`hw_unique_key` secure boot sample ignores CONFIG_HW_UNIQUE_KEY_LOAD overlay

Hi,

Could you provide your build command, full build log and your configuration files (prj.conf and b0.conf)?

Which NCS version do you use?

Best regards,
Dejan

Hey Dejan,

Didn't touch anything else from the original hw_unique_key sample code. Just added CONFIG_SECURE_BOOT=y to prj.conf and added a build configuration for both nrf5340dk_nrf5340_cpuapp and nrf5340dk_nrf5340_cpuapp_ns (they both exhibit the same behaviour: no CONFIG_HW_UNIQUE_KEY_LOAD gets added to b0/.config ). 

b0.conf was not touched. It's the same one you'll find in child_image/b0.conf, in the original sample code.

I'm on v2.6.1

Hope this helps,

V

Hey Dejan,

Didn't touch anything else from the original hw_unique_key sample code. Just added CONFIG_SECURE_BOOT=y to prj.conf and added a build configuration for both nrf5340dk_nrf5340_cpuapp and nrf5340dk_nrf5340_cpuapp_ns (they both exhibit the same behaviour: no CONFIG_HW_UNIQUE_KEY_LOAD gets added to b0/.config ). 

b0.conf was not touched. It's the same one you'll find in child_image/b0.conf, in the original sample code.

I'm on v2.6.1

Hope this helps,

V

Hi,

dejans said:

Could you provide your build command, full build log

Can you provide full build log?

Best regards,
Dejan

I think we might be experiencing some sort of language barrier, here. 

Steps to reproduce:

1. clone the the hw_unique_key sample (via vs code if it's faster)

2. add CONFIG_SECURE_BOOT=y to prj.conf

3. create a build configuration for nrf5340dk_nrf5340_cpuapp and use sdk-nrf v2.6.1 to build it

You'll have everything you need to trace this after you build it.

Expected outcome:

build/b0/zephyr/.config to contain CONFIG_HW_UNIQUE_KEY_LOAD=y

Actual outcome:

build/b0/zephyr/.config DOES NOT contain CONFIG_HW_UNIQUE_KEY_LOAD=y

Reason:

Do you still need the full build log?!?

Thank you for your time,

Take care.

Vic

Hi Vic,

3Nigma said:

Do you still need the full build log?!?

I am just trying to assist you in the best possible way. I thought that build log could provide the best possible additional information. 

3Nigma said:

Steps to reproduce:

I have reproduced the issue. We will look into it internally. I will get back to you hopefully by the end of this week, but please note that replies might get delayed due to the holiday season.

Best regards,
Dejan

Hi,

When using nrf5340, CONFIG_HW_UNIQUE_KEY_LOAD is not relevant due to existence of the Key Management Unit.

Best regards,
Dejan