帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Verify signed images from Linux user space

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

Verify signed images from Linux user space

跳至解决方案
‎12-06-2017 10:25 AM
1,302 次查看
michalhojsik
Contributor II

Hi.

I am using the authenticated boot feature of i.MX6ul and I would like to ask:

How can I verify a signed image (for example signed Kernel with device tree) from Linux user-space?

While doing a firmware upgrade, I would like to verify that the new firmware will successfully boot before flashing it to the memory the device boots from.

Regards,

Michal

标签 (2)
标签
回复
1 解答

跳至解决方案
‎12-06-2017 08:19 PM
1,079 次查看
Yuri
NXP Employee
NXP Employee

Hello,

 Generally,  HAB API library is included as a component of the boot ROM. It allows

image code, external to the ROM, to make calls back to the HAB for authenticating

additional boot stages.  But we do not have Linux user space implementation of the

HAB API. Customers can try to design own one. 

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

在原帖中查看解决方案

0 项奖励
回复
3 回复数

跳至解决方案
‎12-08-2017 04:36 AM
1,079 次查看
jdepedro
Contributor IV

@Yuri However HAB API requires the image to be validated to be at a expecific absolute memory location (as described in the CST) correct? This is something that is not always possible when running Linux SO.

Is there a way to workaround that requirement?

0 项奖励
回复

跳至解决方案
‎12-11-2017 01:41 AM
1,079 次查看
Yuri
NXP Employee
NXP Employee

Hello,

  Correct, using HAB API under Linux may have some restrictions. We do not have 

solutions for Linux user space. 

Regards,

Yuri.

回复

跳至解决方案
‎12-06-2017 08:19 PM
1,080 次查看
Yuri
NXP Employee
NXP Employee

Hello,

 Generally,  HAB API library is included as a component of the boot ROM. It allows

image code, external to the ROM, to make calls back to the HAB for authenticating

additional boot stages.  But we do not have Linux user space implementation of the

HAB API. Customers can try to design own one. 

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 项奖励
回复