Hi all,
I'm working on the ls1021a-iot secure boot, there is a problem about ISBC validate ESBC.
It looks Internal Secure Boot Code(ISBC) will not compare the hash of public key in hdr_uboot_swap.out file with the hash value in fuse on my side.
I followed the steps in A0001-Secure-boot.pdf file in LS1021A-Rev2_iot-20150907 to check the secure boot validation.
1. Jump J14, J19 and J20, after that boot from sdcard.
2. Burn demo public key hash "57e3256c48f70bfd56132ccd1b9cb75872db80f4e3a643221f7e016a2e0632a4
" to the fuse on uboot with below command.
mm 1e80234
01e80234: 00000000?88888888
01e80238: ffffffff?77777777
01e8023c: ffffffff?66666666
01e80240: ffffffff?55555555
01e80244: ffffffff?44444444
01e80248: ffffffff?33333333
01e8024c: ffffffff?22222222
01e80250: ffffffff?11111111
01e80254: 00000000?.
=>mm 1e80254
01e80254:00000000?6c25e357
01e80258:00000000?fd0bf748
01e8025c:00000000?cd2c1356
01e80260:00000000?58b79c1b
01e80264:00000000?f480db72
01e80268:00000000?2243a6e3
01e8026c:00000000?6a017e1f
01e80270:00000000?a432062e
01e80274:00000000?.
=>mw 1e80020 0x02000000
=>md 1e80020 1
0x00000000
3. Set networking env.
4. Programme the RCW, uboot_swap.bin and hdr_uboot_swap.out files to QSPI flash.
5. Power off the board, remove the the Jump connection on J14 J19 and J20, set SW2[1] to 0 and then power on the board boot from QSPI flash.
When I program demo images uboot_swap.bin and hdr_uboot_swap.out which provided by freescale, the uboot can boot up successfully.
So I used cst tool to generate a new key pair, and used the new key to sign uboot.bin and generated new uboot_swap.bin and hdr_uboot_swap.out.
The hash of new public key is not burned into the fuse. The hash value in the fuse is still the demo key's not the new keys'.
I program with the new generated uboot_swap.bin and hdr_uboot_swap.out to the QSPI flash and boot from QSPI flash.
I thought the new uboot should not boot up, since the new public key's hash is not identical to the one burned in the fuse.
But the new uboot can still boot up from QSPI flash, and there is no any error message as below.
U-Boot 2015.01+ls1+g3281947 (May 04 2016 - 17:55:54)
CPU: Freescale LayerScape LS1021E, Version: 2.0, (0x87081120)
Clock Configuration:
CPU0(ARMV7):1000 MHz,
Bus:300 MHz, DDR:800 MHz (1600 MT/s data rate),
Reset Configuration Word (RCW):
00000000: 0608000a 00000000 00000000 00000000
00000010: 20000000 08407900 40225a00 21046000
00000020: 00000000 00000000 00000000 20038000
00000030: 20024800 881b1340 00000000 00000000
Board: LS1021AIOT
I2C: ready
DRAM: 1 GiB
Using SERDES1 Protocol: 32 (0x20)
MMC: FSL_SDHC: 0
SF: Detected S25FL512S_256K with page size 512 Bytes, erase size 256 KiB, total 64 MiB
*** Warning - bad CRC, using default environment
EEPROM: NXID v1
PCIe1: Root Complex x1 gen1, regs @ 0x3400000
01:00.0 - 8086:08b1 - Network controller
PCIe1: Bus 00 - 01
PCIe2: Root Complex no link, regs @ 0x3500000
In: serial
Out: serial
Err: serial
SEC0: RNG instantiated
SATA link 0 timeout.
AHCI 0001.0300 1 slots 1 ports ? Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc
scanning bus for devices...
Found 0 device(s).
SCSI: Net: eTSEC1 is in sgmii mode.
eTSEC2 is in sgmii mode.
Phy 4 not found
PHY reset timed out
eTSEC1, eTSEC2 [PRIME], eTSEC3
Hit any key to stop autoboot: 0
reading uImage.bin
I used the RCW file to enable the secure boot (Set SB_EN=1 ), and didn't set the fuse ITS to 1.
Below is my command to program uboot_swap.bin and hdr_uboot_swap.out.
sf probe
sf erase 0x0 0x200000
tftp 0x82000000 rcw_1000_qspiboot_swap.bin
sf write 0x82000000 0x0 0x100
tftp 0x82000000 uboot_swap.bin
sf write 0x82000000 0x10000 0x80000
tftp 0x82000000 hdr_uboot_swap.out
sf write 0x82000000 0x90000 0x100000
If I didn't program hdr_uboot_swap.out, the uboot will not boot up and there is no any warning message.
If I change the RCW file with the one disable the secure boot(Not set SB_EN=1), and didn't program hdr_uboot_swap.out, the uboot can boot up.
So It looks the signature of uboot will be verified if the secure boot enabled by RCW, but the public key will not be compared by the fuse.
BTW if I signed uImage file with the new key there will be warning message about "ERROR :: 400 :: Public key hash comparison failed" when uboot boot up.
And the kernel can still boot up.
U-Boot 2015.01+ls1+g3281947 (May 04 2016 - 17:55:54)
CPU: Freescale LayerScape LS1021E, Version: 2.0, (0x87081120)
Clock Configuration:
CPU0(ARMV7):1000 MHz,
Bus:300 MHz, DDR:800 MHz (1600 MT/s data rate),
Reset Configuration Word (RCW):
00000000: 0608000a 00000000 00000000 00000000
00000010: 70000000 08007900 40025a00 21046000
00000020: 00000000 00000000 00000000 20038000
00000030: 20024800 881b1340 00000000 00000000
Board: LS1021AIOT
I2C: ready
DRAM: 1 GiB
Using SERDES1 Protocol: 112 (0x70)
MMC: FSL_SDHC: 0
SF: Detected S25FL512S_256K with page size 512 Bytes, erase size 256 KiB, total 64 MiB
*** Warning - bad CRC, using default environment
EEPROM: NXID v1
PCIe1: Root Complex x1 gen1, regs @ 0x3400000
01:00.0 - 8086:08b1 - Network controller
PCIe1: Bus 00 - 01
PCIe2: Root Complex no link, regs @ 0x3500000
In: serial
Out: serial
Err: serial
SEC0: RNG instantiated
SATA link 0 timeout.
AHCI 0001.0300 1 slots 1 ports ? Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc
scanning bus for devices...
Found 0 device(s).
SCSI: Net: eTSEC2 is in sgmii mode.
Phy 4 not found
PHY reset timed out
eTSEC1, eTSEC2 [PRIME], eTSEC3
Hit any key to stop autoboot: 0
reading uImage.bin
5130672 bytes read in 245 ms (20 MiB/s)
reading ls1021aiot.dtb
21183 bytes read in 20 ms (1 MiB/s)
reading ls1021aiot.rootfs
66442965 bytes read in 2953 ms (21.5 MiB/s)
reading hdr_linux.out
1152 bytes read in 15 ms (74.2 KiB/s)
reading hdr_rootfs.out
1152 bytes read in 15 ms (74.2 KiB/s)
reading hdr_dtb.out
1152 bytes read in 15 ms (74.2 KiB/s)
ERROR :: 400 :: Public key hash comparison failed
esbc_validate command successful
esbc_validate command successful
## Booting kernel from Legacy Image at 82000000 ...
I used command md to check the values in fuse address after boot from sd card as below.
=> md 1e80234
01e80234: ffffffff ffffffff ffffffff ffffffff ................
01e80244: ffffffff ffffffff ffffffff ffffffff ................
01e80254: 6c25e357 fd0bf748 cd2c1356 58b79c1b W.%lH...V.,....X
01e80264: f480db72 2243a6e3 6a017e1f a432062e r.....C".~.j..2.
01e80274: 00000000 00000000 00000000 00000000 ................
01e80284: 00000000 ffffffff ffffffff ffffffff ................
01e80294: ffffffff ffffffff ffffffff ffffffff ................
01e802a4: ffffffff 00000000 00000000 00000000 ................
01e802b4: 00000000 00000000 00000000 00000000 ................
01e802c4: 00000000 00000000 00000000 00000000 ................
01e802d4: 00000000 00000000 00000000 00000000 ................
01e802e4: 00000000 00000000 00000000 00000000 ................
01e802f4: 00000000 00000000 00000000 00000000 ................
01e80304: 00000000 00000000 00000000 00000000 ................
01e80314: 00000000 00000000 00000000 00000000 ................
01e80324: 00000000 00000000 00000000 00000000 ................
=> md 1e80020 1
01e80020: 00000000
I don't know why the uboot signed by the error key can still boot up, is it because I enable secure boot in RCW not with fuse ITS?
Is there any error message output if the uboot(ESBC) can't pass the validation of ISBC, or just the uboot can't boot up and no any output.
Is there something wrong in my steps when I validate the secure boot?
Solved! Go to Solution.
Please install CodeWarrior for ARMv7, and open CCS console from Start->Freescale CodeWarrior->CodeWarrior Connection Server, please refer to page 9 in the doc Secure Boot/Debug Configuration for LS1 to configure CCS environment to write SRKH fuse values into mirror registers.
Thanks,
Yiping
Hello,I met the same problem,but I use the P2040 secure boot.Could you solve the problem now,if you can ,tell me the solution please.Thank you!
Hi
The NXP guys told me it's reasonable, since I didn't really burn the
root trust public key hash value into the board and just simulate this
process.
Ok,Thank u very much!But now I wanna program the correct public key hash into mirror register as Yiping Wang'said above,I can't success.Because I set Boot_ho=1,power on the board,u-boot can print strange code cyclically,then I open the CCS console window,writing SRKH mirror register by entering CCS command ccs::write_mem 0 0xfe0e807c 4 0 0x********,but I enter ccs::display_mem 0 0xfe0e807c 4 0 1to read the corresponding register,finding the value still is 0x00000000,it doesn't work as i expected.Did you meet the same problem?
And do you know complete ccs console commands format,I only konw how to write and read memory,I can't find any reference.If you konw anything,please send me relate documents.Thank u again!
Hello Hillman Huo,
Would you please provide the input file used for generating u-boot hdr header file? Probably there is problem is this file.
Have a great day,
Yiping
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
I used the u-boot-dtb.bin file to generate the swap and hdr file wit cst
tool.
Please refer to the attachment.
uboot_swap_error.bin is the swap file generated by u-boot-dtb.bin.
hdr_uboot_swap_error.out is the hdr file generated by u-boot-dtb.bin
with cst tool(using error key the right key hash has burned to the fuse).
Hello Hillman Huo,
Please check the value of HPSR[SSM_ST](11-8).
Security monitor state. This field contains the encoded state of the security monitor's internal state
machine. The encoding of the possible states are:
0000 Init
1001 Check
1011 Non-Secure
1101 Trusted
1111 Secure
0011 Soft Fail
0001 Hard Fail
In addition, during the stage of design and testing, it is not recommended to permanently write SRKH mirror registers data from the mirror registers into the fuse array.
We recommend customers use the following the following procedure to do testing.
1.Put the core in boot hold off at startup.
For this load the RCW with BOOT_HO = 1 .
2.Configure ccs
ccs::config_server 0 10000
ccs::config_chain {{8 1} ls1020a dap {8 1} }
3.Write the keys in SFP_SRKRH shadow registers.
ccs::write_mem 15 0x1e80254 4 0 0x< Reg_1>
ccs::write_mem 15 0x1e80258 4 0 0x< Reg_2>
ccs::write_mem 15 0x1e8025c 4 0 0x< Reg_3>
ccs::write_mem 15 0x1e80260 4 0 0x< Reg_4>
ccs::write_mem 15 0x1e80264 4 0 0x< Reg_5>
ccs::write_mem 15 0x1e80268 4 0 0x< Reg_6>
ccs::write_mem 15 0x1e8026c 4 0 0x< Reg_7>
ccs::write_mem 15 0x1e80270 4 0 0x< Reg_8>
4.Get the core out of boot hold off.
ccs::write_mem 15 0x1ee00e4 4 0 0x1
Have a great day,
Yiping
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
Thanks a lot for your patient explain.
Can tell more detail about how to configure ccs?
Will it be configured with code warrior?
Hi,so did you how to use the ccs and ccs commands,like mmu configure command etc,because i can't program the value into registers,if you konw,please tell me some details,thank you very much
Please install CodeWarrior for ARMv7, and open CCS console from Start->Freescale CodeWarrior->CodeWarrior Connection Server, please refer to page 9 in the doc Secure Boot/Debug Configuration for LS1 to configure CCS environment to write SRKH fuse values into mirror registers.
Thanks,
Yiping
Hello Hillman Huo,
Please pay attention to one point for secure boot, the target runs out of POR with RCW having SB_EN=1 and location of header programmed in DCFG SCRATCHRW1 register via PBI commands. Boot ROM will read the SCRATCH REGISTER for location of the HEADER and then perform the validation.
hdr address: to be updated in PBI commands for updating SCRATCHRW1.
Uboot address: to be updated in input file and eventually inside the header
You could use QCVS tool to assist you to generate the PBL file including PBI.
For details, you could refer to QorIQ SDK 1.9 document.
Have a great day,
Yiping
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
So there is something wrong in the PBL on my board, right?