Eric Lee / smarc-uboot

1
Download as
Browse Code ยป

Commit 06d607bc6940a784cafb7e9350fa4188872b3b92

Authored by Vanessa Maegima
Committed by Ye Li
1 parent 129cb6c823
Exists in smarc_8mq_lf_v2020.04 and in 4 other branches pitx_8mp_lf_v2020.04, smarc-8m-android-11.0.0_2.0.0, smarc-8mp-android-11.0.0_2.0.0, smarc_8mp_lf_v2020.04

MLK-24362-4 doc: imx: habv4: Add information for secure boot in SDP mode 

Add references to the UUU documentation on how to perform secure boot
in SDP mode.

Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 59942641eaef22cbd9993bbdb58f250006d5e15a)

Showing 3 changed files with 31 additions and 10 deletions Side-by-side Diff

doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
Diff comments   View file @ 06d607b
... ... @@ -342,7 +342,13 @@
342 342 | i.MX7ULP | bank 1 word 1 | 0x000000C0 |
343 343 +--------------+---------------+------------+
344 344  
345   -2. Extending the root of trust
  345 +2. Secure boot in SDP mode
  346 +---------------------------
  347 +
  348 +For secure boot in SDP mode, please refer to the "HABv4 closed chip support"
  349 +chapter in the UUU documentation[3].
  350 +
  351 +3. Extending the root of trust
346 352 -------------------------------
347 353  
348 354 The High Assurance Boot (HAB) code located in the on-chip ROM provides an
... ... @@ -376,7 +382,7 @@
376 382 | Padding (optional) |
377 383 +-----------------------------+
378 384  
379   -2.1 Padding the image
  385 +3.1 Padding the image
380 386 ----------------------
381 387  
382 388 The zImage must be padded to the next boundary address (0x1000), for instance
... ... @@ -389,7 +395,7 @@
389 395 $ objcopy -I binary -O binary --pad-to 0x64A000 --gap-fill=0x00 \
390 396 zImage zImage_pad.bin
391 397  
392   -2.2 Generating Image Vector Table
  398 +3.2 Generating Image Vector Table
393 399 ----------------------------------
394 400  
395 401 The HAB code requires an Image Vector Table (IVT) for determining the image
... ... @@ -407,7 +413,7 @@
407 413  
408 414 $ cat zImage_pad.bin ivt.bin > zImage_pad_ivt.bin
409 415  
410   -2.3 Signing the image
  416 +3.3 Signing the image
411 417 ----------------------
412 418  
413 419 A CSF file has to be created to sign the image. HAB does not allow to change
... ... @@ -425,7 +431,7 @@
425 431  
426 432 $ cat zImage_pad_ivt.bin csf_zImage.bin > zImage_signed.bin
427 433  
428   -2.4 Verifying HAB events
  434 +3.4 Verifying HAB events
429 435 -------------------------
430 436  
431 437 The U-Boot includes the hab_auth_img command which can be used for
... ... @@ -441,4 +447,5 @@
441 447 References:
442 448 [1] AN4581: "i.MX Secure Boot on HABv4 Supported Devices"
443 449 [2] AN12263: "HABv4 RVT Guidelines and Recommendations"
  450 +[3] https://github.com/NXPmicro/mfgtools/releases/
doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt
Diff comments   View file @ 06d607b
... ... @@ -176,6 +176,13 @@
176 176 mx6_mx7_secure_boot.txt document available under doc/imx/habv4/guides/
177 177 directory.
178 178  
  179 +2. Secure boot in SDP mode
  180 +---------------------------
  181 +
  182 +For secure boot in SDP mode, please refer to the "HABv4 closed chip support"
  183 +chapter in the UUU documentation[2].
  184 +
179 185 References:
180 186 [1] AN4581: "i.MX Secure Boot on HABv4 Supported Devices"
  187 +[2] https://github.com/NXPmicro/mfgtools/releases/
doc/imx/habv4/guides/mx8m_secure_boot.txt
Diff comments   View file @ 06d607b
... ... @@ -423,7 +423,13 @@
423 423  
424 424 => fuse prog 1 3 0xC00000
425 425  
426   -2. Authenticating additional boot images
  426 +2. Secure boot in SDP mode
  427 +---------------------------
  428 +
  429 +For secure boot in SDP mode, please refer to the "HABv4 closed chip support"
  430 +chapter in the UUU documentation[3].
  431 +
  432 +3. Authenticating additional boot images
427 433 -----------------------------------------
428 434  
429 435 The High Assurance Boot (HAB) code located in the on-chip ROM provides an
... ... @@ -461,7 +467,7 @@
461 467 | Padding (optional) |
462 468 +-----------------------------+
463 469  
464   -2.1 Padding the image
  470 +3.1 Padding the image
465 471 ----------------------
466 472  
467 473 The Image must be padded to the size specified in the Image header, this can be
... ... @@ -480,7 +486,7 @@
480 486 $ objcopy -I binary -O binary --pad-to 0x1455000 --gap-fill=0x00 \
481 487 Image Image_pad.bin
482 488  
483   -2.2 Generating Image Vector Table
  489 +3.2 Generating Image Vector Table
484 490 ----------------------------------
485 491  
486 492 The HAB code requires an Image Vector Table (IVT) for determining the image
... ... @@ -498,7 +504,7 @@
498 504  
499 505 $ cat Image_pad.bin ivt.bin > Image_pad_ivt.bin
500 506  
501   -2.3 Signing the image
  507 +3.3 Signing the image
502 508 ----------------------
503 509  
504 510 A CSF file has to be created to sign the image. HAB does not allow to change
... ... @@ -515,7 +521,7 @@
515 521  
516 522 $ cat Image_pad_ivt.bin csf_Image.bin > Image_signed.bin
517 523  
518   -2.4 Verifying HAB events
  524 +3.4 Verifying HAB events
519 525 -------------------------
520 526  
521 527 The U-Boot includes the hab_auth_img command which can be used for
... ... @@ -531,4 +537,5 @@
531 537 References:
532 538 [1] AN4581: "i.MX Secure Boot on HABv4 Supported Devices"
533 539 [2] AN12212: "Software Solutions for Migration Guide from Aarch32 to Aarch64"
  540 +[3] https://github.com/NXPmicro/mfgtools/releases/