In Tordex Embedded Linux BSP 3.0 yocto , I have enabled Secure Boot with HABV4 for Colibri iMX6ULL 512MB IT. BSP3.0 contains the u-boot Git branch as “toradex_2019.07” and Colibri-imx6ull_defconfig Hs added the following configuration to enable secure boot.
CONFIG_SECURE_BOOT=y
CONFIG_SYS_FSL_HAS_SEC=y
CONFIG_SYS_FSL_SEC_COMPAT=4
With the code signing tool created CSF file and CSF binary signature using the below commands.
$ ./cst -i csf-uboot-4096 -o try.bin
$ cat u-boot-nand.imx try.bin > u-boot-signed.imx
Toradex easy installer tool is used to flash the signed u-boot images. After flashing there are no print/debug messages in the serial console.
Please provide the necessary steps to enable secure boot for Toradex BSP3.0 with yocto project.
In case of bootloader not working one need to reflash module using Toradex easy installer.
Also let us know if while secure booting you have closed the device or it is still open. In case of device close and non working uboot, it’s more likely will not work with reflashing also as module will expect signed firmware to boot.
Regarding steps for using HAB I am afraid as of now we do not have step by step guide, NXP guide is what you need to refer. Additionally please check below post for solution and info regarding HAB on iMX6ULL