From patchwork Wed Jan 23 19:30:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Matheus Lima X-Patchwork-Id: 1030133 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="iTCFzreh"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 43lFmg6jVtz9s3l for ; Thu, 24 Jan 2019 06:32:35 +1100 (AEDT) Received: by lists.denx.de (Postfix, from userid 105) id 9D368C21E0F; Wed, 23 Jan 2019 19:31:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C177BC21E12; Wed, 23 Jan 2019 19:30:58 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 510F4C21E12; Wed, 23 Jan 2019 19:30:11 +0000 (UTC) Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40057.outbound.protection.outlook.com [40.107.4.57]) by lists.denx.de (Postfix) with ESMTPS id 67FC0C21D65 for ; Wed, 23 Jan 2019 19:30:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TiIvRJWly5DrYuFjg2AvQYV+JUFHWHBP4PDumf0z8O0=; b=iTCFzrehwVJgcnXxOxyk0T2dEahLP59GwyMUcZNBWxd7CsfFvv0IK96u1DCXKNv524kSRtLgS1GijnYkJ3A8VtQJVzr8lM69rTyYASCWbSipAunu5JWJQGs07BkkU+znN72FmgL0X0aeEXxDfCT7+ok4Z2PA1AAqx5fhxNJBotM= Received: from DB7PR04MB4636.eurprd04.prod.outlook.com (52.135.138.158) by DB7PR04MB5225.eurprd04.prod.outlook.com (20.176.236.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Wed, 23 Jan 2019 19:30:06 +0000 Received: from DB7PR04MB4636.eurprd04.prod.outlook.com ([fe80::ad79:c2:afcd:9b85]) by DB7PR04MB4636.eurprd04.prod.outlook.com ([fe80::ad79:c2:afcd:9b85%3]) with mapi id 15.20.1537.031; Wed, 23 Jan 2019 19:30:06 +0000 From: Breno Matheus Lima To: "fabio.estevam@gmail.com" , "sbabic@denx.de" Thread-Topic: [PATCH 4/6] doc: imx: habv4: Add Secure Boot guide for i.MX6 and i.MX7 SPL targets Thread-Index: AQHUs1ILyF8QX7EMSkqPkKco31Kdgw== Date: Wed, 23 Jan 2019 19:30:06 +0000 Message-ID: <1548271740-177-5-git-send-email-breno.lima@nxp.com> References: <1548271740-177-1-git-send-email-breno.lima@nxp.com> In-Reply-To: <1548271740-177-1-git-send-email-breno.lima@nxp.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [64.157.242.222] x-clientproxiedby: SN6PR04CA0037.namprd04.prod.outlook.com (2603:10b6:805:2a::14) To DB7PR04MB4636.eurprd04.prod.outlook.com (2603:10a6:5:36::30) authentication-results: spf=none (sender IP is ) smtp.mailfrom=breno.lima@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.7.4 x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB7PR04MB5225; 6:27lgLULiPOykB5wkGx10EZ8EpxOh5dao8QoICmvQfsQJhwtN+KGSFCYLqVT3FzJKH+V9aFgMww1Af+XcBXeJj6mQzkkfA9/kZd4LVXqjrGRRKe/PzCAyM8dxx6gd4kInP41/6JeZ54AK28tGuQmDMv3h+Nn1iA1OCrjpVnBBNgZDgIGca5KxvaU9Zp91rBzRWAiW93ZDCTl+RomIyDtoiTxZ89i8u3grhevaoZRJyR4utbJNMlHCU/eE5XHLDAs8xdDnZk5voCEGaSRbnI39Vh/MenwFf1Hob6HH6YFUcNvuAh8wr9ARljcUTrvTxFCtmsX30ocFjFjVsaeqtZrqp41CsaHB8X8g09IS6tnJjs/Ttvp/s1yQhGyPlj15bSJbB/hPDk3cQjb0SE1fnm9FkEtDs3VpKDLmPkHfvB5yXt45mkCeUq7tHS/9Z3+iHjy5MWnrnh2TjBPrgUqOvPOUeA==; 5:5nVJG3sTGEwhma2YHLTi6BMrxt2ueAKUrgLUQmCFlwaSqW44BOz3wcD3L3/1NY4W3Gr9co1TTszIF8paCuMtsWF55Zzyw2zE8u4JB9QOneoUScgMhJ2KqEEowXTllPOUtJlOGmdpXbnNbH5xFKwHaIISAS3wwkbBHiYsUkpX3ILrmo+fJZhbmgKu5+GG70SXT7jobu4+GZytrrCLOCFioQ==; 7:Pz3YajyJFiQAnPVsJXMS3kCgjJbFXy/bV64xBq3MR2NyBHNolR91l0mwnbdyNFcMLqpWuG+44XfLhHSN4MaK4E/gi8oP9sHyHj2y+VMav4v4YSGcmAYKcjH0gN1g0oDwItjhhT0AHeCYs0uEmTUJwA== x-ms-office365-filtering-correlation-id: 778e4778-0869-40ce-6744-08d681692dd8 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605077)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DB7PR04MB5225; x-ms-traffictypediagnostic: DB7PR04MB5225: x-microsoft-antispam-prvs: x-forefront-prvs: 0926B0E013 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(376002)(136003)(346002)(366004)(199004)(189003)(50226002)(66066001)(7736002)(6486002)(6512007)(305945005)(14454004)(81166006)(81156014)(8936002)(478600001)(8676002)(68736007)(2906002)(6436002)(106356001)(2501003)(105586002)(36756003)(3846002)(6116002)(76176011)(102836004)(54906003)(97736004)(52116002)(6506007)(386003)(53936002)(186003)(26005)(86362001)(316002)(110136005)(99286004)(11346002)(446003)(71200400001)(256004)(14444005)(71190400001)(39060400002)(476003)(2616005)(4326008)(486006)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR04MB5225; H:DB7PR04MB4636.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: LegUjr8qbyxSNRGVDo5yI0FPaqI1N9Bu8iBK2l2wqisu51kCijDfQwqa2JOhl8zg5Io5wui1tE+DBOiWmbaI3mIoM96OyQyX2vOkOvvD9l3i9fWu7PM/6Zxj+cV/0TLPCTyyxyCaCq1alDPpxM2ZLiDI//G8UvyKwLOwoIBE4aOHrNyQJgjfjQb+bnczxGEbJo6zVBYGvTG25ZUfbxL/uw95hlwWviF0oirZkOsymtqILwPm0H9wj9norQK5yv1+Y3zkd9O/VtWqDBSLCkvnZHy8XkkJuVIMPBkWLd21aDUlzUI/QBb/uy9seCxXvxBwNO5SJSSobfmlT7LFxbSMG1GfOeLek9+zj9dh1Si2GBuSYBp9H0wczzy1xt8v1iEYlB0oDGOy6hea/3ZNshVZxTFA9qZjZOxShOft5zYDP6A= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 778e4778-0869-40ce-6744-08d681692dd8 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jan 2019 19:30:00.1628 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR04MB5225 Cc: Breno Matheus Lima , "u-boot@lists.denx.de" Subject: [U-Boot] [PATCH 4/6] doc: imx: habv4: Add Secure Boot guide for i.MX6 and i.MX7 SPL targets X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current U-Boot implementation includes SPL targets for some NXP development boards: - mx6sabreauto_defconfig - mx6sabresd_defconfig - mx6ul_14x14_evk_defconfig - mx6ul_9x9_evk_defconfig Add additional steps needed to completly secure the bootloader image. Signed-off-by: Breno Lima --- .../habv4/guides/mx6_mx7_spl_secure_boot.txt | 181 ++++++++++++++++++ 1 file changed, 181 insertions(+) create mode 100644 doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt diff --git a/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt b/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt new file mode 100644 index 0000000000..0d7931aac0 --- /dev/null +++ b/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt @@ -0,0 +1,181 @@ + +===============================================================+ + + i.MX6, i.MX7 U-Boot HABv4 Secure Boot guide for SPL targets + + +===============================================================+ + +1. HABv4 secure boot process +----------------------------- + +This document is an addendum of mx6_mx7_secure_boot.txt guide describing a +step-by-step procedure on how to sign and securely boot an U-Boot image for +SPL targets. + +Details about HAB can be found in the application note AN4581[1] and in the +introduction_habv4.txt document. + +1.1 Building a SPL target supporting secure boot +------------------------------------------------- + +The U-Boot provides Second Program Loader (SPL) support which generates two +final images, SPL and U-Boot proper. The HABv4 can be used to authenticate +both binaries. + +Out of reset the ROM code authenticates the SPL which is responsible for +initializing essential features such as DDR, UART, PMIC and clock +enablement. Once the DDR is available, the SPL code loads the U-Boot proper +image to its specific execution address and call the HAB APIs to extend the +root of trust. + +The U-Boot provides support to secure boot configuration and also provide +access to the HAB APIs exposed by the ROM vector table, the support is +enabled by selecting the CONFIG_SECURE_BOOT option. + +When built with this configuration the U-Boot correctly pads the final SPL +image by aligning to the next 0xC00 address, so the CSF signature data +generated by CST can be concatenated to the image. + +The U-Boot also append an Image Vector Table (IVT) in the final U-Boot proper +binary (u-boot-ivt.img) so it can be used by HAB API in a post ROM stage. + +The diagram below illustrate a signed SPL image layout: + + ------- +-----------------------------+ <-- *start + ^ | Image Vector Table | + | +-----------------------------+ <-- *boot_data + | | Boot Data | + | +-----------------------------+ + Signed | | Padding | + Data | +-----------------------------+ <-- *entry + | | | + | | SPL | + | | | + | +-----------------------------+ + v | Padding | + ------- +-----------------------------+ <-- *csf + | | + | Command Sequence File (CSF) | + | | + +-----------------------------+ + | Padding (optional) | + +-----------------------------+ + +The diagram below illustrate a signed u-boot-ivt.img image layout: + + ------- +-----------------------------+ <-- *load_address + ^ | | + | | | + | | u-boot.img | + Signed | | | + Data | | | + | +-----------------------------+ + | | Padding Next Boundary | + | +-----------------------------+ <-- *ivt + v | Image Vector Table | + ------- +-----------------------------+ <-- *csf + | | + | Command Sequence File (CSF) | + | | + +-----------------------------+ + | Padding (optional) | + +-----------------------------+ + +1.2 Enabling the secure boot support +------------------------------------- + +The first step is to generate an U-Boot image supporting the HAB features +mentioned above, this can be achieved by adding CONFIG_SECURE_BOOT to the +build configuration: + +- Defconfig: + + CONFIG_SECURE_BOOT=y + +- Kconfig: + + ARM architecture -> Support i.MX HAB features + +1.3 Creating the CSF description file +-------------------------------------- + +The CSF contains all the commands that the HAB executes during the secure +boot. These commands instruct the HAB code on which memory areas of the image +to authenticate, which keys to install, use and etc. + +CSF examples are available under doc/imx/habv4/csf_examples/ directory. + +Build logs containing the "Authenticate Data" parameters are available after +the U-Boot build, the example below is a log for mx6sabresd_defconfig target: + +- SPL build log: + + $ cat SPL.log + Image Type: Freescale IMX Boot Image + Image Ver: 2 (i.MX53/6/7 compatible) + Mode: DCD + Data Size: 69632 Bytes = 68.00 KiB = 0.07 MiB + Load Address: 00907420 + Entry Point: 00908000 + HAB Blocks: 0x00907400 0x00000000 0x0000ec00 + +- u-boot-ivt.img build log: + + $ cat u-boot-ivt.img.log + Image Name: U-Boot 2019.01-00003-g78ee492eb3 + Created: Mon Jan 14 17:58:10 2019 + Image Type: ARM U-Boot Firmware with HABv4 IVT (uncompressed) + Data Size: 458688 Bytes = 447.94 KiB = 0.44 MiB + Load Address: 17800000 + Entry Point: 00000000 + HAB Blocks: 0x177fffc0 0x0000 0x0006e020 + +As explained in section above the SPL is first authenticated by the ROM code +and the root of trust is extended to the U-Boot image, hence two CSF files are +necessary to completely sign a bootloader image. + +In "Authenticate Data" CSF command users can copy and past the output +addresses, the csf_uboot.txt can be used as example: + +- In csf_SPL.txt: + + Block = 0x00907400 0x00000000 0x0000ec00 "SPL" + +- In csf_uboot-ivt.txt: + + Block = 0x177fffc0 0x0000 0x0006e020 "u-boot-ivt.img" + +1.4 Signing the images +----------------------- + +The CST tool is used for singing the U-Boot binary and generating a CSF binary, +users should input the CSF description file created in the step above and +receive a CSF binary, which contains the CSF commands, SRK table, signatures +and certificates. + +- Create SPL CSF binary file: + + $ ./cst -i csf_SPL.txt -o csf_SPL.bin + +- Append CSF signature to the end of SPL image: + + $ cat SPL csf_SPL.bin > SPL-signed + +- Create U-Boot proper CSF binary file: + + $ ./cst -i csf_uboot-ivt.txt -o csf_uboot-ivt.bin + +- Append CSF signature to the end of U-Boot proper image: + + $ cat u-boot-ivt.img csf_uboot-ivt.bin > u-boot-signed.img + +The bootloader is signed and can be flashed into the boot media. + +1.5 Closing the device +----------------------- + +The procedure for closing the device is similar as in Non-SPL targets, for a +complete procedure please refer to section "1.5 Programming SRK Hash" in +mx6_mx7_secure_boot.txt document available under doc/imx/habv4/guides/ +directory. + +References: +[1] AN4581: "Secure Boot on i.MX 50, i.MX 53, i.MX 6 and i.MX 7 Series using + HABv4" - Rev 2.