[U-Boot] [PATCH v3 3/7] SECURE_BOOT: split the secure boot functionality in two parts
Ruchika Gupta
ruchika.gupta at nxp.com
Wed Jan 27 13:02:00 CET 2016
> -----Original Message-----
> From: Aneesh Bansal [mailto:aneesh.bansal at nxp.com]
> Sent: Friday, January 22, 2016 4:37 PM
> To: u-boot at lists.denx.de
> Cc: york sun <york.sun at nxp.com>; Ruchika Gupta
> <ruchika.gupta at nxp.com>; Prabhakar Kushwaha
> <prabhakar.kushwaha at nxp.com>; Aneesh Bansal
> <aneesh.bansal at nxp.com>
> Subject: [PATCH v3 3/7] SECURE_BOOT: split the secure boot functionality in
> two parts
>
> There are two phases in Secure Boot
> 1. ISBC: In BootROM, validate the BootLoader (U-Boot).
> 2. ESBC: In U-Boot, continuing the Chain of Trust by
> validating and booting LINUX.
>
> For ESBC phase, there is no difference in SoC's based on ARM or PowerPC
> cores.
>
> But the exit conditions after ISBC phase i.e. entry conditions for U-Boot are
> different for ARM and PowerPC.
> PowerPC:
> ========
> If Secure Boot is executed, a separate U-Boot target is required which must
> be compiled with a diffrent Text Base as compared to Non-Secure Boot.
> There are some LAW and TLB settings which are required specifically for
> Secure Boot scenario.
>
> ARM:
> ====
> ARM based SoC's have a fixed memory map and exit conditions from
> BootROM are same irrespective of boot mode (Secure or Non-Secure).
>
> Thus the current Secure Boot functionlity has been split into two parts:
>
> CONFIG_CHAIN_OF_TRUST
> ========================
> This will have the following functionality as part of U-Boot:
> 1. Enable commands like esbc_validate, esbc_halt 2. Change the
> environment settings based on bootmode (determined at run time):
> - If bootmode is non-secure, no change
> - If bootmode is secure, set the following:
> - bootdelay = 0 (Don't give boot prompt)
> - bootcmd = Validate and execute the bootscript.
>
> CONFIG_SECURE_BOOT
> =====================
> This is defined only for creating a different compile time target for secure
> boot.
>
> Traditionally, both these functionalities were defined under
> CONFIG_SECURE_BOOT This patch is aimed at removing the requirement for
> a separate Secure Boot target for ARM based SoC's.
> CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be determine
> at run time.
>
> Another Security Requirement for running CHAIN_OF_TRUST is that U-Boot
> environemnt must not be picked from flash/external memory. This cannot
> be done based on bootmode at run time in current U-Boot architecture.
> Once this dependency is resolved, no separate SECURE_BOOT target will be
> required for ARM based SoC's.
>
> Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is
> defining CONFIG_ENV_IS_NOWHERE
>
> Signed-off-by: Aneesh Bansal <aneesh.bansal at nxp.com>
> ---
> Changes in v3:
> None
>
> Changes in v2:
> CONFIG_ENV_IS_NOWHERE is defined for Secure Boot
>
> arch/arm/include/asm/fsl_secure_boot.h | 16 ++--
> arch/powerpc/include/asm/fsl_secure_boot.h | 41 +++++-----
> include/config_fsl_chain_trust.h | 101 +++++++++++++++++++++++++
> include/config_fsl_secboot.h | 116 -----------------------------
> 4 files changed, 135 insertions(+), 139 deletions(-) create mode 100644
> include/config_fsl_chain_trust.h delete mode 100644
> include/config_fsl_secboot.h
>
> diff --git a/arch/arm/include/asm/fsl_secure_boot.h
> b/arch/arm/include/asm/fsl_secure_boot.h
> index 8491a72..0da0599 100644
> --- a/arch/arm/include/asm/fsl_secure_boot.h
> +++ b/arch/arm/include/asm/fsl_secure_boot.h
> @@ -8,6 +8,14 @@
> #define __FSL_SECURE_BOOT_H
>
> #ifdef CONFIG_SECURE_BOOT
> +
> +#ifndef CONFIG_FIT_SIGNATURE
> +#define CONFIG_CHAIN_OF_TRUST
> +#endif
> +
> +#endif
> +
> +#ifdef CONFIG_CHAIN_OF_TRUST
> #define CONFIG_CMD_ESBC_VALIDATE
> #define CONFIG_CMD_BLOB
> #define CONFIG_FSL_SEC_MON
> @@ -40,8 +48,6 @@
> #define CONFIG_ESBC_ADDR_64BIT
> #endif
>
> -#ifndef CONFIG_FIT_SIGNATURE
> -
> #define CONFIG_EXTRA_ENV \
> "setenv fdt_high 0xcfffffff;" \
> "setenv initrd_high 0xcfffffff;" \
> @@ -50,8 +56,6 @@
> /* The address needs to be modified according to NOR memory map */
> #define CONFIG_BOOTSCRIPT_HDR_ADDR 0x600a0000
>
> -#include <config_fsl_secboot.h>
> -#endif
> -#endif
> -
> +#include <config_fsl_chain_trust.h>
> +#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
> #endif
> diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h
> b/arch/powerpc/include/asm/fsl_secure_boot.h
> index 7d217a6..41058d1 100644
> --- a/arch/powerpc/include/asm/fsl_secure_boot.h
> +++ b/arch/powerpc/include/asm/fsl_secure_boot.h
> @@ -9,19 +9,11 @@
> #include <asm/config_mpc85xx.h>
>
> #ifdef CONFIG_SECURE_BOOT
> -#define CONFIG_CMD_ESBC_VALIDATE
> -#define CONFIG_CMD_BLOB
> -#define CONFIG_FSL_SEC_MON
> -#define CONFIG_SHA_PROG_HW_ACCEL
> -#define CONFIG_DM
> -#define CONFIG_RSA
> -#define CONFIG_RSA_FREESCALE_EXP
> -#ifndef CONFIG_FSL_CAAM
> -#define CONFIG_FSL_CAAM
> -#endif
> +
> +#ifndef CONFIG_FIT_SIGNATURE
> +#define CONFIG_CHAIN_OF_TRUST
> #endif
>
> -#ifdef CONFIG_SECURE_BOOT
> #if defined(CONFIG_FSL_CORENET)
> #define CONFIG_SYS_PBI_FLASH_BASE 0xc0000000
> #elif defined(CONFIG_BSC9132QDS)
> @@ -76,8 +68,25 @@
> */
> #define CONFIG_FSL_ISBC_KEY_EXT
> #endif
> +#endif /* #ifdef CONFIG_SECURE_BOOT */
> +
> +#ifdef CONFIG_CHAIN_OF_TRUST
> +
> +#define CONFIG_CMD_ESBC_VALIDATE
> +#define CONFIG_CMD_BLOB
> +#define CONFIG_FSL_SEC_MON
> +#define CONFIG_SHA_PROG_HW_ACCEL
> +#define CONFIG_RSA
> +#define CONFIG_RSA_FREESCALE_EXP
> +
> +#ifndef CONFIG_DM
> +#define CONFIG_DM
> +#endif
> +
> +#ifndef CONFIG_FSL_CAAM
> +#define CONFIG_FSL_CAAM
> +#endif
>
> -#ifndef CONFIG_FIT_SIGNATURE
> /* If Boot Script is not on NOR and is required to be copied on RAM */ #ifdef
> CONFIG_BOOTSCRIPT_COPY_RAM
> #define CONFIG_BS_HDR_ADDR_RAM 0x00010000
> @@ -105,10 +114,8 @@
> #define CONFIG_BOOTSCRIPT_HDR_ADDR 0xee020000
> #endif
>
> -#endif
> -
> -#include <config_fsl_secboot.h>
> -#endif
> +#endif /* #ifdef CONFIG_BOOTSCRIPT_COPY_RAM */
>
> -#endif
> +#include <config_fsl_chain_trust.h>
> +#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
> #endif
> diff --git a/include/config_fsl_chain_trust.h
> b/include/config_fsl_chain_trust.h
> new file mode 100644
> index 0000000..45dda56
> --- /dev/null
> +++ b/include/config_fsl_chain_trust.h
> @@ -0,0 +1,101 @@
> +/*
> + * Copyright 2015 Freescale Semiconductor, Inc.
> + *
> + * SPDX-License-Identifier: GPL-2.0+
> + */
> +
> +#ifndef __CONFIG_FSL_CHAIN_TRUST_H
> +#define __CONFIG_FSL_CHAIN_TRUST_H
> +
> +/* For secure boot, since ENVIRONMENT in flash/external memories is
> + * not verified, undef CONFIG_ENV_xxx and set default env
> + * (CONFIG_ENV_IS_NOWHERE)
> + */
> +#ifdef CONFIG_SECURE_BOOT
> +
> +#undef CONFIG_ENV_IS_IN_EEPROM
> +#undef CONFIG_ENV_IS_IN_NAND
> +#undef CONFIG_ENV_IS_IN_MMC
> +#undef CONFIG_ENV_IS_IN_SPI_FLASH
> +#undef CONFIG_ENV_IS_IN_FLASH
> +
> +#define CONFIG_ENV_IS_NOWHERE
> +
> +#endif
> +
> +#ifdef CONFIG_CHAIN_OF_TRUST
> +
> +#ifndef CONFIG_EXTRA_ENV
> +#define CONFIG_EXTRA_ENV ""
> +#endif
> +
> +/*
> + * Control should not reach back to uboot after validation of images
> + * for secure boot flow and therefore bootscript should have
> + * the bootm command. If control reaches back to uboot anyhow
> + * after validating images, core should just spin.
> + */
> +
> +/*
> + * Define the key hash for boot script here if public/private key pair
> +used to
> + * sign bootscript are different from the SRK hash put in the fuse
> + * Example of defining KEY_HASH is
> + * #define CONFIG_BOOTSCRIPT_KEY_HASH \
> + *
> "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
> + */
> +
> +#ifdef CONFIG_BOOTSCRIPT_KEY_HASH
> +#define CONFIG_SECBOOT \
> + "setenv bs_hdraddr "
> __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
> + "setenv bootargs \'root=/dev/ram rw console=ttyS0,115200 " \
> + "ramdisk_size=600000\';" \
> + CONFIG_EXTRA_ENV \
> + "esbc_validate $bs_hdraddr " \
> + __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \
> + "source $img_addr;" \
> + "esbc_halt\0"
> +#else
> +#define CONFIG_SECBOOT \
> + "setenv bs_hdraddr "
> __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
> + "setenv bootargs \'root=/dev/ram rw console=ttyS0,115200 " \
> + "ramdisk_size=600000\';" \
> + CONFIG_EXTRA_ENV \
> + "esbc_validate $bs_hdraddr;" \
> + "source $img_addr;" \
> + "esbc_halt\0"
> +#endif
> +
> +/* For secure boot flow, default environment used will be used */ #if
> +defined(CONFIG_SYS_RAMBOOT) #ifdef CONFIG_BOOTSCRIPT_COPY_RAM
> #define
> +CONFIG_BS_COPY_ENV \
> + "setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
> + "setenv bs_hdr_flash " __stringify(CONFIG_BS_HDR_ADDR_FLASH)";"
> \
> + "setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \
> + "setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
> + "setenv bs_flash " __stringify(CONFIG_BS_ADDR_FLASH)";" \
> + "setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
> +
> +#if defined(CONFIG_RAMBOOT_NAND)
> +#define CONFIG_BS_COPY_CMD \
> + "nand read $bs_hdr_ram $bs_hdr_flash $bs_hdr_size ;" \
> + "nand read $bs_ram $bs_flash $bs_size ;"
> +#endif /* CONFIG_RAMBOOT_NAND */
> +#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
> +
> +#endif
> +
> +#ifndef CONFIG_BS_COPY_ENV
> +#define CONFIG_BS_COPY_ENV
> +#endif
> +
> +#ifndef CONFIG_BS_COPY_CMD
> +#define CONFIG_BS_COPY_CMD
> +#endif
> +
> +#define CONFIG_CHAIN_BOOT_CMD CONFIG_BS_COPY_ENV \
> + CONFIG_BS_COPY_CMD \
> + CONFIG_SECBOOT
> +
> +#endif
> +#endif
> diff --git a/include/config_fsl_secboot.h b/include/config_fsl_secboot.h
> deleted file mode 100644 index fc6788a..0000000
> --- a/include/config_fsl_secboot.h
> +++ /dev/null
> @@ -1,116 +0,0 @@
> -/*
> - * Copyright 2015 Freescale Semiconductor, Inc.
> - *
> - * SPDX-License-Identifier: GPL-2.0+
> - */
> -
> -#ifndef __CONFIG_FSL_SECBOOT_H
> -#define __CONFIG_FSL_SECBOOT_H
> -
> -#ifdef CONFIG_SECURE_BOOT
> -
> -#ifndef CONFIG_CMD_ESBC_VALIDATE
> -#define CONFIG_CMD_ESBC_VALIDATE
> -#endif
> -
> -#ifndef CONFIG_EXTRA_ENV
> -#define CONFIG_EXTRA_ENV ""
> -#endif
> -
> -/*
> - * Control should not reach back to uboot after validation of images
> - * for secure boot flow and therefore bootscript should have
> - * the bootm command. If control reaches back to uboot anyhow
> - * after validating images, core should just spin.
> - */
> -
> -/*
> - * Define the key hash for boot script here if public/private key pair used to
> - * sign bootscript are different from the SRK hash put in the fuse
> - * Example of defining KEY_HASH is
> - * #define CONFIG_BOOTSCRIPT_KEY_HASH \
> - *
> "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
> - */
> -
> -#ifdef CONFIG_BOOTSCRIPT_KEY_HASH
> -#define CONFIG_SECBOOT \
> - "setenv bs_hdraddr "
> __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
> - "setenv bootargs \'root=/dev/ram rw console=ttyS0,115200 " \
> - "ramdisk_size=600000\';" \
> - CONFIG_EXTRA_ENV \
> - "esbc_validate $bs_hdraddr " \
> - __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \
> - "source $img_addr;" \
> - "esbc_halt\0"
> -#else
> -#define CONFIG_SECBOOT \
> - "setenv bs_hdraddr "
> __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
> - "setenv bootargs \'root=/dev/ram rw console=ttyS0,115200 " \
> - "ramdisk_size=600000\';" \
> - CONFIG_EXTRA_ENV \
> - "esbc_validate $bs_hdraddr;" \
> - "source $img_addr;" \
> - "esbc_halt\0"
> -#endif
> -
> -/* For secure boot flow, default environment used will be used */ -#if
> defined(CONFIG_SYS_RAMBOOT) -#ifdef CONFIG_BOOTSCRIPT_COPY_RAM -
> #define CONFIG_BS_COPY_ENV \
> - "setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
> - "setenv bs_hdr_flash " __stringify(CONFIG_BS_HDR_ADDR_FLASH)";"
> \
> - "setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \
> - "setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
> - "setenv bs_flash " __stringify(CONFIG_BS_ADDR_FLASH)";" \
> - "setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
> -
> -#if defined(CONFIG_RAMBOOT_NAND)
> -#define CONFIG_BS_COPY_CMD \
> - "nand read $bs_hdr_ram $bs_hdr_flash $bs_hdr_size ;" \
> - "nand read $bs_ram $bs_flash $bs_size ;"
> -#endif /* CONFIG_RAMBOOT_NAND */
> -#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
> -
> -#if defined(CONFIG_RAMBOOT_SPIFLASH)
> -#undef CONFIG_ENV_IS_IN_SPI_FLASH
> -#elif defined(CONFIG_RAMBOOT_NAND)
> -#undef CONFIG_ENV_IS_IN_NAND
> -#elif defined(CONFIG_RAMBOOT_SDCARD)
> -#undef CONFIG_ENV_IS_IN_MMC
> -#endif
> -#else /*CONFIG_SYS_RAMBOOT*/
> -#undef CONFIG_ENV_IS_IN_FLASH
> -#endif
> -
> -#define CONFIG_ENV_IS_NOWHERE
> -
> -#ifndef CONFIG_BS_COPY_ENV
> -#define CONFIG_BS_COPY_ENV
> -#endif
> -
> -#ifndef CONFIG_BS_COPY_CMD
> -#define CONFIG_BS_COPY_CMD
> -#endif
> -
> -#define CONFIG_SECBOOT_CMD CONFIG_BS_COPY_ENV \
> - CONFIG_BS_COPY_CMD \
> - CONFIG_SECBOOT
> -/*
> - * We don't want boot delay for secure boot flow
> - * before autoboot starts
> - */
> -#undef CONFIG_BOOTDELAY
> -#define CONFIG_BOOTDELAY 0
> -#undef CONFIG_BOOTCOMMAND
> -#define CONFIG_BOOTCOMMAND CONFIG_SECBOOT_CMD
> -
> -/*
> - * CONFIG_ZERO_BOOTDELAY_CHECK should not be defined for
> - * secure boot flow as defining this would enable a user to
> - * reach uboot prompt by pressing some key before start of
> - * autoboot
> - */
> -#undef CONFIG_ZERO_BOOTDELAY_CHECK
> -
> -#endif
> -#endif
> --
> 1.8.1.4
Acked-by: Ruchika Gupta <ruchika.gupta at nxp.com>
More information about the U-Boot
mailing list