21 Jun
2024
21 Jun
'24
4:17 p.m.
On 6/21/24 3:06 PM, Paul Geurts wrote:
The decision on whether HAB is enabled is solely based on the SEC_CONFIG fuse. The HAB FIELD_RETURN feature is able to permanently disable HAB on a CPU, after which it is able to boot unsigned firmware. U-Boot however does not take into account the FIELD_RETURN mode, and refuses to boot unsigned software when the feature is enabled.
Also take the FIELD_RETURN fuse into account when deciding whether HAB is enabled. When The FIELD_RETURN fuse is blown, HAB is not enabled.
Tested on i.MX8M Mini, i.MX8M Plus, i.MX8M Nano and i.MX6ULL
The purpose of the field return fuse is to unlock a system when it is returned to factory, right ?
Can the system be re-locked afterward too ?