HAB vulnerability - ROM update

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HAB vulnerability - ROM update

3,174 Views
macpijan
Contributor II

Hello,

I'd like to ask whether i.MX6DL parts with updated ROM that fixes mentioned vulnerability [1] are already available? I came across some links [2], [3] but it is still not clear to me.

Second question is how can I be sure that bought part has this ROM update included? I'd like to know which ROM version fixes this issue. I would also need a reliable way of checking ROM version of my hardware - is there such possibility?

Thanks


[1] Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors
 

[2] i.MX & Vybrid Security Vulnerability Errata - ERR010872, ERR010873 

[3] https://media.digikey.com/pdf/PCNs/NXP/201705010A.pdf 

Labels (1)
5 Replies

1,978 Views
wzmuda
Contributor I

Hello, can I please get information about the same vulnerability in i.MX 6ULL? There seem to be no official information if it was fixed in this model of the SoC.

The Chip Errata (IMX6ULLCE)[1] document states that 6ULL revisions 1.2, 1.3 and 2 of the SoC were release after ERR010872 and ERR01073 were disclosed, but it does not mention if any of these revisions fix that vulnerabilities. The same errata states that the new revisions are not printed on the SoC enclosure (only rev 1.0 and 1.1 are marked with letters A and B). Therefore I find it impossible to determine the exact 6ULL version I use.

Toradex[1], who seems to be manufacturer of NXP-based devices, states that this vulnerability is fixed since HAB version 4.2.5. I found similar information in comments of a blog post describing said vulnerabilities[3]. However, u-boot `hab_version` command reports only `4.2`, without the minor number, which is the value stored in HAB vector table under 0x100. Therefore I'm unable to state if my HAB version is 4.2.5 or higher/lower.

Kindly please provide official information how to determine which i.MX 6ULL devices are patched for ERR010872 and ERR01073 HAB vulnerabilities.

--

[1] https://www.nxp.com/docs/en/errata/IMX6ULLCE.pdf

[2] https://developer.toradex.com/knowledge-base/secure-boot-vulnerabilities-for-imx-vybrid-errata-err01...

[3] https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html#co...

1,951 Views
Yuri
NXP Employee
NXP Employee

@wzmuda 
Hello,

  please create request to get more details about the issue.

https://www.nxp.com/support/support:SUPPORTHOME?tid=sbmenu

Regards,
Yuri.

Tags (1)
0 Kudos
Reply

2,350 Views
Yuri
NXP Employee
NXP Employee

Hello,

  Sorry, but the information you are requesting is treated as confidential info at this time;

we cannot discuss this with you in public anyway, this requires to be handled as a Service

Request (SR) / ticket. 

Support|NXP 

Have a great day,
Yuri

-------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-------------------------------------------------------------------------------

0 Kudos
Reply

2,350 Views
davidsasaki
Contributor I

Is this information still considered confidential? I opened a service request asking for similar information and was redirected to the community.

0 Kudos
Reply

2,350 Views
Yuri
NXP Employee
NXP Employee

Hello,

  use the recent i.MX6 device silicon revisions: for i.MX 6S/DL -  Rev 1.4 (Maskset ID: 4N81E).

Regards,

Yuri.

0 Kudos
Reply