FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Secure Boot on iMX8ULP

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Secure Boot on iMX8ULP

‎05-26-2025 08:21 AM
2,042 Views
ksingh
Contributor I

I am following the guide from uboot-imx to implement Secure Boot, and after I have fused the SRK Hash (before closing the board), I see two messages after doing `ahab_status` within u-boot.

IPC = MU RTD (0x1) 
CMD = ELE_OEM_CNTN_AUTH_REQ (0x87) 
IND = ELE_NO_AUTHENTICATION_FAILURE_IND (0xEE) 
STA = ELE_SUCCESS_IND (0xD6) 

IPC = MU APD (0x2) 
CMD = ELE_OEM_CNTN_AUTH_REQ (0x87) 
IND = ELE_NO_AUTHENTICATION_FAILURE_IND (0xEE) 
STA = ELE_SUCCESS_IND (0xD6)

 

I can't figure out why I am getting these messages- has anyone else run into this issue or knows what it means and how to go about it? For context I have pasted my CST setup below for the iMX8ULP according to the CST User Guide.

 ./ahab_pki_tree.sh 
           -existing-ca n 
           -kt ecc 
           -kl p384 
           -da sha384 
           -duration 10 
           -srk-ca n 

../linux64/bin/srktool 
           -a 1 
           -d sha256 
           -s sha384 
           -t SRK1234table.bin 
           -e SRK1234fuse.bin 
           -f 1 
           -c <path_to_crts>  

 

Labels (2)
Labels
0 Kudos
Reply
3 Replies

‎05-29-2025 01:43 AM
1,986 Views
Harvey021
NXP TechSupport
NXP TechSupport

Already reply back in another ticket from you, please reply there.

 

Regards

Harvey

0 Kudos
Reply

‎10-24-2025 03:15 PM
1,441 Views
oliben
Contributor II

Hello Harvey,

 

I have been unable to find your reply on this other ticket, and I am running into the same issue on i.MX93, though it appears the IPC mechanism in my case is "MU APD", not "MU RTD":

0x0287eed6
IPC = MU APD (0x2)
CMD = ELE_OEM_CNTN_AUTH_REQ (0x87)
IND = ELE_NO_AUTHENTICATION_FAILURE_IND (0xEE)
STA = ELE_SUCCESS_IND (0xD6)

0x0287eed6
IPC = MU APD (0x2)
CMD = ELE_OEM_CNTN_AUTH_REQ (0x87)
IND = ELE_NO_AUTHENTICATION_FAILURE_IND (0xEE)
STA = ELE_SUCCESS_IND (0xD6)

 

Could you please explain why I am seeing these events and how to interpret the various fields?

0 Kudos
Reply

‎10-27-2025 01:31 AM
1,377 Views
oliben
Contributor II

OK, I think I might have found the answer you were referring to, although it was not in one of ksingh's posts:

ELE_NO_AUTHENTICATION_FAILURE_IND 

appears to indicate that the container is not signed.

I am guessing that the status (STA) is nevertheless

ELE_SUCCESS_IND

because that is not a fatal error, as the system can boot even without authentication because it is not locked.

0 Kudos
Reply