FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX6UL Security States

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

i.MX6UL Security States

‎01-09-2018 02:39 AM
865 Views
michalhojsik
Contributor II

Hi.

We are using CAAM of the i.MX6UL and I would like to ask the following questions:

1) What is the difference between Trusted and Secure state?

2) What is the purpose of Secure state (compared to the Trusted State)? If I understand it correctly, the device enters Trusted State after a secure boot. 

3) Why would there be a transition from the Trusted State to Secure State and by whom and when it is initiated? Figure 6-2. SNVS security state machine diagram of the i.MX6UL Security Reference manual (Rev. C, 09/2015) states that transitions between these two states are "Software-instantiated" without any clarification.

 

4) On Secure Boot in Closed Configuration, the i.MX6UL Security Reference manual (Rev. C, 09/2015) states:

 “All HAB functions are executed and security hardware is initialized (the Security Controller, or SNVS, enters Secure state) …”. Is this the Secure State or Trusted State?

Once booted – Linux kernel declares it is rather in the Trusted state and not the Secure state.

4) Figure 6-2. SNVS security state machine diagram of the i.MX6UL Security Reference manual (Rev. C, 09/2015) states that the device enters Non-secure state "Upon failure of any of various hardware and software security checks". What exactly is checked?

Regards

Michal

Labels (1)
Labels
Tags (2)
0 Kudos
Reply
2 Replies

‎01-09-2018 04:03 PM
679 Views
igorpadykov
NXP Employee
NXP Employee

Hi Michal

1. please check

Trusted system - Wikipedia 

2.3. for arm architecture one can look at

TrustZone – Arm Developer 
ARM Information Center 

Right, linux kernel declares it is rather as Trusted state, secure is more narrow meaning

for processor.

4. please look on AN4581 Secure Boot

https://www.nxp.com/docs/en/application-note/AN4581.pdf 

Best regards
igor
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply

‎01-10-2018 02:25 AM
679 Views
michalhojsik
Contributor II

Hi Igor.

All my questions are related to the security states as used in the i.MX6UL Security Reference manual. These are neither defined in Wikipedia, nor on the ARM web pages.

The document AN4581 does not contain much information on the security states and transitions between them. Again, I am referring to the section "Security Monitor security states" of the i.MX6UL Security Reference Manual.

Regards,

Michal

0 Kudos
Reply