AnsweredAssumed Answered

RPMB Key Blob Boot1 storage

Question asked by Li Zhongyue on May 8, 2019
Latest reply on May 8, 2019 by Li Zhongyue

Dear NXP engineer,

 

I am trying to set RPMB key blob into boot1 keyslot partition,

and when i tried to set RPMB key blob into boot1 keyslot partition for second time, 

there is no any error prompt, however i read the key blob from keyslot parttion again,

the key blob is pervious one, it is not changed.

May i know if the boot1 keyslot partition is only able to set one time?

the boot1 keyslot partition cannot be flashed again?

 

i see there is some guide in document "i.MX_Android_Security_User_Guide.pdf"

In the default condition, this key blob is saved in the 16383rd block of BOOT1 partition in eMMC for i.MX8QuadMax and i.MX 8QuadXPlus.

The key blob is in the last block in BOOT1 partition. To prevent key blob from being tampered when the system is running, BOO1 partition is set with power-on write protection when the board boots up.

#define KEYSLOT_HWPARTITION_ID 2
#define KEYSLOT_BLKS 0x3FFF

Outcomes