FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

SECO and bootable image

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SECO and bootable image

‎10-01-2020 07:54 AM
1,378 Views
rkohli2000
Contributor III

Hi,

I'm using the i.MX8QM MEK and need to confirm whether the SECO (security controller) binary from NXP is mandatory for any bootable image. Reading the i.MX8QM reference manual (section 5.9.4.5 Image Restrictions) and using the "bootable image" whitepaper,  it appears so.

Is the SECO FW mandatory for container 1 and it possible to construct an image for "non-secure" images only (without including SECO) ? If it is mandatory, how do users certify their code without access to SECO source code ?

Is it possible to use TF-A BL31.bin without SECO FW for Cortex-A images ?

Thanks

 

0 Kudos
Reply
1 Reply

‎10-01-2020 11:58 PM
1,363 Views
igorpadykov
NXP Employee
NXP Employee

Hi rkohli2000

 

>Is the SECO FW mandatory for container 1 and it possible to construct
>an image for "non-secure" images only (without including SECO) ?

yes it is mandatory, not possible to make image without including SECO,
as described in sect.5.1 Overview

  i.MX 8DualXPlus/8QuadXPlus Applications Processor Reference Manual

 

"At least two containers are needed for the boot process:
• The first container will only contain the SECO FW Image.
This container is NXP signed, and NXP provided."


>If it is mandatory, how do users certify their code without access to SECO source code ?

 

one can look at Table 7-1. Fusemap for description of certified part fuses.

 

Best regards
igor

0 Kudos
Reply