i.MX8X reverting Secure Boot with return lifecycle

gonzalo_ruiz · ‎12-18-2020

Hello,

I have seen in AN12312 that there is a possibility to revert in some way the security state of a i.MX8X after being in OEM Closed status.

For that we can use the sc_misc_seco_return_lifecycle SCU API interface to update the SOC lifecylce from OEM Closed to Partial Field Return.

My question is, what are the implications of this new state? Is Secure Boot reverted and now we would be able to boot unsigned images again?

Also in regard to its implementation, I see on the imx_v2020.04_5.4.47_2.2.0 branch from Codeaurora that, though there is a SECO_FUNC_RETURN_LIFECYCLE macro defined, there is no function implementation to send that command to the SCU. Can you help us do this?

We would want to be able to disable secure boot if necessary to comply with LGPLv3 license in case some customer requests to open a closed device.

Regards,

Gonzalo

igorpadykov · ‎12-22-2020

Hi Gonzalo

The life cycle of the device helps ensure that secrets provisioned in one stage are not accessible to another as the chip progresses to the field and also as the chip returns back to the OEM and to the silicon manufacturer.

The difference between OEM Closed mode and PFR is below:

Life Cycle

Comments

OEM closed

OEM has closed the part.

SECO FW needs to be authenticated against the NXP SRK set. SCU FW and user domains images need to be authenticated against the OEM SRK set.

Debug on the SCU needs to be enable using an OEM signed message. Debug on the application cores can be configured to require a JTAG Challenge to be passed. Debugging the SECO is not possible in this state.

Partial Field Return

SECO FW needs to be authenticated against the NXP SRK set. SCU FW and user domains images don't need to be authenticated.

Debug on the SCU and application cores are enable. Debugging the SECO needs to be enable using the NXP signed message.

So for PFR, we don't have secure boot process, we can boot the system using un-signed images.

For helping with implementation suggest to proceed with: https://contact.nxp.com/new-prof-svcs-sw-tech

Best regards
igor

View solution in original post

igorpadykov · ‎12-22-2020

Hi Gonzalo

The life cycle of the device helps ensure that secrets provisioned in one stage are not accessible to another as the chip progresses to the field and also as the chip returns back to the OEM and to the silicon manufacturer.

The difference between OEM Closed mode and PFR is below:

Life Cycle

Comments

OEM closed

OEM has closed the part.

SECO FW needs to be authenticated against the NXP SRK set. SCU FW and user domains images need to be authenticated against the OEM SRK set.

Debug on the SCU needs to be enable using an OEM signed message. Debug on the application cores can be configured to require a JTAG Challenge to be passed. Debugging the SECO is not possible in this state.

Partial Field Return

SECO FW needs to be authenticated against the NXP SRK set. SCU FW and user domains images don't need to be authenticated.

Debug on the SCU and application cores are enable. Debugging the SECO needs to be enable using the NXP signed message.

So for PFR, we don't have secure boot process, we can boot the system using un-signed images.

For helping with implementation suggest to proceed with: https://contact.nxp.com/new-prof-svcs-sw-tech

Best regards
igor

gonzalo_ruiz · ‎12-23-2020

Hi Igor,

Thank you for your response.

I would like to know if the CAAM module could still be used for tasks not related with secure boot (i.e. random number generation, etc.) when the device is in Partial Field Return stage.

Regards,

Gonzalo

igorpadykov · ‎01-04-2021

Hi Gonzalo

yes CAAM module still can be used when the lifecycle has changed to PFR.

Best regards
igor