- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
Dear NXP community,
since I am able to encrypt the uboot successfully, I can't boot the linux kernel image (uImage).
I noticed, l that the kernel stops initialisation when he wants to load the caam drivers.
When I use the [Unlock] command in my CSF file (with Engine = CAAM; Features = RNG) the kernel boots!
Without this command he stopps at said drivers.
I am using the code signing tool 2.3.2
So my question is, is this Unlock cammand necessary?
If so, why...
Regards,
Frieder Baumgratz
已解决! 转到解答。
Hi,
Please read the Secure Boot using HAB application note:
https://cache.freescale.com/files/32bit/doc/app_note/AN4581.pdf
The section "3.3.2. RNG Trim fuses" explains that behavior.
Regards,
Gary
Hi,
Please read the Secure Boot using HAB application note:
https://cache.freescale.com/files/32bit/doc/app_note/AN4581.pdf
The section "3.3.2. RNG Trim fuses" explains that behavior.
Regards,
Gary
I just noticed, that when I set the [Unlock] command (with Engine = CAAM; Features = RNG) I can no longer use the dek_blob function.
UBoot prints: RNG: Instantiation failed with error fffffffe
Regards,
Frieder
Hello,
From section 3.3.2.2 [Option 2 – Defer RNG Instantiation for Post HAB
Software (Recommended Option)] of AN4581 :
"Any operations requiring the RNG are not available to software until it is initialized,
such as encryption and blob generation. This does not affect HAB-signed or encrypted
boot features"
Regards,
Yuri.
