帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Load signed u-boot on secure board through JTAG

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

Load signed u-boot on secure board through JTAG

‎05-19-2023 04:19 AM
586 次查看
mohamed-ali_fod
Contributor I

Hi,

I want to load signed u-boot using JTAG on imx6 processor. The same below steps work fine after DDR initialization but, the u-boot run and I can get console only on non secure board, but it doesn't run on secure board (SECURE_CONFIG bit enabled). For information I already check that the signed u-boot works fine on another secured board.
 
loadbin ./u-boot-spinor-signed.imx.bin 0x177ff400
SetPC 0x17800000
g
 
Downloading file [./u-boot-spinor-2020.04-r1.imx.bin]...
O.K.
 
VerifyBin ./u-boot-spinor-signed.imx.bin 0x177ff400
Loading binary file ./u-boot-spinor-signed.imx.bin
Reading 689472 bytes data from target memory @ 0x177FF400.
Verify successful.
 
As mentioned above the load works well on secure and non secure board but the loaded u-boot works only on non secure board.
 
Could you please help? Are the 0x17800000 or 0x177FF400 addresses still valid in case of secure board?
 
Best regards,
Mohamed Ali
标签 (1)
标签
0 项奖励
回复
5 回复数

‎05-24-2023 05:40 AM
544 次查看
Dhruvit
NXP TechSupport
NXP TechSupport

Hi @mohamed-ali_fod,

I hope you are doing well.

->You need some u-boot executable that's been built to work on the board.

-> Please check the below documents for your reference.
 

http://imx6dev.blogspot.ru/2014/07/inexpensive-jtag-on-imx6-solo-u-boot.html


Thanks & Regards,
Dhruvit Vasavada

0 项奖励
回复

‎05-24-2023 05:46 AM
541 次查看
mohamed-ali_fod
Contributor I

Hi Dhruvit,

Of course I have functional u-boot that works for this board , it works if the u-boot is flashed in the flash memory. Also the same u-boot works fine for non secured board through jtag as I mentioned in my previous email (u-boot-spinor-signed.imx.bin). But my question why this u-boot doesn't work through jtag in secured board (secure_config fuse enabled), what could be the difference vs non secure board.

I hope the question is clear.

Thank you in advance,

Mohamed Ali

 

0 项奖励
回复

‎05-26-2023 04:35 AM
494 次查看
Dhruvit
NXP TechSupport
NXP TechSupport

Hi @mohamed-ali_fod,

I hope you are doing well.

->Can you let me know if secure JTAG is enabled or not?
->Please verify whether the CSF file had the correct UID.

->Please refer to 5.2.13.1  Unlock Examples in Code-Signing Tool User’s Guide
https://www.nxp.com/webapp/Download?colCode=IMX_CST_TOOL_NEW

 
Thanks & Regards,
Dhruvit Vasavada
0 项奖励
回复

‎05-26-2023 05:51 AM
488 次查看
mohamed-ali_fod
Contributor I

Hi @Dhruvit

The secure JTAG is not enabled I enabled only secure_config fuse.

Is it mandatory to add UID in CSF to load signed u-boot through jtag?

Please note that my signed u-boot is working well on my board if the board boot from memory flash, my problem is to boot the board using signed u-boot loaded through jtag.

Best regards,

Mohamed Ali

0 项奖励
回复

‎06-01-2023 04:51 AM
446 次查看
Dhruvit
NXP TechSupport
NXP TechSupport

Hi @mohamed-ali_fod,

I hope you are doing well.

One needs to enable Secure JTAG mode on a closed device.

It limits the JTAG access by using a challenge/response-based authentication mechanism.

Please refer to Secure Debug in i.MX 6/7/8M Family of Applications Processors for more information.

Thanks & Regards,
Dhruvit Vasavada

0 项奖励
回复