2355457_en-US

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

2355457_en-US

2355457_en-US

LS1043A is SEC a requirement for Secure Boot?

Since the LS1043A can come with either SEC enabled, or SEC disabled.

Is it a hard requirement that SEC be enabled for Secure Boot?

If we have an LS1043A that already has SEC disabled from NXP can Secure Boot still be achieved? Documentation is unclear, but seems like Secure Boot is still available even if SEC is not. Is this correct?

QorIQ LS1 DevicesRe: LS1043A is SEC a requirement for Secure Boot?

Hi,

If the LS1043A silicon lacks the SEC engine, it is physically incapable of triggering the ROM-based logic required to start a secure chain. The Arm CoT/mbedtls path in LSDK is not a "workaround" for missing hardware; it is simply a different software architecture for chips that do have the necessary security hardware.

regards

Re: LS1043A is SEC a requirement for Secure Boot?

Ok, so a LS1043ASN7MNLB is not capable of secure boot with arm trusted firmware, correct?

A LS1043ASEN7MNLB would be capable of secure boot with arm trusted firmware, because it has the SEC enabled, correct?

Now you said that for the non-SEC chip it is not capable of a 'hardware-rooted' secure boot. Does that mean a software version / 'software-rooted' of secure boot could work? In the LSDK 21.08 it does also mention instead of NXP CoT there is Arm CoT that utilizes mbedtls. However, it looks like in the documentation that it does not support the LS1043A chip. 

Just trying to get some clarification.

Thank you for the reply.

Re: LS1043A is SEC a requirement for Secure Boot?

Hello,

No, it is not correct that Secure Boot is available if the SEC engine is disabled. For the LS1043A, having the SEC engine (security acceleration) enabled is a hard requirement for establishing a hardware-rooted Secure Boot.


Regards

タグ(1)
評価なし
バージョン履歴
最終更新日:
‎04-28-2026 04:46 AM
更新者: