AnsweredAssumed Answered

Uboot signed by error key can still boot up

Question asked by Hillman Huo on May 5, 2016
Latest reply on May 9, 2016 by Yiping Wang

Hi all,

     I'm working on the ls1021a-iot secure boot, there is a problem about ISBC validate ESBC.

     It looks Internal Secure Boot Code(ISBC) will not compare the hash of public key in hdr_uboot_swap.out file with the hash value in fuse on my side.

 

     I followed the steps in A0001-Secure-boot.pdf file in  LS1021A-Rev2_iot-20150907 to check the secure boot validation.

 

     1.  Jump J14, J19 and J20, after that boot from sdcard.

 

     2. Burn demo public key hash "57e3256c48f70bfd56132ccd1b9cb75872db80f4e3a643221f7e016a2e0632a4

" to the fuse on uboot with below command.

 

mm 1e80234
01e80234: 00000000?88888888
01e80238: ffffffff?77777777
01e8023c: ffffffff?66666666
01e80240: ffffffff?55555555
01e80244: ffffffff?44444444
01e80248: ffffffff?33333333
01e8024c: ffffffff?22222222
01e80250: ffffffff?11111111
01e80254: 00000000?.
=>mm 1e80254
01e80254:00000000?6c25e357
01e80258:00000000?fd0bf748
01e8025c:00000000?cd2c1356
01e80260:00000000?58b79c1b
01e80264:00000000?f480db72
01e80268:00000000?2243a6e3
01e8026c:00000000?6a017e1f
01e80270:00000000?a432062e
01e80274:00000000?.
=>mw 1e80020 0x02000000
=>md 1e80020 1
0x00000000

 

     3. Set networking env.

     4. Programme the RCW, uboot_swap.bin and hdr_uboot_swap.out files to QSPI flash.

     5. Power off the board, remove the the Jump connection on J14 J19 and J20, set SW2[1] to 0 and then power on the board boot from QSPI flash.

    

     When I program demo images uboot_swap.bin and hdr_uboot_swap.out which provided by freescale, the uboot can boot up successfully.

 

     So I used cst tool to generate a new key pair, and used the new key to sign uboot.bin and generated new uboot_swap.bin and hdr_uboot_swap.out.

     The hash of new public key is not burned into the fuse. The hash value in the fuse is still the demo key's not the new keys'.

     I program with the new generated uboot_swap.bin and hdr_uboot_swap.out to the QSPI flash and boot from QSPI flash.

     I thought the new uboot should not boot up, since the new public key's hash is not identical to the one burned in the fuse.

     But the new uboot can still boot up from QSPI flash, and there is no any error message as below.


U-Boot 2015.01+ls1+g3281947 (May 04 2016 - 17:55:54)

CPU:   Freescale LayerScape LS1021E, Version: 2.0, (0x87081120)
Clock Configuration:
        CPU0(ARMV7):1000 MHz,
        Bus:300  MHz, DDR:800  MHz (1600 MT/s data rate),
Reset Configuration Word (RCW):
        00000000: 0608000a 00000000 00000000 00000000
        00000010: 20000000 08407900 40225a00 21046000
        00000020: 00000000 00000000 00000000 20038000
        00000030: 20024800 881b1340 00000000 00000000
Board: LS1021AIOT
I2C:   ready
DRAM:  1 GiB
Using SERDES1 Protocol: 32 (0x20)
MMC:   FSL_SDHC: 0
SF: Detected S25FL512S_256K with page size 512 Bytes, erase size 256 KiB, total 64 MiB
*** Warning - bad CRC, using default environment

EEPROM: NXID v1
PCIe1: Root Complex x1 gen1, regs @ 0x3400000
      01:00.0    - 8086:08b1 - Network controller
PCIe1: Bus 00 - 01
PCIe2: Root Complex no link, regs @ 0x3500000
In:    serial
Out:   serial
Err:   serial
SEC0: RNG instantiated
SATA link 0 timeout.
AHCI 0001.0300 1 slots 1 ports ? Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc
scanning bus for devices...
Found 0 device(s).
SCSI:  Net:   eTSEC1 is in sgmii mode.
eTSEC2 is in sgmii mode.
Phy 4 not found
PHY reset timed out
eTSEC1, eTSEC2 [PRIME], eTSEC3
Hit any key to stop autoboot:  0
reading uImage.bin

   

     I used the RCW file to enable the secure boot (Set SB_EN=1 ), and didn't set the fuse ITS to 1.

     Below is my command to program uboot_swap.bin and hdr_uboot_swap.out.

 

sf probe
sf erase 0x0 0x200000

tftp 0x82000000 rcw_1000_qspiboot_swap.bin
sf write 0x82000000 0x0 0x100

tftp 0x82000000 uboot_swap.bin
sf write 0x82000000 0x10000 0x80000

tftp 0x82000000 hdr_uboot_swap.out
sf write 0x82000000 0x90000 0x100000

 

     If I didn't program hdr_uboot_swap.out, the uboot will not boot up and there is no any warning message.

     If I change the RCW file with the one disable the secure boot(Not set SB_EN=1), and didn't program  hdr_uboot_swap.out, the uboot can boot up.

     So It looks the signature of uboot will be verified if the secure boot enabled by RCW, but the public key will not be compared by the fuse.

 

     BTW if I signed uImage file with the new key there will be warning message about "ERROR :: 400 :: Public key hash comparison failed" when uboot boot up.

     And the kernel can still boot up.

 

U-Boot 2015.01+ls1+g3281947 (May 04 2016 - 17:55:54)

CPU:   Freescale LayerScape LS1021E, Version: 2.0, (0x87081120)
Clock Configuration:
        CPU0(ARMV7):1000 MHz,
        Bus:300  MHz, DDR:800  MHz (1600 MT/s data rate),
Reset Configuration Word (RCW):
        00000000: 0608000a 00000000 00000000 00000000
        00000010: 70000000 08007900 40025a00 21046000
        00000020: 00000000 00000000 00000000 20038000
        00000030: 20024800 881b1340 00000000 00000000
Board: LS1021AIOT
I2C:   ready
DRAM:  1 GiB
Using SERDES1 Protocol: 112 (0x70)
MMC:   FSL_SDHC: 0
SF: Detected S25FL512S_256K with page size 512 Bytes, erase size 256 KiB, total 64 MiB
*** Warning - bad CRC, using default environment

EEPROM: NXID v1
PCIe1: Root Complex x1 gen1, regs @ 0x3400000
      01:00.0    - 8086:08b1 - Network controller
PCIe1: Bus 00 - 01
PCIe2: Root Complex no link, regs @ 0x3500000
In:    serial
Out:   serial
Err:   serial
SEC0: RNG instantiated
SATA link 0 timeout.
AHCI 0001.0300 1 slots 1 ports ? Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc
scanning bus for devices...
Found 0 device(s).
SCSI:  Net:   eTSEC2 is in sgmii mode.
Phy 4 not found
PHY reset timed out
eTSEC1, eTSEC2 [PRIME], eTSEC3
Hit any key to stop autoboot:  0
reading uImage.bin
5130672 bytes read in 245 ms (20 MiB/s)
reading ls1021aiot.dtb
21183 bytes read in 20 ms (1 MiB/s)
reading ls1021aiot.rootfs
66442965 bytes read in 2953 ms (21.5 MiB/s)
reading hdr_linux.out
1152 bytes read in 15 ms (74.2 KiB/s)
reading hdr_rootfs.out
1152 bytes read in 15 ms (74.2 KiB/s)
reading hdr_dtb.out
1152 bytes read in 15 ms (74.2 KiB/s)
ERROR :: 400 :: Public key hash comparison failed
esbc_validate command successful
esbc_validate command successful
## Booting kernel from Legacy Image at 82000000 ...

 

I used command md to check the values in fuse address after boot from sd card as below.

 

=> md 1e80234
01e80234: ffffffff ffffffff ffffffff ffffffff    ................
01e80244: ffffffff ffffffff ffffffff ffffffff    ................
01e80254: 6c25e357 fd0bf748 cd2c1356 58b79c1b    W.%lH...V.,....X
01e80264: f480db72 2243a6e3 6a017e1f a432062e    r.....C".~.j..2.
01e80274: 00000000 00000000 00000000 00000000    ................
01e80284: 00000000 ffffffff ffffffff ffffffff    ................
01e80294: ffffffff ffffffff ffffffff ffffffff    ................
01e802a4: ffffffff 00000000 00000000 00000000    ................
01e802b4: 00000000 00000000 00000000 00000000    ................
01e802c4: 00000000 00000000 00000000 00000000    ................
01e802d4: 00000000 00000000 00000000 00000000    ................
01e802e4: 00000000 00000000 00000000 00000000    ................
01e802f4: 00000000 00000000 00000000 00000000    ................
01e80304: 00000000 00000000 00000000 00000000    ................
01e80314: 00000000 00000000 00000000 00000000    ................
01e80324: 00000000 00000000 00000000 00000000    ................
=> md 1e80020 1
01e80020: 00000000
    

 

I don't know why the uboot signed by the error key can still boot up, is it because I enable secure boot in RCW not with fuse ITS?

Is there any error message output if the uboot(ESBC) can't pass the validation of ISBC, or just the uboot can't boot up and no any output.

Is there something wrong in my steps when I validate the secure boot?

Outcomes