mirror of
https://github.com/CTCaer/switch-l4t-atf.git
synced 2024-11-30 05:10:28 +00:00
docs: nxp soc-lx2160a based platforms
Addition of documents for platforms based on NXP SoC LX2160A. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I39ac5a9eb0b668d26301a0a24a1e6bf87f245f02
This commit is contained in:
parent
9dc2534fd7
commit
7c78e4f7df
@ -27,6 +27,7 @@ Platform Ports
|
||||
imx8
|
||||
imx8m
|
||||
ls1043a
|
||||
nxp/index
|
||||
poplar
|
||||
qemu
|
||||
qemu-sbsa
|
||||
|
17
docs/plat/nxp/index.rst
Normal file
17
docs/plat/nxp/index.rst
Normal file
@ -0,0 +1,17 @@
|
||||
NXP Reference Development Platforms
|
||||
===================================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
nxp-layerscape
|
||||
nxp-ls-fuse-prov
|
||||
nxp-ls-tbbr
|
||||
|
||||
This chapter holds documentation related to NXP reference development platforms.
|
||||
It includes details on image flashing, fuse provisioning and trusted board boot-up.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021, NXP Limited. All rights reserved.*
|
232
docs/plat/nxp/nxp-layerscape.rst
Normal file
232
docs/plat/nxp/nxp-layerscape.rst
Normal file
@ -0,0 +1,232 @@
|
||||
NXP SoCs - Overview
|
||||
=====================
|
||||
.. section-numbering::
|
||||
:suffix: .
|
||||
|
||||
The QorIQ family of ARM based SoCs that are supported on TF-A are:
|
||||
|
||||
1. LX2160ARDB:
|
||||
Platform Name:
|
||||
|
||||
a. lx2160ardb (Board details can be fetched from the link: `lx2160ardb`_)
|
||||
|
||||
|
||||
Table of supported boot-modes by each platform & platform that needs FIP-DDR:
|
||||
-----------------------------------------------------------------------------
|
||||
|
||||
+---+-----------------+-------+--------+-------+-------+-------+-------------+--------------+-----------------+
|
||||
| | BOOT_MODE-->| sd | qspi | nor | nand | emmc | flexspi_nor | flexspi_nand | fip_ddr needed |
|
||||
| | | | | | | | | | |
|
||||
| | PLAT | | | | | | | | |
|
||||
+===+=================+=======+========+=======+=======+=======+=============+==============+=================+
|
||||
| 1.| lx2160ardb | yes | | | | yes | yes | | yes |
|
||||
+---+-----------------+-------+--------+-------+-------+-------+-------------+--------------+-----------------+
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
::
|
||||
|
||||
+ Secure World | Normal World
|
||||
+ EL0 |
|
||||
+ |
|
||||
+ EL1 BL32(Tee OS) | kernel
|
||||
+ ^ | | ^
|
||||
+ | | | |
|
||||
+ EL2 | | | BL33(u-boot)
|
||||
+ | | | ^
|
||||
+ | v | /
|
||||
+ EL3 BootROM --> BL2 --> BL31 ---------------/
|
||||
+
|
||||
|
||||
Boot Sequence with FIP-DDR
|
||||
--------------------------
|
||||
::
|
||||
|
||||
+ Secure World | Normal World
|
||||
+ EL0 |
|
||||
+ |
|
||||
+ EL1 fip-ddr BL32(Tee OS) | kernel
|
||||
+ ^ | ^ | | ^
|
||||
+ | | | | | |
|
||||
+ EL2 | | | | | BL33(u-boot)
|
||||
+ | | | | | ^
|
||||
+ | v | v | /
|
||||
+ EL3 BootROM --> BL2 -----> BL31 ---------------/
|
||||
+
|
||||
|
||||
|
||||
How to build
|
||||
=============
|
||||
|
||||
Code Locations
|
||||
--------------
|
||||
|
||||
- OP-TEE:
|
||||
`link <https://source.codeaurora.org/external/qoriq/qoriq-components/optee_os>`__
|
||||
|
||||
- U-Boot:
|
||||
`link <https://source.codeaurora.org/external/qoriq/qoriq-components/u-boot>`__
|
||||
|
||||
- RCW:
|
||||
`link <https://source.codeaurora.org/external/qoriq/qoriq-components/rcw>`__
|
||||
|
||||
- ddr-phy-binary: Required by platforms that need fip-ddr.
|
||||
`link <https:://github.com/NXP/ddr-phy-binary>`__
|
||||
|
||||
- cst: Required for TBBR.
|
||||
`link <https:://source.codeaurora.org/external/qoriq/qoriq-components/cst>`__
|
||||
|
||||
Build Procedure
|
||||
---------------
|
||||
|
||||
- Fetch all the above repositories into local host.
|
||||
|
||||
- Prepare AARCH64 toolchain and set the environment variable "CROSS_COMPILE".
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=.../bin/aarch64-linux-gnu-
|
||||
|
||||
- Build RCW. Refer README from the respective cloned folder for more details.
|
||||
|
||||
- Build u-boot and OPTee firstly, and get binary images: u-boot.bin and tee.bin.
|
||||
For u-boot you can use the <platform>_tfa_defconfig for build.
|
||||
|
||||
- Copy/clone the repo "ddr-phy-binary" to the tfa directory for platform needing ddr-fip.
|
||||
|
||||
- Below are the steps to build TF-A images for the supported platforms.
|
||||
|
||||
Compilation steps without BL32
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
BUILD BL2:
|
||||
|
||||
-To compile
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
pbl
|
||||
|
||||
BUILD FIP:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
pbl \
|
||||
fip
|
||||
|
||||
Compilation steps with BL32
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
BUILD BL2:
|
||||
|
||||
-To compile
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
pbl
|
||||
|
||||
BUILD FIP:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
pbl \
|
||||
fip
|
||||
|
||||
|
||||
BUILD fip-ddr (Mandatory for certain platforms, refer table above):
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
-To compile additional fip-ddr for selected platforms(Refer above table if the platform needs fip-ddr).
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform_name> fip-ddr
|
||||
|
||||
|
||||
Deploy ATF Images
|
||||
=================
|
||||
|
||||
Note: The size in the standard uboot commands for copy to nor, qspi, nand or sd
|
||||
should be modified based on the binary size of the image to be copied.
|
||||
|
||||
- Deploy ATF images on flexspi-Nor flash Alt Bank from U-Boot prompt.
|
||||
-- Commands to flash images for bl2_xxx.pbl and fip.bin.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
tftp 82000000 $path/bl2_flexspi_nor.pbl;
|
||||
i2c mw 66 50 20;sf probe 0:0; sf erase 0 +$filesize; sf write 0x82000000 0x0 $filesize;
|
||||
|
||||
tftp 82000000 $path/fip.bin;
|
||||
i2c mw 66 50 20;sf probe 0:0; sf erase 0x100000 +$filesize; sf write 0x82000000 0x100000 $filesize;
|
||||
|
||||
-- Next step is valid for platform where FIP-DDR is needed.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
tftp 82000000 $path/ddr_fip.bin;
|
||||
i2c mw 66 50 20;sf probe 0:0; sf erase 0x800000 +$filesize; sf write 0x82000000 0x800000 $filesize;
|
||||
|
||||
-- Then reset to alternate bank to boot up ATF.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
qixisreset altbank;
|
||||
|
||||
- Deploy ATF images on SD/eMMC from U-Boot prompt.
|
||||
-- file_size_in_block_sizeof_512 = (Size_of_bytes_tftp / 512)
|
||||
|
||||
.. code:: shell
|
||||
|
||||
mmc dev <idx>; (idx = 1 for eMMC; idx = 0 for SD)
|
||||
|
||||
tftp 82000000 $path/bl2_<sd>_or_<emmc>.pbl;
|
||||
mmc write 82000000 8 <file_size_in_block_sizeof_512>;
|
||||
|
||||
tftp 82000000 $path/fip.bin;
|
||||
mmc write 82000000 0x800 <file_size_in_block_sizeof_512>;
|
||||
|
||||
-- Next step is valid for platform that needs FIP-DDR.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
tftp 82000000 $path/ddr_fip.bin;
|
||||
mmc write 82000000 0x4000 <file_size_in_block_sizeof_512>;
|
||||
|
||||
-- Then reset to sd/emmc to boot up ATF from sd/emmc as boot-source.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
qixisreset <sd or emmc>;
|
||||
|
||||
Trusted Board Boot:
|
||||
===================
|
||||
|
||||
For TBBR, the binary name changes:
|
||||
|
||||
+-------------+--------------------------+---------+-------------------+
|
||||
| Boot Type | BL2 | FIP | FIP-DDR |
|
||||
+=============+==========================+=========+===================+
|
||||
| Normal Boot | bl2_<boot_mode>.pbl | fip.bin | ddr_fip.bin |
|
||||
+-------------+--------------------------+---------+-------------------+
|
||||
| TBBR Boot | bl2_<boot_mode>_sec.pbl | fip.bin | ddr_fip_sec.bin |
|
||||
+-------------+--------------------------+---------+-------------------+
|
||||
|
||||
Refer `nxp-ls-tbbr.rst`_ for detailed user steps.
|
||||
|
||||
|
||||
.. _lx2160ardb: https://www.nxp.com/products/processors-and-microcontrollers/arm-processors/layerscape-communication-process/layerscape-lx2160a-multicore-communications-processor:LX2160A
|
||||
.. _nxp-ls-tbbr.rst: ./nxp-ls-tbbr.rst
|
271
docs/plat/nxp/nxp-ls-fuse-prov.rst
Normal file
271
docs/plat/nxp/nxp-ls-fuse-prov.rst
Normal file
@ -0,0 +1,271 @@
|
||||
|
||||
Steps to blow fuses on NXP LS SoC:
|
||||
==================================
|
||||
|
||||
|
||||
- Enable POVDD
|
||||
-- Refer board GSG(Getting Started Guide) for the steps to enable POVDD.
|
||||
-- Once the POVDD is enabled, make sure to set variable POVDD_ENABLE := yes, in the platform.mk.
|
||||
|
||||
+---+-----------------+-----------+------------+-----------------+-----------------------------+
|
||||
| | Platform | Jumper | Switch | LED to Verify | Through GPIO Pin (=number) |
|
||||
+===+=================+===========+============+=================+=============================+
|
||||
| 1.| lx2160ardb | J9 | | | no |
|
||||
+---+-----------------+-----------+------------+-----------------+-----------------------------+
|
||||
| 2.| lx2160aqds | J35 | | | no |
|
||||
+---+-----------------+-----------+------------+-----------------+-----------------------------+
|
||||
| 3.| lx2162aqds | J35 | SW9[4] = 1 | D15 | no |
|
||||
+---+-----------------+-----------+------------+-----------------+-----------------------------+
|
||||
|
||||
- SFP registers to be written to:
|
||||
|
||||
+---+----------------------------------+----------------------+----------------------+
|
||||
| | Platform | OTPMKR0..OTPMKR7 | SRKHR0..SRKHR7 |
|
||||
+===+==================================+======================+======================+
|
||||
| 1.| lx2160ardb/lx2160aqds/lx2162aqds | 0x1e80234..0x1e80250 | 0x1e80254..0x1e80270 |
|
||||
+---+----------------------------------+----------------------+----------------------+
|
||||
|
||||
- At U-Boot prompt, verify that SNVS register - HPSR, whether OTPMK was written, already:
|
||||
|
||||
+---+----------------------------------+-------------------------------------------+---------------+
|
||||
| | Platform | OTPMK_ZERO_BIT(=value) | SNVS_HPSR_REG |
|
||||
+===+==================================+===========================================+===============+
|
||||
| 1.| lx2160ardb/lx2160aqds/lx2162aqds | 27 (= 1 means not blown, =0 means blown) | 0x01E90014 |
|
||||
+---+----------------------------------+-------------------------------------------+---------------+
|
||||
|
||||
From u-boot prompt:
|
||||
|
||||
-- Check for the OTPMK.
|
||||
.. code:: shell
|
||||
|
||||
md $SNVS_HPSR_REG
|
||||
|
||||
Command Output:
|
||||
01e90014: 88000900
|
||||
|
||||
In case it is read as 00000000, then read this register using jtag (in development mode only through CW tap).
|
||||
+0 +4 +8 +C
|
||||
[0x01E90014] 88000900
|
||||
|
||||
Note: OTPMK_ZERO_BIT is 1, indicating that the OTPMK is not blown.
|
||||
|
||||
-- Check for the SRK Hash.
|
||||
.. code:: shell
|
||||
|
||||
md $SRKHR0 0x10
|
||||
|
||||
Command Output:
|
||||
01e80254: 00000000 00000000 00000000 00000000 ................
|
||||
01e80264: 00000000 00000000 00000000 00000000 ................
|
||||
|
||||
Note: Zero means that SRK hash is not blown.
|
||||
|
||||
- If not blown, then from the U-Boot prompt, using following commands:
|
||||
-- Provision the OTPMK.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
mw.l $OTPMKR0 <OTMPKR_0_32Bit_val>
|
||||
mw.l $OTPMKR1 <OTMPKR_1_32Bit_val>
|
||||
mw.l $OTPMKR2 <OTMPKR_2_32Bit_val>
|
||||
mw.l $OTPMKR3 <OTMPKR_3_32Bit_val>
|
||||
mw.l $OTPMKR4 <OTMPKR_4_32Bit_val>
|
||||
mw.l $OTPMKR5 <OTMPKR_5_32Bit_val>
|
||||
mw.l $OTPMKR6 <OTMPKR_6_32Bit_val>
|
||||
mw.l $OTPMKR7 <OTMPKR_7_32Bit_val>
|
||||
|
||||
-- Provision the SRK Hash.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
mw.l $SRKHR0 <SRKHR_0_32Bit_val>
|
||||
mw.l $SRKHR1 <SRKHR_1_32Bit_val>
|
||||
mw.l $SRKHR2 <SRKHR_2_32Bit_val>
|
||||
mw.l $SRKHR3 <SRKHR_3_32Bit_val>
|
||||
mw.l $SRKHR4 <SRKHR_4_32Bit_val>
|
||||
mw.l $SRKHR5 <SRKHR_5_32Bit_val>
|
||||
mw.l $SRKHR6 <SRKHR_6_32Bit_val>
|
||||
mw.l $SRKHR7 <SRKHR_7_32Bit_val>
|
||||
|
||||
Note: SRK Hash should be carefully written keeping in mind the SFP Block Endianness.
|
||||
|
||||
- At U-Boot prompt, verify that SNVS registers for OTPMK are correctly written:
|
||||
|
||||
-- Check for the OTPMK.
|
||||
.. code:: shell
|
||||
|
||||
md $SNVS_HPSR_REG
|
||||
|
||||
Command Output:
|
||||
01e90014: 80000900
|
||||
|
||||
OTPMK_ZERO_BIT is zero, indicating that the OTPMK is blown.
|
||||
|
||||
Note: In case it is read as 00000000, then read this register using jtag (in development mode only through CW tap).
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $OTPMKR0 0x10
|
||||
|
||||
Command Output:
|
||||
01e80234: ffffffff ffffffff ffffffff ffffffff ................
|
||||
01e80244: ffffffff ffffffff ffffffff ffffffff ................
|
||||
|
||||
Note: OTPMK will never be visible in plain.
|
||||
|
||||
-- Check for the SRK Hash. For example, if following SRK hash is written:
|
||||
|
||||
SFP SRKHR0 = fdc2fed4
|
||||
SFP SRKHR1 = 317f569e
|
||||
SFP SRKHR2 = 1828425c
|
||||
SFP SRKHR3 = e87b5cfd
|
||||
SFP SRKHR4 = 34beab8f
|
||||
SFP SRKHR5 = df792a70
|
||||
SFP SRKHR6 = 2dff85e1
|
||||
SFP SRKHR7 = 32a29687,
|
||||
|
||||
then following would be the value on dumping SRK hash.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $SRKHR0 0x10
|
||||
|
||||
Command Output:
|
||||
01e80254: d4fec2fd 9e567f31 5c422818 fd5c7be8 ....1.V..(B\.{\.
|
||||
01e80264: 8fabbe34 702a79df e185ff2d 8796a232 4....y*p-...2...
|
||||
|
||||
Note: SRK Hash is visible in plain based on the SFP Block Endianness.
|
||||
|
||||
- Caution: Donot proceed to the next step, until you are sure that OTPMK and SRKH are correctly blown from above steps.
|
||||
-- After the next step, there is no turning back.
|
||||
-- Fuses will be burnt, which cannot be undo.
|
||||
|
||||
- Write SFP_INGR[INST] with the PROGFB(0x2) instruction to blow the fuses.
|
||||
-- User need to save the SRK key pair and OTPMK Key forever, to continue using this board.
|
||||
|
||||
+---+----------------------------------+-------------------------------------------+-----------+
|
||||
| | Platform | SFP_INGR_REG | SFP_WRITE_DATE_FRM_MIRROR_REG_TO_FUSE |
|
||||
+===+==================================+=======================================================+
|
||||
| 1.| lx2160ardb/lx2160aqds/lx2162aqds | 0x01E80020 | 0x2 |
|
||||
+---+----------------------------------+--------------+----------------------------------------+
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $SFP_INGR_REG $SFP_WRITE_DATE_FRM_MIRROR_REG_TO_FUSE
|
||||
|
||||
- On reset, if the SFP register were read from u-boot, it will show the following:
|
||||
-- Check for the OTPMK.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $SNVS_HPSR_REG
|
||||
|
||||
Command Output:
|
||||
01e90014: 80000900
|
||||
|
||||
In case it is read as 00000000, then read this register using jtag (in development mode only through CW tap).
|
||||
+0 +4 +8 +C
|
||||
[0x01E90014] 80000900
|
||||
|
||||
Note: OTPMK_ZERO_BIT is zero, indicating that the OTPMK is blown.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $OTPMKR0 0x10
|
||||
|
||||
Command Output:
|
||||
01e80234: ffffffff ffffffff ffffffff ffffffff ................
|
||||
01e80244: ffffffff ffffffff ffffffff ffffffff ................
|
||||
|
||||
Note: OTPMK will never be visible in plain.
|
||||
|
||||
-- SRK Hash
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $SRKHR0 0x10
|
||||
|
||||
Command Output:
|
||||
01e80254: d4fec2fd 9e567f31 5c422818 fd5c7be8 ....1.V..(B\.{\.
|
||||
01e80264: 8fabbe34 702a79df e185ff2d 8796a232 4....y*p-...2...
|
||||
|
||||
Note: SRK Hash is visible in plain based on the SFP Block Endianness.
|
||||
|
||||
Second method to do the fuse provsioning:
|
||||
=========================================
|
||||
|
||||
This method is used for quick way to provision fuses.
|
||||
Typically used by those who needs to provision number of boards.
|
||||
|
||||
- Enable POVDD:
|
||||
-- Refer the table above to enable POVDD.
|
||||
|
||||
Note: If GPIO Pin supports enabling POVDD, it can be done through the below input_fuse_file.
|
||||
|
||||
-- Once the POVDD is enabled, make sure to set variable POVDD_ENABLE := yes, in the platform.mk.
|
||||
|
||||
- User need to populate the "input_fuse_file", corresponding to the platform for:
|
||||
|
||||
-- OTPMK
|
||||
-- SRKH
|
||||
|
||||
Table of fuse provisioning input file for every supported platform:
|
||||
|
||||
+---+----------------------------------+-----------------------------------------------------------------+
|
||||
| | Platform | FUSE_PROV_FILE |
|
||||
+===+==================================+=================================================================+
|
||||
| 1.| lx2160ardb/lx2160aqds/lx2162aqds | ${CST_DIR}/input_files/gen_fusescr/ls2088_1088/input_fuse_file |
|
||||
+---+----------------------------------+--------------+--------------------------------------------------+
|
||||
|
||||
- Create the TF-A binary with FUSE_PROG=1.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT FUSE_PROG=1\
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
pbl \
|
||||
fip \
|
||||
fip_fuse \
|
||||
FUSE_PROV_FILE=../../apps/security/cst/input_files/gen_fusescr/ls2088_1088/input_fuse_file
|
||||
|
||||
- Deployment:
|
||||
-- Refer the nxp-layerscape.rst for deploying TF-A images.
|
||||
-- Deploying fip_fuse.bin:
|
||||
|
||||
For Flexspi-Nor:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
tftp 82000000 $path/fuse_fip.bin;
|
||||
i2c mw 66 50 20;sf probe 0:0; sf erase 0x880000 +$filesize; sf write 0x82000000 0x880000 $filesize;
|
||||
|
||||
For SD or eMMC [file_size_in_block_sizeof_512 = (Size_of_bytes_tftp / 512)]:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
tftp 82000000 $path/fuse_fip.bin;
|
||||
mmc write 82000000 0x4408 <file_size_in_block_sizeof_512>;
|
||||
|
||||
- Valiation:
|
||||
|
||||
+---+----------------------------------+---------------------------------------------------+
|
||||
| | Platform | Error_Register | Error_Register_Address |
|
||||
+===+==================================+===================================================+
|
||||
| 1.| lx2160ardb/lx2160aqds/lx2162aqds | DCFG scratch 4 register | 0x01EE020C |
|
||||
+---+----------------------------------+---------------------------------------------------+
|
||||
|
||||
At the U-Boot prompt, check DCFG scratch 4 register for any error.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $Error_Register_Address 1
|
||||
|
||||
Command Ouput:
|
||||
01ee020c: 00000000
|
||||
|
||||
Note:
|
||||
- 0x00000000 shows no error, then fuse provisioning is successful.
|
||||
- For non-zero value, refer the code header file ".../drivers/nxp/sfp/sfp_error_codes.h"
|
210
docs/plat/nxp/nxp-ls-tbbr.rst
Normal file
210
docs/plat/nxp/nxp-ls-tbbr.rst
Normal file
@ -0,0 +1,210 @@
|
||||
|
||||
--------------
|
||||
NXP Platforms:
|
||||
--------------
|
||||
TRUSTED_BOARD_BOOT option can be enabled by specifying TRUSTED_BOARD_BOOT=1 on command line during make.
|
||||
|
||||
|
||||
|
||||
Bare-Minimum Preparation to run TBBR on NXP Platforms:
|
||||
=======================================================
|
||||
- OTPMK(One Time Programable Key) needs to be burnt in fuses.
|
||||
-- It is the 256 bit key that stores a secret value used by the NXP SEC 4.0 IP in Trusted or Secure mode.
|
||||
|
||||
Note: It is primarily for the purpose of decrypting additional secrets stored in system non-volatile memory.
|
||||
|
||||
-- NXP CST tool gives an option to generate it.
|
||||
|
||||
Use the below command from directory 'cst', with correct options.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./gen_otpmk_drbg
|
||||
|
||||
- SRKH (Super Root Key Hash) needs to be burnt in fuses.
|
||||
-- It is the 256 bit hash of the list of the public keys of the SRK key pair.
|
||||
-- NXP CST tool gives an option to generate the RSA key pair and its hash.
|
||||
|
||||
Use the below command from directory 'cst', with correct options.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./gen_keys
|
||||
|
||||
Refer fuse frovisioning readme 'nxp-ls-fuse-prov.rst' for steps to blow these keys.
|
||||
|
||||
|
||||
|
||||
Two options are provided for TRUSTED_BOARD_BOOT:
|
||||
================================================
|
||||
|
||||
-------------------------------------------------------------------------
|
||||
Option 1: CoT using X 509 certificates
|
||||
-------------------------------------------------------------------------
|
||||
|
||||
- This CoT is as provided by ARM.
|
||||
|
||||
- To use this option user needs to specify mbedtld dir path in MBEDTLS_DIR.
|
||||
|
||||
- To generate CSF header, path of CST repository needs to be specified as CST_DIR
|
||||
|
||||
- CSF header is embedded to each of the BL2 image.
|
||||
|
||||
- GENERATE_COT=1 adds the tool 'cert_create' to the build environment to generate:
|
||||
-- X509 Certificates as (.crt) files.
|
||||
-- X509 Pem key file as (.pem) files.
|
||||
|
||||
- SAVE_KEYS=1 saves the keys and certificates, if GENERATE_COT=1.
|
||||
-- For this to work, file name for cert and keys are provided as part of compilation or build command.
|
||||
|
||||
--- default file names will be used, incase not provided as part compilation or build command.
|
||||
--- default folder 'BUILD_PLAT' will be used to store them.
|
||||
|
||||
- ROTPK for x.509 certificates is generated and embedded in bl2.bin and
|
||||
verified as part of CoT by Boot ROM during secure boot.
|
||||
|
||||
- Compilation steps:
|
||||
|
||||
All Images
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=$MBEDTLS_PATH CST_DIR=$CST_DIR_PATH \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
pbl \
|
||||
fip
|
||||
|
||||
Additional FIP_DDR Image (For NXP platforms like lx2160a)
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=$MBEDTLS_PATH fip_ddr
|
||||
|
||||
Note: make target 'fip_ddr' should never be combine with other make target 'fip', 'pbl' & 'bl2'.
|
||||
|
||||
-------------------------------------------------------------------------
|
||||
Option 2: CoT using NXP CSF headers.
|
||||
-------------------------------------------------------------------------
|
||||
|
||||
- This option is automatically selected when TRUSTED_BOARD_BOOT is set but MBEDTLS_DIR path is not specified.
|
||||
|
||||
- CSF header is embedded to each of the BL31, BL32 and BL33 image.
|
||||
|
||||
- To generate CSF header, path of CST repository needs to be specified as CST_DIR
|
||||
|
||||
- Default input files for CSF header generation is added in this repo.
|
||||
|
||||
- Default input file requires user to generate RSA key pair named
|
||||
-- srk.pri, and
|
||||
-- srk.pub, and add them in ATF repo.
|
||||
-- These keys can be generated using gen_keys tool of CST.
|
||||
|
||||
- To change the input file , user can use the options BL33_INPUT_FILE, BL32_INPUT_FILE, BL31_INPUT_FILE
|
||||
|
||||
- There are 2 paths in secure boot flow :
|
||||
-- Development Mode (sb_en in RCW = 1, SFP->OSPR, ITS = 0)
|
||||
|
||||
--- In this flow , even on ROTPK comparison failure, flow would continue.
|
||||
--- However SNVS is transitioned to non-secure state
|
||||
|
||||
-- Production mode (SFP->OSPR, ITS = 1)
|
||||
|
||||
--- Any failure is fatal failure
|
||||
|
||||
- Compilation steps:
|
||||
|
||||
All Images
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT TRUSTED_BOARD_BOOT=1 CST_DIR=$CST_DIR_PATH \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
pbl \
|
||||
fip
|
||||
|
||||
Additional FIP_DDR Image (For NXP platforms like lx2160a)
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT TRUSTED_BOARD_BOOT=1 CST_DIR=$CST_DIR_PATH fip_ddr
|
||||
|
||||
- Compilation Steps with build option for generic image processing filters to prepend CSF header:
|
||||
-- Generic image processing filters to prepend CSF header
|
||||
|
||||
BL32_INPUT_FILE = < file name>
|
||||
BL33_INPUT_FILE = <file name>
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=$PLAT TRUSTED_BOARD_BOOT=1 CST_DIR=$CST_DIR_PATH \
|
||||
BOOT_MODE=<platform_supported_boot_mode> \
|
||||
RCW=$RCW_BIN \
|
||||
BL32=$TEE_BIN SPD=opteed\
|
||||
BL33=$UBOOT_SECURE_BIN \
|
||||
BL33_INPUT_FILE = <ip file> \
|
||||
BL32_INPUT_FILE = <ip_file> \
|
||||
BL31_INPUT_FILE = <ip file> \
|
||||
pbl \
|
||||
fip
|
||||
|
||||
|
||||
Deploy ATF Images
|
||||
=================
|
||||
Same steps as mentioned in the readme "nxp-layerscape.rst".
|
||||
|
||||
|
||||
|
||||
Verification to check if Secure state is achieved:
|
||||
==================================================
|
||||
|
||||
+---+----------------+-----------------+------------------------+----------------------------------+-------------------------------+
|
||||
| | Platform | SNVS_HPSR_REG | SYS_SECURE_BIT(=value) | SYSTEM_SECURE_CONFIG_BIT(=value) | SSM_STATE |
|
||||
+===+================+=================+========================+==================================+===============================+
|
||||
| 1.| lx2160ardb or | 0x01E90014 | 15 | 14-12 | 11-8 |
|
||||
| | lx2160aqds or | | ( = 1, BootROM Booted) | ( = 010 means Intent to Secure, | (=1111 means secure boot) |
|
||||
| | lx2162aqds | | | ( = 000 Unsecure) | (=1011 means Non-secure Boot) |
|
||||
+---+----------------+-----------------+------------------------+----------------------------------+-------------------------------+
|
||||
|
||||
- Production mode (SFP->OSPR, ITS = 1)
|
||||
-- Linux prompt will successfully come. if the TBBR is successful.
|
||||
|
||||
--- Else, Linux boot will be successful.
|
||||
|
||||
-- For secure-boot status, read SNVS Register $SNVS_HPSR_REG from u-boot prompt:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
md $SNVS_HPSR_REG
|
||||
|
||||
Command Output:
|
||||
1e90014: 8000AF00
|
||||
|
||||
In case it is read as 00000000, then read this register using jtag (in development mode only through CW tap).
|
||||
+0 +4 +8 +C
|
||||
[0x01E90014] 8000AF00
|
||||
|
||||
|
||||
- Development Mode (sb_en in RCW = 1, SFP->OSPR, ITS = 0)
|
||||
-- Refer the SoC specific table to read the register to interpret whether the secure boot is achieved or not.
|
||||
-- Using JTAG (in development environment only, using CW tap):
|
||||
|
||||
--- For secure-boot status, read SNVS Register $SNVS_HPSR_REG
|
||||
|
||||
.. code:: shell
|
||||
|
||||
ccs::display_regs 86 0x01E90014 4 0 1
|
||||
|
||||
Command Output:
|
||||
Using the SAP chain position number 86, following is the output.
|
||||
|
||||
+0 +4 +8 +C
|
||||
[0x01E90014] 8000AF00
|
||||
|
||||
Note: Chain position number will vary from one SoC to other SoC.
|
||||
|
||||
- Interpretation of the value:
|
||||
|
||||
-- 0xA indicates BootROM booted, with intent to secure.
|
||||
-- 0xF = secure boot, as SSM_STATE.
|
Loading…
Reference in New Issue
Block a user