iMX6 Secure Boot HABv4 event INV_SIGNATURE

Hi everyone,

I am trying to implement secure boot on the Gateworks Ventana GW5400 Board that uses an iMX6 SoC. 

I have followed the instructions in :

http://www.variwiki.com/index.php?title=High_Assurance_Boot

When using hab_status, I still get 4 events. Can someone help me solve this. Here is what I get :

Ventana > hab_status                

Secure boot disabled

HAB Configuration: 0xf0, HAB State: 0x66

--------- HAB Event 1 -----------------

event data:

        0xdb 0x00 0x1c 0x42 0x33 0x18 0xc0 0x00

                0xca 0x00 0x14 0x00 0x02 0xc5 0x00 0x00

                        0x00 0x00 0x10 0x10 0x00 0x90 0x74 0x00

                                0x00 0x00 0xdc 0x00

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_SIGNATURE (0x18)

CTX = HAB_CTX_COMMAND (0xC0)

ENG = HAB_ENG_ANY (0x00)

--------- HAB Event 2 -----------------

event data:

        0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00

                0x00 0x00 0x00 0x00 0x00 0x90 0x74 0x00

                        0x00 0x00 0x00 0x20

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_ASSERTION (0x0C)

CTX = HAB_CTX_ASSERT (0xA0)

ENG = HAB_ENG_ANY (0x00)

--------- HAB Event 3 -----------------

event data:

        0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00

                0x00 0x00 0x00 0x00 0x00 0x90 0x74 0x20

                        0x00 0x00 0x00 0x01

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_ASSERTION (0x0C)

CTX = HAB_CTX_ASSERT (0xA0)

ENG = HAB_ENG_ANY (0x00)

--------- HAB Event 4 -----------------

event data:

        0xdb 0x00 0x14 0x42 0x33 0x0c 0xa0 0x00

                0x00 0x00 0x00 0x00 0x00 0x90 0x80 0x00

                        0x00 0x00 0x00 0x04

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_ASSERTION (0x0C)

CTX = HAB_CTX_ASSERT (0xA0)

ENG = HAB_ENG_ANY (0x00)

The SPL log file :

Image Type: Freescale IMX Boot Image

Image Ver: 2 (i.MX53/6/7 compatible)

Mode: DCD

Data Size: 65536 Bytes = 64.00 KiB = 0.06 MiB

Load Address: 00907420

Entry Point: 00908000

HAB Blocks: 0x00907400 0x00000000 0x0000dc00

DCD Blocks: 00910000 0000002c 00000004

 The SPL CSF part to add :

 [Authenticate Data]

 # Key slot index used to authenticate the image data

 Verification index = 2

 # Address Offset Length Data File Path

 Blocks = 0x00907400 0x00000000 0x0000dc00 "SPL"

[Unlock]

Engine = CAAM

Features = RNG

The uboot-ivt log file :

Image Name: U-Boot 2018.05-rc2 for gw_ventan

Created: Sun Oct 18 17:28:43 2020

Image Type: ARM U-Boot Firmware with HABv4 IVT (uncompressed)

Data Size: 708544 Bytes = 691.94 KiB = 0.68 MiB

Load Address: 17800000

Entry Point: 00000000

HAB Blocks: 0x177fffc0 0x0000 0x000ab020

The uboot-ivt CSF part to add : 

[Authenticate Data]

# Key slot index used to authenticate the image data

Verification index = 2

# Address Offset Length Data File Path

Blocks = 0x177fffc0 0x0000 0x000ab020 "u-boot-ivt.img"