Daniel Allred | 901301c | 2016-05-19 19:10:41 -0500 | [diff] [blame] | 1 | README on how boot images are created for secure TI devices |
| 2 | |
| 3 | CONFIG_TI_SECURE_DEVICE: |
| 4 | Secure TI devices require a boot image that is authenticated by ROM |
| 5 | code to function. Without this, even JTAG remains locked and the |
| 6 | device is essentially useless. In order to create a valid boot image for |
| 7 | a secure device from TI, the initial public software image must be signed |
| 8 | and combined with various headers, certificates, and other binary images. |
| 9 | |
| 10 | Information on the details on the complete boot image format can be obtained |
| 11 | from Texas Instruments. The tools used to generate boot images for secure |
| 12 | devices are part of a secure development package (SECDEV) that can be |
| 13 | downloaded from: |
| 14 | |
| 15 | http://www.ti.com/mysecuresoftware (login required) |
| 16 | |
| 17 | The secure development package is access controlled due to NDA and export |
| 18 | control restrictions. Access must be requested and granted by TI before the |
| 19 | package is viewable and downloadable. Contact TI, either online or by way |
| 20 | of a local TI representative, to request access. |
| 21 | |
| 22 | When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process requires |
| 23 | the presence and use of these tools in order to create a viable boot image. |
| 24 | The build process will look for the environment variable TI_SECURE_DEV_PKG, |
| 25 | which should be the path of the installed SECDEV package. If the |
| 26 | TI_SECURE_DEV_PKG variable is not defined or if it is defined but doesn't |
| 27 | point to a valid SECDEV package, a warning is issued during the build to |
| 28 | indicate that a final secure bootable image was not created. |
| 29 | |
| 30 | Within the SECDEV package exists an image creation script: |
| 31 | |
| 32 | ${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh |
| 33 | |
| 34 | This is called as part of the SPL/u-boot build process. As the secure boot |
| 35 | image formats and requirements differ between secure SOC from TI, the |
| 36 | purpose of this script is to abstract these details as much as possible. |
| 37 | |
| 38 | The script is basically the only required interface to the TI SECDEV package |
| 39 | for secure TI devices. |
| 40 | |
| 41 | Invoking the script for AM43xx Secure Devices |
| 42 | ============================================= |
| 43 | |
| 44 | create-boot-image.sh <IMAGE_FLAG> <INPUT_FILE> <OUTPUT_FILE> <SPL_LOAD_ADDR> |
| 45 | |
| 46 | <IMAGE_FLAG> is a value that specifies the type of the image to generate OR |
| 47 | the action the image generation tool will take. Valid values are: |
| 48 | SPI_X-LOADER - Generates an image for SPI flash (byte swapped) |
| 49 | XIP_X-LOADER - Generates a single stage u-boot for NOR/QSPI XiP |
| 50 | ISSW - Generates an image for all other boot modes |
| 51 | |
| 52 | <INPUT_FILE> is the full path and filename of the public world boot loader |
| 53 | binary file (depending on the boot media, this is usually either |
| 54 | u-boot-spl.bin or u-boot.bin). |
| 55 | |
| 56 | <OUTPUT_FILE> is the full path and filename of the final secure image. The |
| 57 | output binary images should be used in place of the standard non-secure |
| 58 | binary images (see the platform-specific user's guides and releases notes |
| 59 | for how the non-secure images are typically used) |
| 60 | u-boot-spl_HS_SPI_X-LOADER - byte swapped boot image for SPI flash |
| 61 | u-boot_HS_XIP_X-LOADER - boot image for NOR or QSPI flash |
| 62 | u-boot-spl_HS_ISSW - boot image for all other boot media |
| 63 | |
| 64 | <SPL_LOAD_ADDR> is the address at which SOC ROM should load the <INPUT_FILE> |
| 65 | |
| 66 | Invoking the script for DRA7xx/AM57xx Secure Devices |
| 67 | ==================================================== |
| 68 | |
| 69 | create-boot-image.sh <IMAGE_TYPE> <INPUT_FILE> <OUTPUT_FILE> |
| 70 | |
| 71 | <IMAGE_TYPE> is a value that specifies the type of the image to generate OR |
| 72 | the action the image generation tool will take. Valid values are: |
| 73 | X-LOADER - Generates an image for NOR or QSPI boot modes |
| 74 | MLO - Generates an image for SD/MMC/eMMC boot modes |
| 75 | ULO - Generates an image for USB/UART peripheral boot modes |
| 76 | Note: ULO is not yet used by the u-boot build process |
| 77 | |
| 78 | <INPUT_FILE> is the full path and filename of the public world boot loader |
| 79 | binary file (for this platform, this is always u-boot-spl.bin). |
| 80 | |
| 81 | <OUTPUT_FILE> is the full path and filename of the final secure image. The |
| 82 | output binary images should be used in place of the standard non-secure |
| 83 | binary images (see the platform-specific user's guides and releases notes |
| 84 | for how the non-secure images are typically used) |
| 85 | u-boot-spl_HS_MLO - boot image for SD/MMC/eMMC. This image is |
| 86 | copied to a file named MLO, which is the name that |
| 87 | the device ROM bootloader requires for loading from |
| 88 | the FAT partition of an SD card (same as on |
| 89 | non-secure devices) |
| 90 | u-boot-spl_HS_X-LOADER - boot image for all other flash memories |
| 91 | including QSPI and NOR flash |