diff options
author | Sascha Hauer <s.hauer@pengutronix.de> | 2019-10-17 08:10:19 +0200 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2019-10-17 08:10:19 +0200 |
commit | b4e30bb8b73c9702d3283e1b514d672978b6951d (patch) | |
tree | eed477fdd1b707261022bb8785ef2a3d707ce118 /Documentation/boards | |
parent | 97f279282bddf9017837c44830d6079637768607 (diff) | |
parent | 94e2382281ba950d63df78ead7fc5ca9aad72cda (diff) | |
download | barebox-b4e30bb8b73c9702d3283e1b514d672978b6951d.tar.gz barebox-b4e30bb8b73c9702d3283e1b514d672978b6951d.tar.xz |
Merge branch 'for-next/imx'
Diffstat (limited to 'Documentation/boards')
-rw-r--r-- | Documentation/boards/imx.rst | 73 | ||||
-rw-r--r-- | Documentation/boards/imx/embest-marsboard.rst | 82 |
2 files changed, 155 insertions, 0 deletions
diff --git a/Documentation/boards/imx.rst b/Documentation/boards/imx.rst index 71cc6bb09a..8fe0a2828d 100644 --- a/Documentation/boards/imx.rst +++ b/Documentation/boards/imx.rst @@ -142,6 +142,79 @@ It must be included in the board's flash header: Analogous to HABv4 options and a template exist for HABv3. +Secure Boot on i.MX6 +~~~~~~~~~~~~~~~~~~~~ + +For most boards, the secure boot process on i.MX6 consist of the following image +constellation:: + + 0x0 +---------------------------------+ + | Barebox Header | + 0x400 +---------------------------------+ - + | i.MX IVT Header | | + | Boot Data +--+ | + | CSF Pointer +--|-+ | Signed Area + +---------------------------------+ | | | + | Device Configuration Data (DCD) | | | | + 0x1000 +---------------------------------+ | | | + | Barebox Prebootloader (PBL) |<-+ | | + +---------------------------------+ | | + | Piggydata (Main Barebox Binary) | | | + +---------------------------------+ | - + | Command Sequence File (CSF) |<---+ + +---------------------------------+ + +Here the Command Sequence File signs the complete Header, PBL and piggy data +file. This ensures that the whole barebox binary is authenticated. This is +possible since the DDR RAM is configured using the DCD and the whole DDR memory +area can be used to load data onto the device for authentication. +The boot ROM loads the CSF area and barebox into memory and uses the CSF to +verify the complete barebox binary. + +Boards which do require a boot via SRAM, need changes akin to the implementation +for i.MX8MQ described in the next chapter. + +Secure Boot on i.MX8MQ +~~~~~~~~~~~~~~~~~~~~~~ + +For i.MX8MQ the image has the following design:: + + 0x0 +---------------------------------+ + | Barebox Header | + +---------------------------------+ + | i.MX IVT Header | + | HDMI Firmware (Signed by NXP) | + +---------------------------------+ - + | i.MX IVT Header | | + | Boot Data +--+ | + | CSF Pointer +--|-+ | + +---------------------------------+ | | | Signed Area + | Device Configuration Data (DCD) | | | | + +---------------------------------+ | | | + | Barebox Prebootloader (PBL) |<-+ | | + | Piggydata Hash (SHA256) +----|-+ | + +---------------------------------+ | | - + | Command Sequence File (CSF) |<---+ | + +---------------------------------+ | - + | Piggydata (Main Barebox Binary) |<-----+ | Hashed Area + +---------------------------------+ - + +In contrast to i.MX6, for the i.MX8MQ the piggydata can not be signed together +with the PBL binary. The DDR memory is initialized during the start of the PBL, +previous to this no access to the DDR memory is possible. Since the Tightly +Coupled Memory used for early startup on i.MX8MQ has only 256Kib, the whole +barebox can't be loaded and verified at once, since the complete barebox with +firmware has a size of ~500Kib. + +The bootrom loads the HDMI firmware unconditionally, since it is signed by NXP. +Afterwards the Prebootloader (PBL) is loaded into SRAM and the bootrom proceeds +to verify the PBL according to the Command Sequence File (CSF). The verified +PBL initializes the ARM Trusted Firmware (TF-A) and DDR RAM. It subsequently +loads the piggydata from the boot media and calculates the sha256sum of the +piggydata. This is compared to the sha256sum built into the PBL during compile +time, the PBL will only continue to boot if the sha256sum matches the builtin +sha256sum. + Using GPT on i.MX ^^^^^^^^^^^^^^^^^ diff --git a/Documentation/boards/imx/embest-marsboard.rst b/Documentation/boards/imx/embest-marsboard.rst new file mode 100644 index 0000000000..bdaa0880ae --- /dev/null +++ b/Documentation/boards/imx/embest-marsboard.rst @@ -0,0 +1,82 @@ +Embest MarS Board +================= + +Board comes with: + +* 1G DDR3 SDRAM +* 4G eMMC +* 2M SPI-NOR Flash + +Layout:: + + .-----------------------------------------------------. + |O OTG-->| V | O| + | SW1 USB '---' .--| + | .-----------. v.---. .->| <| + | | | 1|o--| O | `--| + | | i.MX6Dual | 2|--o| N Debug | + | | SoC | `---' USB | + | | | | + | `-----------' | + | | + | | + | | + | | + |O O| + `-----------------------------------------------------' + +Boot Configuration +================== + +DIP Switch ``SW1`` on the board can be used to set ``BOOT_MODE1`` and +``BOOT_MODE0`` going to the i.MX6: + +Set ``SW1 = 01`` for serial boot:: + + SW1 + v.---. + 1|o--| O + 2|--o| N + `---' + +Set ``SW1 = 10`` for internal (SPI-NOR Flash) boot:: + + SW1 + v.---. + 1|--o| O + 2|o--| N + `---' + +Set ``SW1 = 00`` for boot from eFuses:: + + SW1 + v.---. + 1|o--| O + 2|o--| N + `---' + +Flashing barebox +---------------- + + 1. Connect to the board's Debug Mini-USB (115200 8N1) + + 2. Set ``SW1 = 01`` for serial boot mode (see above) + + 3. Turn board's power on + + 4. Upload barebox image to the board via imx-usb-loader + +.. code-block:: none + + host$ imx-usb-loader images/barebox-embest-imx6q-marsboard.img +.. + + 4. Flash barebox to SPI-NOR Flash via Android Fastboot + +.. code-block:: none + + host$ fastboot flash bbu-spiflash images/barebox-embest-imx6q-marsboard.img + +.. + + 5. Restore ``SW1 = 10`` for internal (SPI-NOR) boot (see above) |