View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005780 | UBoot | U-Boot | public | 2023-03-21 12:59 | 2023-03-21 15:41 |
| Reporter | dippold | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Product Version | fsimx8mp-Y2022.12 | ||||
| Target Version | fsimx8mp-Y2023.03 | Fixed in Version | fsimx8mp-Y2023.03 | ||
| Summary | 0005780: Add functionality for Secure Boot on i.MX8MM Boards | ||||
| Description | Add functionality for Secure Boot on fsimx8mm Boards. It can beactivated by using the fsimx8mm_defconfig. It allows for detection for signed and unsigned N-Boot Images and the corresponding handling depending on the Secure Boot configuration (open/closed). The Images within the N-Boot are signed independently from each other, but all with the same key. The Reason for this decision is, that the whole N-Boot will never be in RAM during Boot. All the Images will be tested on the ATF loadaddress since it is on one Hand the laargest Area in OCRAM, and on the other Hand it is the last Image of the Firmware that is loaded. The N-Boot will be checked when "fsimage save" is run in U-Boot, this is a comdort function, meant to protect a user from installing an N-Boot that is not able to be verified on closed Board. The "fsimage save" command will also abort when a regular U-Boot without security features is installed, and a User tries to installed a signed Image. This can cause the System to break and can only be fixed by recovery. | ||||
| Forum Link | |||||
