Use SRK fuses to validate user-space application(s) on i.MX8QM and i.MX8MP processors

Mihajlo · ‎09-19-2024

Hi,

I've seen numerous descriptions and examples of secure boot process and all of them end up with checking kernel signature. IMHO that makes sense as that's the end of a boot process

I'm interested if it is possible to use same SRK fuses to validate user application(s) before starting them in running Linux OS.

Is there any kind of support (kernel driver/module, library, etc.) for using HAB/AHAB to validate user-space applications ?

Mihajlo

Thank you @AldoG !

I'll have a look.

AldoG · ‎09-25-2024

Hello,

I do not think this may be possible as HAB/AHAB are used mainly for boot process, even so you may take a look to all security features we have available in our Linux BSP
https://www.nxp.com/docs/en/user-guide/IMX_LINUX_USERS_GUIDE.pdf

Chapter 10 security.

Best regards/Saludos,
Aldo.

Use SRK fuses to validate user-space application(s) on i.MX8QM and i.MX8MP processors

Use SRK fuses to validate user-space application(s) on i.MX8QM and i.MX8MP processors

i.MX 8 Family | i.MX 8QuadMax (8QM) | 8QuadPlus

Linux