I have an i.MX8MQ EVK with an extended secure boot all the way up to a custom uImage. Now I want to add a rollback prevention mechanism for our custom uImage. For this, I currently assume the proper location to be in u-boot after our uImage was authenticated. I assume that our rollback prevention mechanism will have to work against the SNVS Secure Monotonic Counter registers. My questions are now as follows:
- Where within u-boot is the proper place for this rollback prevention mechanism to be implemented?
- Does someone have some sample code on how to access the SNVS Secure Monotonic counter registers on an i.MX8MQ EVK?
Many thanks for your help.