- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
Disable "serial downloader" completely
Hello experts,
Is it possible to disable the serial downloader.
(I mean so that even if BOOT_MODE is set to 01b)
For example, after programming an eMMC and verifying all functionality is correct, prevent anyone from accessing the device via the serial downloader, e.g. by setting BOOT_MODE to 01b
(The only way I can think of is to use HAB to ensure that even via serial-downloader no one can run un-authenticed software).
Regards,
Erez
CarlosCasillas
Hi Erez,
Could you please specify which i.MX device are you using?
Best regards!
/Carlos
CarlosCasillas
Hi Erez,
When BOOT_CFG4 [7] = 1 and BOOT_MODE[1:0] = 01, the infinite loop to wait for the start of the BootROM is executed. BootROM will never be executed, so USB Bootloader does not start.
According to Table 8-2 (Boot eFUSE Descriptions) of the i.MX6DQ Reference Manual:
Infinite Loop Enable at start of boot ROM. Used for debugging purposes.
Ignored if DIR_BT_DIS is 1 [Direct boot from external memory is not allowed] and FIELD_RETURN is 0 [Device is in functional / secure mode]. This fuse affects the USB bootloader.
Additionally, it you are interested on "Authenticate" boot code, please look at app note AN4581 "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4". In particular, section 6.2 (Signing Code Downloadable with Manufacturing Tool) may be useful.
Hope this will be useful for you.
Best regards!
/Carlos
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
Hi Erez,
Without enabling HAB you can force the boot device by using the eFuses.
Please refer to the i.MX6SDL Reference Manual Table 8-4 or section 8.2.3 which explains that once BT_FUSE_SEL is blown to 1, then the boot ROM will always use the boot mode contained in BOOT_CFGx fuse fields.
If you need information on how to blow fuses I suggest this blog post about the Fuse API in U-Boot:
http://boundarydevices.com/fuse-command/
Just remember that fuses are one-time programmable only, make sure to blow the right one.
Regards,
Gary
Hi Gary,
Thanks for the reply.
I am well-aware of what you wrote. My question is very specific -- After burning the fuses to boot from eMMC --- Is there away to disable the serial downloader?
I mean that even if the BOOT_MODE pins are set to 01b, the device will ignore it and proceed with eMMC boot.
Moreover, even if eMMC boot fails, the device will not fall-back to serial downloader
Hi Erez,
Sorry I misunderstood the end goal which is actually as simple as the title :smileywink: Well in that case I have no clue, even with HAB, the fall back would still be there, the difference being that someone would need the private keys to sign the software
Regards,
Gary
This looks like the answer, infinite loop mentioned below is irrelevant for production.
