Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using snagrecover to download IMX HABv4 image #51

Open
RoganDawes opened this issue Jan 7, 2025 · 4 comments
Open

Using snagrecover to download IMX HABv4 image #51

RoganDawes opened this issue Jan 7, 2025 · 4 comments

Comments

@RoganDawes
Copy link

RoganDawes commented Jan 7, 2025
edited
Loading

Hi,

I tried to use snagboot to download a HABv4 signed image to a HAB_CLOSED i.MX6UL, but was immediately told that the device was closed, and snagrecover refused to proceed. From imx_sdp.py:

        def check_hab(self):
                hab_status = self.dev.read(64, timeout=5)
                if hab_status[:4] != __class__.hab_codes["HAB_OPEN"]:
                        raise ValueError(f"Error: status HAB_CLOSED or unknown: 0x{hab_status.hex()} found on address ")
                return None

        def read32(self, addr: int) -> int:
                self.clear()
                self.cmd = __class__.command_codes["READ_REGISTER"]
                self.format = __class__.format_codes["FORMAT_32"]
                self.addr = addr
                self.data_count = 4
                packet = self.build_packet()
                logger.debug(f"Sending SDP packet {packet}")
                self.dev.write(packet)
                self.check_hab()
                value = self.dev.read(64, timeout=5)[:4]
                return int.from_bytes(value, "little")

Reading any register does a self.check_hab() call, which bails if the device is closed. This makes sending a signed image to a closed device impossible, even if the image could actually run.

Would it make more sense to check the image being downloaded first if it is signed/packaged appropriately, and then only bail on closed devices if the image is not signed? And possibly check the result of any HABv4 verifications after the download, before trying to execute the image?

P.S. I changed the exception message to print the hab_status as hex rather than bytes, because (0x12, 0x34, 0x34, 0x12) is confusingly printed as b'\x1244\x12'. Might be a useful change for others.
@RoganDawes
Copy link
Author

Reading AN4581_2018.pdf, section F.1, it appears to require/recommend that the DCD field be cleared during the download process, so that the signatures can be properly validated.

@RoganDawes
Copy link
Author

FWIW, this support would probably be relevant to the new snagfactory feature, assuming manufacturers are deploying HABv4 boards.

@rgantois
Copy link
Collaborator

Hello, thanks for the report!

This will take a bit of time to look into, I'll let you know when I've formed an opinion.

@RoganDawes
Copy link
Author

Thank you. It seems that there is no option to execute the HABv4 validation routines without actually executing the payload as well, so validating that it was successfully downloaded AND will execute successfully is probably not possible. I guess it would be like any other payload in that case. Just try it, and see if it works!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RoganDawes @rgantois