FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

imx93 secure boot: Not booting

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

imx93 secure boot: Not booting

‎02-10-2026 05:15 AM
654 Views
zahirskt
Contributor I

I am seeking guidance on the following points.

I generated the required keys and signed the images, validating both CST and SPSDK signing flows. The SRK keys were programmed into fuse bank 16, words 0 to 7. After performing the AHAB close operation, the system no longer boots.

First, whether there is any supported method to recover an iMX93 device after it has been locked using AHAB.

Second, how to reliably verify that the signed images correctly correspond to the programmed fuses prior to executing the AHAB close operation.

Third, whether there are recommended validation or dry run steps that can be used to avoid permanently locking the device due to incorrect images or keys.

The hardware platform supports UUU, which may be useful for recovery if applicable.

Any guidance or official support on this issue would be greatly appreciated.

0 Kudos
Reply
2 Replies

‎02-11-2026 11:47 AM
608 Views
JorgeCas
NXP TechSupport
NXP TechSupport

Hello,

Unfortunately, there are no recovery methods once AHAB is closed and the device fails secure boot authentication.

To reliably verify that signed images match the SRK fuses before AHAB close, you must confirm that you do not have events in U-boot with ahab_status before close the device.

I like this guide because you can understand the secure boot development flow, CST is deprecated and will share the recommended process but a lot in that guide is useful. https://github.com/nxp-imx/uboot-imx/blob/lf_v2025.04/doc/imx/ahab/guides/mx8ulp_9x_secure_boot.txt

The new SW tool recommended is SPSDK, you can refer to the following example, it comprises a guide for it (review the previous i.MX 93 AHAB with U-BOOT, and the next Signed AHAB image Generation for U-boot and Kernel) https://spsdk.readthedocs.io/en/latest/examples/ahab/imx93/imx93_signed_ahab_uboot.html

Best regards.

0 Kudos
Reply

‎02-17-2026 09:25 AM
551 Views
zahirskt
Contributor I
  • spsdk method: It didn't work for me, 'ahab_status' not reported teh 'NO Events found!' status
  • cst-3.1.0: Same issue

I think imx93 require sh256 signing, But I was trying sha512, I didnt see thsi is specifically mentioned any related docs

Then with cst-4.0.1: Worked with sha256 signing

0 Kudos
Reply