帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

HAB Security feature implementation on imx6

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

HAB Security feature implementation on imx6

‎02-12-2016 11:15 PM
2,393 次查看
dhanunjay
Contributor III

Hi All,

I have gone through some of security appnotes AN4581& DL reference manual and imx6 security reference manual.

From imx6 DL ref manual section: 8.3.1

    

          FUSE                              Configuration                                   Definition                                                         Shipped value                                        settings

DIE-XCORDINATE[                  Freescale                         Device Unique Id, 64-bit UID                                            NA Unique ID                  Settings vary - used by HAB

7:0]                                                                                                                      

DIE-YCORDINATE[

7:0]

WAFER_NO[4:0]

LOT_NO_ENC[42:40]

LOT_NO_ENC[39:32]

LOT_NO_ENC[31:24]

LOT_NO_ENC[23:16]

LOT_NO_ENC[15:8]

LOT_NO_ENC[7:0]

nxp above key has  burned to the chip.

  •    How the settings vary, if we used HAB secure boot flow? what kind of system settings  will vary?

  •   Can i know , how Unique_ID keep the board/device  in secure state?
  •    If Because of Unique id the system in secure state. so will be in the same state remain, if we start without additional checks for HAB secure boot in the same state?
  •     Can you please give point, how to read unique iD through bare-metal app.

can you please confirm above points.

Thanks,

Dhanunjay.

0 项奖励
回复
5 回复数

‎02-14-2016 11:09 PM
1,872 次查看
dhanunjay
Contributor III

Hi Yuri,

Thanks for the reply.

As per Imx6 DQ Ref. Manual in section:8.3.1.

InBoot  Efuse table given "Setting vary -used by HAB"? I didn't find any explanation for this, Can you breief about this?

BootFuse.JPG

0 项奖励
回复

‎02-14-2016 11:59 PM
1,872 次查看
Yuri
NXP Employee
NXP Employee

This means, that the UID field must not be empty.

Regards,

Yuri.

0 项奖励
回复

‎02-13-2016 03:52 AM
1,872 次查看
dhanunjay
Contributor III

Hi All,

Mean while, we tried for reading OCOTP_CFG0, OCOTP_CFG1 register values in two imx6 DL boards.

we have used simple bare-metal code for reading OCOTP_CFG0(0x021BC410) and OCOTP_CFG1(0x021BC420).

We got same 64 bit vale on two diffrent boards, how it is same value?

0 项奖励
回复

‎02-13-2016 05:03 AM
1,872 次查看
dhanunjay
Contributor III

Sorry for the second question confusion. we have veirfied  on two boards its diffrent UNIQUE IDs.

Can you please answer the first thread questions.

0 项奖励
回复

‎02-14-2016 10:22 PM
1,872 次查看
Yuri
NXP Employee
NXP Employee

Hello,

1.

The  UID as  a unique value (such as a serial number), assigned to each processor

during fabrication, is not used by boot ROM for HAB approach.

2.

   Please look at the following How to read i.MX6DQ unique ID.


Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 项奖励
回复