The signed bootloader images can be flashed like any other U-Boot image (see Re-program U-Boot in the eMMC), for example:
=> update uboot tftp u-boot-ccimx8mmdvk-trusty-signed.imx
|Flashing a signed U-Boot does not enable any security features in the target. See 7. Secure the device to learn how to close your device to only boot signed bootloader images.|
Reset the device, and check that there are no secure events reported using the
=> reset (...) => trustfence status * SRK fuses: [NOT PROGRAMMED] Key 0: [OK] Key 1: [OK] Key 2: [OK] Key 3: [OK] * Secure boot: [OPEN] * Encrypted U-Boot: [NO] * HAB events: [NO ERRORS]
The output shows the device is in open configuration, the SRK e-fuses are not burned, no keys are revoked, and the current bootloader image is not encrypted.
In this case, no secure boot events are generated. This indicates the image should be able to boot the device when closed.
If secure boot events were present, you can get additional information with the
hab_status command to understand why the signature verification failed.
This is a U-Boot command that dumps extra debug information from the High Assurance Boot ROM.
See the NXP secure boot application notes for more information on event decoding.