Hello!
I am using IMX8M mini and doing the investigation on the system boot sequence. I understand that ROM will rely on HAB to authenticate the u-boot image by comparing the signatures we added into the image. But what we want is to verify the integrity of the image instead of the security such as if the image is signed or not.
I have several questions regarding the verification process of the image during system boot:
1. I notice that RTIC can perform integrity check during both system boot time and run time, then I wonder how can we use the RTIC to do the integrity check on the u-boot image?
2. Is RTIC must be used with HAB, if so, does that mean we must sign our u-boot image first and also sign it accurately?
3. If RTIC can be used separately to perform the integrity check on u-boot image only? Is RTIC requires the image to be signed?
4. If say, our primary u-boot image is crashed, but we also provide a recovery u-boot image, how can we trigger ROM to boot from the recovery u-boot image then?
Your prompt reply is highly appreciated!
Thanks
Your prompt reply is highly appreciated!
Thanks!
