AnsweredAssumed Answered

SECURE BOOT LS1021A-IOT BOARD

Question asked by PRABIN CA on Feb 17, 2016
Latest reply on Mar 16, 2017 by Dhruvalkumar Patel

Hi All

I’m working REV2 LS1021A-IOT board, And trying to boot from QSPI with secure boot enabled, I’m able to boot from QSPI with non secure boot. But when I enabled SECURE BOOT in RCW I'm not getting the console in minicom.

Following are steps that I did for qspi boot with secure boot

1.Generated u-boot (for QSPI in big endian mode, so on compiling u-boot for QSPI, itself we are getting byte swapped u-boot), uImage , DTB and rootfs.

2.Generated pub and pri key with CST tool.

3.Generated CSF header for u-boot, uImage and DTB and rootfs.

4.Generated values of one time programmable register using cst tool and flashed into OTPMKR0 to OTPMKR7.

5.Wrote value HASH KEY into   SFP_SRKHRn register in big endian mode.

6.Imported rcw_1000_qspiboot.bin into QCVS tool and RCW.SBEN=1 and build to generate new PBL.bin

7.Byte swapped PBL.bin using byteswap.tcl

8.programmed PBL.bin u.boot and u-boot-csf.out into QSPI.

 

My doubt is why we are not getting console when enabling secure boot.The PBI Command in PBL.bin loads u-boot in the QSPI. so when enabling secure boot do I need to do any further editing in PBI commads for loading u-boot and its CSF header (Because scratch register meanings are different for non secure and secure boot).

Outcomes