HAB Authentication of boot image in Open Configuration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HAB Authentication of boot image in Open Configuration

3,828 Views
Deepu
Contributor III

Hi,

in the Freescale document "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4" it is mentioned that "for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not."

I assume the authentication will be successful only when HAB first verifies the SRK table.

If we use the sample code given in the same document using hab_rvt_report_event to print HAB events, it will print the HAB events only when the authentication is unsuccessfull or uncompleted. It will print "No HAB Events Found" if the authentication is successful.So my question is ,in open configuration since the HAB skips verification of SRK table ,how can we make the authentication successful showing "No HAB Events Found" in console.?

Labels (6)
13 Replies

2,292 Views
cw
Contributor I

in the Freescale document "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4" it is mentioned that "for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not."

I found that this is true. If you sign your u-boot and kernel but don't provision the SRKs *and* you're booting in an OPEN configuration, the verification of the SRKs will be skipped. Verified on imx6.

0 Kudos

2,292 Views
AlbertT
Contributor V

Hello James,

I found the authenticate_image function in <uboot>/cpu/arm_cortexa8/mx6/generic.c.

If you look at the code, one of the first thing done is check_hab_enable() which looks at configuration of the cpu (Open/Close). I would be curious to see if we can bypass this "if" and launch the authentication in Open Configuration.

Moreover, in <uboot>/common/cmd_bootm.c we can see calls to the authenicate_image but I think the returned value or not tested correctly, not sure of this.

0 Kudos

2,292 Views
Deepu
Contributor III

Hi Jocelyn,

Thanks for your reply.But my qquestion was regarding authentiation  of u-boot by  ROM.I didnt start authentication of uImage yet.If I set csf* to CSF offset address instead of NULL and append the CSF data to the u-boot image ,will it show "No HAB Events Found"  while booting in open configuration ?..I asked this becoz as mentioned in my first post
"for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not" .So the authencation will fail or what in open configuration since it skips the SRK fuse field  ??

0 Kudos

2,292 Views
AlbertT
Contributor V

Hi James,

Ok I understand. Well, I gave a try yesterday, I burned the SRK fuses, let the cpu in Open Configuration and was able to see HAB events, so no the ROM won't skip the authentication even in Open.
It's more likely that you will actually have HAB events, it's not easy to set up a good CSF in the first time !

Jocelyn

2,292 Views
Deepu
Contributor III

Hi Jocelyn,

    

Do we have to burn the SRK fuses  in open configuration  for HAB to authenticate the u-boot image showing  while booting?..My guess was that SRK provisioning to eFuse is optional...was that right??

If  we do not burn the SRK fuses ,will it show only HAB events such as event1 ,event2?..

0 Kudos

2,292 Views
AlbertT
Contributor V

If you don't burn the SRK fuses then the authenticate process will be performed but it will be completely wrong since you have nothing to certify the u-boot (or the kernel). So you will have some events logged, but they will be kinda irrelevant.

If you really want a secure boot, you have to burn this fuses (and some others too, after).

2,292 Views
Deepu
Contributor III

Thanks for your reply...I have one more doubt ..If we burn SRK fuse in open configuration ,can we change it later?..

The SRK fuse field will become write protected ,when the lock fuses  (SRK_LOCK for Imx6, the SRK_LOCK88 and SRK_LOCK160 for imx53) are blown..??..So if these lock fuses are not blown , we can change the SRK burned fuse value  ,right?.

0 Kudos

2,292 Views
Yuri
NXP Employee
NXP Employee

All fuses are once programmed.

2,292 Views
Deepu
Contributor III

Hello Yuri.

If the fuses are once programmed ,I didnt understand the purpose of SRK lock fuses to protect them ?.

0 Kudos

2,292 Views
Yuri
NXP Employee
NXP Employee

Lock may be used to protect against reading.

0 Kudos

2,292 Views
AlbertT
Contributor V

Hello Yuri,

Can you explain what are HW_OCOTP_OTPMK* which are burned in the Linux HAB UG ? I saw it is related to the CAAM but it seems something optional.

Thanks !

2,292 Views
Yuri
NXP Employee
NXP Employee

HW_OCOTP_OTPMK* stands for master key (in fuses).

From the Security Reference Manual for i.MX6 :

"If the SNVS determines the chip is in a trustworthy state, it allows CAAM to use a secret

256-bit value that CAAM uses to derive cryptographic keys during blob encapsulation

and decapsulation. The secret value is either a one-time programmable master key

(OTPMK) stored in fuses, a zeroizable master key (ZMK) stored in the low-power

section, or a combination of the two."

0 Kudos

2,292 Views
AlbertT
Contributor V

Ok great !

Thanks !!

0 Kudos