-protected pages with 2-bit errors
  • Reading ECC-protected pages with Bit Recovery By Polarity (BRBP)
  • Manual recovery of original data from raw BRBP ECC row

1. BP6 firmware is updated with a new function that automatically programs the common (per-product) USB whitelabel OTP structures.

   • Enabled with compilation switch (“Factory Mode”) which should be used for factory firmware
   • This helps avoid accidentally writing OTP on in-the-field BusPirate 6 / 5XL devices.
   • The factory can ship the device with the “Factory Mode” firmware … as those devices will have the OTP fields already set … so no extra firmware flash required.
   • Note that the whitelabel values have no effect on the firmware’s own execution, as those settings apply only to the UF2 bootrom.

2. Per-device unique data is added during or after QA.

   • I recommend distinct scripts for each type of unique data.
   • ( a ) Add INFO_UF2_TXT_BOARD_ID string and lock the OTP page used by whitelabel data (e.g., Page 3).
   • ( b ) Add x.509 certificate showing device provenance and OTP directory entry.
   • ( c ) … anything else that comes up …

3. Update default for use of USB serial number.

   • Limited to “Factory Mode” firmware on RP2350 devices, add some additional logic.
   • If the OTP whitelabel structures are NOT finalized, then device is presumed to be on the factory floor
     • If on factory floor, then override setting to always use the single common “fake” USB serial number
   • bool is_whitelabel_finalized()
     • Read OTP row 0x59 USB_BOOT_FLAGS
     • Verify WHITE_LABEL_ADDR_VALID is set
     • Verify WL_INFO_UF2_TXT_BOARD_ID_STRDEF_VALID
     • e.g., raw_OTP & 0x408000u == 0x408000u
   • Else the existing logic is used.

The certificate of provenance (that’s my name … let’s see if it sticks) is a separate, but entirely supported, part of personalization.

It’s inefficient, and their code is scary-bad… both in trying to comprehend it, and the lack of edge case support. I have lots of code I’m testing on real Pico2 boards right now.

The commands at the end work to whitelabel a Pico2 board. Since it bootrom that is affected, it should smoothly transition to the BP6.

I’m hoping to get this in a semi-working state quickly for you. Real life will limit my contributions next week. I have useful utility routines already … just need to test and put it together into a semi-presentable state.

As for the data structure … I have a slightly different approach in mind for the whitelabel. Also, I recommend avoiding fields named len … that is just asking for trouble. Does it mean count of bytes? count of rows? Also, OTP has different data size per row, depending on how the row is used. I’ll give you a nice function for burning the whitelabel data … AND it will all fit in the OTP rows 0x0c0 ... 0x0FF … so only a single OTP page is used.

Oh… and caution may be needed … the bootrom API may behave differently than the memory-mapped regions. I’m investigating and will share results.

Reconstructing how the bootrom recovers from single bit errors was based on the following sections of the datasheet:

• Section 13.6.1 Bit Repair By Polarity @ page 1264
• Section 13.6.2 Modified Hamming ECC @ page 1265

However, there were three key pieces of information omitted. Two of those were not even hinted at (i.e., the datasheet appears to be wrong).

1. Read the 24-bit value raw.
2. If both the Bit Recovery By Polarity bits are set, invert all 24 bits. The ECC recovery function NEVER sees pre-BRBP values.
   • See section 13.6.1 Bit Repair By Polarity @ page 1264:
     • When you read an OTP value through an ECC alias,
       BRBP checks for two ones in bits 23:22. When both
       bits 23 and 22 are set, BRBP inverts the entire row
       before passing it to the modified Hamming code stage.
3. Using only the least significant 16 bits as read, calculate
   the six error correction bits again.
   • In code, can just pass the full 32-bit value to the ECC calculation function, as it automatically truncates to 16-bit.
   • See section 13.6.2 Modified Hamming ECC @ page 1265
     • When you read an OTP value through an ECC alias,
       ECC recalculates the six parity bits based on the
       value read from the OTP row.
4. Now XOR the recalculated ECC vs. the read value.
   • Note: this is post-brbp inversion, if needed.
   • In code, can just XOR the full 32-bit value, since high byte is always zero and low two bytes are always identical.
   • See section 13.6.2 Modified Hamming ECC @ page 1265
     • Then, ECC XORs the original six (6) parity bits with
       the newly-calculated parity bits.
       This generates six (6) new bits:
       • the five (5) LSBs are the syndrome, a unique
       bit pattern that corresponds to each possible
       bit flip in the data value
       • the MSB distinguishes between odd and even
       numbers of bit flips
5. If the XOR’d value is zero, no errors detected … just return low 16 bits
6. NEW: If the XOR’d value has exactly one set bit … the single-bit error was in bits 23…16, so no change of the low 16 bits is required. Just return those low 16 bits.
7. NEW: If the XOR’d syndrome (5 bits) have an odd number of set bits, toggle the parity bit.
8. If the parity bit is zero, report multi-bit error.
   • See section 13.6.2 Modified Hamming ECC @ page 1265
     • If the [parity bit] is 0, but the syndrome contains a value other than 0, the ECC detected an unrecoverable multi-bit error.
9. Else, use the syndrome to determine which bit to flip to correct the error.
   • See section 13.6.2 Modified Hamming ECC @ page 1265
     • If the [parity bit] is 1, the syndrome should indicate a single-bit error. ECC flips the corresponding data bit to recover from the error.
10. NEW: Here’s the table to map from the 5-bit syndrome to the correction:

static const uint16_t sdk_otp_syndrom_to_bitflip[32] = {
    [ 3] = 0x0001,
    [ 5] = 0x0002,
    [ 6] = 0x0004,
    [ 7] = 0x0008,
    [ 9] = 0x0010,
    [10] = 0x0020,
    [11] = 0x0040,
    [12] = 0x0080,
    [13] = 0x0100,
    [14] = 0x0200,
    [15] = 0x0400,
    [17] = 0x0800,
    [18] = 0x1000,
    [19] = 0x2000,
    [20] = 0x4000,
    [21] = 0x8000,
};

If you use the ECC alias to read OTP values, you are given a 32-bit value corresponding to two adjacent OTP rows. If the first of those rows has a detected two-bit error, then either:

1. The detectable error is hidden when read using the ECC memory-mapped alias, -OR-
2. The detectable error faults on each 32-bit read, making the adjacent OTP row unreadable even if its data is correct or correctable.

With the ability to manually correct the single-bit errors, firmware now has a way to recover the data from *ALL correctable ECC OTP rows, while simultaneously being notified of detected errors.

OK, I now have a hacked-up input and menu system over RTT, so I don’t have to mess with any USB connection except power. This is good.

I’ve run the OTP ECC correction code on actual BP2350 hardware, and performed an exhaustive test of correctly-coded and single-bit-flip data.

I’ve also written all interesting variations of OTP data onto a single RP2350, for checking bootrom / memory mapped alias behavior.

I’ve now got the functions written for:

• Automatically applying the whitelabel data (except board ID aka manufacturing string).

  • This function will hard_assert() on failure, as I’m not aware of any good recovery.
  • That said, it was written to allow manual recovery (at alternate address), at least until the WHITE_LABEL_ADDRESS row (0x5C) is written.
  • This function uses a #define for the string portion that follows "Bus Pirate " … so for BP6 it should be "6", for BP5XL it should be "5XL", etc. Can be up to 7 characters in length.

• Applying a variable-length manufacturing data string.

  • Up to 40 characters are allowed.
  • Verbose output via printf … as expected this will run based on user input from console.