I'm working on secure boot implementation on i/MX6DL system:
- Freescale i.MX6DL rev1.4, Industrial temperature grade, device id: 0x10, revision id: 0x21
- board: Toradex Colibri iMX6 DualLite 512MB IT V1.1A
- u-boot version: toradex_2019.07
After booting to the bootloader, I have one warning event reported by HAB, with this data bytes read from HAB log memory:
db 00 24 42 69 30 e1 1d 00 04 00 02 40 00 36 06 55 55 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
so the event parameters are:
Tag = Event
Length = 36 bytes
HAB Version = 4.2
STS = HAB_WARNING (operation completed with warning)
RSN = HAB_ENG_FAIL (engine failure)
CTX = HAB_CTX_ENTRY (event logged in hab_rvt_entry())
ENG = HAB_ENG_CAAM
It looks like same problem described here:
Am I right or do my issue is something different?
Should I ignore this warning event and try to finish SB implementation and locking the device? Or should I adopt the "Run RNG self test" patch to my u-boot source code?
Yes, it is needed to adapt / apply the mentioned patch. This patch identifies the descriptors based on the CAAM version
in the chip and determines which descriptor to run. The descriptors are executed in CAAM which result in a value that is compared with a known answer. If the Known Answer Test (KAT) passes, that means the RNG self test has passed.
This should be executed on the chip at the earliest boot stage in order to ensure that the RNG is functioning correctly before it is utilized for any crypto operations.
I have applied the patch to the u-boot and also enabled debug output in two files (drivers/crypto/fsl/jr.c and .../error.c). After booting to u-boot's console and executing rng_self_test command I get this result:
00000000: No error: 00000000: No error: SEC0: RNG instantiated RNG SELF TEST DESCRIPTOR: 0xB0800036 0x04800010 0x3C85A15B 0x50A9D0B1 0x71A09FEE 0x2EECF20B 0x02800020 0xB267292E 0x85BF712D 0xE85FF43A 0xA716B7FB 0xC40BB528 0x27B6F564 0x8821CB5D 0x9B5F6C26 0x12A00020 0x0A20DE17 0x6529357E 0x316277AB 0x2846254E 0x34D23BA5 0x6F5E9C32 0x7ABDC1BB 0x0197A385 0x82500405 0xA2000001 0x10880004 0x00000005 0x12820004 0x00000020 0x82500001 0xA2000001 0x10880004 0x40000045 0x02800020 0x8F389CC7 0xE7F7CBB0 0x6BF2073D 0xFC380B6D 0xB22E9D1A 0xEE64FCB7 0xA2B48D49 0xDF9BC3A4 0x82500009 0xA2000001 0x10880004 0x00000005 0x82500001 0x60340020 0x12000000 0xA2000001 0x10880004 0x00000005 0x8250000D 20001953: CCB: desc idx 25: RNG: No error. Error 20001953 Error while running RNG self-test descriptor: 536877395
What does that error means and what should I do with it? Is it still safe to try to secure-lock the device with properly signed (but not encrypted) u-boot and linux kernel?
I've checked error code "20001953" in "Job termination status/error codes" paragraph from "Security Reference Manual for i.MX 6Dual, 6Quad, 6Solo, and 6DualLite Families of Applications Processors" document and it looks like there should be diffrent debug message printed:
20001953: CCB: desc idx 25: RNG: Instantiate
I have found the source of the "20001953" error - there was executed "rng_init()" function before actual RNG self test. I've modified u-boot build and now the result from "rng_self_test" command is:
RNG SELF TEST DESCRIPTOR: (...) 00000000: No error: Result 3AFE2C87CCB6444919169A74A1318BEFF4860BB95EEEAE9192F4A98FB03718A4 Expected Result 3AFE2C87CCB6444919169A74A1318BEFF4860BB95EEEAE9192F4A98FB03718A4 RNG self test passed
So... does it mean I'm safe to secure-lock the device?