summaryrefslogtreecommitdiff
path: root/doc/README.mxc_hab
blob: b688580f755be1cef3a736da38ad6c63abb0f16d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
High Assurance Boot (HAB) for i.MX6 CPUs

To enable the authenticated or encrypted boot mode of U-Boot, it is
required to set the proper configuration for the target board. This
is done by adding the following configuration in in the proper config
file (e.g. include/configs/mx6qarm2.h)

#define CONFIG_SECURE_BOOT

In addition, the U-Boot image to be programmed into the
boot media needs to be properly constructed, i.e. it must contain a
proper Command Sequence File (CSF).

The Initial Vector Table contains a pointer to the CSF. Please see
doc/README.imximage for how to prepare u-boot.imx.

The CSF itself is being generated by Freescale HAB tools.

mkimage will output additional information about "HAB Blocks"
which can be used in the Freescale tooling to authenticate U-Boot
(entries in the CSF file).

Image Type:   Freescale IMX Boot Image
Image Ver:    2 (i.MX53/6 compatible)
Data Size:    327680 Bytes = 320.00 kB = 0.31 MB
Load Address: 177ff420
Entry Point:  17800000
HAB Blocks:   177ff400 00000000 0004dc00
	      ^^^^^^^^ ^^^^^^^^ ^^^^^^^^
		|	|	   |
		|	|	   -------- (1)
		|	|
		|	------------------- (2)
		|
		--------------------------- (3)

(1)	Size of area in file u-boot.imx to sign
	This area should include the IVT, the Boot Data the DCD
	and U-Boot itself.
(2)	Start of area in u-boot.imx to sign
(3)	Start of area in RAM to authenticate

CONFIG_SECURE_BOOT currently enables only an additional command
'hab_status' in U-Boot to retrieve the HAB status and events. This
can be useful while developing and testing HAB.

Commands to generate a signed U-Boot using Freescale HAB tools:
cst --o U-Boot_CSF.bin < U-Boot.CSF
objcopy -I binary -O binary --pad-to 0x2000 --gap-fill=0x00 \
	U-Boot_CSF.bin U-Boot_CSF_pad.bin
cat u-boot.imx U-Boot_CSF_pad.bin > u-boot-signed.imx

NOTE: U-Boot_CSF.bin needs to be padded to the value specified in
the imximage.cfg file.

Setup U-Boot Image for Encrypted Boot
-------------------------------------
An authenticated U-Boot image is used as starting point for
Encrypted Boot. The image is encrypted by Freescale's Code
Signing Tool (CST). The CST replaces only the image data of
u-boot.imx with the encrypted data. The Initial Vector Table,
DCD, and Boot data, remains in plaintext.

The image data is encrypted with a Encryption Key (DEK).
Therefore, this key is needed to decrypt the data during the
booting process. The DEK is protected by wrapping it in a Blob,
which needs to be appended to the U-Boot image and specified in
the CSF file.

The DEK blob is generated by an authenticated U-Boot image with
the dek_blob cmd enabled. The image used for DEK blob generation
needs to have the following configurations enabled:

CONFIG_SECURE_BOOT
CONFIG_SYS_FSL_SEC_COMPAT    4 /* HAB version */
CONFIG_FSL_CAAM
CONFIG_CMD_DEKBLOB
CONFIG_SYS_FSL_SEC_LE

Note: The encrypted boot feature is only supported by HABv4 or
greater.

The dek_blob command then can be used to generate the DEK blob of
a DEK previously loaded in memory. The command is used as follows:

dek_blob <DEK address> <Output Address> <Key Size in Bits>
example: dek_blob 0x10800000 0x10801000 192

The resulting DEK blob then is used to construct the encrypted
U-Boot image. Note that the blob needs to be transferred back
to the host.Then the following commands are used to construct
the final image.

objcopy -I binary -O binary --pad-to 0x2000 --gap-fill=0x00 \
    U-Boot_CSF.bin U-Boot_CSF_pad.bin
cat u-boot.imx U-Boot_CSF_pad.bin > u-boot-signed.imx
objcopy -I binary -O binary --pad-to <blob_dst> --gap-fill=0x00 \
    u-boot-signed.imx u-boot-signed-pad.bin
cat u-boot-signed-pad.imx DEK_blob.bin > u-boot-encrypted.imx

    NOTE: u-boot-signed.bin needs to be padded to the value
    equivalent to the address in which the DEK blob is specified
    in the CSF.