Hi everyone,
I am trying to implement secure boot on the Gateworks Ventana GW5400 Board that uses an iMX6 SoC.
I have followed the instructions in :
http://www.variwiki.com/index.php?title=High_Assurance_Boot
When using hab_status, I still get 4 events. Can someone help me solve this. Here is what I get :
Ventana > hab_status
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
--------- HAB Event 1 -----------------
event data:
0xdb 0x00 0x1c 0x42 0x33 0x18 0xc0 0x00
0xca 0x00 0x14 0x00 0x02 0xc5 0x00 0x00
0x00 0x00 0x10 0x10 0x00 0x90 0x74 0x00
0x00 0x00 0xdc 0x00
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_SIGNATURE (0x18)
CTX = HAB_CTX_COMMAND (0xC0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 2 -----------------
event data:
0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x00 0x90 0x74 0x00
0x00 0x00 0x00 0x20
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 3 -----------------
event data:
0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x00 0x90 0x74 0x20
0x00 0x00 0x00 0x01
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 4 -----------------
event data:
0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x00 0x90 0x80 0x00
0x00 0x00 0x00 0x04
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
The SPL log file :
Image Type: Freescale IMX Boot Image
Image Ver: 2 (i.MX53/6/7 compatible)
Mode: DCD
Data Size: 65536 Bytes = 64.00 KiB = 0.06 MiB
Load Address: 00907420
Entry Point: 00908000
HAB Blocks: 0x00907400 0x00000000 0x0000dc00
DCD Blocks: 00910000 0000002c 00000004
The SPL CSF part to add :
[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Address Offset Length Data File Path
Blocks = 0x00907400 0x00000000 0x0000dc00 "SPL"
[Unlock]
Engine = CAAM
Features = RNG
The uboot-ivt log file :
Image Name: U-Boot 2018.05-rc2 for gw_ventan
Created: Sun Oct 18 17:28:43 2020
Image Type: ARM U-Boot Firmware with HABv4 IVT (uncompressed)
Data Size: 708544 Bytes = 691.94 KiB = 0.68 MiB
Load Address: 17800000
Entry Point: 00000000
HAB Blocks: 0x177fffc0 0x0000 0x000ab020
The uboot-ivt CSF part to add :
[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Address Offset Length Data File Path
Blocks = 0x177fffc0 0x0000 0x000ab020 "u-boot-ivt.img"
@Kami07
Hello,
please double check parameters in [Authenticate Data] block
just for Your case.
# Address Offset Length Data File Path
Blocks = 0x00907400 0x00000000 0x0000dc00 "SPL"
# Address Offset Length Data File Path
Blocks = 0x177fffc0 0x0000 0x000ab020 "u-boot-ivt.img"
Regards,
Yuri.