search

Crypto D100 Betriebsanweisung Seite 11

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 31
  • Inhaltsverzeichnis
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 10
Secure Boot with i.MX28 HAB Version 4, Rev. 1
Freescale Semiconductor 11
Designing for code signing
3.1.4 Image layout
When performing a secure boot on an i.MX28 processor, the image must contain a correctly formatted
image vector table (IVT) with a valid header and pointers.
The loader inside ROM first loads the image from boot media. The image data is then passed through the
DCP (Data Co-Processor) where it will be decrypted (if it is an encrypted image) and placed at the
destination address.
As mentioned earlier in Section 2.2 the bootable section of the SB file consists of a sequence of boot
commands. Typically it consists of number of LOAD commands followed by HAB CALL commands to
execute bootlets and then finally a HAB JUMP command. The HAB CALL and HAB JUMP commands
require an address where an IVT was loaded.
At this stage, the rest of the boot process diverges depending on the security configuration:
non-secure/open or secure/closed which is determined by the SEC_CONFIG fuse field.
3.1.5 Nonsecure boot—image layout
When performing a non-secure boot with the SEC_CONFIG fuse field set to Open, it is not necessary to
provide the CSF data as part of the image. When no CSF is present, the CSF field of the IVT should be set
to NULL. Regardless of whether a valid CSF present or not, HAB will attempt to authenticate the image
performing the same steps as it would do for a secure boot in closed configuration. If authentication fails
then HAB will log events that can be later used for debugging purpose and continue execution of the
normal boot flow. Eventually ROM code will jump to the image pointed by *entry.
Note that when SEC_CONFIG fuse field is set to Open, all HAB failures are considered to be non- fatal
and the boot process is allowed to continue. The Open configuration should also be used for development
purposes of secure products where CSFs and other data components for secure boot can be debugged. The
Open configuration is the end configuration for non-secure products.
Figure 4. Typical memory layout of an unsigned image
Seitenansicht 10
1 2 ... 6 7 8 9 10 11 12 13 14 15 16 ... 30 31

Kommentare zu diesen Handbüchern

Keine Kommentare
  • Respironics Simple Tread Crossport Systems Tuncmatik Lenoxx-electronics
  • Old Town Canoe Co. Nein Chauvet Nein Tripp Lite VGA-Kabel Hitachi Nein Danby Luftentfeuchter
  • Panasonic EY7440LN2S Pioneer DEH-P4500R Aastra Dialog 4225 Vision Dell Inspiron 1150
  • Drive Medical Geo Bedienungshandbuch Gpx D1816SIL Bedienungsanleitung Sony VPCEE25FX/BI Datenblatt Yamaha RM1x Bedienungshandbuch Rotel RCD-06 SE Bedienungshandbuch