Windows HTP Library Loading Tutorial

Introduction

Starting with Snapdragon X Elite, in order to ensure that only authorized code can run on the Hexagon NPU, Windows requires a digital signature to be verified before the code will execute.

The HTP skel signature verification feature:

• Provides secure execution of trusted code on the HTP backend (Hexagon NPU)

• Digitally signs the HTP libraries

• Verifies signatures at library load time

• Only allows signed libraries with digital signature to be loaded on the HTP backend

HTP Skel Signature Verification Related Files

• libQnnHtpVXXSkel.so – Shared library that must be loaded in the HTP backend to execute the model.

• libqnnhtpvXX.cat – Windows security catalog file required to pass signature verification.

• libCalculator_skel.so – An HTP runtime library required by qnn-platform-validator

Usage Requirements

Note

* Do not modify any library (*skel.so) or catalog (*.cat) files. This will break signature verification and the library will not load.

Library and catalog files must be in the same folder or the library won’t load.

For Windows client applications using QNN with HTP runtime, the following files must stay in the same folder.

• libQnnHtpV73Skel.so

• libqnnhtpv73.cat

When running qnn-platform-validator.exe, the following files must stay in the same folder.

• libCalculator_skel.so

• libqnnhtpv73.cat

For Windows device drivers (camera, audio, etc.) that need to pass the Windows Hardware Compatibility Program (WHCP), do not include HTP Skel libraries.

• Instead, Windows device drivers use the Qualcomm HNRD backend interface which is pre-installed on Snapdragon X Series platforms.

• See the HNRD documentation for details.

Error Logs When the Signature Verification Fails

Qualcomm® AI Engine Direct SDK raises an error when it finds the shared library is unable to load.

The transportStatus: 9 error message appears when the HTP skel signature verification fails.

QnnDsp <E> DspTransport.openSession qnn_open failed, 0x80000406
QnnDsp <E> IDspTransport: Unable to load lib 0x80000406
QnnDsp <E> DspTransport failed,cannot open session, error 0x00000009
QnnDsp <E> Unable to load Skel Library. transportStatus: 9
QnnDsp <E> Failed to retrieve skel build id: err: 1008

Signed HTP libraries vs Signed Protection Domain

The term sign can refer to numerous concepts depending on its context.

• In the context of the HTP skel signature verification feature, signed means the Windows digitally-signed catalog file (.cat) serves as a digital signature for HTP library files.

• Within the NPU, there are unsigned and signed NPU PDs (Protection Domains), that control access to different services on the NPU. See the Hexagon SDK documentation for more details.

The digitally-signed catalog file and signed HTP libraries in the Qualcomm® AI Engine Direct SDK may be located in a folder named “unsigned”.

Note

Here the folder name unsigned refers to the PD and should not be confused with the Windows digital signature verification.