Hi All,
I have nitrogen6x board from boundary device and i am booting secure u-boot binary on processor.
following below link to do the job.
High Assurance Boot (HAB) for dummies - Boundary Devices
As of now i am testing the binary in open configuration mode, and i guess i have fused the wrong SRK keys in efuse register.
1) is it possible that i can boot the board with signed u-boot binary and override the fuse key with new SRK keys and check the hab_status?
thanks,
Akash Gajjar
HI Marius,
I am using SDP protocol to boot signed custom u-boot binary on board. imx_usb_loader is updated and is on HEAD of the master branch as mentioned in https://boundarydevices.com/high-assurance-boot-hab-dummies/.
I have updated csf file with Blocks = 0x0910000 0x2c 0x2c0 "boot-loader.bin, as in hexdump of boot-loader.bin and in system.map file and can see the addresses.
I have extracted DCD pointers and size of DCD data as per the address, still not able to boot signed binary.
System is still throwing HAB event.
can you please help here?
Attaching csf file.
hexdump of custom bootloader
00000000 d1 00 20 40 ec 02 91 00 00 00 00 00 2c 00 91 00 |.. @........,...|
00000010 20 00 91 00 00 00 91 00 00 6c 91 00 00 00 00 00 | ........l......|
00000020 00 fc 90 00 00 70 00 00 00 00 00 00 d2 02 c0 40 |.....p.........@|
00000030 cc 02 bc 04 02 0e 05 a8 00 00 00 30 02 0e 05 b0 |...........0....|
System map file data
Blocks = 0x0910000 0x2c 0x2c0 "boot-loader.bin"
257
258 Linker script and memory map
259
260
261 .ivt 0x0000000000910000 0x2c load address 0x0000000000000000
262 0x0000000000910000 _ivt = .
263 0x0000000000910000 0x1 BYTE 0xd1
264 0x0000000000910001 0x1 BYTE 0x0 (((_eivt_header - _ivt) >> 0x8) & 0xff)
265 0x0000000000910002 0x1 BYTE 0x20 ((_eivt_header - _ivt) & 0xff)
266 0x0000000000910003 0x1 BYTE 0x40
267 0x0000000000910004 0x4 LONG 0x9102ec __start
268 0x0000000000910008 0x4 LONG 0x0
269 0x000000000091000c 0x4 LONG 0x91002c __board_dcd
270 0x0000000000910010 0x4 LONG 0x910020 _boot_data
271 0x0000000000910014 0x4 LONG 0x910000 _ivt
272 0x0000000000910018 0x4 LONG 0x916c00
273 0x000000000091001c 0x4 LONG 0x0
274 0x0000000000910020 _eivt_header = .
275 0x0000000000910020 _boot_data = .
276 0x0000000000910020 0x4 LONG 0x90fc00 (_ivt - 0x400)
277 0x0000000000910024 0x4 LONG 0x7000 (((_edata - _ivt) + 0xfff) & 0xfffffffffffff000)
278 0x0000000000910028 0x4 LONG 0x0
279 0x000000000091002c _eivt = .
280
281 .dcd 0x000000000091002c 0x2c0 load address 0x000000000000002c
282 0x000000000091002c _dcd = .
283 *(.dcd)
284 .dcd 0x000000000091002c 0x2c0 mmdc.o
285 0x000000000091002c __board_dcd
286 0x00000000009102ec _edcd = .
287
288 .text 0x00000000009102ec 0x675c load address 0x00000000000002ec
Thanks,
Akash
Hi,
Is not possible. The SRK fuses are OTP (One Time Programmable).
So don't close the device to avoid bricking the device.
Marius