summaryrefslogtreecommitdiffstats
path: root/Documentation
diff options
context:
space:
mode:
authorSascha Hauer <s.hauer@pengutronix.de>2019-10-17 08:10:19 +0200
committerSascha Hauer <s.hauer@pengutronix.de>2019-10-17 08:10:19 +0200
commitb4e30bb8b73c9702d3283e1b514d672978b6951d (patch)
treeeed477fdd1b707261022bb8785ef2a3d707ce118 /Documentation
parent97f279282bddf9017837c44830d6079637768607 (diff)
parent94e2382281ba950d63df78ead7fc5ca9aad72cda (diff)
downloadbarebox-b4e30bb8b73c9702d3283e1b514d672978b6951d.tar.gz
Merge branch 'for-next/imx'
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/boards/imx.rst73
-rw-r--r--Documentation/boards/imx/embest-marsboard.rst82
2 files changed, 155 insertions, 0 deletions
diff --git a/Documentation/boards/imx.rst b/Documentation/boards/imx.rst
index 71cc6bb..8fe0a28 100644
--- a/Documentation/boards/imx.rst
+++ b/Documentation/boards/imx.rst
@@ -142,6 +142,79 @@ It must be included in the board's flash header:
Analogous to HABv4 options and a template exist for HABv3.
+Secure Boot on i.MX6
+~~~~~~~~~~~~~~~~~~~~
+
+For most boards, the secure boot process on i.MX6 consist of the following image
+constellation::
+
+ 0x0 +---------------------------------+
+ | Barebox Header |
+ 0x400 +---------------------------------+ -
+ | i.MX IVT Header | |
+ | Boot Data +--+ |
+ | CSF Pointer +--|-+ | Signed Area
+ +---------------------------------+ | | |
+ | Device Configuration Data (DCD) | | | |
+ 0x1000 +---------------------------------+ | | |
+ | Barebox Prebootloader (PBL) |<-+ | |
+ +---------------------------------+ | |
+ | Piggydata (Main Barebox Binary) | | |
+ +---------------------------------+ | -
+ | Command Sequence File (CSF) |<---+
+ +---------------------------------+
+
+Here the Command Sequence File signs the complete Header, PBL and piggy data
+file. This ensures that the whole barebox binary is authenticated. This is
+possible since the DDR RAM is configured using the DCD and the whole DDR memory
+area can be used to load data onto the device for authentication.
+The boot ROM loads the CSF area and barebox into memory and uses the CSF to
+verify the complete barebox binary.
+
+Boards which do require a boot via SRAM, need changes akin to the implementation
+for i.MX8MQ described in the next chapter.
+
+Secure Boot on i.MX8MQ
+~~~~~~~~~~~~~~~~~~~~~~
+
+For i.MX8MQ the image has the following design::
+
+ 0x0 +---------------------------------+
+ | Barebox Header |
+ +---------------------------------+
+ | i.MX IVT Header |
+ | HDMI Firmware (Signed by NXP) |
+ +---------------------------------+ -
+ | i.MX IVT Header | |
+ | Boot Data +--+ |
+ | CSF Pointer +--|-+ |
+ +---------------------------------+ | | | Signed Area
+ | Device Configuration Data (DCD) | | | |
+ +---------------------------------+ | | |
+ | Barebox Prebootloader (PBL) |<-+ | |
+ | Piggydata Hash (SHA256) +----|-+ |
+ +---------------------------------+ | | -
+ | Command Sequence File (CSF) |<---+ |
+ +---------------------------------+ | -
+ | Piggydata (Main Barebox Binary) |<-----+ | Hashed Area
+ +---------------------------------+ -
+
+In contrast to i.MX6, for the i.MX8MQ the piggydata can not be signed together
+with the PBL binary. The DDR memory is initialized during the start of the PBL,
+previous to this no access to the DDR memory is possible. Since the Tightly
+Coupled Memory used for early startup on i.MX8MQ has only 256Kib, the whole
+barebox can't be loaded and verified at once, since the complete barebox with
+firmware has a size of ~500Kib.
+
+The bootrom loads the HDMI firmware unconditionally, since it is signed by NXP.
+Afterwards the Prebootloader (PBL) is loaded into SRAM and the bootrom proceeds
+to verify the PBL according to the Command Sequence File (CSF). The verified
+PBL initializes the ARM Trusted Firmware (TF-A) and DDR RAM. It subsequently
+loads the piggydata from the boot media and calculates the sha256sum of the
+piggydata. This is compared to the sha256sum built into the PBL during compile
+time, the PBL will only continue to boot if the sha256sum matches the builtin
+sha256sum.
+
Using GPT on i.MX
^^^^^^^^^^^^^^^^^
diff --git a/Documentation/boards/imx/embest-marsboard.rst b/Documentation/boards/imx/embest-marsboard.rst
new file mode 100644
index 0000000..bdaa088
--- /dev/null
+++ b/Documentation/boards/imx/embest-marsboard.rst
@@ -0,0 +1,82 @@
+Embest MarS Board
+=================
+
+Board comes with:
+
+* 1G DDR3 SDRAM
+* 4G eMMC
+* 2M SPI-NOR Flash
+
+Layout::
+
+ .-----------------------------------------------------.
+ |O OTG-->| V | O|
+ | SW1 USB '---' .--|
+ | .-----------. v.---. .->| <|
+ | | | 1|o--| O | `--|
+ | | i.MX6Dual | 2|--o| N Debug |
+ | | SoC | `---' USB |
+ | | | |
+ | `-----------' |
+ | |
+ | |
+ | |
+ | |
+ |O O|
+ `-----------------------------------------------------'
+
+Boot Configuration
+==================
+
+DIP Switch ``SW1`` on the board can be used to set ``BOOT_MODE1`` and
+``BOOT_MODE0`` going to the i.MX6:
+
+Set ``SW1 = 01`` for serial boot::
+
+ SW1
+ v.---.
+ 1|o--| O
+ 2|--o| N
+ `---'
+
+Set ``SW1 = 10`` for internal (SPI-NOR Flash) boot::
+
+ SW1
+ v.---.
+ 1|--o| O
+ 2|o--| N
+ `---'
+
+Set ``SW1 = 00`` for boot from eFuses::
+
+ SW1
+ v.---.
+ 1|o--| O
+ 2|o--| N
+ `---'
+
+Flashing barebox
+----------------
+
+ 1. Connect to the board's Debug Mini-USB (115200 8N1)
+
+ 2. Set ``SW1 = 01`` for serial boot mode (see above)
+
+ 3. Turn board's power on
+
+ 4. Upload barebox image to the board via imx-usb-loader
+
+.. code-block:: none
+
+ host$ imx-usb-loader images/barebox-embest-imx6q-marsboard.img
+..
+
+ 4. Flash barebox to SPI-NOR Flash via Android Fastboot
+
+.. code-block:: none
+
+ host$ fastboot flash bbu-spiflash images/barebox-embest-imx6q-marsboard.img
+
+..
+
+ 5. Restore ``SW1 = 10`` for internal (SPI-NOR) boot (see above)