secure boot on i.mx6 nitrogen6x board

HI Marius,

I am using SDP protocol to boot signed custom u-boot binary on board. imx_usb_loader is updated and is on HEAD of the master branch as mentioned in https://boundarydevices.com/high-assurance-boot-hab-dummies/.

I have updated csf file with Blocks = 0x0910000 0x2c 0x2c0 "boot-loader.bin, as  in hexdump of boot-loader.bin and in system.map file and can see the addresses.

I have extracted DCD pointers and size of DCD data as per the address, still not able to boot signed binary.

System is still throwing HAB event.

can you please help here?

Attaching csf file.

hexdump of custom bootloader

00000000  d1 00 20 40 ec 02 91 00  00 00 00 00 2c 00 91 00  |.. @........,...|
00000010  20 00 91 00 00 00 91 00  00 6c 91 00 00 00 00 00  | ........l......|
00000020  00 fc 90 00 00 70 00 00  00 00 00 00 d2 02 c0 40  |.....p.........@|
00000030  cc 02 bc 04 02 0e 05 a8  00 00 00 30 02 0e 05 b0  |...........0....|

System map file data

 Blocks = 0x0910000 0x2c 0x2c0 "boot-loader.bin"

 257                                                                                 
 258 Linker script and memory map                                                    
 259                                                                                 
 260                                                                                 
 261 .ivt            0x0000000000910000       0x2c load address 0x0000000000000000   
 262                 0x0000000000910000                _ivt = .                      
 263                 0x0000000000910000        0x1 BYTE 0xd1                         
 264                 0x0000000000910001        0x1 BYTE 0x0 (((_eivt_header - _ivt) >> 0x8) & 0xff)
 265                 0x0000000000910002        0x1 BYTE 0x20 ((_eivt_header - _ivt) & 0xff)
 266                 0x0000000000910003        0x1 BYTE 0x40                         
 267                 0x0000000000910004        0x4 LONG 0x9102ec __start             
 268                 0x0000000000910008        0x4 LONG 0x0                          
 269                 0x000000000091000c        0x4 LONG 0x91002c __board_dcd         
 270                 0x0000000000910010        0x4 LONG 0x910020 _boot_data          
 271                 0x0000000000910014        0x4 LONG 0x910000 _ivt                
 272                 0x0000000000910018        0x4 LONG 0x916c00                     
 273                 0x000000000091001c        0x4 LONG 0x0                          
 274                 0x0000000000910020                _eivt_header = .              
 275                 0x0000000000910020                _boot_data = .                
 276                 0x0000000000910020        0x4 LONG 0x90fc00 (_ivt - 0x400)      
 277                 0x0000000000910024        0x4 LONG 0x7000 (((_edata - _ivt) + 0xfff) & 0xfffffffffffff000)
 278                 0x0000000000910028        0x4 LONG 0x0                          
 279                 0x000000000091002c                _eivt = .                     
 280                                                                                 
 281 .dcd            0x000000000091002c      0x2c0 load address 0x000000000000002c   
 282                 0x000000000091002c                _dcd = .                      
 283  *(.dcd)                                                                        
 284  .dcd           0x000000000091002c      0x2c0 mmdc.o                            
 285                 0x000000000091002c                __board_dcd                   
 286                 0x00000000009102ec                _edcd = .                     
 287                                                                                 
 288 .text           0x00000000009102ec     0x675c load address 0x00000000000002ec   

Thanks,

Akash