diff --git a/doc/README.uniphier b/doc/README.uniphier index e4fd9a3..0fa3248 100644 --- a/doc/README.uniphier +++ b/doc/README.uniphier @@ -107,6 +107,231 @@ Firmware. [ARM Trusted Firmware]: https://github.com/ARM-software/arm-trusted-firmware +Verified Boot +------------- + +U-Boot supports an image verification method called "Verified Boot". +This is a brief tutorial to utilize this feature for the UniPhier platform. +You will find details documents in the doc/uImage.FIT directory. + +Here, we take LD20 reference board for example, but it should work for any +other boards including 32 bit SoCs. + +1. Generate key to sign with + + $ mkdir keys + $ openssl genpkey -algorithm RSA -out keys/dev.key \ + -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 + $ openssl req -batch -new -x509 -key keys/dev.key -out keys/dev.crt + +Two files "dev.key" and "dev.crt" will be created. The base name is arbitrary, +but need to match to the "key-name-hint" property described below. + +2. Describe FIT source + +You need to write an FIT (Flattened Image Tree) source file to describe the +structure of the image container. + +The following is an example for a simple usecase: + +---------------------------------------->8---------------------------------------- +/dts-v1/; + +/ { + description = "Kernel, DTB and Ramdisk for UniPhier LD20 Reference Board"; + #address-cells = <1>; + + images { + kernel@0 { + description = "linux"; + data = /incbin/("PATH/TO/YOUR/LINUX/DIR/arch/arm64/boot/Image.gz"); + type = "kernel"; + arch = "arm64"; + os = "linux"; + compression = "gzip"; + load = <0x82080000>; + entry = <0x82080000>; + hash@0 { + algo = "sha256"; + }; + }; + + fdt@0 { + description = "fdt"; + data = /incbin/("PATH/TO/YOUR/LINUX/DIR/arch/arm64/boot/dts/socionext/uniphier-ld20-ref.dtb"); + type = "flat_dt"; + arch = "arm64"; + compression = "none"; + hash@0 { + algo = "sha256"; + }; + }; + + ramdisk@0 { + description = "ramdisk"; + data = /incbin/("PATH/TO/YOUR/ROOTFS/DIR/rootfs.cpio"); + type = "ramdisk"; + arch = "arm64"; + os = "linux"; + compression = "none"; + hash@0 { + algo = "sha256"; + }; + }; + }; + + configurations { + default = "config@0"; + + config@0 { + description = "Configuration0"; + kernel = "kernel@0"; + fdt = "fdt@0"; + ramdisk = "ramdisk@0"; + signature@0 { + algo = "sha256,rsa2048"; + key-name-hint = "dev"; + sign-images = "kernel", "fdt", "ramdisk"; + }; + }; + }; +}; +---------------------------------------->8---------------------------------------- + +You need to change the three '/incbin/' lines, depending on the location of +your kernel image, device tree blob, and init ramdisk. The "load" and "entry" +properties also need to be adjusted if you want to change the physical placement +of the kernel. + +The "key-name-hint" must specify the key name you have created in the step 1. + +The FIT file name is arbitrary. Let's say you saved it into "fit.its". + +3. Compile U-Boot with FIT and signature enabled + +To use the Verified Boot, you need to enable the following two options: + CONFIG_FIT + CONFIG_FIT_SIGNATURE + +They are disabled by default for UniPhier defconfig files. So, you need to +tweak the configuration from "make menuconfig" or friends. + + $ make uniphier_v8_defconfig + $ make menuconfig + [ enable CONFIG_FIT and CONFIG_FIT_SIGNATURE ] + $ make CROSS_COMPILE=aarch64-linux-gnu- + +4. Build the image tree blob + +After building U-Boot, you will see tools/mkimage. With this tool, you can +create an image tree blob as follows: + + $ tools/mkimage -f fit.its -k keys -K dts/dt.dtb -r -F fitImage + +The -k option must specify the key directory you have created in step 1. + +A file "fitImage" will be created. This includes kernel, DTB, Init-ramdisk, +hash data for each of the three, and signature data. + +The public key needed for the run-time verification is stored in "dts/dt.dtb". + +5. Compile U-Boot again + +Since the "dt.dtb" has been updated in step 4, you need to re-compile the +U-Boot. + + $ make CROSS_COMPILE=aarch64-linux-gnu- + +The re-compiled "u-boot.bin" is appended with DTB that contains the public key. + +6. Flash the image + +Flash the "fitImage" to a storage device (NAND, eMMC, or whatever) on your +board. + +Please note the "u-boot.bin" must be signed, and verified by someone when it is +loaded. For ARMv8 SoCs, the "someone" is generally ARM Trusted Firmware BL2. +ARM Trusted Firmware supports an image authentication mechanism called Trusted +Board Boot (TBB). The verification process must be chained from the moment of +the system reset. If the Chain of Trust has a breakage somewhere, the verified +boot process is entirely pointless. + +7. Boot verified kernel + +Load the fitImage to memory and run the following from the U-Boot command line. + + > bootm + +Here, is the base address of the fitImage. + +If it is successful, you will see messages like follows: + +---------------------------------------->8---------------------------------------- +## Loading kernel from FIT Image at 84100000 ... + Using 'config@0' configuration + Verifying Hash Integrity ... sha256,rsa2048:dev+ OK + Trying 'kernel@0' kernel subimage + Description: linux + Created: 2017-10-20 14:32:29 UTC + Type: Kernel Image + Compression: gzip compressed + Data Start: 0x841000c8 + Data Size: 6957818 Bytes = 6.6 MiB + Architecture: AArch64 + OS: Linux + Load Address: 0x82080000 + Entry Point: 0x82080000 + Hash algo: sha256 + Hash value: 82a37b7f11ae55f4e07aa25bf77e4067cb9dc1014d52d6cd4d588f92eee3aaad + Verifying Hash Integrity ... sha256+ OK +## Loading ramdisk from FIT Image at 84100000 ... + Using 'config@0' configuration + Trying 'ramdisk@0' ramdisk subimage + Description: ramdisk + Created: 2017-10-20 14:32:29 UTC + Type: RAMDisk Image + Compression: uncompressed + Data Start: 0x847a5cc0 + Data Size: 5264365 Bytes = 5 MiB + Architecture: AArch64 + OS: Linux + Load Address: unavailable + Entry Point: unavailable + Hash algo: sha256 + Hash value: 44980a2874154a2e31ed59222c9f8ea968867637f35c81e4107a984de7014deb + Verifying Hash Integrity ... sha256+ OK +## Loading fdt from FIT Image at 84100000 ... + Using 'config@0' configuration + Trying 'fdt@0' fdt subimage + Description: fdt + Created: 2017-10-20 14:32:29 UTC + Type: Flat Device Tree + Compression: uncompressed + Data Start: 0x847a2cb0 + Data Size: 12111 Bytes = 11.8 KiB + Architecture: AArch64 + Hash algo: sha256 + Hash value: c517099db537f6d325e6be46b25c871a41331ad5af0283883fd29d40bfc14e1d + Verifying Hash Integrity ... sha256+ OK + Booting using the fdt blob at 0x847a2cb0 + Uncompressing Kernel Image ... OK + reserving fdt memory region: addr=80000000 size=2000000 + Loading Device Tree to 000000009fffa000, end 000000009fffff4e ... OK + +Starting kernel ... +---------------------------------------->8---------------------------------------- + +Please pay attention to the lines that start with "Verifying Hash Integrity". + +"Verifying Hash Integrity ... sha256,rsa2048:dev+ OK" means the signature check +passed. + +"Verifying Hash Integrity ... sha256+ OK" (3 times) means the hash check passed +for kernel, DTB, and Init ramdisk. + +If they are not displayed, the Verified Boot is not working. + + UniPhier specific commands -------------------------- @@ -179,4 +404,4 @@ newer SoCs. Even if it is, EA[25] is not connected on most of the boards. -- Masahiro Yamada -Sep. 2017 +Oct. 2017