AnsweredAssumed Answered

HABv4 Signed U-Boot fails to run standalone from NAND Flash on a i.MX6 SoC

Question asked by Richard Milakovich on Nov 16, 2015
Latest reply on Nov 19, 2015 by Richard Milakovich

Hi Freescale Team,

 

I am running into a problem trying to execute a HABv4 Signed U-Boot Image standalone from NAND Flash on a Closed Configuration i.MX6 SoC.

I can load and run Signed U-Boot Images via the USB Serial Downloader on this Closed Configuration i.MX6 SoC.

 

I am using the "imx_usb_loader/imx_usb" tool to download images via the USB Serial Downloader.

I am using the "cst-2.3.1" Code Signing Tool to create the Super Root Keys and to sign the U-Boot Images.  The "cst" reports the following version.

Code Signing Tool release version BLN_CST_MAIN_02.03.00

 

Here are the fuse settings for the Closed Configuration i.MX6 SoC, dumped using U-Boot.

=> fuse read 0 0 8

Reading bank 0:

Word 0x00000000: 20220002 df668583 200b51d4 a6510081

Word 0x00000004: 00420702 00000280 00000012 00000000

 

=> fuse read 1 0 8

Reading bank 1:

Word 0x00000000: 00000000 00000040 00000033 00000000

Word 0x00000004: 00000000 00000000 5a451a5f 00000000

 

=> fuse read 2 0 8

Reading bank 2:

Word 0x00000000:mxc_ocotp fuse_read(): Access protect error

ERROR

 

=> fuse read 3 0 8

Reading bank 3:

Word 0x00000000: 943d1052 29e4cab4 b037569a d21bed29

Word 0x00000004: 2077e018 c002e52f 0205f92b 7894915b

 

=> fuse read 4 0 8

Reading bank 4:

Word 0x00000000: 00000000 00000000 00000000 00000000

Word 0x00000004: 00000000 00000000 00000000 00000000

 

=> fuse read 5 0 8

Reading bank 5:

Word 0x00000000: 00000000 00000000 00000000 00000000

Word 0x00000004: 00000000 00000000 00000000 00000000

 

After the i.MX6 fails to run the U-Boot from NAND Flash, I have been able to load a Signed U-Boot via the USB Serial Downloader and dump the HAB Events.

Here is the error I see when I run this U-Boot command.

=> hab_status

 

Secure boot enabled

 

HAB Configuration: 0xcc, HAB State: 0x99

 

--------- HAB Event 1 -----------------

event data:

0xdb 0x00 0x08 0x41 0x33 0x1e 0x0a 0x00

 

Here is the decoding for HAB Event 1.

Header Field:

0xdb        HAB_TAG_EVENT

0x00 0x08   Length = 8 bytes

0x41        HAB Version 4.1

SRCE (Status,Reason,Context,Engine) Field:

0x33     HAB_FAILURE             Operation failed

0x1e     HAB_INV_RETURN          Failed callback function

0x0a     HAB_CTX_AUTHENTICATE    Event logged in authenticate_image()

0x00     HAB_ENG_ANY

 

I can load the exact same Signed U-Boot Image into the NAND Flash for an Open Configuration i.MX6 SoC and the U-Boot Image runs standalone without any problems.

After the U-Boot starts running I see NO HAB Events when I run the hab_status U-Boot command.

 

Here are the decoded CSF Commands for the Signed U-Boot Image I am using.

This shows that the “Unlock of the CAAM RNG” is being done, even though I did not include this command in my CSF Script file.

d4 00 50 41

d4          CSF Tag

0050        Length = 80

41          HAB Verion = 4.1

be 00 0c 00 03 17 00 00 00 00 00 50

be          Install Key

000c        Length = 12

00          parameter

03          pcl = SRK

17          alg = SHA256

00          Verification Key Index = 0

00          Target Key Index = 0

00000050    Key Offset from CSF Start

be 00 0c 02 09 00 00 01 00 00 04 90

be          Install Key

000c        Length = 12

02          parameter

09          pcl = X509

00          alg = ANY

00          Verification Key Index = 0

01          Target Key Index = 1

00000490    Key Offset from CSF Start

ca 00 0c 00 01 c5 00 00 00 00 07 e4

ca          Authenticate Data

000c        Length = 12

00          flag

01          Verification Key Index = 1

c5          pcl = CMS

00          eng = ANY

00          eng cfg flags

000007e4    Authentication Data Offset from CSF Start

be 00 0c 00 09 00 00 02 00 00 09 e8

be          Install Key

000c        Length = 12

00          parameter

09          pcl = X509

00          alg = ANY

00          Verification Key Index = 0

02          Target Key Index = 2

000009e8    Key Offset from CSF Start

ca 00 14 00 02 c5 00 00 00 00 0d 3c   17 7f f4 00 00 07 8c 00

ca          Authenticate Data

0014        Length = 20

00          flag

02          Verification Key Index = 2

c5          pcl = CMS

00          eng = ANY

00          eng cfg flags

00000d3c    Authentication Data Offset from CSF Start

177ff400    Absolute Address of Data Block to be authenticated

00078c00    Size in bytes of Data Block to be authenticated

b2 00 08 1d 00 00 00 02

b2          Unlock

0008        Length = 8

1d          eng = CAAM

00000002    val = flg = 02 = Unlock RNG

d7 04 40 40    e1 01 0f 21    00 00 00 80    01 00 00 03

d7          Certificate Tag

0440        Length = 1088

40         

 

I have also been able to dump the DDR3 Memory where the NAND Flash U-Boot Image gets copied by the ROM Boot.  I compared the DDR3 Memory dumps for both the Closed Configuration i.MX6 SoC, that fails, and the Open Configuration i.MX6 SoC, that works.  The DDR3 Memory dumps are identical, this shows that all of the U-Boot Image got copied from NAND Flash to DDR3 Memory on the Closed Configuration i.MX6, it just didn't get executed.

 

Does the ROM Boot not allow copying and executing a Signed U-Boot Image from NAND Flash to DDR3 Memory on a Closed Configuration i.MX6 SoC?

 

Best Regards,

Richard Milakovich

Outcomes