i.MX Processors中的主题 HAB vulnerability - IMX7D https://community.nxp.com/t5/i-MX-Processors/HAB-vulnerability-IMX7D/m-p/850383#M130142 <HTML><HEAD></HEAD><BODY><P>Dear NXP,</P><P></P><P>Regarding ERR010873 - Secure boot vulnerability when authenticating a certificate.</P><P>Does the IMX7 contain a new boot ROM which fixes this vulnerability? If so, which silicon revisions / markings?</P><P></P><P>Finally, all publicly available information only mentions that it is possible to bypass secure boot and to run "unauthorized, unsigned" images.</P><P><BR />However, in case such an "unauthorized, unsigned" image is being run successfully, is the CPU still in Secure Mode or not? For instance, in this hacked u-boot, does "hab_status" </P><P></P><DIV class=""><CODE class="">=&gt; hab_status</CODE></DIV><DIV class=""><CODE class="">Secure boot disabled</CODE></DIV><P></P><P>or this,</P><P></P><DIV class=""><CODE class="">=&gt; hab_status</CODE></DIV><DIV class=""><CODE class="">Secure boot enabled</CODE></DIV></BODY></HTML> Tue, 20 Nov 2018 09:31:38 GMT hbeij 2018-11-20T09:31:38Z HAB vulnerability - IMX7D https://community.nxp.com/t5/i-MX-Processors/HAB-vulnerability-IMX7D/m-p/850383#M130142 <HTML><HEAD></HEAD><BODY><P>Dear NXP,</P><P></P><P>Regarding ERR010873 - Secure boot vulnerability when authenticating a certificate.</P><P>Does the IMX7 contain a new boot ROM which fixes this vulnerability? If so, which silicon revisions / markings?</P><P></P><P>Finally, all publicly available information only mentions that it is possible to bypass secure boot and to run "unauthorized, unsigned" images.</P><P><BR />However, in case such an "unauthorized, unsigned" image is being run successfully, is the CPU still in Secure Mode or not? For instance, in this hacked u-boot, does "hab_status" </P><P></P><DIV class=""><CODE class="">=&gt; hab_status</CODE></DIV><DIV class=""><CODE class="">Secure boot disabled</CODE></DIV><P></P><P>or this,</P><P></P><DIV class=""><CODE class="">=&gt; hab_status</CODE></DIV><DIV class=""><CODE class="">Secure boot enabled</CODE></DIV></BODY></HTML> Tue, 20 Nov 2018 09:31:38 GMT https://community.nxp.com/t5/i-MX-Processors/HAB-vulnerability-IMX7D/m-p/850383#M130142 hbeij 2018-11-20T09:31:38Z Re: HAB vulnerability - IMX7D https://community.nxp.com/t5/i-MX-Processors/HAB-vulnerability-IMX7D/m-p/850384#M130143 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>&nbsp; Please create request \ ticket to discuss the issue in more details.</P><P></P><P><A class="link-titled" href="https://www.nxp.com/support/support:SUPPORTHOME?tid=sbmenu" title="https://www.nxp.com/support/support:SUPPORTHOME?tid=sbmenu">Support|NXP</A>&nbsp;</P><P></P><P>Regards,</P><P>Yuri.</P></BODY></HTML> Wed, 21 Nov 2018 14:08:17 GMT https://community.nxp.com/t5/i-MX-Processors/HAB-vulnerability-IMX7D/m-p/850384#M130143 Yuri 2018-11-21T14:08:17Z