[PATCH v2 4/4] imx: hab: Use nxp_imx8mcst etype for i.MX8M flash.bin signing

Tim Harvey tharvey at gateworks.com
Tue May 14 20:34:51 CEST 2024 

On Thu, May 2, 2024 at 6:05 PM Marek Vasut <marex at denx.de> wrote:
>
> Update documentation and use nxp_imx8mcst binman etype for signing
> of flash.bin instead of previous horrible shell scripting.
>
> Signed-off-by: Marek Vasut <marex at denx.de>
> ---
> Cc: "NXP i.MX U-Boot Team" <uboot-imx at nxp.com>
> Cc: Adam Ford <aford173 at gmail.com>
> Cc: Alper Nebi Yasak <alpernebiyasak at gmail.com>
> Cc: Andrejs Cainikovs <andrejs.cainikovs at toradex.com>
> Cc: Angus Ainslie <angus at akkea.ca>
> Cc: Emanuele Ghidoli <emanuele.ghidoli at toradex.com>
> Cc: Fabio Estevam <festevam at gmail.com>
> Cc: Francesco Dolcini <francesco.dolcini at toradex.com>
> Cc: Marcel Ziswiler <marcel.ziswiler at toradex.com>
> Cc: Rasmus Villemoes <rasmus.villemoes at prevas.dk>
> Cc: Simon Glass <sjg at chromium.org>
> Cc: Stefan Eichenberger <stefan.eichenberger at toradex.com>
> Cc: Stefano Babic <sbabic at denx.de>
> Cc: Tim Harvey <tharvey at gateworks.com>
> Cc: Tom Rini <trini at konsulko.com>
> Cc: kernel at puri.sm
> Cc: u-boot at dh-electronics.com
> Cc: u-boot at lists.denx.de
> ---
> V2: Document the automatic signing in case CONFIG_IMX_HAB is enabled
> ---
>  doc/imx/habv4/csf_examples/mx8m/csf.sh        |  92 ----------------
>  doc/imx/habv4/csf_examples/mx8m/csf_fit.txt   |  30 ------
>  doc/imx/habv4/csf_examples/mx8m/csf_spl.txt   |  33 ------
>  doc/imx/habv4/guides/mx8m_spl_secure_boot.txt | 100 +++---------------
>  4 files changed, 14 insertions(+), 241 deletions(-)
>  delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf.sh
>  delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_fit.txt
>  delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_spl.txt
>
<snip>
> diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt
> index e16e5410bd9..ce1de659d8c 100644
> --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt
> +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt
> @@ -121,6 +121,9 @@ build configuration:
>  - Defconfig:
>
>    CONFIG_IMX_HAB=y
> +  CONFIG_FSL_CAAM=y
> +  CONFIG_ARCH_MISC_INIT=y
> +  CONFIG_SPL_CRYPTO=y
>

Hi Marek,

Thanks for wrapping the dts bits with a config item.

Is there any other reason to build with CONFIG_IMX_HAB than to use a
signed image? I see that there are several ARCH_MX6 and ARCH_MX7
configs that have this enabled (not ARCH_IMX8M so this certainly
doesn't break anything) and I'm not sure what the value of that is.

I notice that FSL_CAAM is selected when you select IMX_HAB... is there
any reason why ARCH_MISC_INIT and SPL_CRYPTO should not be selected by
IMX_HAB as well (future patch perhaps)?

>  - Kconfig:
>

We definitely need to describe the additional requirements here. Maybe
something like:

- Tools:
cst - NXP code-signing-tool (eg apt install imx-code-signing-tool)

- Files: (created with NXP IMX_CST_TOOL)
SRK_1_2_3_4_table.bin (specified by nxp,srk-table node): fuse table
CSF1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,csf-crt node): CSF_KEY
IMG1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,img-crt node): IMG_KEY

The following works fine for me on v2024.01
export CST_DIR=/usr/src/nxp/cst-3.3.2/
export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem
export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem
export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin
export PATH=$CST_DIR/linux64/bin:$PATH
make && /bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh

But with the above defines and your series this fails:
ln -sf $SRK_TABLE SRK_1_2_3_4_table.bin
ln -sf $CSF_KEY CSF1_1_sha256_4096_65537_v3_usr_crt.pem
ln -sf $IMG_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem
make
  BINMAN  .binman_stamp
Wrote map file './image.map' to show errors
binman: Error 1 running 'cst -i
./nxp.csf-config-txt.section.nxp-imx8mcst at 0 -o
./nxp.csf-output-blob.section.nxp-imx8mcst at 0': Error:
Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem
0:error:02001002:system library:fopen:No such file or
directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key.
pem','r')
0:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290:

make: *** [Makefile:1126: .binman_stamp] Error 1

So how is it that the default for nxp,img-crt
IMG1_1_sha256_4096_65537_v3_usr_crt.pem is now looking for
IMG1_1_sha256_4096_65537_v3_usr_key? It fails also if I cp the files
vs ln them.

So what am I missing here?

Best Regards,

Tim

> @@ -131,92 +134,17 @@ build configuration:
>
>  The CSF contains all the commands that the HAB executes during the secure
>  boot. These commands instruct the HAB code on which memory areas of the image
> -to authenticate, which keys to install, use and etc.
> -
> -CSF examples are available under doc/imx/habv4/csf_examples/ directory.
> -
> -CSF "Blocks" line for csf_spl.txt can be generated as follows:
> -
> -```
> -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s at .*=@@p" .config) - 0x40)) )
> -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin))
> -sed -i "/Blocks = / s at .*@  Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.txt
> -```
> -
> -The resulting line looks as follows:
> -```
> -  Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin"
> -```
> -
> -The columns mean:
> -  - CONFIG_SPL_TEXT_BASE - 0x40 -- Start address of signed data, in DRAM
> -  - 0x0 -- Start address of signed data, in "flash.bin"
> -  - 0x306f0 -- Length of signed data, in "flash.bin"
> -  - Filename -- "flash.bin"
> -
> -To generate signature for the SPL part of flash.bin container, use CST:
> -```
> -cst -i csf_spl.tmp -o csf_spl.bin
> -```
> -
> -The newly generated CST blob has to be patched into existing flash.bin
> -container. Conveniently, flash.bin IVT contains physical address of the
> -CSF blob. Remember, the SPL part of flash.bin container is loaded by the
> -BootROM at CONFIG_SPL_TEXT_BASE - 0x40 , so the offset of CSF blob in
> -the fitImage can be calculated and inserted into the flash.bin in the
> -correct location as follows:
> -```
> -# offset = IVT_HEADER[6 = CSF address] - CONFIG_SPL_TEXT_BASE - 0x40
> -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@")
> -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@")
> -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40))
> -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc
> -```
> -
> -CSF "Blocks" line for csf_fit.txt can be generated as follows:
> -```
> -# fitImage
> -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s at .*=@@p" .config) )
> -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset))
> -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) )
> -sed -i "/Blocks = / s at .*@  Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp
> -```
> -
> -The fitImage part of flash.bin requires separate IVT. Generate the IVT and
> -patch it into the correct aligned location of flash.bin as follows:
> -```
> -# IVT
> -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20))
> -csf_block_offset=$((${ivt_block_offset} + 0x20))
> -
> -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin
> -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc
> -```
> -
> -To generate CSF signature for the fitImage part of flash.bin container, use CST:
> -```
> -cst -i csf_fit.tmp -o csf_fit.bin
> -```
> -
> -Finally, patch the CSF signature into the fitImage right past the IVT:
> -```
> -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc
> -```
> -
> -The entire script is available in doc/imx/habv4/csf_examples/mx8m/csf.sh
> -and can be used as follows to modify flash.bin to be signed
> -(adjust paths as needed):
> -```
> -export CST_DIR=/usr/src/cst-3.3.1/
> -export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem
> -export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem
> -export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin
> -export PATH=$CST_DIR/linux64/bin:$PATH
> -/bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh
> -```
> +to authenticate, which keys to install, use and etc. The CSF is generated
> +using the CST Code Signing Tool based on input configuration file. This tool
> +input configuration file is generated using binman, and the tool is invoked
> +from binman as well.
> +
> +The SPL and fitImage sections of the generated image are signed separately.
> +The signing is activated by wrapping SPL and fitImage sections into nxp-imx8mcst
> +etype, which is done automatically in arch/arm/dts/imx8m{m,n,p,q}-u-boot.dtsi
> +in case CONFIG_IMX_HAB Kconfig symbol is enabled.
> +
> +Build of flash.bin target then produces a signed flash.bin automatically.
>
>  1.4 Closing the device
>  -----------------------
> --
> 2.43.0
>


>  - Kconfig:
>
> @@ -131,92 +134,17 @@ build configuration:
>
>  The CSF contains all the commands that the HAB executes during the secure
>  boot. These commands instruct the HAB code on which memory areas of the image
> -to authenticate, which keys to install, use and etc.
> -
> -CSF examples are available under doc/imx/habv4/csf_examples/ directory.
> -
> -CSF "Blocks" line for csf_spl.txt can be generated as follows:
> -
> -```
> -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s at .*=@@p" .config) - 0x40)) )
> -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin))
> -sed -i "/Blocks = / s at .*@  Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.txt
> -```
> -
> -The resulting line looks as follows:
> -```
> -  Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin"
> -```
> -
> -The columns mean:
> -  - CONFIG_SPL_TEXT_BASE - 0x40 -- Start address of signed data, in DRAM
> -  - 0x0 -- Start address of signed data, in "flash.bin"
> -  - 0x306f0 -- Length of signed data, in "flash.bin"
> -  - Filename -- "flash.bin"
> -
> -To generate signature for the SPL part of flash.bin container, use CST:
> -```
> -cst -i csf_spl.tmp -o csf_spl.bin
> -```
> -
> -The newly generated CST blob has to be patched into existing flash.bin
> -container. Conveniently, flash.bin IVT contains physical address of the
> -CSF blob. Remember, the SPL part of flash.bin container is loaded by the
> -BootROM at CONFIG_SPL_TEXT_BASE - 0x40 , so the offset of CSF blob in
> -the fitImage can be calculated and inserted into the flash.bin in the
> -correct location as follows:
> -```
> -# offset = IVT_HEADER[6 = CSF address] - CONFIG_SPL_TEXT_BASE - 0x40
> -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@")
> -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@")
> -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40))
> -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc
> -```
> -
> -CSF "Blocks" line for csf_fit.txt can be generated as follows:
> -```
> -# fitImage
> -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s at .*=@@p" .config) )
> -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset))
> -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) )
> -sed -i "/Blocks = / s at .*@  Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp
> -```
> -
> -The fitImage part of flash.bin requires separate IVT. Generate the IVT and
> -patch it into the correct aligned location of flash.bin as follows:
> -```
> -# IVT
> -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@")
> -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20))
> -csf_block_offset=$((${ivt_block_offset} + 0x20))
> -
> -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin
> -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc
> -```
> -
> -To generate CSF signature for the fitImage part of flash.bin container, use CST:
> -```
> -cst -i csf_fit.tmp -o csf_fit.bin
> -```
> -
> -Finally, patch the CSF signature into the fitImage right past the IVT:
> -```
> -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc
> -```
> -
> -The entire script is available in doc/imx/habv4/csf_examples/mx8m/csf.sh
> -and can be used as follows to modify flash.bin to be signed
> -(adjust paths as needed):
> -```
> -export CST_DIR=/usr/src/cst-3.3.1/
> -export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem
> -export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem
> -export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin
> -export PATH=$CST_DIR/linux64/bin:$PATH
> -/bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh
> -```
> +to authenticate, which keys to install, use and etc. The CSF is generated
> +using the CST Code Signing Tool based on input configuration file. This tool
> +input configuration file is generated using binman, and the tool is invoked
> +from binman as well.
> +
> +The SPL and fitImage sections of the generated image are signed separately.
> +The signing is activated by wrapping SPL and fitImage sections into nxp-imx8mcst
> +etype, which is done automatically in arch/arm/dts/imx8m{m,n,p,q}-u-boot.dtsi
> +in case CONFIG_IMX_HAB Kconfig symbol is enabled.
> +
> +Build of flash.bin target then produces a signed flash.bin automatically.
>
>  1.4 Closing the device
>  -----------------------
> --
> 2.43.0
>

More information about the U-Boot mailing list