FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

RCW/PCI command integrity via Secure Boot

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RCW/PCI command integrity via Secure Boot

‎09-24-2020 03:17 AM
614 Views
bradley_gamble
Contributor I

Hello,

I am implementing Secure Boot (ISBC/ESBC) chain of trust on my T1042 device. Reading over the documentation it states that the RCW/PBI commands are executed prior to the CSF/ISBC stages being executes. These RCW/PBI commands are loaded from flash (NAND/NOR/SPI) and executed via the PBL.

These commands must be stored raw on the flash device as they are executed prior to any signature verification. However, what is to stop these commands being used to subvert the boot process? Could a malicious party generate a set of RCW/PBI commands, inject them on to the flash of a device and then use this to disable secure boot, or otherwise corrupt the boot process to run an unauthorised binary?

Kind regards,

0 Kudos
Reply
1 Reply

‎09-24-2020 10:22 PM
605 Views
bpe
NXP Employee
NXP Employee


There is no way to disable Secure Boot if ITS fuse is blown and there are additional access restrictions in Secure Boot mode. See details in T1040RM,  Sections 27.4.2.1 and 26.5.3.1

 

Have a great day,

Platon

0 Kudos
Reply