I am building from scratch with LSDK-20.12 packages : rcw, atf, u-boot and cst from codeaurora repository at tag LSDK-20.12.
- RCW is simply build with "make" on my custom target with SB_EN=1 and BOOT_HO=1 (inspired from ls1043aqds)
- U-Boot is build with
make ARCH=arm CROSS_COMPILE=aarch64-zds-linux-gnueabi- -C /home/teddy/tmp/git/u-boot-bare-lsdk2012 -j 4 KBUILD_OUTPUT=/home/teddy/tmp/git/u-boot-bare-lsdk2012_build mrproper ls1043a_ps4c_tfa_defconfig all
- cst has simply been build with make, a srk.pri/srk.pub key paire generated
- ATF is build with:
CROSS_COMPILE=aarch64-zds-linux-gnueabi- ARCH=aarch64 make PLAT=ls1043aps4c CSF_HEADER_PREPENDED=1 TRUSTED_BOARD_BOOT=1 CST_DIR=/home/teddy/tmp/git/cst-head_dev all fip pbl RCW=rcw_1200_qspiboot_atf_sb.bin LOG_LEVEL=40 BL33=u-boot.bin
Then I have bl2_qspi_sec.pbl flashed at addresse 0x00 of QSPI and fip.bin to offset 0x100000 in QSPI.
I am working in developpement, so for now not writing all the OTP things, so I use the CCS JTAG probe and do script to set all the SRKH mirror registers and release boot hold.
After boot hold release, there is no message on UART debug console and registers don't show me obvious error of configuration
Same process without Secure Boot configured in RCW and ATF build without "CSF_HEADER_PREPENDED=1 TRUSTED_BOARD_BOOT=1" and U-boot build without "CONFIG_NXP_ESBC" lead to a correct non-secure boot.
