How to verify if secure boot is enabled on my imx6 SOC?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to verify if secure boot is enabled on my imx6 SOC?

999 Views
swapnilpendhare
Contributor III

Hi,

I am using yocto daisy project (linux kernel 3.10.17) on wandboard-quad.
I followed all the steps mentioned in required for setting secure boot mentioned in following documents.  including burning SRK keys and  secure_enable (HW_OCOTP_CFG5) register from Linux.

  1. AN4581_HAB_Application_Note.pdf - Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4 Application Note
  2. i.MX_6_Linux_High_Assurance_Boot_(HAB)_User's_Guide.pdf - i.MX 6 Linux High Assurance Boot (HAB) User's Guide

With setup I confirmed that uboot with valid signing information can boot. and the status of hab_status command shows success. with hab_config as 0xcc.

But in Linux the default sm_test driver is still using public key for encryption and decryption.

Is there any way I can verify that I am having secure boot system and the key used for encryption is now hardware key and not public key??

Thanks

Swapnil

0 Kudos
1 Reply

660 Views
igorpadykov
NXP Employee
NXP Employee

Hi Swapnil

secure boot is defined by fuses, if blown, boot process is secure

1.jpg

Best regards

igor

-----------------------------------------------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct Answer button. Thank you!

-----------------------------------------------------------------------------------------------------------------------

0 Kudos