Is CONFIG_IMX_HAB option in U-Boot unbootable from NAND without burning fuses in i.MX6dl

manojsai · ‎10-31-2023

unable to boot the i.MX6DL by flashing to nand memory , images which enabled with HAB .

able to boot the normal nand image with i.MX6DL.

steps to flash the images to nand memory :-

ext4load mmc 0:2 $loadaddr SPL ; nand erase.part spl ; nandbcb init $loadaddr 0x0 $filesize ; ext4load mmc 0:2 $loadaddr u-boot-dtb.img ; nand erase.part uboot ; nand write ${loadaddr} uboot ${filesize}

Harvey021 · ‎11-01-2023

Try to dump your boot image ivt structure, pad the signed boot image to the boot_data.size.

Best regards

Harvey

jaganteki · ‎10-31-2023

@kef2 is open mode means non-secure mode? Why do we need to fuse the SRK in open mode?

Here we enable HAB in MMC config but the board doesn't enable secure-boot mode then SPL says 'hab fuse not enabled and booting from MMC is fine.

U-Boot SPL 2023.10-00001-g387ae83589-dirty (Oct 31 2023 - 20:51:02 +0530)
Trying to boot from MMC1
hab fuse not enabled

Authenticate image from DDR location 0x177fffc0...
bad magic magic=0x0 length=0x100 version=0x45
bad length magic=0x0 length=0x100 version=0x45
Error: Invalid IVT structure

U-Boot 2023.10-00001-g387ae83589-dirty (Oct 31 2023 - 20:51:02 +0530)

CPU: Freescale i.MX6DL rev1.3 996 MHz (running at 792 MHz)
CPU: Extended Commercial temperature grade (-20C to 105C) at 42C
Reset cause: POR
Model: Engicam i.CoreM6 DualLite/Solo Starter Kit
DRAM: 512 MiB
Core: 47 devices, 17 uclasses, devicetree: separate
NAND: 512 MiB
MMC: FSL_SDHC: 0
Loading Environment from NAND... *** Warning - bad CRC, using default environment

No panel detected: default to Amp-WD
Display: Amp-WD (800x480)
In: No input devices available!
Out: No output devices available!
Err: No error devices available!
Net:
Error: ethernet@2188000 address not set.
No ethernet found.

Hit any key to stop autoboot: 0
icorem6qdl>

The problem is if we enable HAB in nand config like same in above mmc, then the board is not booting from nand, but if we disable HAB in the config then the board is booting from nand.

What is the point of understanding here in terms of hab-enable vs booting source?

kef2 · ‎10-31-2023

is open mode means non-secure mode?

Yes.

is open mode means non-secure mode? Why do we need to fuse the SRK in open mode?

You have rev1.3 silicon, so you don't have to fuse SRK to try HAB without fusing.

Oh. Once you enable CONFIG_IMX_HAB, some filed in IVT tells bootloader size is larger by CONFIG_CSF_SIZE than the made image size. Image signing should add exactly the same ar bigger amount of CSF bytes. If it adds less or you skip signing step, then you need to pad at the end your U-boot image to make ROM happy reading expected amount of data from NAND. When you write less, those unwritten missing bytes will read with error and boot process will fail (or continue loading another copy of boot image from different NAND locations).

kef2 · ‎10-31-2023

According to AN4581 rev 2, iMX6DL silicon revision TO 1.0 had HAB version 4.1.0, which needs SRK fused even in open mode. More recent silicons in open mode either don't check SRK at all, or check SRK only if it is fused (not all 0's).