NXP

Mx6 HAB (High Assurance Boot)

2019-07-12 12:08发布

站内文章 / NXP MCU
10703 0 1679
https://community.freescale.com/docs/DOC-96451 This doc describe how to enable HAB in Mx6Q SDP board.
1. IMX_CST_TOOL     The CST tool can be downloaded from www.freescale.com. It provides software code signing support designed for use with Freescale processors that integrate the HAB library in the internal boot ROM.     The version in this example is 2.0, it can only run in Linux PC, the package name is “BLN_CST_MAIN_02.00.00.zip”.
2. Generate HAB4 Keys and Certificates     2.1. Unpack the CST package, there are six folders: ca, code, crts, docs, keys, linux. Create "serial" file and "key_pass.txt" file in the "keys" folder.         In this example, the content in "serial" file is             12345684         The content in "key_pass.txt" file is             freescale_mx6             freescale_mx6
    2.2 Prior to running the hab4_pki_tree.sh ensure that OpenSSL is included in your search path by running         $ openssl version         OpenSSL 1.0.1 14 Mar 2012
    2.3 Run the hab4_pki_tree.sh script to generate hab4 keys and certificates.         $ cd keys         $ ./hab4_pki_tree.sh             Do you want to use an existing CA key (y/n)?: n             Enter key length in bits for PKI tree: 4096             Enter PKI tree duration (years): 15             How many Super Root Keys should be generated? 4         If you meet “unable to write 'random state' error”, change the ownership of ~/.rnd by command "sudo chown adam.adam ~/.rnd" and re-run step 2.2. adam is your user name.         Please note there should be no error during the keys/certificates generation.
    2.4 Generating HAB4 SRK tables and efuse Hash
         $ cd ../crts         $ ../linux/srktool -h 4 -t SRK_1_2_3_4_table.bin -e SRK_1_2_3_4_fuse.bin -d sha256 -c SRK1_sha256_4096_65537_v3_ca_crt.pem,SRK2_sha256_4096_65537_v3_ca_crt.pem,SRK3_sha256_4096_65537_v3_ca_crt.pem,SRK4_sha256_4096_65537_v3_ca_crt.pem         SRK table binary file SRK_1_2_3_4_table.bin and SRK efuse binary file SRK_1_2_3_4_fuse.bin are generated in crts folder.
3. Modify u-boot for HAB and sign u-boot image
     3.1 0001-u-boot-enable-mx6-hab.patch is the hab patch based on Android 4.2.2_1.1.0 uboot-imx. Apply the patch and build u-boot.bin. Create u-boot folder in BLN_CST_MAIN_02.00.00, copy u-boot.bin to u-boot folder.         In this example, the u-boot.bin size is 0x70320. Since in u-boot.lds, __hab_data is placed to the end of u-boot.bin and aligned to 0x1000, pad u-boot.bin to 0x71000.
             $ cd ../u-boot             $ objcopy -I binary -O binary --pad-to 0x71000 --gap-fill=0xff u-boot.bin u-boot-pad.bin
    3.2 Create CSF description file csf_u-boot.txt in u-boot folder, and then sign the boot image.         You need to modify the [Authenticate Data] field according to your u-boot-pad.bin size.
         $ ../linux/cst --output csf_u-boot.bin < csf_u-boot.txt
    3.3 Assemble CSF data with boot image.         $ cat u-boot-pad.bin csf_u-boot.bin > u-boot-signed.bin
4. Blow SRK_HASH fuse
     4.1 Get the SRK HASH value.         The SRK HASH value is generated by srkroot in step 2.4. Can dump the value by command             $ od -t x4  ../crts/SRK_1_2_3_4_fuse.bin             0000000 d7dd02f7 596a91bd b7fb2ec3 09525b17             0000020 6fe30579 0bb67f9e 7e53c7e4 44f06a93
    4.2 Program SRK_HASH fuse by mfgtool.         Modify ucl2.xml of mfgtool to program the SRK_HASH fuse, here is the example                     Loading U-boot                             loadSection="OTH" setSection="OTH" HasFlashHeader="FALSE" >Loading Kernel.                             loadSection="OTH" setSection="OTH" HasFlashHeader="FALSE" >Loading Initramfs.             Jumping to OS image.                     Burn Word 0 of SRK hash field in OTP             Burn Word 1 of SRK hash field in OTP             Burn Word 2 of SRK hash field in OTP             Burn Word 3 of SRK hash field in OTP             Burn Word 4 of SRK hash field in OTP             Burn Word 5 of SRK hash field in OTP             Burn Word 6 of SRK hash field in OTP             Burn Word 7 of SRK hash field in OTP             Done        
5. Verify the signed image  
     During development phase, do not program the SEC_CONFIG fuse to close mode except you have verified all the HAB function. In open configuration, If there is error event, you can see the event log after the signed image bootup. If see the log of "No HAB Events Found!”, the signature are verified successfully.     If see the log of "--------- HAB Event 1 -----------------", something wrong during the signature, please go back and check your step.
6. Download and execute signed image with mfgtool     6.1 Section 6.2 in AN4581.pdf describe the behavior when mfgtool download and execute code, here is the copy.
    • Parse the file to load in order to find the IVT and its DCD table pointer.
    • If there is a DCD table, it is loaded to the address, 0x00910000, in the OCRAM with the SDP command, DCD_WRITE. The DCD table must always be signed, which implies that this area in OCRAM must be signed.
    • The pointer to the DCD table is cleared in the IVT, in order to prevent the HAB library from processing the DCD table again during the authentication process. There is no need to re-initialize some memory, such as DDR3, when it already contains valid data.
    • The code is loaded to the boot_data address defined in the boot image structure.

     6.2 Build uboot.bin with mfg config, create u-boot-mfg folder in BLN_CST_MAIN_02.00.00, copy u-boot.bin to u-boot-mfg folder. The u-boot.bin size in this example is 0x26F50, pad it to 0x27000. The CSF description file is similar to the one in step 3, except [Authenticate Data] field since the special mfgtool behavior in step 6.1. The example in AN4581 has one typo error, the correct example is             [Authenticate Data]             Verification index = 2             Blocks = 0x27800400 0x400 0x26C00 "u-boot-pad.bin",                     0x00910000 0x42c 0x2a0 "u-boot-pad.bin"         0x42c is the pointer of DCD table, 0x2a0 is the size of DCD table, you can get it in dcd_hdr in flash_header.S. You need to modify 0x26C00 and 0x2a0 according to your uboot.bin size and DCD table size.
    6.3 Sign uboot.bin for mfgtool         $ objcopy -I binary -O binary --pad-to 0x27000 --gap-fill=0xff u-boot.bin u-boot-pad.bin         $ ./mod_4_mfgtool.sh clear_dcd_addr u-boot-pad.bin         $ ../linux/cst --output csf_u-boot.bin < csf_u-boot_mfg.txt         $ ./mod_4_mfgtool.sh set_dcd_addr u-boot-pad.bin         $ cat u-boot-pad.bin csf_u-boot.bin > u-boot-signed.bin       6.4 Boot mode setting         When verify the signed image with mfgtool, BOOT_MODE[1:0] should be set to 01 to Serial Downloader mode, otherwise, you may meet one HAB event, the event data is “0xdb 0x00 0x08 0x41 0x33 0x22 0x0a 0x00”.         In Mx6 SDP board, if follow android user guide to set the boot switch SW6 to 00001100, you will get above HAB event. The correct setting is rework the BOOT MODE pin to serial download mode, or set SW6 to boot from SD card and do not insert SD card when power on.
7 After verify all the HAB function, blow SEC_CONFIG fuse to close mode.     $ echo 0x2 > /sys/fsl_otp/HW_OCOTP_CFG5
8 If there is no HAB event in open mode, but your board cannot bootup after program SEC_CONFIG to close mode, please check if you have unlocked RNG in CSF script.     [Unlock]     Engine = CAAM     Features = RNG      For the reason to unlock RNG, pleases refer to Q&A: HAB on i.MX6 
  • 0001-u-boot-enable-mx6-hab.patch.zip 2.4 K No security policy violations found. The file was last scanned 6 months ago.
  • mod_4_mfgtool.sh 603 bytes No security policy violations found. The file was last scanned 6 months ago.
  • AN4581.pdf 795.2 K No security policy violations found. The file was last scanned 6 months ago.
  • csf_u-boot.txt.zip 631 bytes No security policy violations found. The file was last scanned 3 months ago.
  • csf_u-boot_mfg.txt.zip 676 bytes No security policy violations found. The file was last scanned 3 months ago.