Getting Error in IMX6ULL: Invalid IVT structure

rohitkumar21 · ‎07-06-2023

Hi There,

I'm trying to enable High Assurance Boot on my device. I'm using buildroot and initially I only enabled the CONFIG_SECURE_BOOT=y in uboot_menuconfig. Now I'm getting error in uboot, "Error: Invalid IVT structure". I'm not using a signed image for now, once I get the uboot booting right I'll flash signed image.

I tried to extract the IVT structure using genIVT.pl script. With that I'm getting following output:

Kernel = /home/IMX/hab/ivt_test-2/zImage
IVT = /home/IMX/hab/ivt_test-2/ivt.bin
Padded File Size = 0x738000
Kernel file size = 0x737620
Jump location    = 0x80800000
Self Pointer     = 0x80F38000
CSF Pointer    = 0x80F38020

$ hexdump -C ivt.bin
00000000 d1 00 20 41 00 00 80 80 00 00 00 00 00 00 00 00 |.. A............|
00000010 00 00 00 00 00 80 f3 80 20 80 f3 80 00 00 00 00 |........ .......|
00000020

I also tried to print the IVT sturcture values during uboot startup, I'm getting following logs:

U-Boot 2018.03 (Jul 06 2023 - 16:01:57 +0530)

CPU: Freescale i.MX6ULL rev1.1 792 MHz (running at 396 MHz)
CPU: Industrial temperature grade (-40C to 105C) at 53C
Reset cause: POR
Board: devBoard-v1
I2C: ready
DRAM: 512 MiB
LCD model: 1 - AVDTTXXXXXXXXXX
MMC: FSL_SDHC: 0, FSL_SDHC: 1
Loading Environment from MMC... *** Warning - bad CRC, using default environment

auto-detected panel AVDTTXXXXXXXXXX
Display: AVDTTXXXXXXXXX (1920x1080)
Video: 1920x1080x24
In: serial
Out: serial
Err: serial
switch to partitions #0, OK
mmc1(part 0) is current device
eMMC: 3.6 GiB
Normal Boot
Hit any key to stop autoboot: 0
switch to partitions #0, OK
mmc1(part 0) is current device
Loading bootpath.txt from 1:1/bootpath.txt
27 bytes read in 33 ms (0 Bytes/s)
Loaded boot path from bootpath.txt
Importing boot path from mmc ...
Importing bootpath.txt
bootdir=a
mmcrootpart=3
1185 bytes read in 45 ms (25.4 KiB/s)
Importing bootenv from mmc ...
84 bytes read in 59 ms (1000 Bytes/s)
Running bootscript from mmc ...
## Executing script at 82000000
gpio: pin 6 (gpio 6) value is 0
gpio: pin 32 (gpio 32) value is 1
gpio: pin 115 (gpio 115) value is 1
7566880 bytes read in 234 ms (30.8 MiB/s)
Booting from mmc ...
70545 bytes read in 56 ms (1.2 MiB/s)
## Flattened Device Tree blob at 83000000
Booting using the fdt blob at 0x83000000
hab fuse not enabled

Authenticate image from DDR location 0x80800000...
~~~~~ IVT Sturcture ~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~
ivt_hdr->magic = 0x61
ivt_hdr->length = 0xA010
ivt_hdr->version = 0xE3

ivt_hdr = 0x80F38000
ivt_entry = 0xC59B21A8
ivt_rsv1 = 0x8020000B
ivt_dcd = 0xC08E3003
ivt_boot = 0xC08F0002
ivt_self = 0xE08C3014
ivt_csf = 0xE0A03008
ivt_rsv2 = 0x58C4018
~~~~~~~~~~~~~~~~~~~~~~~~~
bad magic magic=0x61 length=0xa010 version=0xe3
bad length magic=0x61 length=0xa010 version=0xe3
bad version magic=0x61 length=0xa010 version=0xe3
FAIL: ivt_hdr : 0x80F38000 : verified ivt_header
PASS: ivt_initial->entry : 0xC59B21A8 != 0x0
FAIL: ivt_initial->reserved1 : 0x8020000B != 0x0
FAIL: ivt_initial->self : 0x8020000B != 0x80F38000
PASS: ivt_initial->csf : 0xE0A03008 != 0x0
FAIL: ivt_initial->reserved2 : 0x58C4018 != 0x0
FAIL: ivt_initial->dcd : 0xC08E3003 != 0x0
bad magic magic=0x61 length=0xa010 version=0xe3
bad length magic=0x61 length=0xa010 version=0xe3
bad version magic=0x61 length=0xa010 version=0xe3
Error: Invalid IVT structure

Allowed IVT structure:
IVT HDR = 0x4X2000D1
IVT ENTRY = 0xXXXXXXXX
IVT RSV1 = 0x0
IVT DCD = 0x0
IVT BOOT_DATA = 0xXXXXXXXX
IVT SELF = 0xXXXXXXXX
IVT CSF = 0xXXXXXXXX
IVT RSV2 = 0x0
Using Device Tree in place at 83000000, end 83014390

Starting kernel ...

I'm stuck with this invalid IVT structure issue. Kindly let me know where I'm getting things incorrect.