- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- Re: Boot command using hab_auth_img
Boot command using hab_auth_img
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Boot command using hab_auth_img
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi everyone,
I'm trying to use HAB for the kernel verification. I managed to sign the kernel image and to get "No HAB Events Found!" calling hab_auth_img 0x40480000 0x13c6f60 0x13c6000.
I have two questions:
- Do I have to explicitly add the hab_auth_img command in my bootcmd? Or is it in some way performed under the hood?
- If the command must be explicit does it mean that every time I want to update my kernel I also have to update U-Boot?
Thanks
Paolo Gentili
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, just a quick update.
I found a workaround: I modified the booti.c file so that the booti command requires also the image size and the image offset. This way useful also because I need to verify not only the kernel but also the DTB: a modification to booti.c was needed nevertheless.
Thanks
Paolo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm having a similar problem. Can you share your modifications to booti.c?
Thanks!
Adam
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, sorry for the late reply.
Please find attached two patches for uboot.
The logic is this: I removed any hab_auth_img control inside the booti command. The verification is perfomed by uboot before launching booti using the command load_fdt and loadimage.
Regards,
Paolo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thanks for your reply but you misunderstood me, let me explain again.
The kernel is the same, these are the steps to reproduce:
1) Manually load kernel Image at addr x
2) Run hab_auth_img with the kernel size/offset that I know because I compiled it
3) It returns no events, good.
4) Run booti
5) It automatically run an hab_authentication but if fails... (I found out that is related to a wrong kernel size).
So why with the same Image I'm having this problem?
Thanks
Paolo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi again,
Thanks for your reply.
I later found out that uboot itself, in the booti routine, tries to verify the kernel.
I have a problem though: the verification run manually by me is fine (via hab_auth_img) but the one performed by uboot fails. I found out that the problem is in the kernel size: my image has size 0x13c6f60 but the size retrieved inside booti_setup is 0x143b020.
Do you know why this is happening?
Thanks
Paolo Gentili
Yuri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Looks like Your kernel is not the same, as used in the example.
Kernel size depends on configuration.
Regards,
Yuri.
Yuri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Yes, you can modify your U-Boot bootcmd so it includes the HAB command that checks the kernel.
If some parameters changed - it will be needed to modify bootcmd.
Regards,
Yuri.
