FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Verify signed images from Linux user space

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Verify signed images from Linux user space

Jump to solution
‎12-06-2017 10:25 AM
1,238 Views
michalhojsik
Contributor II

Hi.

I am using the authenticated boot feature of i.MX6ul and I would like to ask:

How can I verify a signed image (for example signed Kernel with device tree) from Linux user-space?

While doing a firmware upgrade, I would like to verify that the new firmware will successfully boot before flashing it to the memory the device boots from.

Regards,

Michal

Labels (2)
Labels
Reply
1 Solution

Jump to solution
‎12-06-2017 08:19 PM
1,015 Views
Yuri
NXP Employee
NXP Employee

Hello,

 Generally,  HAB API library is included as a component of the boot ROM. It allows

image code, external to the ROM, to make calls back to the HAB for authenticating

additional boot stages.  But we do not have Linux user space implementation of the

HAB API. Customers can try to design own one. 

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
3 Replies

Jump to solution
‎12-08-2017 04:36 AM
1,015 Views
jdepedro
Contributor IV

@Yuri However HAB API requires the image to be validated to be at a expecific absolute memory location (as described in the CST) correct? This is something that is not always possible when running Linux SO.

Is there a way to workaround that requirement?

0 Kudos
Reply

Jump to solution
‎12-11-2017 01:41 AM
1,015 Views
Yuri
NXP Employee
NXP Employee

Hello,

  Correct, using HAB API under Linux may have some restrictions. We do not have 

solutions for Linux user space. 

Regards,

Yuri.

Reply

Jump to solution
‎12-06-2017 08:19 PM
1,016 Views
Yuri
NXP Employee
NXP Employee

Hello,

 Generally,  HAB API library is included as a component of the boot ROM. It allows

image code, external to the ROM, to make calls back to the HAB for authenticating

additional boot stages.  But we do not have Linux user space implementation of the

HAB API. Customers can try to design own one. 

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply