| Message ID | 20240503010518.263458-4-marex@denx.de |
|---|---|
| State | Changes Requested |
| Delegated to: | Fabio Estevam |
| Headers | show |
| Series | [v2,1/4] binman: Add nxp_imx8mcst etype for i.MX8M flash.bin signing | expand |
On Thu, May 2, 2024 at 6:05 PM Marek Vasut <marex@denx.de> wrote: > > Update documentation and use nxp_imx8mcst binman etype for signing > of flash.bin instead of previous horrible shell scripting. > > Signed-off-by: Marek Vasut <marex@denx.de> > --- > Cc: "NXP i.MX U-Boot Team" <uboot-imx@nxp.com> > Cc: Adam Ford <aford173@gmail.com> > Cc: Alper Nebi Yasak <alpernebiyasak@gmail.com> > Cc: Andrejs Cainikovs <andrejs.cainikovs@toradex.com> > Cc: Angus Ainslie <angus@akkea.ca> > Cc: Emanuele Ghidoli <emanuele.ghidoli@toradex.com> > Cc: Fabio Estevam <festevam@gmail.com> > Cc: Francesco Dolcini <francesco.dolcini@toradex.com> > Cc: Marcel Ziswiler <marcel.ziswiler@toradex.com> > Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> > Cc: Simon Glass <sjg@chromium.org> > Cc: Stefan Eichenberger <stefan.eichenberger@toradex.com> > Cc: Stefano Babic <sbabic@denx.de> > Cc: Tim Harvey <tharvey@gateworks.com> > Cc: Tom Rini <trini@konsulko.com> > Cc: kernel@puri.sm > Cc: u-boot@dh-electronics.com > Cc: u-boot@lists.denx.de > --- > V2: Document the automatic signing in case CONFIG_IMX_HAB is enabled > --- > doc/imx/habv4/csf_examples/mx8m/csf.sh | 92 ---------------- > doc/imx/habv4/csf_examples/mx8m/csf_fit.txt | 30 ------ > doc/imx/habv4/csf_examples/mx8m/csf_spl.txt | 33 ------ > doc/imx/habv4/guides/mx8m_spl_secure_boot.txt | 100 +++--------------- > 4 files changed, 14 insertions(+), 241 deletions(-) > delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf.sh > delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_fit.txt > delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_spl.txt > <snip> > diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > index e16e5410bd9..ce1de659d8c 100644 > --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > @@ -121,6 +121,9 @@ build configuration: > - Defconfig: > > CONFIG_IMX_HAB=y > + CONFIG_FSL_CAAM=y > + CONFIG_ARCH_MISC_INIT=y > + CONFIG_SPL_CRYPTO=y > Hi Marek, Thanks for wrapping the dts bits with a config item. Is there any other reason to build with CONFIG_IMX_HAB than to use a signed image? I see that there are several ARCH_MX6 and ARCH_MX7 configs that have this enabled (not ARCH_IMX8M so this certainly doesn't break anything) and I'm not sure what the value of that is. I notice that FSL_CAAM is selected when you select IMX_HAB... is there any reason why ARCH_MISC_INIT and SPL_CRYPTO should not be selected by IMX_HAB as well (future patch perhaps)? > - Kconfig: > We definitely need to describe the additional requirements here. Maybe something like: - Tools: cst - NXP code-signing-tool (eg apt install imx-code-signing-tool) - Files: (created with NXP IMX_CST_TOOL) SRK_1_2_3_4_table.bin (specified by nxp,srk-table node): fuse table CSF1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,csf-crt node): CSF_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,img-crt node): IMG_KEY The following works fine for me on v2024.01 export CST_DIR=/usr/src/nxp/cst-3.3.2/ export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin export PATH=$CST_DIR/linux64/bin:$PATH make && /bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh But with the above defines and your series this fails: ln -sf $SRK_TABLE SRK_1_2_3_4_table.bin ln -sf $CSF_KEY CSF1_1_sha256_4096_65537_v3_usr_crt.pem ln -sf $IMG_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem make BINMAN .binman_stamp Wrote map file './image.map' to show errors binman: Error 1 running 'cst -i ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem 0:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key. pem','r') 0:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290: make: *** [Makefile:1126: .binman_stamp] Error 1 So how is it that the default for nxp,img-crt IMG1_1_sha256_4096_65537_v3_usr_crt.pem is now looking for IMG1_1_sha256_4096_65537_v3_usr_key? It fails also if I cp the files vs ln them. So what am I missing here? Best Regards, Tim > @@ -131,92 +134,17 @@ build configuration: > > The CSF contains all the commands that the HAB executes during the secure > boot. These commands instruct the HAB code on which memory areas of the image > -to authenticate, which keys to install, use and etc. > - > -CSF examples are available under doc/imx/habv4/csf_examples/ directory. > - > -CSF "Blocks" line for csf_spl.txt can be generated as follows: > - > -``` > -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s@.*=@@p" .config) - 0x40)) ) > -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin)) > -sed -i "/Blocks = / s@.*@ Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.txt > -``` > - > -The resulting line looks as follows: > -``` > - Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin" > -``` > - > -The columns mean: > - - CONFIG_SPL_TEXT_BASE - 0x40 -- Start address of signed data, in DRAM > - - 0x0 -- Start address of signed data, in "flash.bin" > - - 0x306f0 -- Length of signed data, in "flash.bin" > - - Filename -- "flash.bin" > - > -To generate signature for the SPL part of flash.bin container, use CST: > -``` > -cst -i csf_spl.tmp -o csf_spl.bin > -``` > - > -The newly generated CST blob has to be patched into existing flash.bin > -container. Conveniently, flash.bin IVT contains physical address of the > -CSF blob. Remember, the SPL part of flash.bin container is loaded by the > -BootROM at CONFIG_SPL_TEXT_BASE - 0x40 , so the offset of CSF blob in > -the fitImage can be calculated and inserted into the flash.bin in the > -correct location as follows: > -``` > -# offset = IVT_HEADER[6 = CSF address] - CONFIG_SPL_TEXT_BASE - 0x40 > -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") > -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") > -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40)) > -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc > -``` > - > -CSF "Blocks" line for csf_fit.txt can be generated as follows: > -``` > -# fitImage > -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s@.*=@@p" .config) ) > -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset)) > -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) ) > -sed -i "/Blocks = / s@.*@ Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp > -``` > - > -The fitImage part of flash.bin requires separate IVT. Generate the IVT and > -patch it into the correct aligned location of flash.bin as follows: > -``` > -# IVT > -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20)) > -csf_block_offset=$((${ivt_block_offset} + 0x20)) > - > -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin > -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc > -``` > - > -To generate CSF signature for the fitImage part of flash.bin container, use CST: > -``` > -cst -i csf_fit.tmp -o csf_fit.bin > -``` > - > -Finally, patch the CSF signature into the fitImage right past the IVT: > -``` > -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc > -``` > - > -The entire script is available in doc/imx/habv4/csf_examples/mx8m/csf.sh > -and can be used as follows to modify flash.bin to be signed > -(adjust paths as needed): > -``` > -export CST_DIR=/usr/src/cst-3.3.1/ > -export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem > -export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem > -export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin > -export PATH=$CST_DIR/linux64/bin:$PATH > -/bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh > -``` > +to authenticate, which keys to install, use and etc. The CSF is generated > +using the CST Code Signing Tool based on input configuration file. This tool > +input configuration file is generated using binman, and the tool is invoked > +from binman as well. > + > +The SPL and fitImage sections of the generated image are signed separately. > +The signing is activated by wrapping SPL and fitImage sections into nxp-imx8mcst > +etype, which is done automatically in arch/arm/dts/imx8m{m,n,p,q}-u-boot.dtsi > +in case CONFIG_IMX_HAB Kconfig symbol is enabled. > + > +Build of flash.bin target then produces a signed flash.bin automatically. > > 1.4 Closing the device > ----------------------- > -- > 2.43.0 > > - Kconfig: > > @@ -131,92 +134,17 @@ build configuration: > > The CSF contains all the commands that the HAB executes during the secure > boot. These commands instruct the HAB code on which memory areas of the image > -to authenticate, which keys to install, use and etc. > - > -CSF examples are available under doc/imx/habv4/csf_examples/ directory. > - > -CSF "Blocks" line for csf_spl.txt can be generated as follows: > - > -``` > -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s@.*=@@p" .config) - 0x40)) ) > -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin)) > -sed -i "/Blocks = / s@.*@ Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.txt > -``` > - > -The resulting line looks as follows: > -``` > - Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin" > -``` > - > -The columns mean: > - - CONFIG_SPL_TEXT_BASE - 0x40 -- Start address of signed data, in DRAM > - - 0x0 -- Start address of signed data, in "flash.bin" > - - 0x306f0 -- Length of signed data, in "flash.bin" > - - Filename -- "flash.bin" > - > -To generate signature for the SPL part of flash.bin container, use CST: > -``` > -cst -i csf_spl.tmp -o csf_spl.bin > -``` > - > -The newly generated CST blob has to be patched into existing flash.bin > -container. Conveniently, flash.bin IVT contains physical address of the > -CSF blob. Remember, the SPL part of flash.bin container is loaded by the > -BootROM at CONFIG_SPL_TEXT_BASE - 0x40 , so the offset of CSF blob in > -the fitImage can be calculated and inserted into the flash.bin in the > -correct location as follows: > -``` > -# offset = IVT_HEADER[6 = CSF address] - CONFIG_SPL_TEXT_BASE - 0x40 > -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") > -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") > -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40)) > -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc > -``` > - > -CSF "Blocks" line for csf_fit.txt can be generated as follows: > -``` > -# fitImage > -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s@.*=@@p" .config) ) > -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset)) > -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) ) > -sed -i "/Blocks = / s@.*@ Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp > -``` > - > -The fitImage part of flash.bin requires separate IVT. Generate the IVT and > -patch it into the correct aligned location of flash.bin as follows: > -``` > -# IVT > -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") > -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20)) > -csf_block_offset=$((${ivt_block_offset} + 0x20)) > - > -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin > -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc > -``` > - > -To generate CSF signature for the fitImage part of flash.bin container, use CST: > -``` > -cst -i csf_fit.tmp -o csf_fit.bin > -``` > - > -Finally, patch the CSF signature into the fitImage right past the IVT: > -``` > -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc > -``` > - > -The entire script is available in doc/imx/habv4/csf_examples/mx8m/csf.sh > -and can be used as follows to modify flash.bin to be signed > -(adjust paths as needed): > -``` > -export CST_DIR=/usr/src/cst-3.3.1/ > -export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem > -export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem > -export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin > -export PATH=$CST_DIR/linux64/bin:$PATH > -/bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh > -``` > +to authenticate, which keys to install, use and etc. The CSF is generated > +using the CST Code Signing Tool based on input configuration file. This tool > +input configuration file is generated using binman, and the tool is invoked > +from binman as well. > + > +The SPL and fitImage sections of the generated image are signed separately. > +The signing is activated by wrapping SPL and fitImage sections into nxp-imx8mcst > +etype, which is done automatically in arch/arm/dts/imx8m{m,n,p,q}-u-boot.dtsi > +in case CONFIG_IMX_HAB Kconfig symbol is enabled. > + > +Build of flash.bin target then produces a signed flash.bin automatically. > > 1.4 Closing the device > ----------------------- > -- > 2.43.0 >
On 5/14/24 8:34 PM, Tim Harvey wrote: Hi, >> diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt >> index e16e5410bd9..ce1de659d8c 100644 >> --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt >> +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt >> @@ -121,6 +121,9 @@ build configuration: >> - Defconfig: >> >> CONFIG_IMX_HAB=y >> + CONFIG_FSL_CAAM=y >> + CONFIG_ARCH_MISC_INIT=y >> + CONFIG_SPL_CRYPTO=y >> > > Hi Marek, > > Thanks for wrapping the dts bits with a config item. > > Is there any other reason to build with CONFIG_IMX_HAB than to use a > signed image? I see that there are several ARCH_MX6 and ARCH_MX7 > configs that have this enabled (not ARCH_IMX8M so this certainly > doesn't break anything) and I'm not sure what the value of that is. I think those few either enabled in preemptively in anticipation of possibly using HAB, or are wrong. I suspect it should be disabled for those, as it only adds to the board boot time and I am not even sure if those machines would boot correctly. Francesco, maybe you do have MX7 Colibri ? > I notice that FSL_CAAM is selected when you select IMX_HAB... is there > any reason why ARCH_MISC_INIT and SPL_CRYPTO should not be selected by > IMX_HAB as well (future patch perhaps)? ARCH_MISC_INIT should be selected by SoC Kconfig on MX7 and maybe CAAM on MX8M I think . As for SPL_CRYPTO, that should be selected by SPL_FSL_CAAM I think. >> - Kconfig: >> > > We definitely need to describe the additional requirements here. Maybe > something like: > > - Tools: > cst - NXP code-signing-tool (eg apt install imx-code-signing-tool) > > - Files: (created with NXP IMX_CST_TOOL) > SRK_1_2_3_4_table.bin (specified by nxp,srk-table node): fuse table > CSF1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,csf-crt node): CSF_KEY > IMG1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,img-crt node): IMG_KEY > > The following works fine for me on v2024.01 > export CST_DIR=/usr/src/nxp/cst-3.3.2/ > export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem > export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem > export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin > export PATH=$CST_DIR/linux64/bin:$PATH > make && /bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh > > But with the above defines and your series this fails: > ln -sf $SRK_TABLE SRK_1_2_3_4_table.bin > ln -sf $CSF_KEY CSF1_1_sha256_4096_65537_v3_usr_crt.pem > ln -sf $IMG_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem > make > BINMAN .binman_stamp > Wrote map file './image.map' to show errors > binman: Error 1 running 'cst -i > ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: > Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem > 0:error:02001002:system library:fopen:No such file or > directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key. > pem','r') > 0:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290: > > make: *** [Makefile:1126: .binman_stamp] Error 1 > > So how is it that the default for nxp,img-crt > IMG1_1_sha256_4096_65537_v3_usr_crt.pem is now looking for > IMG1_1_sha256_4096_65537_v3_usr_key? It fails also if I cp the files > vs ln them. > > So what am I missing here? I think CST is using both the certificate and the key files. Try and run strace on the CST to test that: $ strace cst -i ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o ./nxp.csf-output-blob.section.nxp-imx8mcst@0
On Tue, May 14, 2024 at 1:58 PM Marek Vasut <marex@denx.de> wrote: > > On 5/14/24 8:34 PM, Tim Harvey wrote: > > Hi, > > >> diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> index e16e5410bd9..ce1de659d8c 100644 > >> --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> @@ -121,6 +121,9 @@ build configuration: > >> - Defconfig: > >> > >> CONFIG_IMX_HAB=y > >> + CONFIG_FSL_CAAM=y > >> + CONFIG_ARCH_MISC_INIT=y > >> + CONFIG_SPL_CRYPTO=y > >> > > > > Hi Marek, > > > > Thanks for wrapping the dts bits with a config item. > > > > Is there any other reason to build with CONFIG_IMX_HAB than to use a > > signed image? I see that there are several ARCH_MX6 and ARCH_MX7 > > configs that have this enabled (not ARCH_IMX8M so this certainly > > doesn't break anything) and I'm not sure what the value of that is. > > I think those few either enabled in preemptively in anticipation of > possibly using HAB, or are wrong. I suspect it should be disabled for > those, as it only adds to the board boot time and I am not even sure if > those machines would boot correctly. > > Francesco, maybe you do have MX7 Colibri ? > > > I notice that FSL_CAAM is selected when you select IMX_HAB... is there > > any reason why ARCH_MISC_INIT and SPL_CRYPTO should not be selected by > > IMX_HAB as well (future patch perhaps)? > > ARCH_MISC_INIT should be selected by SoC Kconfig on MX7 and maybe CAAM > on MX8M I think . As for SPL_CRYPTO, that should be selected by > SPL_FSL_CAAM I think. > > >> - Kconfig: > >> > > > > We definitely need to describe the additional requirements here. Maybe > > something like: > > > > - Tools: > > cst - NXP code-signing-tool (eg apt install imx-code-signing-tool) > > > > - Files: (created with NXP IMX_CST_TOOL) > > SRK_1_2_3_4_table.bin (specified by nxp,srk-table node): fuse table > > CSF1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,csf-crt node): CSF_KEY > > IMG1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,img-crt node): IMG_KEY > > > > The following works fine for me on v2024.01 > > export CST_DIR=/usr/src/nxp/cst-3.3.2/ > > export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem > > export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem > > export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin > > export PATH=$CST_DIR/linux64/bin:$PATH > > make && /bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh > > > > But with the above defines and your series this fails: > > ln -sf $SRK_TABLE SRK_1_2_3_4_table.bin > > ln -sf $CSF_KEY CSF1_1_sha256_4096_65537_v3_usr_crt.pem > > ln -sf $IMG_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem > > make > > BINMAN .binman_stamp > > Wrote map file './image.map' to show errors > > binman: Error 1 running 'cst -i > > ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > > ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: > > Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem > > 0:error:02001002:system library:fopen:No such file or > > directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key. > > pem','r') > > 0:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290: > > > > make: *** [Makefile:1126: .binman_stamp] Error 1 > > > > So how is it that the default for nxp,img-crt > > IMG1_1_sha256_4096_65537_v3_usr_crt.pem is now looking for > > IMG1_1_sha256_4096_65537_v3_usr_key? It fails also if I cp the files > > vs ln them. > > > > So what am I missing here? > > I think CST is using both the certificate and the key files. Try and run > strace on the CST to test that: > > $ strace cst -i ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > ./nxp.csf-output-blob.section.nxp-imx8mcst@0 Hi Marek, strace was a good idea and showed me what was going on. The previous documentation stated to pass your keys via env vars that were full paths to key certificates. Using strace shows me that it will use the directory the KEY certificate is in and try to open up ../keys/*_usr_key.pem if the key path is specified. So apparently the 'File' in the CST config file is used indirectly. Pointing to the usr_key.pem isn't enough either by the way, it seems to need both of these: so if I hack the path to my certs in like this it works: diff --git a/tools/binman/etype/nxp_imx8mcst.py b/tools/binman/etype/nxp_imx8mcst.py index 132127ad4827..b432200960df 100644 --- a/tools/binman/etype/nxp_imx8mcst.py +++ b/tools/binman/etype/nxp_imx8mcst.py @@ -67,10 +67,11 @@ class Entry_nxp_imx8mcst(Entry_mkimage): def ReadNode(self): super().ReadNode() + self.certpath = '/usr/src/nxp/cst-3.3.2/crts/'; self.loader_address = fdt_util.GetInt(self._node, 'nxp,loader-address') self.srk_table = fdt_util.GetString(self._node, 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') - self.csf_crt = fdt_util.GetString(self._node, 'nxp,csf-crt', 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') - self.img_crt = fdt_util.GetString(self._node, 'nxp,img-crt', 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') + self.csf_crt = fdt_util.GetString(self._node, 'nxp,csf-crt', self.certpath + '/CSF1_1_sha256_4096_65537_v3_usr_crt.pem') + self.img_crt = fdt_util.GetString(self._node, 'nxp,img-crt', self.certpath + '/IMG1_1_sha256_4096_65537_v3_usr_crt.pem') self.unlock = fdt_util.GetBool(self._node, 'nxp,unlock') self.ReadEntries() $ make -j8 BINMAN .binman_stamp OFCHK .config Here is a snippet of strace with the patch above: openat(AT_FDCWD, "/usr/src/nxp/cst-3.3.2/crts//IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0644, st_size=7012, ...}) = 0 read(6, "Certificate:\n Data:\n V"..., 4096) = 4096 read(6, "31:3d:64:30:11:32:1d:ab:15:\n "..., 4096) = 2916 close(6) = 0 openat(AT_FDCWD, "/usr/src/nxp/cst-3.3.2/keys//IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0600, st_size=3414, ...}) = 0 read(6, "-----BEGIN ENCRYPTED PRIVATE KEY"..., 4096) = 3414 And a snippet at the same part without the patch above: openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0644, st_size=7012, ...}) = 0 read(6, "Certificate:\n Data:\n V"..., 4096) = 4096 read(6, "31:3d:64:30:11:32:1d:ab:15:\n "..., 4096) = 2916 close(6) = 0 openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) = -1 ENOENT (No such file or directory) write(2, "Error: Cannot open key file IMG1"..., 68 Error: Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem ) = 68 write(2, "0:error:02001002:system library:"..., 1430:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key.pem','r') Do you not run into this and if not is it because you have put full paths in the dtsi overriding the defaults I'm using? Maybe this has something to do with how my keys were generated or the version of cst I'm using or maybe we just need to also add a directory which can be symlinked to or something. Another thing that I'm seeing is that this leaves a bunch of turd files around: $ git status On branch cst Your branch is ahead of 'origin/master' by 4 commits. (use "git push" to publish your local commits) Untracked files: (use "git add <file>..." to include in what will be committed) cfg-out.section.nxp-imx8mcst@0.nxp-imx8mimage cfg-out.section.nxp-imx8mimage input.section.nxp-imx8mcst@0 input.section.nxp-imx8mcst@0.nxp-imx8mimage input.section.nxp-imx8mimage nxp.csf-config-txt.section.nxp-imx8mcst@0 nxp.cst-input-data.section.nxp-imx8mcst@0 nxp.imx8mimage.cfg.section.nxp-imx8mcst@0.nxp-imx8mimage nxp.imx8mimage.cfg.section.nxp-imx8mimage These intermediate files should be cleaned up after signing is complete. Best Regards, Tim
On Tue, May 14, 2024 at 1:58 PM Marek Vasut <marex@denx.de> wrote: > > On 5/14/24 8:34 PM, Tim Harvey wrote: > > Hi, > > >> diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> index e16e5410bd9..ce1de659d8c 100644 > >> --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt > >> @@ -121,6 +121,9 @@ build configuration: > >> - Defconfig: > >> > >> CONFIG_IMX_HAB=y > >> + CONFIG_FSL_CAAM=y > >> + CONFIG_ARCH_MISC_INIT=y > >> + CONFIG_SPL_CRYPTO=y > >> > > > > Hi Marek, > > > > Thanks for wrapping the dts bits with a config item. > > > > Is there any other reason to build with CONFIG_IMX_HAB than to use a > > signed image? I see that there are several ARCH_MX6 and ARCH_MX7 > > configs that have this enabled (not ARCH_IMX8M so this certainly > > doesn't break anything) and I'm not sure what the value of that is. > > I think those few either enabled in preemptively in anticipation of > possibly using HAB, or are wrong. I suspect it should be disabled for > those, as it only adds to the board boot time and I am not even sure if > those machines would boot correctly. > > Francesco, maybe you do have MX7 Colibri ? > > > I notice that FSL_CAAM is selected when you select IMX_HAB... is there > > any reason why ARCH_MISC_INIT and SPL_CRYPTO should not be selected by > > IMX_HAB as well (future patch perhaps)? > > ARCH_MISC_INIT should be selected by SoC Kconfig on MX7 and maybe CAAM > on MX8M I think . As for SPL_CRYPTO, that should be selected by > SPL_FSL_CAAM I think. > > >> - Kconfig: > >> > > > > We definitely need to describe the additional requirements here. Maybe > > something like: > > > > - Tools: > > cst - NXP code-signing-tool (eg apt install imx-code-signing-tool) > > > > - Files: (created with NXP IMX_CST_TOOL) > > SRK_1_2_3_4_table.bin (specified by nxp,srk-table node): fuse table > > CSF1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,csf-crt node): CSF_KEY > > IMG1_1_sha256_4096_65537_v3_usr_crt.pem (specified by nxp,img-crt node): IMG_KEY > > > > The following works fine for me on v2024.01 > > export CST_DIR=/usr/src/nxp/cst-3.3.2/ > > export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem > > export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem > > export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin > > export PATH=$CST_DIR/linux64/bin:$PATH > > make && /bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh > > > > But with the above defines and your series this fails: > > ln -sf $SRK_TABLE SRK_1_2_3_4_table.bin > > ln -sf $CSF_KEY CSF1_1_sha256_4096_65537_v3_usr_crt.pem > > ln -sf $IMG_KEY IMG1_1_sha256_4096_65537_v3_usr_crt.pem > > make > > BINMAN .binman_stamp > > Wrote map file './image.map' to show errors > > binman: Error 1 running 'cst -i > > ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > > ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: > > Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem > > 0:error:02001002:system library:fopen:No such file or > > directory:crypto/bio/bss_file.c:288:fopen('IMG1_1_sha256_4096_65537_v3_usr_key. > > pem','r') > > 0:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290: > > > > make: *** [Makefile:1126: .binman_stamp] Error 1 > > > > So how is it that the default for nxp,img-crt > > IMG1_1_sha256_4096_65537_v3_usr_crt.pem is now looking for > > IMG1_1_sha256_4096_65537_v3_usr_key? It fails also if I cp the files > > vs ln them. > > > > So what am I missing here? > > I think CST is using both the certificate and the key files. Try and run > strace on the CST to test that: > > $ strace cst -i ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > ./nxp.csf-output-blob.section.nxp-imx8mcst@0 Hi Marek, (this is a resend... apologies if its a duplicate. I got some strange bounce that mime types were included so I'm resending with the otuput of strace cliped out) strace was a good idea and showed me what was going on. The previous documentation stated to pass your keys via env vars that were full paths to key certificates. Using strace shows me that it will use the directory the KEY certificate is in and try to open up ../keys/*_usr_key.pem if the key path is specified. So apparently the 'File' in the CST config file is used indirectly. Pointing to the usr_key.pem isn't enough either by the way, it seems to need both of these: so if I hack the path to my certs in like this it works:diff --git a/tools/binman/etype/nxp_imx8mcst.py b/tools/binman/etype/nxp_imx8mcst.py index 132127ad4827..b432200960df 100644 --- a/tools/binman/etype/nxp_imx8mcst.py +++ b/tools/binman/etype/nxp_imx8mcst.py @@ -67,10 +67,11 @@ class Entry_nxp_imx8mcst(Entry_mkimage): def ReadNode(self): super().ReadNode() + self.certpath =3D '/usr/src/nxp/cst-3.3.2/crts/'; self.loader_address =3D fdt_util.GetInt(self._node, 'nxp,loader-ad= dress') self.srk_table =3D fdt_util.GetString(self._node, 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') - self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') - self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') + self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', self.certpath + '/CSF1_1_sha256_4096_65537_v3_usr_crt.pem') + self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', self.certpath + '/IMG1_1_sha256_4096_65537_v3_usr_crt.pem') self.unlock =3D fdt_util.GetBool(self._node, 'nxp,unlock') self.ReadEntries() $ make -j8 BINMAN .binman_stamp OFCHK .config Strace indicatest the following with the above patch: openat(AT_FDCWD, "/usr/src/nxp/cst-3.3.2/crts//IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) ... openat(AT_FDCWD, "/usr/src/nxp/cst-3.3.2/keys//IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) ^^^ look how it sneakily changes the PATH! And without the above patch using a key file without a path: openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) ... openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) ENOENT (No such file or directory) ^^^ fails Simply copying both usr_crt.pem and usr_key.pem to the build directory still fails: binman: Error 1 running 'cst -i ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem 0:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:612: 0:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error:crypto/pkcs12/p12_decr.c:62: 0:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:crypto/pkcs12/p12_decr.c:93: 0:error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 lib:crypto/pem/pem_pkey.c:88: Do you not run into this and if not is it because you have put full paths in the dtsi overriding the defaults I'm using? Maybe this has something to do with how my keys were generated or the version of cst I'm using or maybe we just need to also add a directory which can be symlinked to or something. Another thing that I'm seeing is that this leaves a bunch of turd files around: cfg-out.section.nxp-imx8mcst@0.nxp-imx8mimage cfg-out.section.nxp-imx8mimage input.section.nxp-imx8mcst@0 input.section.nxp-imx8mcst@0.nxp-imx8mimage input.section.nxp-imx8mimage nxp.csf-config-txt.section.nxp-imx8mcst@0 nxp.cst-input-data.section.nxp-imx8mcst@0 nxp.imx8mimage.cfg.section.nxp-imx8mcst@0.nxp-imx8mimage nxp.imx8mimage.cfg.section.nxp-imx8mimage These intermediate files should be cleaned up after signing is complete. Best Regards, Tim
On 5/16/24 12:31 AM, Tim Harvey wrote: Hi, > (this is a resend... apologies if its a duplicate. I got some strange > bounce that mime types were included so I'm resending with the otuput > of strace cliped out) > > strace was a good idea and showed me what was going on. > > The previous documentation stated to pass your keys via env vars that > were full paths to key certificates. Using strace shows me that it > will use the directory the KEY certificate is in and try to open up > ../keys/*_usr_key.pem if the key path is specified. So apparently the > 'File' in the CST config file is used indirectly. Pointing to the > usr_key.pem isn't enough either by the way, it seems to need both of > these: > > so if I hack the path to my certs in like this it works:diff --git > a/tools/binman/etype/nxp_imx8mcst.py > b/tools/binman/etype/nxp_imx8mcst.py > index 132127ad4827..b432200960df 100644 > --- a/tools/binman/etype/nxp_imx8mcst.py > +++ b/tools/binman/etype/nxp_imx8mcst.py > @@ -67,10 +67,11 @@ class Entry_nxp_imx8mcst(Entry_mkimage): > > def ReadNode(self): > super().ReadNode() > + self.certpath =3D '/usr/src/nxp/cst-3.3.2/crts/'; =3D , seems like your email is acting funny today indeed. > self.loader_address =3D fdt_util.GetInt(self._node, 'nxp,loader-ad= > dress') > self.srk_table =3D fdt_util.GetString(self._node, > 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') > - self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', > 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') > - self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', > 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') > + self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', > self.certpath + '/CSF1_1_sha256_4096_65537_v3_usr_crt.pem') > + self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', > self.certpath + '/IMG1_1_sha256_4096_65537_v3_usr_crt.pem') What about this: diff --git a/tools/binman/etype/nxp_imx8mcst.py b/tools/binman/etype/nxp_imx8mcst.py index 132127ad482..9ead7488a2d 100644 --- a/tools/binman/etype/nxp_imx8mcst.py +++ b/tools/binman/etype/nxp_imx8mcst.py @@ -68,9 +68,9 @@ class Entry_nxp_imx8mcst(Entry_mkimage): def ReadNode(self): super().ReadNode() self.loader_address = fdt_util.GetInt(self._node, 'nxp,loader-address') - self.srk_table = fdt_util.GetString(self._node, 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') - self.csf_crt = fdt_util.GetString(self._node, 'nxp,csf-crt', 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') - self.img_crt = fdt_util.GetString(self._node, 'nxp,img-crt', 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') + self.srk_table = os.getenv('SRK_TABLE', fdt_util.GetString(self._node, 'nxp,srk-table', 'SRK_1_2_3_4_table.bin')) + self.csf_crt = os.getenv('CSF_KEY', fdt_util.GetString(self._node, 'nxp,csf-crt', 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem')) + self.img_crt = os.getenv('IMG_KEY', fdt_util.GetString(self._node, 'nxp,img-crt', 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem')) self.unlock = fdt_util.GetBool(self._node, 'nxp,unlock') self.ReadEntries() Then you can also use the old behavior with keys supplied via env vars. This might in fact be useful for build systems too. > self.unlock =3D fdt_util.GetBool(self._node, 'nxp,unlock') > self.ReadEntries() > > $ make -j8 > BINMAN .binman_stamp > OFCHK .config > > Strace indicatest the following with the above patch: > openat(AT_FDCWD, > "/usr/src/nxp/cst-3.3.2/crts//IMG1_1_sha256_4096_65537_v3_usr_crt.pem", > O_RDONLY) > ... > openat(AT_FDCWD, > "/usr/src/nxp/cst-3.3.2/keys//IMG1_1_sha256_4096_65537_v3_usr_key.pem", > O_RDONLY) > ^^^ look how it sneakily changes the PATH! > > And without the above patch using a key file without a path: > openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) > ... > openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) > ENOENT (No such file or directory) > ^^^ fails > > Simply copying both usr_crt.pem and usr_key.pem to the build directory > still fails: > binman: Error 1 running 'cst -i > ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: > Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem > 0:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad > decrypt:crypto/evp/evp_enc.c:612: > 0:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal > error:crypto/pkcs12/p12_decr.c:62: > 0:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe > crypt error:crypto/pkcs12/p12_decr.c:93: > 0:error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 > lib:crypto/pem/pem_pkey.c:88: > > Do you not run into this and if not is it because you have put full > paths in the dtsi overriding the defaults I'm using? I just do '$ cp -Lv /CST/{keys,crts}/* .' to copy the keys and certs into the build directory for testing. > Maybe this has > something to do with how my keys were generated or the version of cst > I'm using or maybe we just need to also add a directory which can be > symlinked to or something. I use the imx-code-signing-tool 3.4.0+dfsg-2+b1 from debian . > Another thing that I'm seeing is that this leaves a bunch of turd files around: > cfg-out.section.nxp-imx8mcst@0.nxp-imx8mimage > cfg-out.section.nxp-imx8mimage > input.section.nxp-imx8mcst@0 > input.section.nxp-imx8mcst@0.nxp-imx8mimage > input.section.nxp-imx8mimage > nxp.csf-config-txt.section.nxp-imx8mcst@0 > nxp.cst-input-data.section.nxp-imx8mcst@0 > nxp.imx8mimage.cfg.section.nxp-imx8mcst@0.nxp-imx8mimage > nxp.imx8mimage.cfg.section.nxp-imx8mimage > > These intermediate files should be cleaned up after signing is complete. Those are intermediate build artifacts, sort of like .o files or such, so they should be OK to keep around, right ?
On Wed, May 15, 2024 at 6:53 PM Marek Vasut <marex@denx.de> wrote: > > On 5/16/24 12:31 AM, Tim Harvey wrote: > > Hi, > > > (this is a resend... apologies if its a duplicate. I got some strange > > bounce that mime types were included so I'm resending with the otuput > > of strace cliped out) > > > > strace was a good idea and showed me what was going on. > > > > The previous documentation stated to pass your keys via env vars that > > were full paths to key certificates. Using strace shows me that it > > will use the directory the KEY certificate is in and try to open up > > ../keys/*_usr_key.pem if the key path is specified. So apparently the > > 'File' in the CST config file is used indirectly. Pointing to the > > usr_key.pem isn't enough either by the way, it seems to need both of > > these: > > > > so if I hack the path to my certs in like this it works:diff --git > > a/tools/binman/etype/nxp_imx8mcst.py > > b/tools/binman/etype/nxp_imx8mcst.py > > index 132127ad4827..b432200960df 100644 > > --- a/tools/binman/etype/nxp_imx8mcst.py > > +++ b/tools/binman/etype/nxp_imx8mcst.py > > @@ -67,10 +67,11 @@ class Entry_nxp_imx8mcst(Entry_mkimage): > > > > def ReadNode(self): > > super().ReadNode() > > + self.certpath =3D '/usr/src/nxp/cst-3.3.2/crts/'; > > =3D , seems like your email is acting funny today indeed. > > > self.loader_address =3D fdt_util.GetInt(self._node, 'nxp,loader-ad= > > dress') > > self.srk_table =3D fdt_util.GetString(self._node, > > 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') > > - self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', > > 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') > > - self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', > > 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') > > + self.csf_crt =3D fdt_util.GetString(self._node, 'nxp,csf-crt', > > self.certpath + '/CSF1_1_sha256_4096_65537_v3_usr_crt.pem') > > + self.img_crt =3D fdt_util.GetString(self._node, 'nxp,img-crt', > > self.certpath + '/IMG1_1_sha256_4096_65537_v3_usr_crt.pem') > > What about this: > > diff --git a/tools/binman/etype/nxp_imx8mcst.py > b/tools/binman/etype/nxp_imx8mcst.py > index 132127ad482..9ead7488a2d 100644 > --- a/tools/binman/etype/nxp_imx8mcst.py > +++ b/tools/binman/etype/nxp_imx8mcst.py > @@ -68,9 +68,9 @@ class Entry_nxp_imx8mcst(Entry_mkimage): > def ReadNode(self): > super().ReadNode() > self.loader_address = fdt_util.GetInt(self._node, > 'nxp,loader-address') > - self.srk_table = fdt_util.GetString(self._node, > 'nxp,srk-table', 'SRK_1_2_3_4_table.bin') > - self.csf_crt = fdt_util.GetString(self._node, 'nxp,csf-crt', > 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem') > - self.img_crt = fdt_util.GetString(self._node, 'nxp,img-crt', > 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem') > + self.srk_table = os.getenv('SRK_TABLE', > fdt_util.GetString(self._node, 'nxp,srk-table', 'SRK_1_2_3_4_table.bin')) > + self.csf_crt = os.getenv('CSF_KEY', > fdt_util.GetString(self._node, 'nxp,csf-crt', > 'CSF1_1_sha256_4096_65537_v3_usr_crt.pem')) > + self.img_crt = os.getenv('IMG_KEY', > fdt_util.GetString(self._node, 'nxp,img-crt', > 'IMG1_1_sha256_4096_65537_v3_usr_crt.pem')) > self.unlock = fdt_util.GetBool(self._node, 'nxp,unlock') > self.ReadEntries() > > Then you can also use the old behavior with keys supplied via env vars. > > This might in fact be useful for build systems too. > yes, I like that (with an added 'import os') > > self.unlock =3D fdt_util.GetBool(self._node, 'nxp,unlock') > > self.ReadEntries() > > > > $ make -j8 > > BINMAN .binman_stamp > > OFCHK .config > > > > Strace indicatest the following with the above patch: > > openat(AT_FDCWD, > > "/usr/src/nxp/cst-3.3.2/crts//IMG1_1_sha256_4096_65537_v3_usr_crt.pem", > > O_RDONLY) > > ... > > openat(AT_FDCWD, > > "/usr/src/nxp/cst-3.3.2/keys//IMG1_1_sha256_4096_65537_v3_usr_key.pem", > > O_RDONLY) > > ^^^ look how it sneakily changes the PATH! > > > > And without the above patch using a key file without a path: > > openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_crt.pem", O_RDONLY) > > ... > > openat(AT_FDCWD, "IMG1_1_sha256_4096_65537_v3_usr_key.pem", O_RDONLY) > > ENOENT (No such file or directory) > > ^^^ fails > > > > Simply copying both usr_crt.pem and usr_key.pem to the build directory > > still fails: > > binman: Error 1 running 'cst -i > > ./nxp.csf-config-txt.section.nxp-imx8mcst@0 -o > > ./nxp.csf-output-blob.section.nxp-imx8mcst@0': Error: > > Cannot open key file IMG1_1_sha256_4096_65537_v3_usr_key.pem > > 0:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad > > decrypt:crypto/evp/evp_enc.c:612: > > 0:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal > > error:crypto/pkcs12/p12_decr.c:62: > > 0:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe > > crypt error:crypto/pkcs12/p12_decr.c:93: > > 0:error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 > > lib:crypto/pem/pem_pkey.c:88: > > > > Do you not run into this and if not is it because you have put full > > paths in the dtsi overriding the defaults I'm using? > > I just do '$ cp -Lv /CST/{keys,crts}/* .' to copy the keys and certs > into the build directory for testing. > > > Maybe this has > > something to do with how my keys were generated or the version of cst > > I'm using or maybe we just need to also add a directory which can be > > symlinked to or something. > > I use the imx-code-signing-tool 3.4.0+dfsg-2+b1 from debian . > > > Another thing that I'm seeing is that this leaves a bunch of turd files around: > > cfg-out.section.nxp-imx8mcst@0.nxp-imx8mimage > > cfg-out.section.nxp-imx8mimage > > input.section.nxp-imx8mcst@0 > > input.section.nxp-imx8mcst@0.nxp-imx8mimage > > input.section.nxp-imx8mimage > > nxp.csf-config-txt.section.nxp-imx8mcst@0 > > nxp.cst-input-data.section.nxp-imx8mcst@0 > > nxp.imx8mimage.cfg.section.nxp-imx8mcst@0.nxp-imx8mimage > > nxp.imx8mimage.cfg.section.nxp-imx8mimage > > > > These intermediate files should be cleaned up after signing is complete. > > Those are intermediate build artifacts, sort of like .o files or such, > so they should be OK to keep around, right ? then they should be added to .gitignore and removed with a 'make clean'. Right now they clutter up 'git status'. Maybe they can be put in the build dir which is in .gitignore (but strangely not cleaned). With these two things and an update to the documentation showing the methods of specifying the keys I think everything else in the series looks good. Best Regards, Tim
diff --git a/doc/imx/habv4/csf_examples/mx8m/csf.sh b/doc/imx/habv4/csf_examples/mx8m/csf.sh deleted file mode 100644 index cd3b2614a2f..00000000000 --- a/doc/imx/habv4/csf_examples/mx8m/csf.sh +++ /dev/null @@ -1,92 +0,0 @@ -#!/bin/sh - -# 0) Generate keys -# -# WARNING: ECDSA keys are only supported by HAB 4.5 and newer (i.e. i.MX8M Plus) -# -# cd /path/to/cst-3.3.1/keys/ -# ./hab4_pki_tree.sh -existing-ca n -use-ecc n -kl 4096 -duration 10 -num-srk 4 -srk-ca y -# cd /path/to/cst-3.3.1/crts/ -# ../linux64/bin/srktool -h 4 -t SRK_1_2_3_4_table.bin -e SRK_1_2_3_4_fuse.bin -d sha256 -c ./SRK1_sha256_4096_65537_v3_ca_crt.pem,./SRK2_sha256_4096_65537_v3_ca_crt.pem,./SRK3_sha256_4096_65537_v3_ca_crt.pem,./SRK4_sha256_4096_65537_v3_ca_crt.pem -f 1 - -# 1) Build U-Boot (e.g. for i.MX8MM) -# -# cp -Lv /path/to/arm-trusted-firmware/build/imx8mm/release/bl31.bin . -# cp -Lv /path/to/firmware-imx-8.14/firmware/ddr/synopsys/ddr3* . -# make -j imx8mm_board_defconfig -# make -j`nproc` flash.bin - -# 2) Sign SPL and DRAM blobs - -cp doc/imx/habv4/csf_examples/mx8m/csf_spl.txt csf_spl.tmp -cp doc/imx/habv4/csf_examples/mx8m/csf_fit.txt csf_fit.tmp - -# update File Paths from env vars -if ! [ -r $CSF_KEY ]; then - echo "Error: \$CSF_KEY not found" - exit 1 -fi -if ! [ -r $IMG_KEY ]; then - echo "Error: \$IMG_KEY not found" - exit 1 -fi -if ! [ -r $SRK_TABLE ]; then - echo "Error: \$SRK_TABLE not found" - exit 1 -fi -sed -i "s:\$CSF_KEY:$CSF_KEY:" csf_spl.tmp -sed -i "s:\$IMG_KEY:$IMG_KEY:" csf_spl.tmp -sed -i "s:\$SRK_TABLE:$SRK_TABLE:" csf_spl.tmp -sed -i "s:\$CSF_KEY:$CSF_KEY:" csf_fit.tmp -sed -i "s:\$IMG_KEY:$IMG_KEY:" csf_fit.tmp -sed -i "s:\$SRK_TABLE:$SRK_TABLE:" csf_fit.tmp - -# update SPL Blocks -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s@.*=@@p" .config) - 0x40)) ) -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin)) -sed -i "/Blocks = / s@.*@ Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.tmp - -# Generate CSF blob -cst -i csf_spl.tmp -o csf_spl.bin - -# Patch CSF blob into flash.bin -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40)) -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc - -# 3) Sign u-boot.itb - -# fitImage -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s@.*=@@p" .config) ) -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset)) -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) ) -sed -i "/Blocks = / s@.*@ Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp - -# IVT -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20)) -csf_block_offset=$((${ivt_block_offset} + 0x20)) - -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc - -# Generate CSF blob -cst -i csf_fit.tmp -o csf_fit.bin - -# When loading flash.bin via USB, we must ensure that the file being -# served is as large as the target expects (see -# board_spl_fit_size_align()), otherwise the target will hang in -# rom_api_download_image() waiting for the remaining bytes. -# -# Note that in order for dd to actually extend the file, one must not -# pass conv=notrunc here. With a non-zero seek= argument, dd is -# documented to preserve the contents of the file seeked past; in -# particular, dd does not open the file with O_TRUNC. -CSF_SIZE=$(sed -n "/CONFIG_CSF_SIZE=/ s@.*=@@p" .config) -dd if=/dev/null of=csf_fit.bin bs=1 seek=$((CSF_SIZE - 0x20)) count=0 - -# Patch CSF blob into flash.bin -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc diff --git a/doc/imx/habv4/csf_examples/mx8m/csf_fit.txt b/doc/imx/habv4/csf_examples/mx8m/csf_fit.txt deleted file mode 100644 index 97f3eea573b..00000000000 --- a/doc/imx/habv4/csf_examples/mx8m/csf_fit.txt +++ /dev/null @@ -1,30 +0,0 @@ -[Header] - Version = 4.3 - Hash Algorithm = sha256 - Engine = CAAM - Engine Configuration = 0 - Certificate Format = X509 - Signature Format = CMS - -[Install SRK] - # SRK_TABLE is full path to SRK_1_2_3_4_table.bin - File = "$SRK_TABLE" - Source index = 0 - -[Install CSFK] - # CSF_KEY is full path to CSF1_1_sha256_4096_65537_v3_usr_crt.pem - File = "$CSF_KEY" - -[Authenticate CSF] - -[Install Key] - Verification index = 0 - Target Index = 2 - # IMG_KEY is full path to IMG1_1_sha256_4096_65537_v3_usr_crt.pem - File = "$IMG_KEY" - -[Authenticate Data] - Verification index = 2 - # FIXME: - # Line 1 -- fitImage - Blocks = CONFIG_SPL_LOAD_FIT_ADDRESS 0x57c00 0xffff "flash.bin" diff --git a/doc/imx/habv4/csf_examples/mx8m/csf_spl.txt b/doc/imx/habv4/csf_examples/mx8m/csf_spl.txt deleted file mode 100644 index 88fa420a5fa..00000000000 --- a/doc/imx/habv4/csf_examples/mx8m/csf_spl.txt +++ /dev/null @@ -1,33 +0,0 @@ -[Header] - Version = 4.3 - Hash Algorithm = sha256 - Engine = CAAM - Engine Configuration = 0 - Certificate Format = X509 - Signature Format = CMS - -[Install SRK] - # SRK_TABLE is full path to SRK_1_2_3_4_table.bin - File = "$SRK_TABLE" - Source index = 0 - -[Install CSFK] - # CSF_KEY is full path to CSF1_1_sha256_4096_65537_v3_usr_crt.pem - File = "$CSF_KEY" - -[Authenticate CSF] - -[Unlock] - Engine = CAAM - Features = MID - -[Install Key] - Verification index = 0 - Target Index = 2 - # IMG_KEY is full path to IMG1_1_sha256_4096_65537_v3_usr_crt.pem - File = "$IMG_KEY" - -[Authenticate Data] - Verification index = 2 - # FIXME: Adjust start (first column) and size (third column) here - Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin" diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt index e16e5410bd9..ce1de659d8c 100644 --- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt +++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt @@ -121,6 +121,9 @@ build configuration: - Defconfig: CONFIG_IMX_HAB=y + CONFIG_FSL_CAAM=y + CONFIG_ARCH_MISC_INIT=y + CONFIG_SPL_CRYPTO=y - Kconfig: @@ -131,92 +134,17 @@ build configuration: The CSF contains all the commands that the HAB executes during the secure boot. These commands instruct the HAB code on which memory areas of the image -to authenticate, which keys to install, use and etc. - -CSF examples are available under doc/imx/habv4/csf_examples/ directory. - -CSF "Blocks" line for csf_spl.txt can be generated as follows: - -``` -spl_block_base=$(printf "0x%x" $(( $(sed -n "/CONFIG_SPL_TEXT_BASE=/ s@.*=@@p" .config) - 0x40)) ) -spl_block_size=$(printf "0x%x" $(stat -tc %s u-boot-spl-ddr.bin)) -sed -i "/Blocks = / s@.*@ Blocks = $spl_block_base 0x0 $spl_block_size \"flash.bin\"@" csf_spl.txt -``` - -The resulting line looks as follows: -``` - Blocks = 0x7e0fc0 0x0 0x306f0 "flash.bin" -``` - -The columns mean: - - CONFIG_SPL_TEXT_BASE - 0x40 -- Start address of signed data, in DRAM - - 0x0 -- Start address of signed data, in "flash.bin" - - 0x306f0 -- Length of signed data, in "flash.bin" - - Filename -- "flash.bin" - -To generate signature for the SPL part of flash.bin container, use CST: -``` -cst -i csf_spl.tmp -o csf_spl.bin -``` - -The newly generated CST blob has to be patched into existing flash.bin -container. Conveniently, flash.bin IVT contains physical address of the -CSF blob. Remember, the SPL part of flash.bin container is loaded by the -BootROM at CONFIG_SPL_TEXT_BASE - 0x40 , so the offset of CSF blob in -the fitImage can be calculated and inserted into the flash.bin in the -correct location as follows: -``` -# offset = IVT_HEADER[6 = CSF address] - CONFIG_SPL_TEXT_BASE - 0x40 -spl_csf_offset=$(xxd -s 24 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") -spl_bin_offset=$(xxd -s 4 -l 4 -e flash.bin | cut -d " " -f 2 | sed "s@^@0x@") -spl_dd_offset=$((${spl_csf_offset} - ${spl_bin_offset} + 0x40)) -dd if=csf_spl.bin of=flash.bin bs=1 seek=${spl_dd_offset} conv=notrunc -``` - -CSF "Blocks" line for csf_fit.txt can be generated as follows: -``` -# fitImage -fit_block_base=$(printf "0x%x" $(sed -n "/CONFIG_SPL_LOAD_FIT_ADDRESS=/ s@.*=@@p" .config) ) -fit_block_offset=$(printf "0x%s" $(fdtget -t x u-boot.dtb /binman/imx-boot/uboot offset)) -fit_block_size=$(printf "0x%x" $(( ( ( $(stat -tc %s u-boot.itb) + 0x1000 - 0x1 ) & ~(0x1000 - 0x1)) + 0x20 )) ) -sed -i "/Blocks = / s@.*@ Blocks = $fit_block_base $fit_block_offset $fit_block_size \"flash.bin\"@" csf_fit.tmp -``` - -The fitImage part of flash.bin requires separate IVT. Generate the IVT and -patch it into the correct aligned location of flash.bin as follows: -``` -# IVT -ivt_ptr_base=$(printf "%08x" ${fit_block_base} | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -ivt_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} - 0x20 )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -csf_block_base=$(printf "%08x" $(( ${fit_block_base} + ${fit_block_size} )) | sed "s@\(..\)\(..\)\(..\)\(..\)@0x\4\3\2\1@") -ivt_block_offset=$((${fit_block_offset} + ${fit_block_size} - 0x20)) -csf_block_offset=$((${ivt_block_offset} + 0x20)) - -echo "0xd1002041 ${ivt_block_base} 0x00000000 0x00000000 0x00000000 ${ivt_block_base} ${csf_block_base} 0x00000000" | xxd -r -p > ivt.bin -dd if=ivt.bin of=flash.bin bs=1 seek=${ivt_block_offset} conv=notrunc -``` - -To generate CSF signature for the fitImage part of flash.bin container, use CST: -``` -cst -i csf_fit.tmp -o csf_fit.bin -``` - -Finally, patch the CSF signature into the fitImage right past the IVT: -``` -dd if=csf_fit.bin of=flash.bin bs=1 seek=${csf_block_offset} conv=notrunc -``` - -The entire script is available in doc/imx/habv4/csf_examples/mx8m/csf.sh -and can be used as follows to modify flash.bin to be signed -(adjust paths as needed): -``` -export CST_DIR=/usr/src/cst-3.3.1/ -export CSF_KEY=$CST_DIR/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem -export IMG_KEY=$CST_DIR/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem -export SRK_TABLE=$CST_DIR/crts/SRK_1_2_3_4_table.bin -export PATH=$CST_DIR/linux64/bin:$PATH -/bin/sh doc/imx/habv4/csf_examples/mx8m/csf.sh -``` +to authenticate, which keys to install, use and etc. The CSF is generated +using the CST Code Signing Tool based on input configuration file. This tool +input configuration file is generated using binman, and the tool is invoked +from binman as well. + +The SPL and fitImage sections of the generated image are signed separately. +The signing is activated by wrapping SPL and fitImage sections into nxp-imx8mcst +etype, which is done automatically in arch/arm/dts/imx8m{m,n,p,q}-u-boot.dtsi +in case CONFIG_IMX_HAB Kconfig symbol is enabled. + +Build of flash.bin target then produces a signed flash.bin automatically. 1.4 Closing the device -----------------------
Update documentation and use nxp_imx8mcst binman etype for signing of flash.bin instead of previous horrible shell scripting. Signed-off-by: Marek Vasut <marex@denx.de> --- Cc: "NXP i.MX U-Boot Team" <uboot-imx@nxp.com> Cc: Adam Ford <aford173@gmail.com> Cc: Alper Nebi Yasak <alpernebiyasak@gmail.com> Cc: Andrejs Cainikovs <andrejs.cainikovs@toradex.com> Cc: Angus Ainslie <angus@akkea.ca> Cc: Emanuele Ghidoli <emanuele.ghidoli@toradex.com> Cc: Fabio Estevam <festevam@gmail.com> Cc: Francesco Dolcini <francesco.dolcini@toradex.com> Cc: Marcel Ziswiler <marcel.ziswiler@toradex.com> Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Cc: Simon Glass <sjg@chromium.org> Cc: Stefan Eichenberger <stefan.eichenberger@toradex.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Tim Harvey <tharvey@gateworks.com> Cc: Tom Rini <trini@konsulko.com> Cc: kernel@puri.sm Cc: u-boot@dh-electronics.com Cc: u-boot@lists.denx.de --- V2: Document the automatic signing in case CONFIG_IMX_HAB is enabled --- doc/imx/habv4/csf_examples/mx8m/csf.sh | 92 ---------------- doc/imx/habv4/csf_examples/mx8m/csf_fit.txt | 30 ------ doc/imx/habv4/csf_examples/mx8m/csf_spl.txt | 33 ------ doc/imx/habv4/guides/mx8m_spl_secure_boot.txt | 100 +++--------------- 4 files changed, 14 insertions(+), 241 deletions(-) delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf.sh delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_fit.txt delete mode 100644 doc/imx/habv4/csf_examples/mx8m/csf_spl.txt