FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

HAB Security feature implementation on imx6

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HAB Security feature implementation on imx6

‎02-12-2016 11:15 PM
1,273 Views
dhanunjay
Contributor III

Hi All,

I have gone through some of security appnotes AN4581& DL reference manual and imx6 security reference manual.

From imx6 DL ref manual section: 8.3.1

    

          FUSE                              Configuration                                   Definition                                                         Shipped value                                        settings

DIE-XCORDINATE[                  Freescale                         Device Unique Id, 64-bit UID                                            NA Unique ID                  Settings vary - used by HAB

7:0]                                                                                                                      

DIE-YCORDINATE[

7:0]

WAFER_NO[4:0]

LOT_NO_ENC[42:40]

LOT_NO_ENC[39:32]

LOT_NO_ENC[31:24]

LOT_NO_ENC[23:16]

LOT_NO_ENC[15:8]

LOT_NO_ENC[7:0]

nxp above key has  burned to the chip.

  •    How the settings vary, if we used HAB secure boot flow? what kind of system settings  will vary?

  •   Can i know , how Unique_ID keep the board/device  in secure state?
  •    If Because of Unique id the system in secure state. so will be in the same state remain, if we start without additional checks for HAB secure boot in the same state?
  •     Can you please give point, how to read unique iD through bare-metal app.

can you please confirm above points.

Thanks,

Dhanunjay.

0 Kudos
Reply
5 Replies

‎02-14-2016 11:09 PM
752 Views
dhanunjay
Contributor III

Hi Yuri,

Thanks for the reply.

As per Imx6 DQ Ref. Manual in section:8.3.1.

InBoot  Efuse table given "Setting vary -used by HAB"? I didn't find any explanation for this, Can you breief about this?

BootFuse.JPG

0 Kudos
Reply

‎02-14-2016 11:59 PM
752 Views
Yuri
NXP Employee
NXP Employee

This means, that the UID field must not be empty.

Regards,

Yuri.

0 Kudos
Reply

‎02-13-2016 03:52 AM
752 Views
dhanunjay
Contributor III

Hi All,

Mean while, we tried for reading OCOTP_CFG0, OCOTP_CFG1 register values in two imx6 DL boards.

we have used simple bare-metal code for reading OCOTP_CFG0(0x021BC410) and OCOTP_CFG1(0x021BC420).

We got same 64 bit vale on two diffrent boards, how it is same value?

0 Kudos
Reply

‎02-13-2016 05:03 AM
752 Views
dhanunjay
Contributor III

Sorry for the second question confusion. we have veirfied  on two boards its diffrent UNIQUE IDs.

Can you please answer the first thread questions.

0 Kudos
Reply

‎02-14-2016 10:22 PM
752 Views
Yuri
NXP Employee
NXP Employee

Hello,

1.

The  UID as  a unique value (such as a serial number), assigned to each processor

during fabrication, is not used by boot ROM for HAB approach.

2.

   Please look at the following How to read i.MX6DQ unique ID.


Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply