AnsweredAssumed Answered

i.MX6UL Security States

Question asked by michalhojsik on Jan 9, 2018
Latest reply on Jan 10, 2018 by michalhojsik

Hi.

 

We are using CAAM of the i.MX6UL and I would like to ask the following questions:

 

1) What is the difference between Trusted and Secure state?

 

2) What is the purpose of Secure state (compared to the Trusted State)? If I understand it correctly, the device enters Trusted State after a secure boot. 

 

3) Why would there be a transition from the Trusted State to Secure State and by whom and when it is initiated? Figure 6-2. SNVS security state machine diagram of the i.MX6UL Security Reference manual (Rev. C, 09/2015) states that transitions between these two states are "Software-instantiated" without any clarification.

 

4) On Secure Boot in Closed Configuration, the i.MX6UL Security Reference manual (Rev. C, 09/2015) states:

 “All HAB functions are executed and security hardware is initialized (the Security Controller, or SNVS, enters Secure state) …”. Is this the Secure State or Trusted State?

Once booted – Linux kernel declares it is rather in the Trusted state and not the Secure state.

 

4) Figure 6-2. SNVS security state machine diagram of the i.MX6UL Security Reference manual (Rev. C, 09/2015) states that the device enters Non-secure state "Upon failure of any of various hardware and software security checks". What exactly is checked?

 

Regards

Michal

Outcomes