- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- IVT offset calculation in hab.c fails for FIT images in some cases
IVT offset calculation in hab.c fails for FIT images in some cases
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have recently authenticated my FIT image containing kernel + ramdisk + dtb sucessfully using HAB. Now I have the strange issue that the IVT offset of my image determinded by hab.c and my image signing script are not identical. I think that the IVT estimation using the raw_image_size of the image header fails for FIT images.
In the script, I determine the IVT offset as follows:
IMAGE_SIZE="0x`hexdump -C fitImage | tail -n 1`"
IVT_OFFSET="0x`printf '%08x\n' $(( ($IMAGE_SIZE + 0x1000 - 1) & ~(0x1000 - 1) ))`"
echo $IVT_OFFSET
After signing the FIT image, I determine the new image size again in using the same commands. Afterwards I print the hab_auth_img command like so:
echo "U-Boot shell command to authenticate the image: hab_auth_img $LOAD_ADDR 0x`hexdump -C $IMAGE_NAME | tail -n 1` $IVT_OFFSET"
and get
hab_auth_img 0x44000000 0x02c12f60 0x02c12000
which works to authenticate the image in U-Boot, but the patched bootm command doesnt't work for this case. So I printed the same data in the hab.c like so
diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c
index 0c3d8be002..231927b103 100644
--- a/arch/arm/mach-imx/hab.c
+++ b/arch/arm/mach-imx/hab.c
@@ -919,5 +919,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t raw_image_size)
~(ALIGN_SIZE - 1);
bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE;
+ printf("\nraw_image_size = 0x%08x\n", raw_image_size);
+ printf("hab_auth_img 0x%08x 0x%08x 0x%08x\n", load_addr, bytes, ivt_offset );
+
return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset);
}
and it prints
raw_image_size = 0x02c10c58
hab_auth_img 0x44000000 0x02c13020 0x02c11000
which fails. I realized though that when you adjust the IVT offset to
hab_auth_img 0x44000000 0x02c13020 0x02c12000
the authentication works.
I don't fully understand how the calculation for the IVT offset works and I am assuming that this has been thoroughly tested for all officially supported image types. So to me it is probably the FIT image that is the error. Could it be that the calculation of the raw_image_size does not take all parts of the FIT image into account?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think I found the issue. The patch that I used was using the function image_get_image_size(), which reads the image size from legacy image headers. I exchanged it with fit_get_size(), which did return the same value as the one I hexdumped in my script.
Here is the diff
diff --git a/cmd/bootm.c b/cmd/bootm.c
index bed84bd735..6fcd17eaf5 100644
--- a/cmd/bootm.c
+++ b/cmd/bootm.c
@@ -175,7 +175,7 @@ int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
#ifdef CONFIG_FIT
case IMAGE_FORMAT_FIT:
if (authenticate_image(load_addr,
- image_get_image_size((image_header_t *)load_addr)) != 0) {
+ fit_get_size((void *)load_addr)) != 0) {
printf("Authenticate FIT image Fail, Please check\n");
return 1;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think I found the issue. The patch that I used was using the function image_get_image_size(), which reads the image size from legacy image headers. I exchanged it with fit_get_size(), which did return the same value as the one I hexdumped in my script.
Here is the diff
diff --git a/cmd/bootm.c b/cmd/bootm.c
index bed84bd735..6fcd17eaf5 100644
--- a/cmd/bootm.c
+++ b/cmd/bootm.c
@@ -175,7 +175,7 @@ int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
#ifdef CONFIG_FIT
case IMAGE_FORMAT_FIT:
if (authenticate_image(load_addr,
- image_get_image_size((image_header_t *)load_addr)) != 0) {
+ fit_get_size((void *)load_addr)) != 0) {
printf("Authenticate FIT image Fail, Please check\n");
return 1;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@BiyongSUN Any ideas?
BiyongSUN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't know which BSP you are using.
I know the difference is one using fit header information to decide the size. and another using file size(load size) to decide the file size.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am using an i.MX8 Mini. Why does this differ between boards?
Seems like there really is a difference in the header information of FIT images. Just compared the methods for the normal image and after the FIT generation
❯ echo "0x`hexdump -C Image | tail -n 1`"; echo "0x`od -t x4 -j 0x10 -N 0x4 --endian=little Image | head -n1 | awk '{print $2}'`"
0x01ec9a00
0x01f54000
❯ echo "0x`hexdump -C fitImage | tail -n 1`"; echo "0x`od -t x4 -j 0x10 -N 0x4 --endian=little fitImage | head -n1 | awk '{print $2}'`"
0x02c12f60
0x28000000
Although it is not off by that much in the case I have described yesterday.
I didn't understand the second command when I was writing my scripts, but from the description of a signing script from Boundarydevices it crops the image size from the header rather than using hexdump. I just used hexdump and padded to 4kB, which was easier to understand. Seems like the hab.c is reading the size from the header as well. So the method in my scripts should be the same. I would also rather alter my script than patch the U-Boot code again.
