[U-Boot] Booting a second stage Bootloader in FIT image
KJ H. Kiran
kj.h.kiran at us.abb.com
Tue Aug 4 00:34:11 CEST 2015
Hi Simon,
I am implementing the secure u-boot for our custom board and have a question with the current implementation of secure framework with u-boot loading the "loadables" images.
I got the latest 2015.07 mainline branch and am trying to load a bootloader( FIT format) from already loaded bootloader !
First stage--------------> 2nd stage -------------------> OS FIT
(MLO,u-boot) (u-boot.bin) (kernel, RFS,DTB)
I created an .its file just to boot a 2nd stage bootloader
/dts-v1/;
/ {
description = "ABB Measurement Product images";
#address-cells = <1>;
images {
u-boot at 1 {
data = /incbin/("u-boot.bin");
type = "u-boot";
arch = "arm";
compression = "none";
load = <0x82000000>;
entry = <0x82000000>;
hash at 1 {
algo = "sha1";
};
};
};
configurations {
default = "2100000 at xx";
2100000 at xx {
description = "2nd stage BL";
u-boot = "u-boot at 1";
loadables = "u-boot at 1"
signature at 1 {
algo = "sha1,rsa2048";
key-name-hint = "dev";
sign-images = "u-boot";
};
};
};
};
I am able to load it on my device and successfully verify the signature. How ever the bootm command is trying to find an os image every time. I have looked at the cmd_bootm.c file and looks like it checks for the valid os image for booting.
I think it would be good if a special case in bootm is introduced which can just load the "loadable" images independent of the kernel image. This will allow the users to support multiple image scenario without any depencies. I think a separate command is necessary which can verify a signature and just load the "loadable" images in the required memory addresses.
Is there a way kernel images loading can be ignored in bootm ?
Testing:
I tried to load my bootloader fit image and run it with bootm $loadaddr:u-boot command
U-Boot# bootm $loadaddr:u-boot
## Loading kernel from FIT Image at 82800000 ...
Trying 'u-boot' kernel subimage
Description: unavailable
Created: 2015-08-03 21:45:12 UTC
Type: Standalone Program
Compression: uncompressed
Data Start: 0x828000b4
Data Size: 385283 Bytes = 376.3 KiB
Architecture: ARM
Load Address: 0x82000000
Entry Point: 0x82000000
Hash algo: sha1
Hash value: d44663a203a151fe52c93029ec1fecee0d30192a
Verifying Hash Integrity ... sha1+ OK
No Unknown OS ARM Kernel Image Image
ERROR: can't get kernel image!
If I use the bootm $loadaddr#configuration command it tries to run the kernel image and it crashes but loads my required image at the memory address.
Thanks,
[cid:image002.png at 01CFF360.603F39C0]
Harsha Kiran KJ
Software engineer II
ABB Inc.
7051 Industrial Boulevard
74006, Bartlesville, Oklahoma, UNITED STATES
Phone: +1 9183384851
Mobile: +1 4053854043
email: k<mailto:ricardo.andujar at us.abb.com>j.h.kiran at us.abb.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2174 bytes
Desc: image001.png
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20150803/cda59a4a/attachment.png>
More information about the U-Boot
mailing list