FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX6UL hab_status

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

i.MX6UL hab_status

‎05-23-2016 03:00 AM
2,506 Views
robertlubas
Contributor II

Hello everyone, I am trying to secure boot in i.MX6UL G2 - for not only signed second stage bootloader (SPL). Here is the problem:
While executing hab_status in u-boot command prompt I am getting the following log:

MX6UL_VAR_DART(mmc)==> hab_status

Secure boot disabled

prefetch abort

pc : [<69722070>]   lr : [<9ff712ed>]

reloc pc : [<50fb2070>]   lr : [<878012ed>]

sp : 9ef6fcc0  ip : 9ffa37b8 fp : 00000001

r10: 9ffa4d98  r9 : 9ef6feb8 r8 : 9ef8b928

r7 : 9ff71361  r6 : 00000000 r5 : 6c41202e  r4 : 6972206c

r3 : 9ff85cd1  r2 : 020200b4 r1 : 9ef6fccc  r0 : 9ef6fcc8

Flags: nzCv  IRQs off  FIQs off  Mode SVC_32

Resetting CPU ...

resetting ...

How I build the u-boot: (SPL and u-boot.img)

git clone https://github.com/varigit/uboot-imx

git checkout imx_v2015.10_dart_6ul_var1

add to include/configs/mx6ul_var_dart.h the following defines:

#define CONFIG_SECURE_BOOT

#define CONFIG_SYS_FSL_SEC_COMPAT       4 /* HAB version */

#define CONFIG_FSL_CAAM

#define CONFIG_CMD_DEKBLOB

#define CONFIG_SYS_FSL_SEC_LE

#define CONFIG_FAT_WRITE

make -j8 ARCH=arm CROSS_COMPILE=arm-poky-linux-gnueabi- mrproper

make ARCH=arm CROSS_COMPILE=arm-poky-linux-gnueabi- mx6ul_var_dart_mmc_defconfig

make -j8 ARCH=arm CROSS_COMPILE=arm-poky-linux-gnueabi-

Generate the PKI according with the AN4581

Program the fuses using fuse prog

Device is not closed

Sign using CSF:

[Header]

Version = 4.1

Hash Algorithm = sha256

Engine = ANY

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM

[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

Source index = 0

[Install CSFK]

File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

#[Unlock]

#Engine = CAAM

#Features = RNG

[Install Key]

Verification index = 0

Target Index = 2

File= "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

Verification index = 2

Blocks = 0x877fb000 0x0 0xc00 "./SPL"

What may cause the prefetch abort ?

Why the hab events did not appear?

Thanks,

Robert

~                                         

Labels (1)
Labels
Reply
4 Replies

‎06-30-2016 11:32 PM
1,409 Views
robertlubas
Contributor II

Hi,

in hab.h define HAB_RVT_BASE should evaluate to 0x00000100 (not 0x00000094)

0 Kudos
Reply

‎05-30-2016 01:01 AM
1,408 Views
robertlubas
Contributor II

Hi,

I solve this problem.

Very useful is to compile u-boot (in fact SPL): make SPL V=1 - because we get HAB Blocks info. This info goes to Block in CSF.

There is also a mistake in one define in hab.c - simply the i.MX6ul is not handled

Reply

‎06-21-2016 08:08 AM
1,410 Views
jdepedro
Contributor IV

Hi Robert,

I am working in something similar. Could you clarify which is the mistake in one define in hab.c?

0 Kudos
Reply

‎05-27-2016 01:05 AM
1,408 Views
Yuri
NXP Employee
NXP Employee

Hello,

  0x877fb000 address is used in the CSF - is this correct ?

IS DRAM area properly initialized and working ?

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply