FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

LS1043: Secureboot image build using yocto

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LS1043: Secureboot image build using yocto

‎04-29-2025 03:18 AM
257 Views
BhargavJayswal813
Contributor I

Dear NXP team,

 

I am working on secure boot for LS1043A. I am facing problem at yocto build to generate secure images BL2.pbl (RCW + PBI + ISBC Headers + BL2.bin + public key + signature) and fib_uboot.bin (ESBC Headers + BL31.bin + public key + signature + ESBC Headers + BL33_uboot.bin + public key + sinature ).

 

As part of normal build compilation below command generate non-secure images.

bitbake rcw

bitbake linux-qoriq

bitbake qoriq-atf

As as result it generates bl2_sd.pbl (RCW+PBI+BL2) and fib_uboot.bin (BL31 + BL33) in deploy dir .

In order to generate secure boot images we have to do some modification in recipe according to UG10081_LLDP_6.1.55_2.2.0.pdf user guide document(5.1.1.5.3.1 : Build secure boot TF-A images for NXP CoT) .  We are not using SPD=opteed BL32=tee.bin for OS. We wanted to just validate image bl2_sd.pbl and fip_uboot.bin.

Could you please let us know what modification required in related recipe and what are the yocto command i have to run in order to generate secure boot images.

 

Regards,

Bhargav Jayswal

 

 

0 Kudos
Reply
1 Reply

‎04-30-2025 12:41 AM
232 Views
June_Lu
NXP TechSupport
NXP TechSupport

Hope commands below could help you

How to compile atf with OPTEE?
   Set DISTRO_FEATURES:append = " optee" in your local.conf.

Secure boot
   For build secure boot image ,you need to set the following variables in local.conf
   DISTRO_FEATURES:append = " secure"
```
   $: bitbake secure-boot-qoriq

0 Kudos
Reply