Re: [PATCH] Doc: i.MX: Document image structure for i.MX

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 17, 2019 at 12:02:15PM +0200, Rouven Czerwinski wrote:
> On Tue, 2019-09-17 at 11:13 +0200, Lucas Stach wrote:
> > On Di, 2019-09-17 at 10:48 +0200, Rouven Czerwinski wrote:
> > > Document the image and load structure for i.MX6 and i.MX8MQ.
> > > 
> > > Signed-off-by: Rouven Czerwinski <r.czerwinski@xxxxxxxxxxxxxx>
> > > ---
> > >  Documentation/boards/imx.rst | 69
> > > ++++++++++++++++++++++++++++++++++++
> > >  1 file changed, 69 insertions(+)
> > > 
> > > diff --git a/Documentation/boards/imx.rst
> > > b/Documentation/boards/imx.rst
> > > index 71cc6bb09a..7110492eba 100644
> > > --- a/Documentation/boards/imx.rst
> > > +++ b/Documentation/boards/imx.rst
> > > @@ -142,6 +142,75 @@ It must be included in the board's flash
> > > header:
> > >  
> > >  Analogous to HABv4 options and a template exist for HABv3.
> > >  
> > > +Secure Boot on i.MX6
> > > +--------------------
> > > +
> > > +The secure boot process on i.MX6 consist of the following image
> > > constellation::
> > > +
> > > +    0x0 +---------------------------------+
> > > +        | Barebox Header                  |
> > > +  0x400 +---------------------------------+       -
> > > +        | i.MX IVT Header                 |       |
> > > +        | Boot Data                       +--+    |
> > > +        | CSF Pointer                     +--|-+  | Signed Area
> > > +        +---------------------------------+  | |  |
> > > +        | Device Configuration Data (DCD) |  | |  |
> > > + 0x1000 +---------------------------------+  | |  |
> > > +        | Barebox Prebootloader (PBL)     |<-+ |  |
> > > +        +---------------------------------+    |  |
> > > +        | Piggydata (Main Barebox Binary) |    |  |
> > > +        +---------------------------------+    |  -
> > > +        | Command Sequence File (CSF)     |<---+
> > > +        +---------------------------------+
> > > +
> > > +Here the Command Sequence File signs the complete Header, PBL and
> > > piggy data
> > > +file. This ensures that the whole barebox binary is authenticated.
> > > This is
> > > +possible since the DDR RAM is configured using the DCD and the
> > > whole DDR memory
> > > +area can be used to load data onto the device for authentication.
> > 
> > That's not a universally true statement for all i.MX6 boards. There
> > are
> > quite a few that also do the two step loading with PBL in SRAM and
> > DRAM
> > setup from the PBL. But I'm not sure if and how we want to reflect
> > this
> > in the documentation.
> 
> Do we even support HAB on these boards? They would require the same
> setup as done on the i.MX8MQ currently, I have not looked into boards
> in the tree yet.

No, we don't have HAB support for these boards. Indeed we would have to
do the same as on i.MX8. Maybe that's worth mentioning here.

Sascha


-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux