Flashing custom imx-boot (SPL + U-Boot + OP-TEE) on Verdin iMX8M Plus eMMC

Technical Support
, , , ,
1

Hello,

In the context of my project, I’ve implemented U-Boot chaining to retrieve Mender environment variables in U-Boot. Now, I want to flash this U-Boot along with the U-Boot SPL directly onto the module to replace the preloaded U-Boot and U-Boot SPL on the Verdin iMX8M Plus board.

The goal is to integrate OP-TEE and ARM TrustZone to use a fTPM with the meta-tordex-security layer and thus secure my partition encryption key, which is currently stored in plain text. I have to flash the board because the necessary modifications are in the U-Boot SPL, which must be present in the boot ROM. Until now, I’ve been using the SD card to avoid modifying what’s preloaded on the module, but I’ve now reached a point where I must modify the SPL directly to integrate OP-TEE, BL31, etc.

Specifically, I have an imx-boot file that contains the U-Boot SPL and U-Boot proper, along with all the necessary binaries (OP-TEE, BL31, etc.). My question is: how do I flash this imx-boot onto a Verdin iMX8M Plus to replace the preloaded U-Boot and U-Boot SPL on the module’s eMMC?

I’d also like to know if it’s possible to do this simply with the uuu tool, without using Toradex’s Easy Installer, and if so:

  • what uuu command or script to use to flash my imx-boot file directly;
  • which connector/usage (USB OTG, specific USB connector on the Verdin iMX8MP development board, etc.) is recommended to put the module into recovery mode and perform this flash.

Thank you in advance for your help and advice.

Stan

2

Hi, I’m the Toradex AI Assistant.

I might make mistakes or occasionally get you wrong. Our support team will step in if needed.

Flashing Custom U-Boot with OP-TEE on Verdin iMX8M Plus

I can help you flash your custom imx-boot file containing U-Boot SPL, U-Boot proper, OP-TEE, and BL31 onto your Verdin iMX8M Plus module.

Recommended Approach: Toradex Easy Installer

The officially supported method is to use the Toradex Easy Installer to deploy your custom U-Boot binary(1). Here’s how:

1. Prepare Your Custom Image Package

Start from an existing Toradex prebuilt image and modify it to include your custom bootloader(1):

  1. Download a reference image for the Verdin iMX8M Plus from the Toradex software downloads page(1)
  2. Replace the bootloader binaries with your custom imx-boot file(1)
  3. Adjust the image.json file to ensure your bootloader binaries are loaded correctly(1)

For the Verdin iMX8M Plus, the image.json configuration should look like this(1):

"name": "mmcblk0boot0",
"erase": true,
"content": {
    "filesystem_type": "raw",
    "rawfiles": [
        {
            "filename": "u-boot.imx",
            "dd_options": "seek=2"
        }
    ]
}

Alternative: Using UUU Tool

While not officially supported for flashing to eMMC, you can use the uuu tool for development purposes(2). Here’s what’s involved:

UUU Script Approach

You can create a custom uuu script based on the Toradex Easy Installer’s approach(2). The process involves:

  1. Loading U-Boot to RAM first using the existing Easy Installer U-Boot
  2. Using fastboot commands to write to eMMC from within U-Boot(2)

A basic uuu.auto script structure would be(2):

uuu_version 1.4.127

SDPS: boot -f ../imx-boot
CFG: FB: -vid 0x0525 -pid 0x4000
CFG: FB: -vid 0x0525 -pid 0x4025
CFG: FB: -vid 0x0525 -pid 0x402F
CFG: FB: -vid 0x0525 -pid 0x4030
CFG: FB: -vid 0x0525 -pid 0x4031
CFG: FB: -vid 0x0525 -pid 0x4043
FB: ucmd setenv fastboot_buffer 0x82e00000
FB: download -f ../boot-tezi.scr
FB: ucmd setenv fastboot_buffer <imx-boot address>
FB: download -f <imx-boot>
FB: acmd source 0x82e00000
FB: done

Recovery Mode Connection

For recovery mode on the Verdin iMX8M Plus:

  • Use the USB OTG connector on your carrier board
  • The module needs to be put into recovery mode (specific procedure depends on your carrier board)
  • Connect to your host PC via USB

Important Considerations

Security Integration

For your OP-TEE and secure boot implementation, Toradex provides the meta-toradex-security layer which includes:

  • HAB (High Assurance Boot) support for bootloader signing
  • FIT image verification keys
  • OP-TEE integration with fTPM support
  • PKCS#11 cryptographic token standard

Config Block Protection

When manually flashing, be careful not to destroy the Toradex config block (512 bytes at the end of the first boot partition)(2). This contains important module identification and configuration data.

Build Process for Signed Bootloader

Since you’re working with OP-TEE and secure boot, consider using Toradex’s containerized build environment for signed bootloaders. This leverages the Yocto Project/OpenEmbedded with the meta-toradex-security layer to build properly signed bootloader images with OP-TEE integration.

The build process supports:

  • OP-TEE (Trusted Execution Environment)
  • fTPM (Firmware-based TPM)
  • PKCS#11 (Cryptographic token standard)
  • HAB signing for secure boot

Would you like me to provide more specific guidance on any of these approaches, or do you need help with the security layer configuration for your use case?

Best regards, Toradex AI Assistant.

Did you like my answer? :+1: :-1:

If I answered your question, please tick the “Solution” checkbox.

For follow-up questions to me, please use @ToradexAI in your post.

3

Do I have to use the meta-toradex-tezi layer in order to use Toradex Easy Installer,
or is it possible to do this manually by only using my imx-boot file and creating my own image.json**?

If the manual approach is possible:

  • what is the correct procedure to flash the image to the board (eMMC / SD) using Toradex Easy Installer?
  • and how can I make sure everything is written to the correct locations (proper offsets, without overwriting reserved areas)?
4

(1), (2)

Manual Toradex Easy Installer Approach

Yes, you can create a custom Toradex Easy Installer image manually without using the meta-toradex-tezi layer. You’ll need to create your own image.json configuration file and organize your files properly.

Required Files Structure

For a manual Toradex Easy Installer package, you need:

  1. Your custom imx-boot file
  2. A properly configured image.json file
  3. Any additional files referenced in the JSON

Correct image.json Configuration for Verdin iMX8M Plus

Based on the Toradex Easy Installer format, your image.json should include the eMMC boot partition configuration. The compression algorithm used by default is LZMA (indicated by .tar.xz extension) (1).

For the Verdin iMX8M Plus with eMMC, the critical configuration involves:

  • Main eMMC device: emmc
  • Boot partition: emmc-boot0
  • Proper offset for bootloader: seek=2 (standard for i.MX8M Plus)

Flashing Procedure

  1. Prepare your directory structure:

    your-custom-image/
├── image.json
├── imx-boot (your custom bootloader)
└── (any other required files)

  2. Create the image.json with proper partition layout for eMMC boot partition

  3. Flash using Toradex Easy Installer:

    • Boot the module with Toradex Easy Installer (from SD card or recovery mode)
    • Provide the image via network, USB, or local storage (1)

Critical Offset and Location Considerations

For the Verdin iMX8M Plus:

  • Bootloader location: eMMC boot partition (emmc-boot0)
  • Standard offset: seek=2 (2 x 512-byte blocks = 1024 bytes offset)
  • Erase boot partition: Set "erase": true to clear existing bootloader
  • Config block protection: The Toradex config block is typically in the last 512 bytes of the boot partition

Network-based Installation

You can serve your custom image via HTTP. The Easy Installer can connect to download the image list and install from a local webserver (1). Make sure you configure your network properly:

dhcp-range=192.168.10.50,192.168.10.150,12h # Use different IPs if needed  
address=/tezi.toradex.com/192.168.10.1 # Use IP address of your network interface

Set your host IP to match the configured address and ensure no other DHCP or DNS server conflicts (1).

Important Considerations

Compression Impact: If you modify the compression algorithm from the default LZMA, test the impact on flashing time, as the rootfs uncompressing step can significantly affect the procedure duration (1).

Testing Approach: Since you’re working with custom bootloader modifications for OP-TEE integration, consider testing on a development setup first to ensure your offsets and configurations are correct before flashing production modules.

Would you like me to provide more specific details about the image.json structure for your particular use case, or help with the network setup for serving your custom image?

Best regards, Toradex AI Assistant.

Did you like my answer? :+1: :-1:

If I answered your question, please tick the “Solution” checkbox.

For follow-up questions to me, please use @ToradexAI in your post.