imx8 Quad Max determine if SOM is closed by reading a fuse?

flobro · ‎03-14-2025

Is there a way to tell by a fuse or other way to determine id the "ahab_close" has been called?

I would like to do this in Linux if there is a fuse I can read.

Alternative, what user fuse is readable that I could set to use as an indicator if the closed status is not available?

flobro · ‎03-24-2025

Without a Linux user space utility that could call SCFW, does not really help. I have a workaround for our case that allows our manufacturing process the ability to mange the fuses.

View solution in original post

flobro · ‎03-21-2025

Response is great is you are using a terminal and a human is reading and acting upon it, so this is not a usable solution.

I could not use the "ahab_status" in a uboot "test" command to send the kernel the status in a command line argument (result code was not always correct "$?")

I do not understand why NXP could not use a readable fuse to indicate status just like imx8m Plus... There a so many unused fuses.

JosephAtNXP · ‎03-24-2025

Hi,

Thank you for your patience,

The fuse is not readable from the user since the security differences from i.MX8MP (SECO and SCFW), there is a SCFW call that handles this and can help you (at U-boot, Linux, etc since it's a SCFW call). The life cycle is indeed a fuse but it's secured and you can read it though the API.

U-boot does it in the mentioned command. It's below, I hope it helps.

sc_err_t sc_seco_chip_info (sc_ipc_t ipc, uint16_t ∗lc, uint16_t ∗monotonic, uint32_t ∗uid_l, uint32_t ∗uid_h)

Regards,

flobro · ‎03-24-2025

Without a Linux user space utility that could call SCFW, does not really help. I have a workaround for our case that allows our manufacturing process the ability to mange the fuses.

flobro · ‎03-18-2025

Here is the situation: We cannot allow a SOM that is "not closed" to run code that is signed, intended for a closed device. That is a major security hole.

On the imx8M Plus, we could read a fuse to determine this and prevent the processor from booting, and report it as a security issue.

On the Quad Max, it does not appear that there is a way to determine this by reading a fuse (I hope I am wrong), but Uboot reporting this does not help... If there was a "user fuse" (NXP refers to them as "Customer OTP fuses") that I can read in user space that can be burned by uboot the same time I close the SOM, that would work.

flobro · ‎03-14-2025

If there is a "Customer fuse" that can be read by the imx-scu-ocotp0 driver, that would work wonderfully...

JosephAtNXP · ‎03-14-2025

Hi,

Thank you for your interest in NXP Semiconductor products,

You can confirm it in U-boot quickly with the command ahab_status.

Regards

imx8 Quad Max determine if SOM is closed by reading a fuse?

imx8 Quad Max determine if SOM is closed by reading a fuse?

i.MX 8 Family | i.MX 8QuadMax (8QM) | 8QuadPlus