Hi all,
I'm currently developing a secure boot solution for one of our customers using i.MX8DXL
I have a question,
In which memory area is the KEY value fused by SECO API stored?
( KEY i.g : fuse Index 730~745 OEM SRK - SRK_HASH )
( API i.g : sc_misc_otp_fuse_write )
Thanks for your helps.
Best Regards,
Duncan
已解决! 转到解答。
Hi @minsiklee
Fuse reads and writes are done through SCAPI, you can download KIT and extract its respective API for more details.
L5.15.52_2.1.0_SCFWKIT-1.14.0 (nxp.com)
Regarding the procedure to read hash values (8DXL for example).
Retrieve the base address for shadow from SCFWKIT:
As known, offset ranges from 0x24A0, 0x24B0 ... 0x2590.
Then you can read them as below method.
Best regards
Harvey
Hi @minsiklee
I assume that you're going to fuse SRK_HASH values. more details can be seen in secure boot user guide using AHAB (mx8_mx8x_secure_boot.txt\guides\ahab\imx\doc - uboot-imx - i.MX U-Boot (codeaurora.org)).
- Program SRK_HASH[511:0] fuses: * On i.MX 8 QXP: => fuse prog 0 730 0xd436cc46 => fuse prog 0 731 0x8ecccda9 => fuse prog 0 732 0xb89e1601 => fuse prog 0 733 0x5fada3db => fuse prog 0 734 0xd454114a => fuse prog 0 735 0xb6cd51f4 => fuse prog 0 736 0x77384870 => fuse prog 0 737 0xc50ee4b2 => fuse prog 0 738 0xa27e5132 => fuse prog 0 739 0xeba887cf => fuse prog 0 740 0x592c1e2b => fuse prog 0 741 0xbb501799 => fuse prog 0 742 0xee702e07 => fuse prog 0 743 0xcf8ce73e => fuse prog 0 744 0xfb55e2d5 => fuse prog 0 745 0xeba6bbd2
Can you please tell what requirements you need about the physical address?
Best regards
Harvey
Hi, @Harvey021
Sorry for the late reply.
# Can you please tell what requirements you need about the physical address?
I want to know for the purpose of protecting the actual memory where the fuse SRK_HASH value is stored.
Therefore, I wonder as to which memory(SECO ROM? SCU ROM?)physical address is referenced to read the fused SRK_HASH value.
Also I already know that when i fuse SRK_HASH values, they are stored at index 730-745.
(The area will be at 0x24A0, 0x24B0 .. 0x2590)
Thanks for your reply.
Best Regards.
duncan.
Hi @minsiklee
Fuse reads and writes are done through SCAPI, you can download KIT and extract its respective API for more details.
L5.15.52_2.1.0_SCFWKIT-1.14.0 (nxp.com)
Regarding the procedure to read hash values (8DXL for example).
Retrieve the base address for shadow from SCFWKIT:
As known, offset ranges from 0x24A0, 0x24B0 ... 0x2590.
Then you can read them as below method.
Best regards
Harvey