FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Secure Boot in T1024

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Secure Boot in T1024

‎04-09-2019 01:41 AM
703 Views
pratik_vadher
Contributor II

I have successfully been able to run T1024 RDB based on the demo using ESBC Uboot. Now I am trying the same for my own boot code. I don't need any functionality of ESBC, hence I am skipping that. Hence ISBC will validate the boot code. 

As of now, the SecMon-Register transitions to "Trusted" state hence the validation and the ISBC seems to be working properly. Part of my boot code is also running, however it runs into exception when it tries to configure nor flash.

The boot code runs properly whenever I try to run it non-securely. Is there something that I am missing? 

 I have attached both the RCW that I am using (one for secure and the other for non-secure)

Tags (1)
rcw_95_1200MHz.bin.zip
RCW_improved_secure.bin.zip
0 Kudos
Reply
3 Replies

‎04-12-2019 12:55 AM
558 Views
yipingwang
NXP TechSupport
NXP TechSupport

Hello Pratik Vadher

About secure boot setting up in the prototype stage, you could refer to Setting up Secure Boot on PBL Based Platforms in Prototype Stage .

However according to your description, it seems that ISBC had already validated ESBC Uboot successfully, your custom u-boot code could be executed, can you get some messages printing out from the UART console? What is the exact executing code on your target board before running into the exception.

Do you use NOR flash u-boot?  What's difference between your u-boot and the demo u-boot code?

Did you enable SECURE_BOOT option in u-boot configuration file as the following.

CONFIG_SYS_EXTRA_OPTIONS="PPC_T1024,T1024RDB,SECURE_BOOT"

Thanks,

Yiping

0 Kudos
Reply

‎04-12-2019 01:39 AM
558 Views
pratik_vadher
Contributor II

Hi Yiping, 

Thanks for the prompt reply. I have been able to securely boot my own boot code. As of now, ISBC validates my custom Boot Code.

There is a function in my code which configures nor flash. The code stopped during that execution of that function. Commenting that code out helped.

 However, I have doubt here, why is the execution running into exception only during secure boot? The code run properly in non-secure configuration. Are the PBI commands clashing in the way of configuring flash?

0 Kudos
Reply

‎06-22-2019 05:04 AM
558 Views
yipingwang
NXP TechSupport
NXP TechSupport

Please refer to the following additional PBI commands for secure boot, they are used to configure LAW for ESBC, LAW for CPC/SRAM, scratch Registers, CPC for SRAM and CPC configuration, please check whether your own NOR flash configuration code conflicting with these configuration.

.pbi
write 0x10000, 0x00200400
write 0x10104, 0xBFF00007
write 0xC10, 0x00000000
write 0xC14, 0xC0000000
write 0xC18, 0x81F0001B
write 0xCF0, 0x00000000
write 0xCF4, 0xBFF00000
write 0xCF8, 0x81000010
write 0xE0200, 0xC0B00000
write 0xE0208, 0xC0C00000
write 0x10000, 0xC0000000

Thanks,

Yiping

0 Kudos
Reply