Disable "serial downloader" completely

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Disable "serial downloader" completely

1,497 Views
erezsteinberg
Contributor IV

Hello experts,

Is it possible to disable the serial downloader. 

(I mean so that even if BOOT_MODE is set to 01b)

For example, after programming an eMMC and verifying all functionality is correct, prevent anyone from accessing the device via the serial downloader, e.g. by setting BOOT_MODE to 01b

(The only way I can think of is to use HAB to ensure that even via serial-downloader no one can run un-authenticed software).

Regards,

Erez

Labels (1)
0 Kudos
Reply
7 Replies

1,109 Views
CarlosCasillas
NXP Employee
NXP Employee

Hi Erez,

Could you please specify which i.MX device are you using?

Best regards!

/Carlos

0 Kudos
Reply

1,109 Views
erezsteinberg
Contributor IV

iMX6DL

0 Kudos
Reply

1,109 Views
CarlosCasillas
NXP Employee
NXP Employee

Hi Erez,

When BOOT_CFG4 [7] = 1 and BOOT_MODE[1:0] = 01, the infinite loop to wait for the start of the BootROM is executed. BootROM will never be executed, so USB Bootloader does not start.

According to Table 8-2 (Boot eFUSE Descriptions) of the i.MX6DQ Reference Manual:

Infinite Loop Enable at start of boot ROM. Used for debugging purposes.

Ignored if DIR_BT_DIS is 1 [Direct boot from external memory is not allowed] and FIELD_RETURN is 0 [Device is in functional / secure mode]. This fuse affects the USB bootloader.

Additionally, it you are interested on "Authenticate" boot code, please look at app note AN4581 "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4". In particular, section 6.2 (Signing Code Downloadable with Manufacturing Tool) may be useful.


Hope this will be useful for you.
Best regards!
/Carlos

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply

1,109 Views
gary_bisson
Senior Contributor III

Hi Erez,

Without enabling HAB you can force the boot device by using the eFuses.

Please refer to the i.MX6SDL Reference Manual Table 8-4 or section 8.2.3 which explains that once BT_FUSE_SEL is blown to 1, then the boot ROM will always use the boot mode contained in BOOT_CFGx fuse fields.

If you need information on how to blow fuses I suggest this blog post about the Fuse API in U-Boot:

http://boundarydevices.com/fuse-command/

Just remember that fuses are one-time programmable only, make sure to blow the right one.

Regards,

Gary

0 Kudos
Reply

1,109 Views
erezsteinberg
Contributor IV

Hi Gary,

Thanks for the reply.

I am well-aware of what you wrote. My question is very specific -- After burning the fuses to boot from eMMC --- Is there away to disable the serial downloader?

I mean that even if the BOOT_MODE pins are set to 01b, the device will ignore it and proceed with eMMC boot.

Moreover, even if eMMC boot fails, the device will not fall-back to serial downloader

0 Kudos
Reply

1,109 Views
gary_bisson
Senior Contributor III

Hi Erez,

Sorry I misunderstood the end goal which is actually as simple as the title :smileywink: Well in that case I have no clue, even with HAB, the fall back would still be there, the difference being that someone would need the private keys to sign the software

Regards,

Gary

0 Kudos
Reply

1,109 Views
maximechambonne
Contributor I

This looks like the answer, infinite loop mentioned below is irrelevant for production.

0 Kudos
Reply