CONFIG_HW_UNIQUE_KEY_LOAD does not work with CONFIG_DISABLE_FLASH_PATCH

I am using nRF Connect SDK 1.9.0 and the NRF52840.

When building samples/keys/hw_unique_key you get this warning:

----------------------------------------------------------
--- WARNING: To maintain the integrity of secure boot, ---
--- enable CONFIG_DISABLE_FLASH_PATCH in production. ---
----------------------------------------------------------

If you turn on CONFIG_DISABLE_FLASH_PATCH for b0, it breaks the sample and you can never boot. This is because CONFIG_HW_UNIQUE_KEY_LOAD only allows one boot for the application to load the HUK. CONFIG_DISABLE_FLASH_PATCH needs to reboot b0 when running the first time. This means we can never boot to the app.

So what is the best solution, should you use CONFIG_DISABLE_FLASH_PATCH in production and not use CONFIG_HW_UNIQUE_KEY_LOAD?

The sample works without CONFIG_HW_UNIQUE_KEY_LOAD, so what is the benefit of using CONFIG_HW_UNIQUE_KEY_LOAD?

Is there a fix that can be made to allow both CONFIG_DISABLE_FLASH_PATCH and CONFIG_HW_UNIQUE_KEY_LOAD?

0 user7377 over 4 years ago

Hi,

I do not immediately see why this combination should not work. Can you upload your modified example configuration which includes B0 etc so that I can test on my end?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 user91845 over 4 years ago in reply to user7377

Just add CONFIG_DISABLE_FLASH_PATCH=y to b0.conf. I tested with nRF52840 DVK.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 user7377 over 4 years ago in reply to user91845

Hi,

When I test with this change it works on my end, using both SDK 1.9.0 and 1.9.1. Have you made any other changes as well? Can you elaborate on how you test?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 user91845 over 4 years ago in reply to user7377
nrfjprog --deviceversion

NRF52840_xxAA_REV1

You need to ensure you start with a completely blank device or you will not see the issue:

nrfjprog -e
Erasing user available code and UICR flash areas.
Applying system reset.

This is the entire diff of the nrf folder:

diff --git a/samples/keys/hw_unique_key/child_image/b0.conf b/samples/keys/hw_unique_key/child_image/b0.conf index 180ca7ccc..0e3e38615 100644 --- a/samples/keys/hw_unique_key/child_image/b0.conf +++ b/samples/keys/hw_unique_key/child_image/b0.conf @@ -4,4 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +CONFIG_DISABLE_FLASH_PATCH=y CONFIG_HW_UNIQUE_KEY_LOAD=y

My build command, executed from the nrf folder:

west build -p -b nrf52840dk_nrf52840 -d build samples/keys/hw_unique_key

Flash the code:

west flash -d build

Output of the DVK on the serial console:

First boot, expecting app to write HUK.
Error: Hardware Unique Key not present.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 user7377 over 4 years ago in reply to user91845

Ah, you are right. No idea why I did not see this before. I am not able to answer this right now but I am checking with the team working on this and will get back to you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel