blob: 75390a505e60b6669fddf026908a80044ed59345 [file] [log] [blame]
Breno Lima626d5d72018-02-22 00:42:55 +000011. High Assurance Boot (HAB) for i.MX CPUs
2------------------------------------------
Stefano Babic4aa97492013-06-27 11:42:38 +02003
Ulises Cardenas7e56f502015-04-20 13:47:58 -05004To enable the authenticated or encrypted boot mode of U-Boot, it is
5required to set the proper configuration for the target board. This
Fabio Estevamd97c2602017-01-05 21:33:08 -02006is done by adding the following configuration in the defconfig file:
Ulises Cardenas7e56f502015-04-20 13:47:58 -05007
Fabio Estevamd97c2602017-01-05 21:33:08 -02008CONFIG_SECURE_BOOT=y
Ulises Cardenas7e56f502015-04-20 13:47:58 -05009
10In addition, the U-Boot image to be programmed into the
Stefano Babic4aa97492013-06-27 11:42:38 +020011boot media needs to be properly constructed, i.e. it must contain a
12proper Command Sequence File (CSF).
13
Breno Lima7950a0f2018-02-22 00:42:56 +000014The CSF itself is generated by the i.MX High Assurance Boot Reference
15Code Signing Tool.
16https://www.nxp.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL
Stefano Babic4aa97492013-06-27 11:42:38 +020017
Breno Lima7950a0f2018-02-22 00:42:56 +000018More information about the CSF and HAB can be found in the AN4581.
19https://www.nxp.com/docs/en/application-note/AN4581.pdf
20
21We don't want to explain how to create a PKI tree or SRK table as
22this is well explained in the Application Note.
Stefano Babic4aa97492013-06-27 11:42:38 +020023
Breno Lima7950a0f2018-02-22 00:42:56 +0000242. Secure Boot on non-SPL targets
25---------------------------------
26
27On non-SPL targets a singe U-Boot binary is generated, mkimage will
28output additional information about "HAB Blocks" which can be used
29in the CST to authenticate the U-Boot image (entries in the CSF file).
Stefano Babic4aa97492013-06-27 11:42:38 +020030
31Image Type: Freescale IMX Boot Image
32Image Ver: 2 (i.MX53/6 compatible)
33Data Size: 327680 Bytes = 320.00 kB = 0.31 MB
34Load Address: 177ff420
35Entry Point: 17800000
36HAB Blocks: 177ff400 00000000 0004dc00
Wolfgang Denkec7fbf52013-10-04 17:43:24 +020037 ^^^^^^^^ ^^^^^^^^ ^^^^^^^^
Stefano Babic4aa97492013-06-27 11:42:38 +020038 | | |
39 | | -------- (1)
40 | |
41 | ------------------- (2)
42 |
43 --------------------------- (3)
44
Breno Lima7950a0f2018-02-22 00:42:56 +000045(1) Size of area in file u-boot-dtb.imx to sign
Stefano Babic4aa97492013-06-27 11:42:38 +020046 This area should include the IVT, the Boot Data the DCD
47 and U-Boot itself.
Breno Lima7950a0f2018-02-22 00:42:56 +000048(2) Start of area in u-boot-dtb.imx to sign
Stefano Babic4aa97492013-06-27 11:42:38 +020049(3) Start of area in RAM to authenticate
50
51CONFIG_SECURE_BOOT currently enables only an additional command
52'hab_status' in U-Boot to retrieve the HAB status and events. This
53can be useful while developing and testing HAB.
54
Breno Lima7950a0f2018-02-22 00:42:56 +000055Commands to generate a signed U-Boot using i.MX HAB CST tool:
56# Compile CSF and create signature
57cst --o csf-u-boot.bin --i command_sequence_uboot.csf
58# Append compiled CSF to Binary
59cat u-boot-dtb.imx csf-u-boot.bin > u-boot-signed.imx
Breno Lima626d5d72018-02-22 00:42:55 +000060
Breno Lima7950a0f2018-02-22 00:42:56 +0000613. Secure Boot on SPL targets
62-----------------------------
Breno Lima626d5d72018-02-22 00:42:55 +000063
64This version of U-Boot is able to build a signable version of the SPL
65as well as a signable version of the U-Boot image. The signature can
66be verified through High Assurance Boot (HAB).
67
Breno Lima626d5d72018-02-22 00:42:55 +000068After building, you need to create a command sequence file and use
Breno Lima7950a0f2018-02-22 00:42:56 +000069i.MX HAB Code Signing Tool to sign both binaries. After creation,
Breno Lima626d5d72018-02-22 00:42:55 +000070the mkimage tool outputs the required information about the HAB Blocks
71parameter for the CSF. During the build, the information is preserved
72in log files named as the binaries. (SPL.log and u-boot-ivt.log).
73
Breno Lima626d5d72018-02-22 00:42:55 +000074Example Output of the SPL (imximage) creation:
75 Image Type: Freescale IMX Boot Image
76 Image Ver: 2 (i.MX53/6/7 compatible)
77 Mode: DCD
78 Data Size: 61440 Bytes = 60.00 kB = 0.06 MB
79 Load Address: 00907420
80 Entry Point: 00908000
81 HAB Blocks: 00907400 00000000 0000cc00
82
83Example Output of the u-boot-ivt.img (firmware_ivt) creation:
84 Image Name: U-Boot 2016.11-rc1-31589-g2a4411
85 Created: Sat Nov 5 21:53:28 2016
86 Image Type: ARM U-Boot Firmware with HABv4 IVT (uncompressed)
87 Data Size: 352192 Bytes = 343.94 kB = 0.34 MB
88 Load Address: 17800000
89 Entry Point: 00000000
90 HAB Blocks: 0x177fffc0 0x0000 0x00054020
91
Breno Lima626d5d72018-02-22 00:42:55 +000092# Compile CSF and create signature
Breno Lima7950a0f2018-02-22 00:42:56 +000093cst --o csf-u-boot.bin --i command_sequence_uboot.csf
94cst --o csf-SPL.bin --i command_sequence_spl.csf
Breno Lima626d5d72018-02-22 00:42:55 +000095# Append compiled CSF to Binary
96cat SPL csf-SPL.bin > SPL-signed
97cat u-boot-ivt.img csf-u-boot.bin > u-boot-signed.img
98
Breno Lima7950a0f2018-02-22 00:42:56 +000099These two signed binaries can be used on an i.MX in closed
Breno Lima626d5d72018-02-22 00:42:55 +0000100configuration when the according SRK Table Hash has been flashed.
101
Breno Lima7950a0f2018-02-22 00:42:56 +00001024. Setup U-Boot Image for Encrypted Boot
103----------------------------------------
Raul Cardenasb5a36d82015-02-27 11:22:06 -0600104An authenticated U-Boot image is used as starting point for
Breno Lima7950a0f2018-02-22 00:42:56 +0000105Encrypted Boot. The image is encrypted by i.MX Code Signing
106Tool (CST). The CST replaces only the image data of
107u-boot-dtb.imx with the encrypted data. The Initial Vector Table,
Raul Cardenasb5a36d82015-02-27 11:22:06 -0600108DCD, and Boot data, remains in plaintext.
109
110The image data is encrypted with a Encryption Key (DEK).
111Therefore, this key is needed to decrypt the data during the
112booting process. The DEK is protected by wrapping it in a Blob,
113which needs to be appended to the U-Boot image and specified in
114the CSF file.
115
116The DEK blob is generated by an authenticated U-Boot image with
117the dek_blob cmd enabled. The image used for DEK blob generation
Fabio Estevamdcd1c4c2018-01-21 15:57:32 -0200118needs to have the following configurations enabled in Kconfig:
Raul Cardenasb5a36d82015-02-27 11:22:06 -0600119
Fabio Estevamdcd1c4c2018-01-21 15:57:32 -0200120CONFIG_SECURE_BOOT=y
121CONFIG_CMD_DEKBLOB=y
Raul Cardenasb5a36d82015-02-27 11:22:06 -0600122
123Note: The encrypted boot feature is only supported by HABv4 or
124greater.
125
126The dek_blob command then can be used to generate the DEK blob of
127a DEK previously loaded in memory. The command is used as follows:
128
129dek_blob <DEK address> <Output Address> <Key Size in Bits>
130example: dek_blob 0x10800000 0x10801000 192
131
132The resulting DEK blob then is used to construct the encrypted
133U-Boot image. Note that the blob needs to be transferred back
134to the host.Then the following commands are used to construct
135the final image.
136
Breno Lima7950a0f2018-02-22 00:42:56 +0000137cat u-boot-dtb.imx csf-u-boot.bin > u-boot-signed.imx
Raul Cardenasb5a36d82015-02-27 11:22:06 -0600138objcopy -I binary -O binary --pad-to <blob_dst> --gap-fill=0x00 \
139 u-boot-signed.imx u-boot-signed-pad.bin
140cat u-boot-signed-pad.imx DEK_blob.bin > u-boot-encrypted.imx
141
142 NOTE: u-boot-signed.bin needs to be padded to the value
143 equivalent to the address in which the DEK blob is specified
144 in the CSF.