- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- i.MX8MP EVK HABv4: hab_status shows HAB_FAILURE before fuses are burned — expected?
i.MX8MP EVK HABv4: hab_status shows HAB_FAILURE before fuses are burned — expected?
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SOLVED
04-01-2026
11:31 PM
523 Views
S-Harumoto
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
I want to do secure boot(HABv4) on i.MX8MP EVK using Yocto Project.
I referred to the following link.
https://github.com/nxp-imx/uboot-imx/blob/lf_v2025.04/doc/imx/habv4/guides/mx8m_secure_boot.txt
I have not burned the fuse table yet.
After boot the u-boot and run the `hab_status` command, the following events will be displayed.
u-boot=> hab_status Secure boot disabled HAB Configuration: 0xf0, HAB State: 0x66 --------- HAB Event 1 ----------------- event data: 0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00 0x00 0x00 0x00 0x00 0x40 0x1f 0xbd 0xc0 0x00 0x00 0x00 0x20STS = HAB_FAILURE (0x33)RSN = HAB_INV_ASSERTION (0x0C)CTX = HAB_CTX_ASSERT (0xA0)ENG = HAB_ENG_ANY (0x00) --------- HAB Event 2 ----------------- event data: 0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00 0x00 0x00 0x00 0x00 0x40 0x1f 0xad 0xc0 0x00 0x00 0x00 0x04STS = HAB_FAILURE (0x33)RSN = HAB_INV_ASSERTION (0x0C)CTX = HAB_CTX_ASSERT (0xA0)ENG = HAB_ENG_ANY (0x00) --------- HAB Event 3 ----------------- event data: 0xdb 0x00 0x3c 0x45 0x33 0x18 0xc0 0x00 0xca 0x00 0x34 0x00 0x02 0xc5 0x1d 0x00 0x00 0x00 0x0b 0x48 0x40 0x1f 0xad 0xc0 0x00 0x00 0x10 0x20 0x40 0x20 0x00 0x00 0x00 0x11 0x43 0x90 0x40 0x31 0x43 0x90 0x00 0x00 0xea 0x98 0x00 0x97 0x00 0x00 0x00 0x00 0xbb 0x80 0x56 0x00 0x00 0x00 0x00 0x08 0xc3 0x80STS = HAB_FAILURE (0x33)RSN = HAB_INV_SIGNATURE (0x18)CTX = HAB_CTX_COMMAND (0xC0)ENG = HAB_ENG_ANY (0x00) --------- HAB Event 4 ----------------- event data: 0xdb 0x00 0x3c 0x45 0x33 0x18 0xc0 0x00 0xca 0x00 0x34 0x00 0x02 0xc5 0x1d 0x00 0x00 0x00 0x0b 0x48 0x40 0x1f 0xad 0xc0 0x00 0x00 0x10 0x20 0x40 0x20 0x00 0x00 0x00 0x11 0x43 0x90 0x40 0x31 0x43 0x90 0x00 0x00 0xea 0x98 0x00 0x97 0x00 0x00 0x00 0x00 0xbb 0x80 0x56 0x00 0x00 0x00 0x00 0x08 0xc3 0x80STS = HAB_FAILURE (0x33)RSN = HAB_INV_SIGNATURE (0x18)CTX = HAB_CTX_COMMAND (0xC0)ENG = HAB_ENG_ANY (0x00)
Questions:
1) Is it expected/normal to see these HAB events (HAB_INV_ASSERTION / HAB_INV_SIGNATURE) when fuses are not programmed yet?
2) After programming the SRK hash, should these events disappear?
Or do these events indicate that something is already wrong in my signed images/CSF/FIT setup?
thank you
Solved! Go to Solution.
1 Solution
04-02-2026
10:29 PM
479 Views
S-Harumoto
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your reply.
I double checked my steps.
I was using wrong blocks in csf_fit.txt.
I double checked my steps.
I was using wrong blocks in csf_fit.txt.
The root cause was that the DTB size was not aligned.
I needed to pad the DTB before running print_fit_hab.sh.
build/tmp/work/imx8mp_lpddr4_evk-poky-linux/imx-boot/1.0-r0/git/iMX8M# ../scripts/pad_image.sh imx8mp-evk.dtb
Padding imx8mp-evk.dtb to 60064 bytes
build/tmp/work/imx8mp_lpddr4_evk-poky-linux/imx-boot/1.0-r0/git/iMX8M# TEE_LOAD_ADDR=0x56000000 ATF_LOAD_ADDR=0x00970000 FIT_DATA_POS=0x5000 ./print_fit_hab.sh 0x60000 imx8mp-evk.dtb
0x40200000 0x5D000 0x114390
0x40314390 0x171390 0xEAA0
0x970000 0x17FE30 0xBB80
0x56000000 0x18B9B0 0x8C380
Now I can see "No HAB Events Found!"
thank you
2 Replies
04-02-2026
10:29 PM
480 Views
S-Harumoto
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your reply.
I double checked my steps.
I was using wrong blocks in csf_fit.txt.
I double checked my steps.
I was using wrong blocks in csf_fit.txt.
The root cause was that the DTB size was not aligned.
I needed to pad the DTB before running print_fit_hab.sh.
build/tmp/work/imx8mp_lpddr4_evk-poky-linux/imx-boot/1.0-r0/git/iMX8M# ../scripts/pad_image.sh imx8mp-evk.dtb
Padding imx8mp-evk.dtb to 60064 bytes
build/tmp/work/imx8mp_lpddr4_evk-poky-linux/imx-boot/1.0-r0/git/iMX8M# TEE_LOAD_ADDR=0x56000000 ATF_LOAD_ADDR=0x00970000 FIT_DATA_POS=0x5000 ./print_fit_hab.sh 0x60000 imx8mp-evk.dtb
0x40200000 0x5D000 0x114390
0x40314390 0x171390 0xEAA0
0x970000 0x17FE30 0xBB80
0x56000000 0x18B9B0 0x8C380
Now I can see "No HAB Events Found!"
thank you
04-02-2026
01:21 AM
508 Views
joanxie
NXP TechSupport
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
this shouldn't be the expected behavior, you need double check your steps, it seems there is problem with your csf bin file
Reply
