2340711_en-US

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

2340711_en-US

2340711_en-US

SAF85xx HSE Update SMR

Hi NXP, 

Do we need to update SMR  when just only Signature bytes change due to code content change but code size, start address ,  key, pointer to signature ... are not changed ?

Re: SAF85xx HSE Update SMR

Hello,

The SMR (Secure Memory Region) entry contains the metadata HSE uses to verify your application image. Even if:

the size stays the same
the start address stays the same
the key handle stays the same
the signature pointer stays the same

…any modification to the code content produces a different signature, and HSE must verify the new signature.
Because of this, the SMR entry that holds the signature must be rewritten with the updated signature bytes.
The SMR entry is part of the authenticated boot chain; HSE cannot validate the updated binary unless its corresponding SMR entry reflects the new signature.

FYI: Aptiv has direct NXP FAE, so feel free to get in touch with him for details.

Best regards,

Peter

Re: SAF85xx HSE Update SMR

Thank you for your response

Tags (1)
No ratings
Version history
Last update:
‎04-02-2026 02:25 AM
Updated by: