[Urgent] HAB Secure Boot - weird behavior
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Experts,
I have a super weird problem with the HAB secure boot on my imx8m nano, please do not tell to me evalulate the HAB events as it is really weird and I need some pointers to solve my problem :).
In most cases it works without any issues, however sometimes I am getting HAB events (listed below) for the flash.bin. The only difference is the U-Boot source code - in the case with HAB events the binary is for 72 bytes smaller than in the good case (no HAB events). We also added dummy functions to the U-Boot and it works, so I guess there are some very special cases when the Secure Boot does not work.
CSF Files
Good case (no HAB events)
0x401fcdc0 0x58000 0x1020
0x40200000 0x5B000 0xC04D0 // uboot
0x402C04D0 0x11B4D0 0x914E // uboot dtb
0x960000 0x124620 0xA0D0 // tfa
Bad case (HAB events present)
0x401fcdc0 0x58000 0x1020
0x40200000 0x5B000 0xC0488 // uboot
0x402C0488 0x11B488 0x914E // uboot dtb
0x960000 0x1245D8 0xA0D0 // tfa
As you can see in the good case the U-Boot binary is of size 0xC04D0, in the bad case is of size 0xC0488, and that is the only difference.
Magic Number (hexdump)
Good case (no HAB events)
0058000 0dd0 edfe 0000 6f03 0000 3800 0000 fc02
011b480 0dd0 edfe 0000 4e91 0000 3800 0000 2886
Bad case (HAB events present)
0058000 0dd0 edfe 0000 6f03 0000 3800 0000 fc02
011b780 71e0 4028 0000 0000 0dd0 edfe 0000 4e91
Please note the magic number again:
0058000 0dd0 edfe 0000 6f03 0000 3800 0000 fc02
011b780 71e0 4028 0000 0000 0dd0 edfe 0000 4e91
HAB events
u-boot=> hab_status
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
--------- HAB Event 1 -----------------
event data:
0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x40 0x1f 0xdd 0xc0
0x00 0x00 0x00 0x20
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 2 -----------------
event data:
0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x40 0x1f 0xcd 0xc0
0x00 0x00 0x00 0x04
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 3 -----------------
event data:
0xdb 0x00 0x34 0x45 0x33 0x18 0xc0 0x00
0xca 0x00 0x2c 0x00 0x02 0xc5 0x1d 0x00
0x00 0x00 0x09 0xf4 0x40 0x1f 0xcd 0xc0
0x00 0x00 0x10 0x20 0x40 0x20 0x00 0x00
0x00 0x0c 0x07 0x88 0x40 0x2c 0x07 0x88
0x00 0x00 0x91 0x4e 0x00 0x96 0x00 0x00
0x00 0x00 0xa0 0xd0
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_SIGNATURE (0x18)
CTX = HAB_CTX_COMMAND (0xC0)
ENG = HAB_ENG_ANY (0x00)
Any help is highly appreciated.
Regards,
Aleksandar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which version of U-boot you are using?