AnsweredAssumed Answered

LS1021a-iot board secure boot ?

Question asked by Dhruvalkumar Patel on Mar 21, 2017
Latest reply on Mar 30, 2017 by Dhruvalkumar Patel

Hi All,

I was trying to do a secure boot on ls1021aiot based board. It progressed really well but I have following question during the process.

 

1) On our board we have PBL, Bootscript, U-boot and all the secure headers for bootscript, u-boot, dtb  and uImage are stored on QSPI based flash. We have eMMC with 3 partition, which has a rootfs on it. At /boot mount point on each partition on emmc emmc we have uImage and devicetree.dtb file. For verification I fetch those images to DDR in bootscript.

Logs for secure boot at u-boot looks as shown below. 

 

U-Boot 2015.01+ls1+QCAFS_3.1.2.20170223.2106.ga (Mar 16 2017 - 10:23:55)

CPU: Freescale LayerScape LS1020E, Version: 2.0, (0x87081020)
Clock Configuration:
CPU0(ARMV7):800 MHz,
Bus:300 MHz, DDR:600 MHz (1200 MT/s data rate),
Reset Configuration Word (RCW):
00000000: 06060010 00000000 00000000 10000000
00000010: 20000000 0840b920 50610a00 20046000
00000020: 00000000 00000000 00000000 0002ef00
00000030: 20004d00 24849340 00000000 00000000
Board: Cromwell
I2C: ready
DRAM: 512 MiB
Using SERDES1 Protocol: 32 (0x20)
MMC: FSL_SDHC: 0
Using default environment

EEPROM: Invalid ID (ff ff ff ff)
PCIe1: Root Complex no link, regs @ 0x3400000
PCIe2: Root Complex x1 gen1, regs @ 0x3500000
01:00.0 - 168c:0033 - Network controller
PCIe2: Bus 00 - 01
In: serial
Out: serial
Err: serial
PAM:
Version: PAM VER 40.08
Setting MAC address from PAM
ethaddr: 2C:A5:39:00:18:90
eth1addr: 2C:A5:39:00:18:91
SEC0: RNG instantiated
SATA link 0 timeout.
AHCI 0001.0300 1 slots 1 ports ? Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc
scanning bus for devices...
Found 0 device(s).
SCSI: Net: eTSEC1 is in sgmii mode.
eTSEC2 is in sgmii mode.
eTSEC1, eTSEC2
Diags: Initializing "pdiag" executor

================================================================================
Power-On Self Test
Parallel Wireless, Inc.
(c) Copyright 2014


Power-On Self Test Complete
================================================================================

Hit any key to stop autoboot: 0
esbc_validate command successful
## Executing script at 40001000
4328352 bytes read in 295 ms (14 MiB/s)
18481 bytes read in 105 ms (171.9 KiB/s)
esbc_validate command successful
esbc_validate command successful
## Booting kernel from Legacy Image at 80008000 ...
Image Name: Linux-3.12.37-rt51+ls1+ga86bdb4
Created: 2017-02-11 15:21:18 UTC
Image Type: ARM Linux Kernel Image (uncompressed)
Data Size: 4328288 Bytes = 4.1 MiB
Load Address: 80008000
Entry Point: 80008000
Verifying Checksum ... OK
## Flattened Device Tree blob at 82800000
Booting using the fdt blob at 0x82800000
Loading Kernel Image ... OK
Loading Device Tree to 9ef26000, end 9ef2d830 ... OK

Starting kernel ...

 

Currently I am using Boot Hold to load SRKH and CCS logs are as shown below 

 

(bin) 1 % source FUSE_SRKH.tcl
Chain Position 0: LS1020A
Chain Position 1: CoreSight ATB Funnel
Chain Position 2: CoreSight TMC
Chain Position 3: CoreSight TMC
Chain Position 4: CoreSight TMC
Chain Position 5: CoreSight CTI
Chain Position 6: CoreSight CTI
Chain Position 7: CoreSight CTI
Chain Position 8: CoreSight ATB Funnel
Chain Position 9: Cortex-A7
Chain Position 10: Cortex-A7 PMU
Chain Position 11: Cortex-A7
Chain Position 12: Cortex-A7 PMU
Chain Position 13: CoreSight CTI
Chain Position 14: CoreSight CTI
Chain Position 15: Cortex-A7 ETM
Chain Position 16: Cortex-A7 ETM
Chain Position 17: DAP
Chain Position 18: SAP2
+0 +4 +8 +C
[0x01E90014] 8000A900 80000000 00000000 00000000
+0 +4 +8 +C
[0x01EE0200] 00300040 00000000 00000000 00000000
+0 +4 +8 +C
***

Programming SRKH

***
[0x01E90014] 8000A900 80000000 00000000 00000000
+0 +4 +8 +C
[0x01EE0200] 00300040
+0 +4 +8 +C
[0x01EE0204] 00000000
+0 +4 +8 +C
[0x01E90014] 8000A900 80000000 00000000 00000000

 

My Question is once I get to linux and If I check HPSR I can see SSM is in non-secure mode is it expected ? 

(bin) 40 % ccs::display_mem 18 0x1e90014 4 0 4

+0 +4 +8 +C
[0x01E90014] 8000AB00 00002000 00000000 00000000
(bin) 41 %

 

2) We do lot of testing at u-boot but with secure boot the console won't be available for diagnostics. Is there a way to get console access at u-boot during secure boot ? 

Outcomes