ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

HAB enabled or not?

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

HAB enabled or not?

ソリューションへジャンプ
‎06-24-2014 03:55 AM
3,362件の閲覧回数
jaiganesh
Contributor III

Hi all,

          I am working on HAB feature of imx6. I just want to know, how the ROM will know, if HAB is enabled or not? Will ROM check for  HW_OCOTP_CFG5 fuse or SRK fuses to check if HAB is enabled or not?

While testing, I have not fused both the above things (and by default, HAB is in open configuration), but enabled secure boot on u-boot (by defining CONFIG_SECURE_BOOT macro). When I tried booting the resultant u-boot.imx(without adding CSF data), some HAB events are printed on the console. I saw from the u-boot source code, that if "CONFIG_SECURE_BOOT" is defined, call "get_hab_status"  and so it prints the HAB events. My question, is the HAB check really performed or it just prints some spurious HAB events on the console since I have not fused either HW_OCOTP_CFG5 nor SRK fuses.

ラベル(2)
ラベル
タグ(3)
返信
1 解決策

ソリューションへジャンプ
‎06-24-2014 09:21 PM
2,759件の閲覧回数
Yuri
NXP Employee
NXP Employee

  In some sense the HAB is always enabled, meaning that the boot ROM checks
the IVT, SRK, CSF before boot code executing. If SRK or CSF are not present (or illegal),
the boot code starts only in “Open” security configuration. Please refer to section 8.2.6
(Boot security settings) of the i.MX6 DQ Reference Manual (RM) about security configurations.
Also, for more details please use section 8.6.1.1 (Image Vector Table Structure) of the RM

and Figure 1 (Secure Boot Flow from Device) of app note AN4581 (Secure Boot on i.MX50,
i.MX53, and i.MX 6 Series using HABv4).

http://cache.freescale.com/files/32bit/doc/app_note/AN4581.pdf


Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

元の投稿で解決策を見る

0 件の賞賛
返信
1 返信

ソリューションへジャンプ
‎06-24-2014 09:21 PM
2,760件の閲覧回数
Yuri
NXP Employee
NXP Employee

  In some sense the HAB is always enabled, meaning that the boot ROM checks
the IVT, SRK, CSF before boot code executing. If SRK or CSF are not present (or illegal),
the boot code starts only in “Open” security configuration. Please refer to section 8.2.6
(Boot security settings) of the i.MX6 DQ Reference Manual (RM) about security configurations.
Also, for more details please use section 8.6.1.1 (Image Vector Table Structure) of the RM

and Figure 1 (Secure Boot Flow from Device) of app note AN4581 (Secure Boot on i.MX50,
i.MX53, and i.MX 6 Series using HABv4).

http://cache.freescale.com/files/32bit/doc/app_note/AN4581.pdf


Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 件の賞賛
返信