I noticed that while signing u-boot.imx image for UUU tool to load into memory, we need to clear the DCD pointer for some type of chips (e.g., i.MX6Dual/Quad and i.MX6Sololite). However, while the signed image on flash and boot from flash, the DCD pointer should not be cleared while generating the CSF binary.
Currently my signed u-boot.imx works if I use UUU tool to load into memory to boot. However, if I store it on flash, always got a signature verification failure, no matter whether the DCD pointer is cleared or not while generating the signature. Is there anything else I need to do while generating the signed image for flash besides not to clear the DCD pointer? Here're some logs:
U-Boot 2018.03-00015-g8831283426-dirty (Jan 27 2020 - 14:36:33 -0800)
CPU: Freescale i.MX6QP rev1.0 at 792MHz
CPU: Industrial temperature grade (-40C to 105C) at 38C
Reset cause: POR
Model: ChargePoint i.MX6QP CPNK Board
I2C: ready
DRAM: 3.8 GiB
board_init >>>>>>>>
set_gpios_input >>>>>>>>
set_gpios >>>>>>>>
set_gpios >>>>>>>>
power_init_board >>>>>>>>
PMIC: PFUZE100 ID=0x10
MMC:
Loading Environment from MMC... MMC Device 1 not found
*** Warning - No MMC card found, using default environment
Failed (-5)
auto-detected panel HDMI
Display: HDMI (1024x768)
In: serial
Out: serial
Err: serial
Boot from USB for mfgtools
Use default environment for mfgtools
Run bootcmd_mfg: run mfgtool_args; echo "Run fastboot ..."; fastboot 0;
Hit any key to stop autoboot: 0
Run fastboot ...
Unknown command 'fastboot' - try 'help'
=> hab_status
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
No HAB Events Found!
Loading Environment from MMC... MMC Device 1 not found
*** Warning - No MMC card found, using default environment
Failed (-5)
auto-detected panel HDMI
Display: HDMI (1024x768)
In: serial
Out: serial
Err: serial
Normal Boot
Hit any key to stop autoboot: 0
=> hab_status
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
--------- HAB Event 1 -----------------
event data:
0xdb 0x00 0x24 0x41 0x33 0x18 0xc0 0x00
0xca 0x00 0x1c 0x00 0x02 0xc5 0x1d 0x00
0x00 0x00 0x18 0x04 0x17 0x7f 0xf4 0x00
0x00 0x08 0x3c 0x00 0x00 0x91 0x00 0x00
0x00 0x00 0x03 0x00
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_SIGNATURE (0x18)
CTX = HAB_CTX_COMMAND (0xC0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 2 -----------------
event data:
0xdb 0x00 0x14 0x41 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x17 0x7f 0xf4 0x00
0x00 0x00 0x00 0x20
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 3 -----------------
event data:
0xdb 0x00 0x14 0x41 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x17 0x7f 0xf4 0x2c
0x00 0x00 0x03 0x00
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 4 -----------------
event data:
0xdb 0x00 0x14 0x41 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x17 0x7f 0xf4 0x20
0x00 0x00 0x00 0x01
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 5 -----------------
event data:
0xdb 0x00 0x14 0x41 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x17 0x80 0x00 0x00
0x00 0x00 0x00 0x04
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
The solution was to remove the command to sign the DCD table (in csf file, 0x00910000 0x2C 0x1C4 “u-boot-dtb.imx”). Because the DCD pointer is not cleared by ROM, removing the command to sign the DCD table avoids re-signing the DCD when booting from flash.
Summary:
1. When signing image for UUU loading, the DCD pointer in u-boot-dtb.imx needs to be cleared to generate the CSF binary data, but when appending the CSF binary, it needs to append to the original u-boot-dtb.imx WITHOUT clearing the DCD pointer.
2. When signing image for flash booting, no need to clear the DCD pointer in the u-boot-dtb.imx, but in the CSF text file, DO NOT sign the block of DCD data.
Hello,
I've sent You directly some comments.
Have a great day,
Yuri
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
Hi Yuri,
Thanks for the information. I read through the file "Mx6 HAB (High Assurance Boot)_NXP Community.pdf" and I am following the instructions from step 1 to step 6.4 except:
Step 1: Using CST 3.2.0 instead of 2.0.0;
Step 3: Using modified U-Boot source code based on IMX u-boot 4.14.78.1.0.0.GA release, so I am not able to patch 0001-enable-hab-on-uboot-2009.08.patch, and the size of u-boot.bin is different.
Step 6.1: I cannot find the section 6.2 in AN4581 (Rev. 1 10/2015, Rev. 2 05/2018 and Rev. 3 10/2019). Which version of AN4581 it refers to?
In step 6.4, the signed imx image can be loaded into memory successfully and hab_status shows no HAB_Event.
However, in step 6.5, an error happens:
$ ./cst_sign u-boot.bin
ivt_self: e30043ff
ivt_csf: e01441a1
dcd_len: b58a
uboot ivt is not correct
Not sure why this error is caused. However, I looked into the cst_sign scripts and it seems it’s same as what is decribed in step 6.3 but make the length handling generic for any length.
However, this document didn’t mention anything different between signing a u-boot.imx to be stored on flash and signing a u-boot.imx to be loaded into memory via UUU tool. SO my question is:
Is there any difference between signing a u-boot.imx for flash and for UUU download?
If yes, what’s the difference? If not, why the same signed u-boot.imx image works while downloaded via UUU tool but not working if stored on flash and boot from flash?
Let me know if anything I didn’t state clearly. Thanks!
Jiang
Hello,
generally there are several U-boot configurations, depending on boot device.
For example, look at Table 3 (U-Boot configuration) of "i.MX_Yocto_Project_User's_Guide.pdf".
https://www.nxp.com/webapp/Download?colCode=L4.19.35_1.1.0_LINUX_DOCS
Regards,
Yuri.
Hi Yuri,
I took a look at the Table 3 but I am not sure if this applies the u-boot code I am using (imx_v2018.03_ 4.14.98_2.0.0_ga). I did a search and couldn’t find the file local.conf. Also I didn’t find UBOOT_CONFIG. Only found CONFIG_ENV_VARS_UBOOT_CONFIG, which seems not the same. However, could you please tell me why the UBOOT_CONFIG matters and how it impacts the HAB verification? Maybe I can try to find where I should change in my code.
Thanks!
Jiang
Hello,
it is needed to build U-boot just for the assumed boot device.
https://www.nxp.com/webapp/Download?colCode=imx-yocto-L4.14.98_2.0.0_ga
Regards,
Yuri.
Hello Yuri,
I don’t find the configuration you mentioned. Also, the same u-boot build can boot up to the u-boot prompt either it’s from being loaded via UUU tool or it’s booting from flash, except the hab_status command tells the signature verification failed while booting from flash. However booting from UUU tool seems OK. BTW, the board is fused with the SRK value but not enforce the HAB yet.