AnsweredAssumed Answered

HAB secure serial boot on mx6

Question asked by Martin Meuli on May 14, 2013
Latest reply on Mar 21, 2014 by toren yan



I am working on HAB secure boot. We can boot secure from NAND and MMC using boards in open and closed configuration.

However I have not managed to boot via freescale manufacturing tools without HAB events.


If we boot a 'normal' singed u-boot.bin via MFG tool, we get ~5 HAB events.

If we use the scripts from AN4581 6.2, I still get one single HAB event.

--------- HAB Event 1 -----------------

event data:

  0xdb 0x00 0x14 0x41 0x33 0x0c 0xa0 0x00

  0x00 0x00 0x00 0x00 0x00 0x91 0x00 0x00

  0x00 0x00 0x02 0x88

  STS: 0x33 RSN: 0x0c CTX: 0xa0 ENG: 0x00


Does anyone have experience with secure serial boot?


What irritates me, is that we had to remove the coma / logical line break from the sample cst code in AN4581. The sample in AN 4581 generates a syntax error.


[Authenticate Data]

Verification index = 2

Blocks = 0x10800400 0x400 0x2BC00 "u-boot-pad.bin", \

Blocks = 0x00910000 0x430 0x2E0 "u-boot-pad.bin"


How do I get rid of that HAB event?