From patchwork Wed Jan 23 19:29:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Breno Matheus Lima X-Patchwork-Id: 1030122 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="TSMD4QZr"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 43lFjT20f5z9sCX for ; Thu, 24 Jan 2019 06:29:49 +1100 (AEDT) Received: by lists.denx.de (Postfix, from userid 105) id DAD5DC21DA2; Wed, 23 Jan 2019 19:29:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0DF37C21C38; Wed, 23 Jan 2019 19:29:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 54054C21C38; Wed, 23 Jan 2019 19:29:42 +0000 (UTC) Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00049.outbound.protection.outlook.com [40.107.0.49]) by lists.denx.de (Postfix) with ESMTPS id 27CCBC21C27 for ; Wed, 23 Jan 2019 19:29:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6ZwxUsAe3QIM6q4JY1nZOetZ4Q2TpdM3270gplVRFBw=; b=TSMD4QZrBHGWVysXRHA2awc3bdSUEpAgXNv+8KVUcvwy2usdetsxIRrA+PqM0coTUGShrhFSSHXOcZbglONZBcHHPCuqfIc/cRrZQP962cbpbXgBzIVfUNEYCm7/EczIja/uty/0awS6jsc896vwUcdxDf1JKtEM51KTfCeNWvU= Received: from DB7PR04MB4636.eurprd04.prod.outlook.com (52.135.138.158) by DB7PR04MB5307.eurprd04.prod.outlook.com (20.176.236.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Wed, 23 Jan 2019 19:29:40 +0000 Received: from DB7PR04MB4636.eurprd04.prod.outlook.com ([fe80::ad79:c2:afcd:9b85]) by DB7PR04MB4636.eurprd04.prod.outlook.com ([fe80::ad79:c2:afcd:9b85%3]) with mapi id 15.20.1537.031; Wed, 23 Jan 2019 19:29:39 +0000 From: Breno Matheus Lima To: "fabio.estevam@gmail.com" , "sbabic@denx.de" Thread-Topic: [PATCH 0/6] doc: imx: habv4: Improve iMX6 and iMX7 secure boot documentation Thread-Index: AQHUs1H7Mfpf5eGau0ic8LuIeC7hUg== Date: Wed, 23 Jan 2019 19:29:39 +0000 Message-ID: <1548271740-177-1-git-send-email-breno.lima@nxp.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [64.157.242.222] x-clientproxiedby: SN6PR04CA0037.namprd04.prod.outlook.com (2603:10b6:805:2a::14) To DB7PR04MB4636.eurprd04.prod.outlook.com (2603:10a6:5:36::30) authentication-results: spf=none (sender IP is ) smtp.mailfrom=breno.lima@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.7.4 x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB7PR04MB5307; 6:9jtLXXpfDCrt18Nv62wy0Ct0yyNeFoqBwiuPylzYZxFpMUuDu2Qy2uxJ+rBEoXMJ7DGEZojr4rATvYYwAfI8hz9+0qCei7PvBzxgjzLySTynIBK1mJui1/jNVkcyOc+uUX/KDbccg9hsOiiyszKeYwFkrTcADJl0v68oOshg+uM2DrrsPZ4A2cN/XW/i+6TsiCjfzhlG6HZdT0QoN1fyOtysOf0QzrTLRzVL88wN/jCm93h6PYCjmDIh27/XNCLkIn8n4ga3/9nyUholczHPvM9rxHLkoM/IMp44JS5p1Qz22uM/1ZNzO1klu3b2KyWGf79Bj+FRZI5ZNsKSYN/LmEKWGDhb9ezEsaeHzbGBXorSffnI86yhbOO9a90V2C+9sNGcIX1N2UM13+9VxtKG+ieRYzVZTYz3aEF0Z9eSY546GZstLfnaSkzv0n+SqZ5GR85OLUShg+stqwqajJIy/g==; 5:T3WwNyjW6GsZZdFh1tk/1gsUVX4tVDC/LoYzYT9TnVIa2ArVw9YzZUtMfN+IT8IfiRXqc/Yqr2k6AjC870gdNyfRKE+GXoFhnuzQThyiAAaqrvN63v36oLz6Q/oH71zHVP7v0HuAcpDLSokbqiEWUqMAhZYLIdLy/eu8Os/2gJBIYez27eggaLYcWUFAxCzqo7yctEcD33h07QcYHNKytA==; 7:/kSSFC7D3YEkPMexjGRbMHNCWVwcBJBew5asty1aOiO4Bs9XW0xYsiWfhLwcBmesytCQ9MA0fbA1c4noKZ8RLBaW0RRidk6cvT/WqvqCuk9UD5002FoDOgCX+7DWQ+Q+A1T8wUHLIindUOs9GCWgkA== x-ms-office365-filtering-correlation-id: 7f44007a-0acb-4f43-450e-08d681691dd7 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605077)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DB7PR04MB5307; x-ms-traffictypediagnostic: DB7PR04MB5307: x-microsoft-antispam-prvs: x-forefront-prvs: 0926B0E013 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(346002)(396003)(376002)(136003)(189003)(199004)(53754006)(6486002)(81166006)(6436002)(39060400002)(71190400001)(8936002)(71200400001)(2906002)(4326008)(6306002)(81156014)(8676002)(53936002)(478600001)(476003)(2616005)(14444005)(256004)(66066001)(486006)(6512007)(36756003)(186003)(7736002)(66574012)(316002)(97736004)(54906003)(110136005)(102836004)(105586002)(86362001)(2501003)(305945005)(966005)(3846002)(6116002)(52116002)(26005)(68736007)(99286004)(50226002)(6506007)(14454004)(386003)(25786009)(106356001)(10126625002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR04MB5307; H:DB7PR04MB4636.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: NQnwXFFGYErfKh2Br6FnzgRgEXXRnxnEGTravj/yfEtLKAUtPx4bEfSc76AWJLfm+OFImrZz4sH2+InzdJl8wIdxDcYXBodT2RCbuKHlpXLvA0pWYZGNY7Oojw8B4hIPs7mzQL5o9uPAxwfwRNj6bQZncacUNIBqGr78gp8ytSTEW1eo/lTEo6+kYDE0Ak2A9jXhRIeFEo3CRXBKkb/ygQ6FBRXvnW6p1EQEc682D7JeX/42cbBpeh0wnPpnbuEbf86GxEbXaAkA5oK21r9oVOvDSnfzPc9cHO9SoWCu+QvUj+Toj83i/K6MF2nV+EfTsois7256R1IbiosSWFeS3Z3DLyxb8WWt2Bsmddl3sxjYLz6cePc21zcYNkUe3m1VlAQTs0Z5S9bKF056A9sqELO3rB6ZoYKvjfGY7XShXUg= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-ID: <63A17884AD7D7544BA8B7A4824141A1A@eurprd04.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7f44007a-0acb-4f43-450e-08d681691dd7 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jan 2019 19:29:32.6584 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR04MB5307 Cc: Breno Matheus Lima , "u-boot@lists.denx.de" Subject: [U-Boot] [PATCH 0/6] doc: imx: habv4: Improve iMX6 and iMX7 secure boot documentation X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Hi All, This series is improving the current HABv4 U-Boot documentation for iMX6 and iMX7 families devices. The patch set is adding a complete step-by-step procedure on how to securely boot an U-Boot image using HABv4: habv4 ├── csf_examples │   ├── additional_images │   │   └── csf_additional_images.txt │   └── mx6_mx7 │   ├── csf_uboot_fast_authentication.txt │   └── csf_uboot.txt ├── guides │   ├── encrypted_boot.txt │   ├── mx6_mx7_secure_boot.txt │   └── mx6_mx7_spl_secure_boot.txt ├── introduction_habv4.txt └── script_examples └── genIVT.pl Patches 0001, 0005 and 0006 are cleaning up the HABv4 documentation direcotry structure. Patches 0002, 0003 and 0004 are adding new content under HABv4 directory. Depending on the web browser the plain text diagrams are not correctly displayed, the documentation can be also seen in the following links: 0002 - HABv4 introduction: https://pastebin.com/SLU52WwP 0003 - Secure Boot guide for i.MX6 and i.MX7 non-SPL targets: https://pastebin.com/87zVfFpJ 0004 - Secure Boot guide for i.MX6 and i.MX7 SPL targets: https://pastebin.com/DPm42ihr Subsequent patches will include more content for encrypted boot and also cover i.MX8M family. Breno Lima (6): doc: imx: habv4: Remove extra hab directory for a cleaner documentation structure doc: imx: habv4: Add HABv4 introduction doc: imx: habv4: Add Secure Boot guide for i.MX6 and i.MX7 non-SPL targets doc: imx: habv4: Add Secure Boot guide for i.MX6 and i.MX7 SPL targets doc: imx: habv4: Move encrypted boot guide doc: imx: habv4: Remove secure_boot.txt guide doc/imx/hab/habv4/secure_boot.txt | 100 ----- .../csf_additional_images.txt | 34 ++ .../habv4/csf_examples/mx6_mx7/csf_uboot.txt | 32 ++ .../mx6_mx7/csf_uboot_fast_authentication.txt | 23 + .../habv4 => habv4/guides}/encrypted_boot.txt | 0 doc/imx/habv4/guides/mx6_mx7_secure_boot.txt | 402 ++++++++++++++++++ .../habv4/guides/mx6_mx7_spl_secure_boot.txt | 181 ++++++++ doc/imx/habv4/introduction_habv4.txt | 262 ++++++++++++ doc/imx/habv4/script_examples/genIVT.pl | 12 + 9 files changed, 946 insertions(+), 100 deletions(-) delete mode 100644 doc/imx/hab/habv4/secure_boot.txt create mode 100644 doc/imx/habv4/csf_examples/additional_images/csf_additional_images.txt create mode 100644 doc/imx/habv4/csf_examples/mx6_mx7/csf_uboot.txt create mode 100644 doc/imx/habv4/csf_examples/mx6_mx7/csf_uboot_fast_authentication.txt rename doc/imx/{hab/habv4 => habv4/guides}/encrypted_boot.txt (100%) create mode 100644 doc/imx/habv4/guides/mx6_mx7_secure_boot.txt create mode 100644 doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt create mode 100644 doc/imx/habv4/introduction_habv4.txt create mode 100644 doc/imx/habv4/script_examples/genIVT.pl Signed-off-by: Breno Lima