RT1015 image.exe command for BEE XIP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RT1015 image.exe command for BEE XIP

1,902 Views
kensu
Contributor V

Hi

I got internal doc from NXP people.

I follow the doc to execute image.exe with some command.

But I get “Unsupported argument”.

Could you help me to check the parameters of image.exe?

 pastedImage_2.png

Regards

Ken

Labels (1)
Tags (2)
10 Replies

1,763 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi  Ken Su,

  Do you already get the image_enc.exe which is used for the BEE?

  In fact, if you already get it, I think you also can use the MCUBootUtility tool to do the BEE instead of the commander line, it will be easier to use it.

 MCUBootutility tool can be downloaded from this link:

  https://github.com/JayHeng/NXP-MCUBootUtility/archive/v2.3.0.zip

the related user manual is:
https://github.com/JayHeng/NXP-MCUBootUtility

  

You also can refer to my RT1020 BEE operation in this post:

https://community.nxp.com/message/1275911?commentID=1275911#comment-1273495 

reply on: Feb 24, 2020 7:55 AM

 About the document you mentioned, I don't have it and don't know which detail internal document.

 If you don't want to use the MCUBootutility, and still want to use the command line, you also can create the case, and share your internal document with me, I would like to help you to check it. On my side, when I use the BEE, I mainly use the MCUBootUtility tool to configure the BEE mode directly.

Wish it helps you!

If you still have questions about it, please kindly let me know.

Best Regards,

Kerry

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

  

 

0 Kudos
Reply

1,763 Views
kensu
Contributor V

Hi Kerry 

Thanks for suggestion,

Now I use MCUBootUtility tool firstly and study the command and tool, please check my step:

Step 1: unzip NXP-MCUBootUtility-master.zip and copy image_enc.exe to NXP-MCUBootUtility-master\tools\image_enc\win\

Step 2: Connect my RT1015 EVK, and set to download mode by SW8(3 is low, 4 is high)

pastedImage_1.png

Step 3: Prepare SDK: I use evkmimxrt1015_igpio_led_output, 

pastedImage_2.png

And I generate .s19 format output.

Step 4: Connect my EVK from tool --> Successful

pastedImage_3.png

Select Boot Type BEE Encrypted Image Boot

pastedImage_4.png

pastedImage_5.png

Step 5: Press All-In-One-Action

   The process bar is running but not complete. It looks like stop.

pastedImage_6.png

Step 6:  My tool log.

//======================================================================================

'Connect to xxx' button is clicked
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- error-status
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- read-register 1075790864 32 4 E:\NXP-MCUBootUtility-master\tools\sdphost\win\vectors\readReg.dat
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- read-register 1075790880 32 4 E:\NXP-MCUBootUtility-master\tools\sdphost\win\vectors\readReg.dat
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- read-register 1074757636 32 4 E:\NXP-MCUBootUtility-master\tools\sdphost\win\vectors\readReg.dat
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- read-register 1074757660 32 4 E:\NXP-MCUBootUtility-master\tools\sdphost\win\vectors\readReg.dat
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- read-register 1074757660 32 4 E:\NXP-MCUBootUtility-master\tools\sdphost\win\vectors\readReg.dat
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- write-file 539001344 E:\NXP-MCUBootUtility-master\src\targets\MIMXRT1015\ivt_flashloader.bin
Executing E:\NXP-MCUBootUtility-master\tools\sdphost\win\sdphost -t 50000 -u 0x1FC9,0x0130 -j -- jump-address 539001344
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- get-property 1 0
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- get-property 1 0
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- get-property 24 0
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- efuse-read-once 5
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- efuse-read-once 6
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- efuse-read-once 7
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- efuse-read-once 6
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 5242000 -u 0x15A2,0x0073 -j -- read-memory 1074446400 4 E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\vectors\readReg.dat 0
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 5242000 -u 0x15A2,0x0073 -j -- fill-memory 538976256 4 3221225479 word
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 5242000 -u 0x15A2,0x0073 -j -- fill-memory 538976260 4 0 word
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 50000 -u 0x15A2,0x0073 -j -- configure-memory 9 538976256
Executing E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\blhost -t 5242000 -u 0x15A2,0x0073 -j -- read-memory 1610612736 1024 E:\NXP-MCUBootUtility-master\tools\blhost2_3\win\vectors\flexspiNorCfg.dat 9
'Generate Certificate' button is clicked
serial is generated: E:\NXP-MCUBootUtility-master\gen\hab_cert\serial
key_pass.txt is generated: E:\NXP-MCUBootUtility-master\gen\hab_cert\key_pass.txt
serial and key_pass.txt are copied to: E:\NXP-MCUBootUtility-master\tools\cst\keys

//==============================================================================

Do I loss any setting?

Please check my step and setting.

And I want to double confirm : Can I burn EVK efuse? I am not sure if the EVK fuse are all lock?

Thank you very much.

Regards

Ken

0 Kudos
Reply

1,763 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi Ken,

  Do you also want to do the HAB certification while you do the BEE secure?

  If yes, just copy the  image_enc.exe is not enough, you also need to do the HAB configuration.

  My HAB document have mentioned it:

RT1050 HAB Encrypted Image Generation and Analysis 

 Chapter 2.1 CST tool preparation

 In fact, from theory, if you don't do the HAB, you can select the Enable Certificate for HW(bee/OTFAD) encryption as No.

pastedImage_2.png

Then the BEE mode won't do the HAB operation, and you don't need to do the CST configuration.

Do you already close your HAB Status?

  

Best Regards,

Kerry

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

1,763 Views
kensu
Contributor V

Hi Kerry

Sorry for late reply,

As you say,

"In fact, from theory, if you don't do the HAB, you can select the Enable Certificate for HW(bee/OTFAD) encryption as No."

I understood, and I will select "No".

But my EVK efuse have some bit lock enabled.

So that my BEE XIP evaluation cannot continue.

Now I am studying AN12079 and elftosb manual. I will ask some question in another post.

I think I must understand more elftosb concept so that I can use my command line to complete the BEE XIP process.

Thanks

Ken 

0 Kudos
Reply

1,763 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi Ken Su

    That's why I checked it with you, as I find your picture already select the HAB, if you already do the BEE downloading, I'm afraid you already close the HAB which will write the fuse map. But it doesn't matter, the official side recommend you also close the HAB when do the BEE security, you still can do the BEE downloading, but you need to prepare the related SRK files, then you can use the MCUBootUtility download the code again.

     If you still want to use the elftosb, you can create the case, and share me your internal doc from NXP people, I would like to help you to check it on my side, as I still don't have the document which you mentioned it.

    After you create the case, you can write assign to kerry, then I will help you to check more details and test with the elftosb commander line. AN12079 didn't mention the image_enc.exe.

Best Regards,

Kerry

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

1,763 Views
kensu
Contributor V

Hi Kerry

one more question, 

To make the discuss more clearly, can I use "Traditional Chinese" or "simplified Chinese" on community?

Regards

Ken

0 Kudos
Reply

1,763 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi Ken Su

    Simplified Chinese is acceptable!

Best Regards,

Kerry

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

1,763 Views
kensu
Contributor V

Hi Kerry

I am check the again MCUBootutility .

Image is using MCUBootutility demo app. "led_blinky_0x60002000.srec"

I don't need Certificate for HW Encryption, so I select No.

pastedImage_4.png

pastedImage_5.png

I use the Master mode, 

pastedImage_6.png

So I can generate Unsigned bootable image and Encrypt bootable image.pastedImage_1.png

pastedImage_7.png

When I press Load Encrypted Image, 

Tool will try to load a file "ivt_led_blinky_0x60002000_unsigned_bee_encrypted_nocfgblock.bin" to address "0x60000400".

pastedImage_8.png

Is the "ivt_led_blinky_0x60002000_unsigned_bee_encrypted_nocfgblock.bin" file the final Enctryped_Boot image?

Regards

Ken

0 Kudos
Reply

1,763 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi Ken Su,

   Yes, you are right.

ivt_led_blinky_0x60002000_unsigned_bee_encrypted_nocfgblock.bin will write to the 0X400.

  You can check the nocfgblock.bin with my readout data:

pastedImage_1.png

In fact, you don't need to do it step by step, you can click the button: All in one action, it will help you to download it directly.

Last week, I wrote your situation as an doc post, both with the MCUBootUtility and the Commander line:

RT1015 APP BEE encryption operation method 

You can check it on your side. Seems you didn't reply to me after my updated in your another post:

RT1015 BEE XIP Step Confirm 

 Please also note, you need to readout the fuse map, make sure you are selecting the correct key source.

Any updated information, just kindly let me know.

Best Regards,

Kerry

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

1,763 Views
kensu
Contributor V

Hi Kerry

pastedImage_1.png

Thanks a lot.

I will create the case, and attach the doc with you soon.

Please wait.

Regards

Ken

0 Kudos
Reply