Setting up Secure Boot on PBL Based Platforms in Prototype Stage

Document created by Yiping Wang Employee on Jul 10, 2016Last modified by Diana Torres on Apr 30, 2018
Version 3Show Document
  • View in full screen mode

This document introduces secure boot setting up methods and procedures for QorIQ PBL based PowerPC and ARM architecture platforms. It explains the basic concept of secure boot; describes how to create PBL, CSF headers and ESBC images for secure boot; introduces how to deploy secure boot related images on the target and how to blow OTPMK and write SRK hash keys to the mirror registers in the prototype stage; provides the step by step troubleshooting method when secure boot fails without any message printed out on the UART console.

LS1043 is used as an example in this document, if the user uses different processor, it is need to change registers and images deployment addresses according to the processor reference manual and QorIQ SDK user manual.


1. Basic Concept of Secure Boot on PBL Based Platform


2. Preparing Images for Secure BOOT

    2.1 Create RCW Supporting Secure Boot

          2.1.1 Create Secure boot RCW in Linux SDK

          2.1.2 Create Secure Boot RCW with QCVS tool

   2.2 Generate RSA keys and Signing Images to Create CSF Header with CST tool


3. Deploy Secure Boot Images to the Target and Write SRKH Mirror Register


4. Secure boot Trouble Shooting.

2 people found this helpful