Hi,
I have built a signed U-boot image following the steps from the NXP document AN4581. I was successful in the open configuration mode. As the signed image booted correctly without any HAB errors in open configuration mode.
Then I closed the device by blowing the final fuse SEC_CONFIG, and after this, I tried to flash an unsigned image to test the functionality, whether the image was forbidden to boot or not. The device fails to boot, which is a good sign.
But now the module is bricked. I am using i.mx7 MODULE FROM TORADEX and i use to flash my binaries via their Toradex easy installer application. This Easy installer application fails to work in my device which is in the closed configuration.
So how can I recover my module back, so that I can flash my signed image on to the board and test the positive case?
My board details :
Toradex Colibri i.MX7 D module 512Mb.
I need a way to recover my module back to the state so that I can flash my signed image and test the functionality.
Also, let me know how to test the unsigned image as well.
Solved! Go to Solution.
Hello @Yuri Muhin,
Thanks for the reply. Well, I tried to recover the module via SDP by signing the image using the steps mentioned in section F . By I am not clear with the process, which states loading the DCD table on to 0x910000 and clearing the DCD table pointer in the IVT during the signing. I am not sure why it has to load on to 0x910000, which makes me scary.
Could you share your thoughts on that plz .
Also how secure-boot could be visualized and implemented at the production phase?
Is it like, generate PKI tree of your choice at once, dump the same SRKFuses to all the boards ---> Sign the Bootloader images with the respective PKI tree and flash it on to all the boards or ??...any thoughts on this as well.
Thanks
Hello,
I expect Toradex "Easy Installer' loads and run minimal system to i.MX target for further activity,
similar as NXP MFG (UUU) does. If i.MX7 is in closed state, such minimal system must be
signed itself in order to run. This is why Your system is not working now. Please apply to
Toradex for more details how to sign corresponding images.
Have a great day,
Yuri.
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
Hello @Yuri Muhin,
Thanks for the reply. Well, I tried to recover the module via SDP by signing the image using the steps mentioned in section F . By I am not clear with the process, which states loading the DCD table on to 0x910000 and clearing the DCD table pointer in the IVT during the signing. I am not sure why it has to load on to 0x910000, which makes me scary.
Could you share your thoughts on that plz .
Also how secure-boot could be visualized and implemented at the production phase?
Is it like, generate PKI tree of your choice at once, dump the same SRKFuses to all the boards ---> Sign the Bootloader images with the respective PKI tree and flash it on to all the boards or ??...any thoughts on this as well.
Thanks
Hello,
The address 0x00910000 in the OCRAM with the SDP is used by i.MX boot ROM.
Generally CST may be used by customers as base for own design for production phase.
Its sources are provided with the package.
https://www.nxp.com/webapp/Download?colCode=IMX_CST_TOOL_NEW&location=null
Regards,
Yuri.