r8070z: thanks for your response.
For the question number 2.
How public keys/private keys are programmed? i still have some questions.
Following are the sequence of steps performed for secure boot and programming the fuse
I am using evaluation platform for development
1. Signed image generation.
secure boot can be enabled by RCW with SB_EN = 1. with the help of QCVS i have set the SB_EN=1, i have generated the bin file.
I have generated the LSDK secure boot image using the below command.
$flex-builder -i mkfw -m ls2088ardb -b nor -s
firmware_ls2088ardb_uboot_norboot_secure.img will be generated for secure boot.
by running the above command CSF Header, S/G table, Public Key and Encrypted Signature is added to image,
I have flashed the image duing u-boot with the help of tftp.
=> tftp a0000000 firmware_ls2088ardb_uboot_norboot_secure.img
=> protect off 584000000 +$filesize && erase 584000000 + $filesize && cp.b a0000000 584000000 $filesize
=> qixis_reset altbank
2. Preparing Evaluation platform
2.1 LS2088A RDB Board
- Put J12 to enable PWR_PROG_SFP
- SW9[3:5] to 100
2.2 Blowing OTPMK
2.2.1 Generated OTPM
./gen_otpmk_drbg 2
2.2.2 During u-boot write the values using "mw.1 address <OTPMK1..8>
verify the write md 1e90014, check the value after reset md 1e90014.
2.3 Putting the SOC to RSP
Q1. Can you please let me know how to put the RSP
2.4 Write the SRKH to SFP mirror registers and get the system out of Reset Pause via CCS.
Q2. i don't have emulator with me, Can you please let me know how to update the mirror register SRKH
Q3. Can you please let me know list of keys to fused in the fuse box to run secure-boot. Please provide the procedure as well.
