The signed bootloader images can be flashed like any other U-Boot image (see Re-program U-Boot in the eMMC), for example:
=> update uboot tftp u-boot-ccimx8xsbcpro-trusty-signed.imx
|Flashing a signed U-Boot does not enable any security features in the target. See 7. Secure the device to learn how to close your device to only boot signed bootloader images.|
Reset the device, and check the result of command
=> reset (...) => trustfence status * SRK fuses: [NOT PROGRAMMED] Key 0: [OK] Key 1: [OK] Key 2: [OK] Key 3: [OK] * Secure boot: [OPEN] * AHAB events: [ERRORS PRESENT!]
The output shows the device has security events.
Get more information about the AHAB events with command
=> ahab_status Lifecycle: 0x0020, NXP closed SECO Event = 0x0087FA00 CMD = AHAB_AUTH_CONTAINER_REQ (0x87) IND = AHAB_BAD_KEY_HASH_IND (0xFA) sc_seco_get_event: idx: 1, res:3
For the command field (
CMD), the expected value at this step is 0x87 (ID for
The indicator field (
IND) shows the code
AHAB_BAD_KEY_HASH_IND (0xFA) because the key hash verification does not match the current OTPs.
Once the OTP SRK hash fuses are programmed on the target OTPs, the AHAB events will no longer have errors.
See the NXP secure boot application notes for more information on event decoding.