Hello, NXP experts,
I'm implementing AHBA secure boot on i.MX8DXP and using CST tools(cst-3.3.1) to sign image.
I burned SRK into the fuse OTP, row index from 730 to 745.
According to my understanding, if the used SRK to sign image does not match the SRK in the SRK fuse, the startup verification will fail, but now the image can still boot normally.
Is it my understanding wrong or is there something missing?
Thanks.
Best Regards,
liweihua
Solved! Go to Solution.
@dlliweihua
Hi,
when device is not closed, AHAB verifies the image, but, in case of errors,
it allows further code running. Of course such boot is not safe.
To review possible events: power on the board, and run the following command
on the SCFW terminal:
>$ seco events
@dlliweihua
Hello,
If i.MX8 is not closed, only (SECO) events are generated if an error takes place.
Image execution is not prevented.
Verify SECO events ------------------------- If the fuses have been written properly, there should be no SECO events after boot. To validate this, power on the board, and run the following command on the SCFW terminal: >$ seco events
After the device successfully boots a signed image without generating any SECO security events, it is safe to close the device.
Regards,
Yuri.
Hi,
Thanks for your rapid reply.
Do you mean when device is not OEM closed,
if the SRK used to sign boot image is different from the one in fuse OTP,
the device can still booted but the boot is not safe?
My boot loader is ipl, then how to verify seco event?
Best Regards,
liweihua
@dlliweihua
Hi,
when device is not closed, AHAB verifies the image, but, in case of errors,
it allows further code running. Of course such boot is not safe.
To review possible events: power on the board, and run the following command
on the SCFW terminal:
>$ seco events