Eric Lee / smarc-uboot

Blame view

doc/README.ti-secure 9.67 KB
edit raw normal view history
d41ce506b   Eric Lee   Initial Release, ... 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
 
  README on how boot images are created for secure TI devices
  
  CONFIG_TI_SECURE_DEVICE:
  Secure TI devices require a boot image that is authenticated by ROM
  code to function. Without this, even JTAG remains locked and the
  device is essentially useless. In order to create a valid boot image for
  a secure device from TI, the initial public software image must be signed
  and combined with various headers, certificates, and other binary images.
  
  Information on the details on the complete boot image format can be obtained
  from Texas Instruments. The tools used to generate boot images for secure
  devices are part of a secure development package (SECDEV) that can be
  downloaded from:
  
  	http://www.ti.com/mysecuresoftware (login required)
  
  The secure development package is access controlled due to NDA and export
  control restrictions. Access must be requested and granted by TI before the
  package is viewable and downloadable. Contact TI, either online or by way
  of a local TI representative, to request access.
  
  Booting of U-Boot SPL
  =====================
  
  	When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process
  	requires the presence and use of these tools in order to create a
  	viable boot image. The build process will look for the environment
  	variable TI_SECURE_DEV_PKG, which should be the path of the installed
  	SECDEV package. If the TI_SECURE_DEV_PKG variable is not defined or
  	if it is defined but doesn't point to a valid SECDEV package, a
  	warning is issued during the build to indicate that a final secure
  	bootable image was not created.
  
  	Within the SECDEV package exists an image creation script:
  
  	${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh
  
  	This is called as part of the SPL/u-boot build process. As the secure
  	boot image formats and requirements differ between secure SOC from TI,
  	the purpose of this script is to abstract these details as much as
  	possible.
  
  	The script is basically the only required interface to the TI SECDEV
  	package for creating a bootable SPL image for secure TI devices.
  
  	Invoking the script for AM33xx Secure Devices
  	=============================================
  
  	create-boot-image.sh \
  		<IMAGE_FLAG> <INPUT_FILE> <OUTPUT_FILE> <SPL_LOAD_ADDR>
  
  	<IMAGE_FLAG> is a value that specifies the type of the image to
  	generate OR the action the image generation tool will take. Valid
  	values are:
  		SPI_X-LOADER - Generates an image for SPI flash (byte swapped)
  		X-LOADER - Generates an image for non-XIP flash
  		MLO - Generates an image for SD/MMC/eMMC media
  		2ND - Generates an image for USB, UART and Ethernet
  		XIP_X-LOADER - Generates a single stage u-boot for NOR/QSPI XiP
  
  	<INPUT_FILE> is the full path and filename of the public world boot
  	loaderbinary file (depending on the boot media, this is usually
  	either u-boot-spl.bin or u-boot.bin).
  
  	<OUTPUT_FILE> is the full path and filename of the final secure
  	image. The output binary images should be used in place of the standard
  	non-secure binary images (see the platform-specific user's guides and
  	releases notes for how the non-secure images are typically used)
  	u-boot-spl_HS_SPI_X-LOADER - byte swapped boot image for SPI flash
  	u-boot-spl_HS_X-LOADER - boot image for NAND or SD/MMC/eMMC rawmode
  	u-boot-spl_HS_MLO - boot image for SD/MMC/eMMC media
  	u-boot-spl_HS_2ND - boot image for USB, UART and Ethernet
  	u-boot_HS_XIP_X-LOADER - boot image for NOR or QSPI Xip flash
  
  	<SPL_LOAD_ADDR> is the address at which SOC ROM should load the
  	<INPUT_FILE>
  
  	Invoking the script for AM43xx Secure Devices
  	=============================================
  
  	create-boot-image.sh \
  		<IMAGE_FLAG> <INPUT_FILE> <OUTPUT_FILE> <SPL_LOAD_ADDR>
  
  	<IMAGE_FLAG> is a value that specifies the type of the image to
  	generate OR the action the image generation tool will take. Valid
  	values are:
  		SPI_X-LOADER - Generates an image for SPI flash (byte
  			swapped)
  		XIP_X-LOADER - Generates a single stage u-boot for
  			NOR/QSPI XiP
  		ISSW - Generates an image for all other boot modes
  
  	<INPUT_FILE> is the full path and filename of the public world boot
  	loaderbinary file (depending on the boot media, this is usually
  	either u-boot-spl.bin or u-boot.bin).
  
  	<OUTPUT_FILE> is the full path and filename of the final secure
  	image. The output binary images should be used in place of the standard
  	non-secure binary images (see the platform-specific user's guides and
  	releases notes for how the non-secure images are typically used)
  	u-boot-spl_HS_SPI_X-LOADER - byte swapped boot image for SPI flash
  	u-boot_HS_XIP_X-LOADER - boot image for NOR or QSPI flash
  	u-boot-spl_HS_ISSW - boot image for all other boot media
  
  	<SPL_LOAD_ADDR> is the address at which SOC ROM should load the
  	<INPUT_FILE>
  
  	Invoking the script for DRA7xx/AM57xx Secure Devices
  	====================================================
  
  	create-boot-image.sh <IMAGE_TYPE> <INPUT_FILE> <OUTPUT_FILE>
  
  	<IMAGE_TYPE> is a value that specifies the type of the image to
  	generate OR the action the image generation tool will take. Valid
  	values are:
  		X-LOADER - Generates an image for NOR or QSPI boot modes
  		MLO - Generates an image for SD/MMC/eMMC boot modes
  		ULO - Generates an image for USB/UART peripheral boot modes
  		Note: ULO is not yet used by the u-boot build process
  
  	<INPUT_FILE> is the full path and filename of the public world boot
  	loader binary file (for this platform, this is always u-boot-spl.bin).
  
  	<OUTPUT_FILE> is the full path and filename of the final secure image.
  	The output binary images should be used in place of the standard
  	non-secure binary images (see the platform-specific user's guides
  	and releases notes for how the non-secure images are typically used)
  	u-boot-spl_HS_MLO - boot image for SD/MMC/eMMC. This image is
  		copied to a file named MLO, which is the name that
  		the device ROM bootloader requires for loading from
  		the FAT partition of an SD card (same as on
  		non-secure devices)
  	u-boot-spl_HS_X-LOADER - boot image for all other flash memories
  		including QSPI and NOR flash
  
  	Invoking the script for Keystone2 Secure Devices
  	=============================================
  
  	create-boot-image.sh \
  		<UNUSED> <INPUT_FILE> <OUTPUT_FILE> <UNUSED>
  
  	<UNUSED> is currently ignored and reserved for future use.
  
  	<INPUT_FILE> is the full path and filename of the public world boot
  	loader binary file (only u-boot.bin is currently supported on
  	Keystone2 devices, u-boot-spl.bin is not currently supported).
  
  	<OUTPUT_FILE> is the full path and filename of the final secure image.
  	The output binary images should be used in place of the standard
  	non-secure binary images (see the platform-specific user's guides
  	and releases notes for how the non-secure images are typically used)
  	u-boot_HS_MLO - signed and encrypted boot image that can be used to
  		boot from all media. Secure boot from SPI NOR flash is not
  		currently supported.
  
  Booting of Primary U-Boot (u-boot.img)
  ======================================
  
  	The SPL image is responsible for loading the next stage boot loader,
  	which is the main u-boot image. For secure TI devices, the SPL will
  	be authenticated, as described above, as part of the particular
  	device's ROM boot process. In order to continue the secure boot
  	process, the authenticated SPL must authenticate the main u-boot
  	image that it loads.
  
  	The configurations for secure TI platforms are written to make the boot
  	process use the FIT image format for the u-boot.img (CONFIG_SPL_FRAMEWORK
  	and CONFIG_SPL_LOAD_FIT). With these configurations the binary
  	components that the SPL loads include a specific DTB image and u-boot
  	image. These DTB image may be one of many available to the boot
  	process. In order to secure these components so that they can be
  	authenticated by the SPL as they are loaded from the FIT image,	the
  	build procedure for secure TI devices will secure these images before
  	they are integrated into the FIT image. When those images are extracted
  	from the FIT image at boot time, they are post-processed to verify that
  	they are still secure. The outlined security-related SPL post-processing
  	is enabled through the CONFIG_SPL_FIT_IMAGE_POST_PROCESS option which
  	must be enabled for the secure boot scheme to work. In order to allow
  	verifying proper operation of the secure boot chain in case of successful
  	authentication messages like "Authentication passed: CERT_U-BOOT-NOD" are
  	output by the SPL to the console for each blob that got extracted from the
  	FIT image. Note that the last part of this log message is the (truncated)
  	name of the signing certificate embedded into the blob that got processed.
  
  	The exact details of the how the images are secured is handled by the
  	SECDEV package. Within the SECDEV package exists a script to process
  	an input binary image:
  
  	${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh
  
  	This is called as part of the u-boot build process. As the secure
  	image formats and requirements can differ between the various secure
  	SOCs from TI, this script in the SECDEV package abstracts these
  	details. This script is essentially the only required interface to the
  	TI SECDEV package for creating a u-boot.img image for secure TI
  	devices.
  
  	The SPL/u-boot code contains calls to dedicated secure ROM functions
  	to perform the validation on the secured images. The details of the
  	interface to those functions is shown in the code. The summary
  	is that they are accessed by invoking an ARM secure monitor call to
  	the device's secure ROM (fixed read-only-memory that is secure and
  	only accessible when the ARM core is operating in the secure mode).
  
  	Invoking the secure-binary-image script for Secure Devices
  	==========================================================
  
  	secure-binary-image.sh <INPUT_FILE> <OUTPUT_FILE>
  
  	<INPUT_FILE> is the full path and filename of the input binary image
  
  	<OUTPUT_FILE> is the full path and filename of the output secure image.