I.MX8MP Secure Boot Issues

KadirY · ‎12-19-2024

Hello,

I’ve been following the guides for i.MX8M secure boot and I’m using an SD card to boot. So far, I’ve generated a flash.bin containing the SPL, U-Boot, ATF, etc., generated the keys and fuse maps, and finally fused the keys. However, I am encountering the following error:

resetting ...

U-Boot SPL 2022.04-bcn_lf_v2022.04+gf016f1f8de (Nov 02 2022 - 17:32:57 +0000)
SEC0: RNG instantiated
Trying to boot from BOOTROM
image offset 0x8000, pagesize 0x200, ivt offset 0x0
## Checking hash(es) for config config-1 ... OK
## Checking hash(es) for Image uboot-1 ... OK
## Checking hash(es) for Image fdt-1 ... OK
## Checking hash(es) for Image atf-1 ... OK
## Checking hash(es) for Image tee-1 ... OK

Authenticate image from DDR location 0x401ff980...
bad magic magic=0x42 length=0x60 version=0x51
bad length magic=0x42 length=0x60 version=0x51
bad version magic=0x42 length=0x60 version=0x51
Error: Invalid IVT structure
spl: ERROR: image authentication unsuccessful

The guidelines I followed provided a genIVT.pl script, but I’m unsure how to modify it to resolve the issue.

When I flash my SD card without the IVT (just flash.bin), using bs=1K seek=32, I am able to boot without issues. This suggests that my offsets are correct, but I am uncertain where exactly to place the IVT.

I would be happy to share my environment details as they are critical for the IVT configuration.

I'm also unsure how to use the chain of trust to authenticate the kernel image as well.

I would appreciate any assistance or guidance you can provide.

KadirY · ‎12-23-2024

Do mkimage tool generated images contain the IVT for the spl+uboot? I've generated the images with "make -f soc.mak SOC=iMX8MP flash_spl_uboot" command.

So far, the log appears at the serial port contains strings from the spl.c and hab.c, i.e.

"/workspace/sources/u-boot-imx/arch/arm/mach-imx/spl.c:444:panic("spl: ERROR: image authentication unsuccessful\n");"

"sources/u-boot-imx/arch/arm/mach-imx/hab.c:866:/* Invalid IVT structure */"

My understanding is that the bootrom has successfully authenticated the spl and spl failed to authenticate the fit image. Is it correct?

KadirY · ‎12-19-2024

Here, I have listed pretty much everything I've done so far.

Here is my mkimage_imx8 log:

make -f soc.mak SOC=iMX8MP flash_spl_uboot
./mkimage_imx8 -version v2 -fit -loader u-boot-spl-ddr.bin 0x920000 -second_loader u-boot.itb 0x40200000 0x60000 -out flash.bin
Platform: i.MX8M (mScale)
ROM VERSION: v2
Using FIT image
LOADER IMAGE: u-boot-spl-ddr.bin start addr: 0x00920000
SECOND LOADER IMAGE: u-boot.itb start addr: 0x40200000 offset: 0x00060000
Output: flash.bin
========= IVT HEADER [HDMI FW] =========
header.tag: 0x0
header.length: 0x0
header.version: 0x0
entry: 0x0
reserved1: 0x0
dcd_ptr: 0x0
boot_data_ptr: 0x0
self: 0x0
csf: 0x0
reserved2: 0x0
boot_data.start: 0x0
boot_data.size: 0x0
boot_data.plugin: 0x0
========= IVT HEADER [PLUGIN] =========
header.tag: 0x0
header.length: 0x0
header.version: 0x0
entry: 0x0
reserved1: 0x0
dcd_ptr: 0x0
boot_data_ptr: 0x0
self: 0x0
csf: 0x0
reserved2: 0x0
boot_data.start: 0x0
boot_data.size: 0x0
boot_data.plugin: 0x0
========= IVT HEADER [LOADER IMAGE] =========
header.tag: 0xd1
header.length: 0x2000
header.version: 0x41
entry: 0x920000
reserved1: 0x0
dcd_ptr: 0x0
boot_data_ptr: 0x91ffe0
self: 0x91ffc0
csf: 0x95a5c0
reserved2: 0x0
boot_data.start: 0x91ffc0
boot_data.size: 0x3c660
boot_data.plugin: 0x0
========= OFFSET dump =========
Loader IMAGE:
header_image_off 0x0
dcd_off 0x0
image_off 0x40
csf_off 0x3a600
spl hab block: 0x91ffc0 0x0 0x3a600

Second Loader IMAGE:
sld_header_off 0x58000
sld_csf_off 0x59020
sld hab block: 0x401fcdc0 0x58000 0x1020

According to this I have prepared my csf files:
csf_fit.txt
[Header]
Version = 4.3
Hash Algorithm = sha256
Engine = CAAM
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

[Install SRK]
# Index of the key location in the SRK table to be installed
File = "../../crts/SRK_1_table.bin"
Source index = 0

[Install CSFK]
# Key used to authenticate the CSF data
File = "../../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target index = 2
# Key to install
File = "../../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Authenticate Start Address, Offset, Length and file
Blocks = 0x401fcdc0 0x58000 0x1020 "flash.bin", \
0x40200000 0x5B000 0xEF5A0 "flash.bin", \
0x402EF5A0 0x14A5A0 0xF160 "flash.bin", \
0x970000 0x159700 0xB146 "flash.bin", \
0x56000000 0x164848 0x78EF0 "flash.bin"

csf_spl.txt
[Header]
Version = 4.3
Hash Algorithm = sha256
Engine = CAAM
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

[Install SRK]
# Index of the key location in the SRK table to be installed
File = "../../crts/SRK_1_table.bin"
Source index = 0

[Install CSFK]
# Key used to authenticate the CSF data
File = "../../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Unlock]
# Leave Job Ring and DECO master ID registers Unlocked
Engine = CAAM
Features = MID

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target index = 2
# Key to install
File = "../../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Authenticate Start Address, Offset, Length and file
Blocks = 0x91ffc0 0x0 0x3a600 "flash.bin"

According to these, I have appended the .bin files as follows:

dd if=csf_spl.bin of=flash.bin seek=$((0x3a600)) bs=1 conv=notrunc
dd if=csf_fit.bin of=flash.bin seek=$((0x59020)) bs=1 conv=notrunc

However, there is an issue with csf_fit.bin generation.

I've edited the soc.mak so that I can use my board's dtb, when I run the ./print_fit_hab.sh I get:

./../scripts/pad_image.sh tee.bin
./../scripts/pad_image.sh bl31.bin
./../scripts/pad_image.sh u-boot-nodtb.bin imx8mp-my-kit.dtb
u-boot-nodtb.bin + imx8mp-my-kit.dtb are padded to 1042176
TEE_LOAD_ADDR=0x56000000 ATF_LOAD_ADDR=0x00970000 VERSION=v2 ./print_fit_hab.sh 0x60000 imx8mp-my-kit.dtb
0x40200000 0x5B000 0xEF5A0
0x402EF5A0 0x14A5A0 0xF160
0x970000 0x159700 0xB146
0x56000000 0x164848 0x78EF0

Using these values I get the error at csf_fit.bin creations:

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
# Authenticate Start Address, Offset, Length and file
Blocks = 0x401fcdc0 0x58000 0x1020 "flash.bin", \
0x40200000 0x5B000 0xEF5A0 "flash.bin", \
0x402EF5A0 0x14A5A0 0xF160 "flash.bin", \
0x970000 0x159700 0xB146 "flash.bin", \
0x56000000 0x164848 0x78EF0 "flash.bin"

./cst -i csf_fit.txt -o csf_fit.bin

Invalid Block arguments, Blocks start offset and length together exceed file size in command AuthenticateData

Also, I still yet to figure out how to generate the IVT and where at the image do I place it.

Harvey021 · ‎12-19-2024

Hi @KadirY

Have you tried to follow up the guide mx8m_secure_boot.txt for secure boot?

The one can also be helpful for reference. i-MX-8MPlus-865-HAB-High-Assurance-Boot

Regards

Harvey

KadirY · ‎12-20-2024

Greetings,

I have been following the guide you have mentioned. There is no guidelines for ivt generation nor the details about the csf files. I get error when at csf_fit.bin generation when I use the dtb of my devboard, so I can't proceed with that. When I remove the "0x56000000 0x164848 0x78EF0 "flash.bin" part, I can get a csf_fit.bin but then again IVT is the main issue for me.
A quick question, what do csf.bin files include? Do they posses the signatures etc? So far, even at the mx8m_secure_boot.txt, I could not find a specific note about the signature locations.
Thanks in advance!

Harvey021 · ‎12-20-2024

Here is the for IVT gen, script_examples

Not quite sure the question about csf.bin, If I'm not wrong to your question, you may refer to the AN4581 or CST User’s Guide downloading from IMX_CST_TOOL_NEW

Signature location can be obtained from making images.

Regards

Harvey

KadirY · ‎12-20-2024

Hello,
There are parameters such as Load Address, Signature and CSF Pointer etc at the ivt script. Load addr is different for my uboot csf so I edited that but, are there any set addresses that shall not be touched? There is signature and pointer addresses?

Harvey021 · ‎12-20-2024

Sent you email with explanations.

Regards

Harvey

I.MX8MP Secure Boot Issues

I.MX8MP Secure Boot Issues

i.MX 8M | i.MX 8M Mini | i.MX 8M Nano