Hi,
I am using a custom board based on LS1043ARDB and I want to enable secure boot.
I have performed the following steps
- created keys using cst
- placed srk.pub and srk.pri keys in atf source folder
- created RCW bin with SB_EN and BOOT_HO as 1
- compiled secure uboot with ls1043ardb_tfa_SECURE_BOOT_defconfig
- generated signed pbl and fip image without optee using "make PLAT=ls1043ardb TRUSTED_BOARD_BOOT=1 CST_DIR=<cst dir path> RCW=ls1043ardb/rcw_1200_sdboot.bin
BL33=u-boot.bin pbl fip"
- got bl2_sd_sec.pbl and fip.bin in folder build/ls1043ardb/release/
- flashed pbl and uboot in eMMC using mmc write 0xa0000000 8 (size of bl2_sd_sec.pbl in hexadecimal) mmc write 0xa0000000 800 (size of fip.bin in hexadecimal)
- cpld reset sd (getting a blank screen here as all cores are on hold)
Read RCW from target device using JTAG, PFA snap
- opened ccs console and wrote SRKH in mirror registers
In the last, getting the core out of boot hold-off
ccs::write_mem 32 0x1ee00e4 4 0 0x00000001
But I am seeing a blank screen only and no output in the console.
I tried to write OTPMK fuse values on shadow registers after generating with ./gen_otpmk_drbg -b 2
However, no luck still seeing the same blank screen.
Could you please help what went wrong here?
Also wanted to understand role of OTPMK and how it impacts secure boot, as images are signed with srk private keys and public hashes flashed in mirror registers.
Solved! Go to Solution.
Yes, I am already running secure boot on my device, by flashing OTPMK permanently.
Please be very cautious with secure boot verification.
It is strongly recommended to repeatedly read the <Chapter 6 Security> section of LSDK 2108 until you fully understand what you are doing.
There are several key points to remind you of what you need to pay attention to:
1.OTPMK must be fused (whether you are verifying secure boot or mass production). Here, you can burn a minimal Hamming code OTPMK such as 0xF. For verification purposes, SRKH can be written to the mirror register, but for mass production, it needs to be permanently fused.
2. When burning fuse, attention should be paid to prog_sfp voltage control.
Yes, I am already running secure boot on my device, by flashing OTPMK permanently.
Thanks @kshitiz too look into the query.
I have dumped all the required registers after successfully written SRKH and OTPMK.
SecMon HPSR -> 0x1e90014
SCRATCHRW1 -> 0x1ee0200
SCRATCHRW2 -> 0x1ee0204
SCRATCHRW3 -> 0x1ee0208
SCRATCHRW4 -> 0x1ee020c
(bin) 23 % ccs::display_mem 32 0x1ee0200 4 0 1
+0 +4 +8 +C
[0x01EE0200] 10015000 (correct boot location pointer)
(bin) 24 % ccs::display_mem 32 0x1ee0204 4 0 4
+0 +4 +8 +C
[0x01EE0204] 00000101 00000000 00000000 00000000
(bin) 25 % ccs::display_mem 32 0x1ee0208 4 0 4
+0 +4 +8 +C
[0x01EE0208] 00000000 00000000 00000000 00000000
(bin) 26 % ccs::display_mem 32 0x1ee020c 4 0 4
+0 +4 +8 +C
[0x01EE020C] 00000000 00000000 00000000 00000000
(bin) 27 % ccs::display_mem 32 0x1e90014 4 0 4
+0 +4 +8 +C
[0x01E90014] 8000AB00 80000000 00000000 00000000
(bin) 28 % ccs::display_mem 32 0x1e90018 4 0 4
+0 +4 +8 +C
[0x01E90018] 80000000 00000000 00000000 00000000
@kshitiz Can you please share commands to debug the core status and find out where my core is stuck?
Hi,
Have you seen SNVS register state?
Is there any issue reported by ISBC in SCRATCHRW2 register?
Thanks
Hi @kshitiz
Yes for SCRATCHRW2 reg I am getting 00000101 error code.
Hi @gandhi_999,
0x101 refers to ERROR_STATE_NOT_CHECK SEC_MON which means State Machine not in CHECK state at start of ISBC.
Some
Security violation could have occurred.
Kindly check.
Btw, are you trying with vanilla NXP code, or you are using your own custom binaries?
Hi @kshitiz
I am using custom binaries, as stated earlier non secure are booting.
Can you please help to know the security violation for not in check state?
Here is the dump of SecMon HPSR -> 0x1e90014 and SecMon HPSVSR -> 0x1e90018 registers.
(bin) 68 % ccs::display_mem 32 0x1e90014 4 0 4
+0 +4 +8 +C
[0x01E90014] 8000AB00 80000000 00000000 00000000
(bin) 69 % ccs::display_mem 32 0x1e90018 4 0 4
+0 +4 +8 +C
[0x01E90018] 80000000 00000000 00000000 00000000
Thanks.
Thanks @kshitiz for the response.
Yes I have checked SCRATCHHRW2.
before writing SRKH and OTPMK
(bin) 41 % ccs::display_mem 32 0x1e90014 4 0 1
+0 +4 +8 +C
[0x01E90014] 8800AB00
After writing SRKH and OTPMK
(bin) 60 % ccs::display_mem 32 0x1e90014 4 0 1
+0 +4 +8 +C
[0x01E90014] 8000AB00
I believe ideally it should be 0x09 for check state then it transits to secure state
so, ideal value should be 80000900 but I am getting 0x8000AB00
Can you help me what went wrong here?
Thanks.
Kindly provide the updates on this.
With SB_EN=0 and BOOT_HO=0 in RCW, board is able to boot non securely with the same bl2_sd_sec.pbl and fip.bin image.
With SB_EN=1 and BOOT_HO=1 in RCW and after writing SRKH and OTPMK using ccs as shown in attached snap, board is not able to boot (no output in console) with the same bl2_sd_sec.pbl and fip.bin image.
Thanks