I’m working REV2 LS1021A-IOT board, And trying to boot from QSPI with secure boot enabled, I’m able to boot from QSPI with non secure boot. But when I enabled SECURE BOOT in RCW I'm not getting the console in minicom.
Following are steps that I did for qspi boot with secure boot
1.Generated u-boot (for QSPI in big endian mode, so on compiling u-boot for QSPI, itself we are getting byte swapped u-boot), uImage , DTB and rootfs.
2.Generated pub and pri key with CST tool.
3.Generated CSF header for u-boot, uImage and DTB and rootfs.
4.Generated values of one time programmable register using cst tool and flashed into OTPMKR0 to OTPMKR7.
5.Wrote value HASH KEY into SFP_SRKHRn register in big endian mode.
6.Imported rcw_1000_qspiboot.bin into QCVS tool and RCW.SBEN=1 and build to generate new PBL.bin
7.Byte swapped PBL.bin using byteswap.tcl
8.programmed PBL.bin u.boot and u-boot-csf.out into QSPI.
My doubt is why we are not getting console when enabling secure boot.The PBI Command in PBL.bin loads u-boot in the QSPI. so when enabling secure boot do I need to do any further editing in PBI commads for loading u-boot and its CSF header (Because scratch register meanings are different for non secure and secure boot).