Is it possible to revoke a key "manually" on the imx8x soc:s?
This was possible on the imx6 -parts by issuing a special unlock command in the CSF to allow writes to that fuse bank. For the imx8x the documentation seems to indicate that the _only_ way to revoke key's are by setting the revoke parameter in the csf in combination with the "commit" command.
Is it possible to access the revocation fuses without changing the csf?
Unfortunately no, It is possible to revoke an SRK only after successful authentication of the header that contains the SRK revocation command and the receipt of the COMMIT command with the corresponding argument.
As specified in the AN12312, Secure Boot on i.MX 8 and i.MX 8X Families using AHAB section 4.5 SRK revocation.