Support,
I have been following the guide mx8ulp_9x_encrypted_boot.txt and have encountered an issue.
In Step: 1.7 Generating the DEK Blob the instructions state:
Copy dek_2 and dek_3 to the i.MX8ULP or 9x and run the following commands from
U-Boot prompt. Boot the flash.bin generated earlier with mkimage on board. Halt at
U-Boot and connect to host computer with USB Mass Storage (UMS):
mmc2(part 0) is current device
flash target is MMC:2
Net: eth0...
Fastboot: Normal
Normal Boot
Hit any Key to stop autoboot: 0
=> ums 0 mmc 2:1
Copy both DEK over to the board using the computer's file system. Now use fatload
and dek_blob to create and encapsulate the DEK blob.
=> mmc list
FSL_SDHC: 1
FSL_SDHC: 2 (eMMC)
=> fatload mmc 2:1 0x80280000 dek_2.bin
=> dek_blob 0x80280000 0x80281000 128
=> fatwrite mmc 2:1 0x80281000 dek_blob2.bin 0x48
=> fatload mmc 2:1 0x80280000 dek_3.bin
=> dek_blob 0x80280000 0x80281000 128
=> fatwrite mmc 2:1 0x80281000 dek_blob3.bin 0x48
Use UMS to copy the dek blobs back to the host PC. In host PC copy the generated
dek_blob binaries to the CST directory.
--
My question is: Can the above procedure be done using MFGTool uuu directly to copy the DEK blob back and forth? If yes, what are the uuu commands?
Additionally, I am trying to understand how this procedure will affect the mass manufacturing process. Is there any guide we can provide to the manufacturer so they can understand the process when flashing the OS to the board together with encrypted bootloader?
Your assistance in this matter would be greatly appreciated.
Best regards,
