Toradex Easy installer downloading failed on closed device (HAB)- Colibri-i.MX7

Technical Support
, ,
1

Hello ,
I am facing an issue with the toradex easy installer application . I am unable to use it in the recover mode in my module i.MX7 D colibri module , which is securely configured , meaning the board is setup with Secure boot .
The relevant fuses have been blown so that only signed u-boot image will be allowed to execute on it.
To test the secure boot functionality , I tried to load an unsigned image on to my device , the board did not boot up , which is a good sign .
BUt the board on the other hand is bricked .On reset nothing shows up on the console. I cannot also use the easy installer application to flash my signed image. In the recovery mode , the image is not loaded on to the board . I can see the following log :

Downloading Toradex Easy Installer...
[sudo] password for user: 
config file <./recovery//imx_usb.conf>
vid=0x15a2 pid=0x0054 file_name=mx6_usb_rom.conf
-> vid=0x1b67 pid=0x4fff file_name=mx6_usb_sdp_spl.conf
-> vid=0x1b67 pid=0x4000 file_name=mx6_usb_sdp_uboot.conf
vid=0x15a2 pid=0x0061 file_name=mx6_usb_rom.conf
-> vid=0x1b67 pid=0x4fff file_name=mx6_usb_sdp_spl.conf
-> vid=0x1b67 pid=0x4000 file_name=mx6_usb_sdp_uboot.conf
vid=0x15a2 pid=0x0076 file_name=mx7_usb_rom.conf
-> vid=0x1b67 pid=0x4000 file_name=mx7_usb_sdp_uboot.conf
vid=0x15a2 pid=0x0080 file_name=mx6ull_usb_rom.conf
-> vid=0x1b67 pid=0x4000 file_name=mx6ull_usb_sdp_uboot.conf
config file <./recovery//mx7_usb_rom.conf>
parse ./recovery//mx7_usb_rom.conf
Trying to open device vid=0x15a2 pid=0x0076
Interface 0 claimed
HAB security state: production mode (0x12343412)
== work item
filename u-boot.imx
load_size 0 bytes
load_addr 0x83f00000
dcd 1
clear_dcd 0
plug 0
jump_mode 2
jump_addr 0x00000000
== end work item
loading DCD table @0x910000

<<<-588, 1024 bytes>>>
succeeded (status 0x128a8a12)

loading binary file(u-boot.imx) to 877ff400, skip=0, fsize=55c00 type=aa

<<<351232, 351232 bytes>>>
succeeded (status 0x88888888)
jumping to 0x877ff400
j4 in err=0, last_trans=64  33 22 0a 00
config file <./recovery//mx7_usb_sdp_uboot.conf>
parse ./recovery//mx7_usb_sdp_uboot.conf
Trying to open device vid=0x1b67 pid=0x4000.........................
Could not open device vid=0x1b67 pid=0x4000

Downloading Toradex Easy Installer failed...

Any suggestions how to recover the board back . How can i use the easy installer application back on this board.

2

Greetings @Jayanth,

I’m only generally familiar with what needs to be done in order to make our Easy Installer compatible with a HAB locked module. I’ll provide some general steps below but I personally don’t have any exact hard instructions.

So you’ll need to make changes to your CSF file that you created and append onto u-boot binaries in order to “sign” them. More details about these changes can be found in Appendix F of NXP application note AN4581. This describes how to make a CSF compatible for the serial download protocol (SDP) that our Easy Installer tool uses.

After that you’ll need to build our U-Boot binary from source and append this new modified CSF onto it. When building our U-Boot for Easy Installer you’ll use the colibri_imx7_tezi_recovery_defconfig as your defconfig file.

Once the binary is built and you’ve appended the modified CSF you’ll need to replace the U-Boot binary that comes with Easy Installer with this new U-Boot so that gets loaded instead of our default one.

Then in theory it should “just work”, please note that I have not tried this personally myself so I can’t be too much more specific than this.

Best Regards,
Jeremias

3

Hi @jeremias.tx
Thanks for the suggestion. I am able to recover my module back and use toradex easy installer back on my device in closed configuration [ via HAB ].
The steps mentioned by you are clear and correct. I would like to share my results below.

Recovery Procedure on devices in closed config :

  1. Clone the U-boot source code .

  2. Enable the HAB feature by adding [CONFIG_SECURE_BOOT=y] in config file.

  3. Build it with colibri_imx7_tezi_recovery_defconfig as config file.

  4. Modify the CSF file as per the steps mentioned in the DOC AN4581 (F ) section , which states to remove DCD pointer , build the csf and add back DCD pointer and generate the signed binary.Steps are clear to be followed. Also same is even mentioned in this link with easy steps refer /folllow either of these “https://boundarydevices.com/high-assurance-boot-hab-dummies/”.

  5. Then replace this binary u-boot.imx in the root folder of Toradex easy installer.

  6. Bring the device into recovery mode , and then flash the software. The log is as below:

    ./recovery-linux.sh -d
    Downloading Toradex Easy Installer…
    [sudo] password for user:
    config file <./recovery//imx_usb.conf>
    vid=0x15a2 pid=0x0054 file_name=mx6_usb_rom.conf
    → vid=0x1b67 pid=0x4fff file_name=mx6_usb_sdp_spl.conf
    → vid=0x1b67 pid=0x4000 file_name=mx6_usb_sdp_uboot.conf
    vid=0x15a2 pid=0x0061 file_name=mx6_usb_rom.conf
    → vid=0x1b67 pid=0x4fff file_name=mx6_usb_sdp_spl.conf
    → vid=0x1b67 pid=0x4000 file_name=mx6_usb_sdp_uboot.conf
    vid=0x15a2 pid=0x0076 file_name=mx7_usb_rom.conf
    → vid=0x1b67 pid=0x4000 file_name=mx7_usb_sdp_uboot.conf
    vid=0x15a2 pid=0x0080 file_name=mx6ull_usb_rom.conf
    → vid=0x1b67 pid=0x4000 file_name=mx6ull_usb_sdp_uboot.conf
    config file <./recovery//mx7_usb_rom.conf>
    parse ./recovery//mx7_usb_rom.conf
    Trying to open device vid=0x15a2 pid=0x0076
    Interface 0 claimed
    HAB security state: production mode (0x12343412)
    == work item
    filename u-boot.imx
    load_size 0 bytes
    load_addr 0x83f00000
    dcd 1
    clear_dcd 0
    plug 0
    jump_mode 2
    jump_addr 0x00000000
    == end work item
    loading DCD table @0x910000

    <<<-588, 1024 bytes>>>
    succeeded (status 0x128a8a12)

    loading binary file(u-boot.imx) to 877ff400, skip=0, fsize=58d50 type=aa

    <<<363856, 364544 bytes>>>
    succeeded (status 0x88888888)
    jumping to 0x877ff400
    config file <./recovery//mx7_usb_sdp_uboot.conf>
    parse ./recovery//mx7_usb_sdp_uboot.conf
    Trying to open device vid=0x1b67 pid=0x4000
    Interface 0 claimed
    HAB security state: development mode (0x56787856)
    == work item
    filename tezi.itb
    load_size 0 bytes
    load_addr 0x82100000
    dcd 0
    clear_dcd 0
    plug 0
    jump_mode 0
    jump_addr 0x00000000
    == end work item
    load_addr=82100000

    loading binary file(tezi.itb) to 82100000, skip=0, fsize=1462718 type=0

    <<<21374744, 21374976 bytes>>>
    succeeded (status 0x88888888)
    HAB security state: development mode (0x56787856)
    == work item
    filename boot-sdp.scr
    load_size 0 bytes
    load_addr 0x82000000
    dcd 0
    clear_dcd 0
    plug 0
    jump_mode 1
    jump_addr 0x82000000
    == end work item
    load_addr=82000000

    loading binary file(boot-sdp.scr) to 82000000, skip=0, fsize=12c type=aa

    <<<300, 1024 bytes>>>
    succeeded (status 0x88888888)
    jumping to 0x82000000

    Successfully downloaded Toradex Easy
    Installer.

4

Perfect that it works. Thanks for the feedback.