HAB Authentication of boot image in Open Configuration

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

HAB Authentication of boot image in Open Configuration

3,599件の閲覧回数
Deepu
Contributor III

Hi,

in the Freescale document "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4" it is mentioned that "for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not."

I assume the authentication will be successful only when HAB first verifies the SRK table.

If we use the sample code given in the same document using hab_rvt_report_event to print HAB events, it will print the HAB events only when the authentication is unsuccessfull or uncompleted. It will print "No HAB Events Found" if the authentication is successful.So my question is ,in open configuration since the HAB skips verification of SRK table ,how can we make the authentication successful showing "No HAB Events Found" in console.?

ラベル(6)
13 返答(返信)

2,063件の閲覧回数
cw
Contributor I

in the Freescale document "Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4" it is mentioned that "for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not."

I found that this is true. If you sign your u-boot and kernel but don't provision the SRKs *and* you're booting in an OPEN configuration, the verification of the SRKs will be skipped. Verified on imx6.

0 件の賞賛

2,063件の閲覧回数
AlbertT
Contributor V

Hello James,

I found the authenticate_image function in <uboot>/cpu/arm_cortexa8/mx6/generic.c.

If you look at the code, one of the first thing done is check_hab_enable() which looks at configuration of the cpu (Open/Close). I would be curious to see if we can bypass this "if" and launch the authentication in Open Configuration.

Moreover, in <uboot>/common/cmd_bootm.c we can see calls to the authenicate_image but I think the returned value or not tested correctly, not sure of this.

0 件の賞賛

2,063件の閲覧回数
Deepu
Contributor III

Hi Jocelyn,

Thanks for your reply.But my qquestion was regarding authentiation  of u-boot by  ROM.I didnt start authentication of uImage yet.If I set csf* to CSF offset address instead of NULL and append the CSF data to the u-boot image ,will it show "No HAB Events Found"  while booting in open configuration ?..I asked this becoz as mentioned in my first post
"for i.MX 6 Series in Open configuration, the HAB always skips the verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not" .So the authencation will fail or what in open configuration since it skips the SRK fuse field  ??

0 件の賞賛

2,063件の閲覧回数
AlbertT
Contributor V

Hi James,

Ok I understand. Well, I gave a try yesterday, I burned the SRK fuses, let the cpu in Open Configuration and was able to see HAB events, so no the ROM won't skip the authentication even in Open.
It's more likely that you will actually have HAB events, it's not easy to set up a good CSF in the first time !

Jocelyn

2,063件の閲覧回数
Deepu
Contributor III

Hi Jocelyn,

    

Do we have to burn the SRK fuses  in open configuration  for HAB to authenticate the u-boot image showing  while booting?..My guess was that SRK provisioning to eFuse is optional...was that right??

If  we do not burn the SRK fuses ,will it show only HAB events such as event1 ,event2?..

0 件の賞賛

2,063件の閲覧回数
AlbertT
Contributor V

If you don't burn the SRK fuses then the authenticate process will be performed but it will be completely wrong since you have nothing to certify the u-boot (or the kernel). So you will have some events logged, but they will be kinda irrelevant.

If you really want a secure boot, you have to burn this fuses (and some others too, after).

2,063件の閲覧回数
Deepu
Contributor III

Thanks for your reply...I have one more doubt ..If we burn SRK fuse in open configuration ,can we change it later?..

The SRK fuse field will become write protected ,when the lock fuses  (SRK_LOCK for Imx6, the SRK_LOCK88 and SRK_LOCK160 for imx53) are blown..??..So if these lock fuses are not blown , we can change the SRK burned fuse value  ,right?.

0 件の賞賛

2,063件の閲覧回数
Yuri
NXP Employee
NXP Employee

All fuses are once programmed.

2,063件の閲覧回数
Deepu
Contributor III

Hello Yuri.

If the fuses are once programmed ,I didnt understand the purpose of SRK lock fuses to protect them ?.

0 件の賞賛

2,063件の閲覧回数
Yuri
NXP Employee
NXP Employee

Lock may be used to protect against reading.

0 件の賞賛

2,063件の閲覧回数
AlbertT
Contributor V

Hello Yuri,

Can you explain what are HW_OCOTP_OTPMK* which are burned in the Linux HAB UG ? I saw it is related to the CAAM but it seems something optional.

Thanks !

2,063件の閲覧回数
Yuri
NXP Employee
NXP Employee

HW_OCOTP_OTPMK* stands for master key (in fuses).

From the Security Reference Manual for i.MX6 :

"If the SNVS determines the chip is in a trustworthy state, it allows CAAM to use a secret

256-bit value that CAAM uses to derive cryptographic keys during blob encapsulation

and decapsulation. The secret value is either a one-time programmable master key

(OTPMK) stored in fuses, a zeroizable master key (ZMK) stored in the low-power

section, or a combination of the two."

0 件の賞賛

2,063件の閲覧回数
AlbertT
Contributor V

Ok great !

Thanks !!

0 件の賞賛