Changing i.MX8 SSM state from secure to non-secure

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Changing i.MX8 SSM state from secure to non-secure

585 Views
danielgloeckner
Contributor I

Hello,

in our system we want to boot in secure SSM state and later switch to non-secure state to execute untrusted code until the device is powered off. We found the following comment in U-Boot, written by an NXP employee back to 2019:

The silicon revision B0 of the iMX8QM and iMX8QXP have a bug in the SECO ROM: If the SSM of the SNVS changes state, the next call to SECO will trigger an integrity check of the SECO firmware which will fail due to incorrect CAAM keys hence the SECO will not respond to the call. The system will hang in this state until a watchdog resets the board.

Is changing SSM state at runtime still broken in the current revision of the i.MX8QM? Has it maybe been fixed by new SECO firmware for the first AHAB container loaded by the ROM?

If it has been fixed, what is the preferred way for switching from secure to non-secure state until power is removed (even from the SNVS) without relying on external hardware?

Best regards,

  Daniel

0 Kudos
Reply
2 Replies

547 Views
Harvey021
NXP TechSupport
NXP TechSupport

I think qxp c0 should fix it. Regarding switching from secure to non-secure state, a way like trigger the exception and then use the command to change from fail to non-secure. Would suggest SRM Security Reference Manual for i.MX 8QuadMax Application Processors (nxp.com) for more reference to you.

 

Regards

Harvey

0 Kudos
Reply

541 Views
danielgloeckner
Contributor I

Hello Harvey,

thanks for your reply. Unfortunately we can't switch to the i.MX8QXP. Our project requires the i.MX8QM. So the current i.MX8QM revision is still broken?

Part of what I was looking for was an easy and reliable way to trigger "the exception". Since the CPU module is an off-the-shelf part, we are not in the position to change its SCU firmware. Everything has to be done from the Cortex-A core using the API provided by the stock SCU firmware.

I already looked into the Security Reference Manual. But much of what is written in there about the SSM appears to be accessible only from the SECO.

Best Regards,

  Daniel

0 Kudos
Reply