New i.MX28 App Note Available

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New i.MX28 App Note Available

1,908 Views
sujataneidig
NXP Employee
NXP Employee

New app note available: Secure Boot with i.MX28 High Assurance Boot

http://cache.freescale.com/files/32bit/doc/app_note/AN4555.pdf?fpsp=1&WT_TYPE=Application Notes&WT_VENDOR=FREESCALE&WT_FILE_FORMAT=pdf&WT_ASSET=Documentation


Labels (1)
0 Kudos
6 Replies

1,088 Views
peb
Contributor II

There is a VM that was used in the class that has the tools used in the class, pre built binaries of some stuff that seems hard to build and has a U-boot that knows how to dump HAB errors so it has hab.h along with the code to implement the dump command.  Need to get your rep to get that for you.  Won't make life wonderful but will for sure accelerate things.  While the power point man not be current is very useful to cover the gaping holes in the documentation. 

0 Kudos

1,088 Views
matthiasV
Contributor I

Hello Paul,

it would be absolutely great if you could pass me that VM. Linker chances are gone in the app note, I already wondered about them.

Additionally I would like to ask if there certain is a way to sign non-bootlet and non-bootmanager but executables inside the linux system. this is mandatory for our university's task.

I will send you a private message with my email-address. Thank you very much!

Kind Regards,

Matthias
PS: Unfortunately sending you a message is not possible without you being my added friend here. My mail is matthias_dot_vierthaler_at_student_dot_tugraz_dot_at. If you could send me a link or give me further information there how to get that VM I would really appreciate that!

0 Kudos

1,088 Views
matthiasV
Contributor I

hello!

I am a student from Austria who is trying hard to get HAB on i.mx28 EVK [0] running.

I already have following documents

  • code signing documentation [1]
  • otp burning fuses howto [2]
  • Secure Boot with i.MX28 HAB v4, your mentioned document
  • presentation regarding security architecture by fareed mohammed and rod ziolkowski [3]

still what I need is the changed program code so I can fully understand the chances which need to be made and where they are. is there any demo project regarding hab4 on i.mx28 available?

Unfortunately I found no mail adress owned by one of the two gentlemen Mr Mohammed and Mr Ziolkowski. Maybe you can pass me their mail address because they are definitely using code files which were produced just for the presentation. on older version of their document said at least so [4], page 54.

I am also interested in sample files which were sucessfully tested on the evk mx28. If you know if such are available I would be glad to see them.

You would really help me if you could answer here or send me a private message.

Thank you very much,

Regards,

Matthias Vierthaler

[1] http://tinyurl.com/93n5l8x

[2] http://tinyurl.com/5ssphdl development tools / programmers

[3] http://tinyurl.com/9v85wyf

[4] http://tinyurl.com/9qrrqms , page 54

0 Kudos

1,088 Views
sujataneidig
NXP Employee
NXP Employee

Hi Matthias,

The presentation that you are referring to is outdated and should not be used anymore.  Between the BSP, the Code Signing Tool and the i.MX28 HAB App Note, you should have everything you need to for implementing secure boot.

Regards,

Sujata

0 Kudos

1,088 Views
matthiasV
Contributor I

Hello Sujata!

Thank you for your reply. Can you tell me where to find the hab.h - file mentioned on page 16 in your published app note?

Have a nice day,

Matthias

0 Kudos

1,088 Views
sujataneidig
NXP Employee
NXP Employee

Hi Matthias,

I checked with the engineer.  Here's the explanation.

The reference to hab.h is in the example code section that defines structure _hab_aut:.  The part of the sample code you are referring to is:

#include <hab.h> /* hab_ivt_t is defined in hab.h */

The comment for this is a suggestion to create a file named hab.h that defines hab_ivt_t as explained in Section 3.1.1

To make it clearer, the sample code and comment should say:

#include <hab.h> /* Include header that defines hab_ivt_t as explained in section 3.1.1 */

Hope this helps!

Regards,

Sujata

0 Kudos