TMDS64EVM: Issue to boot fitImage with secure boot enabled

Pierre Buffo

Part Number: TMDS64EVM

Hi,

I am currently working with the AM64 EVM platform and I use Yocto to build custom images, currently my repo are synced to the SDK SDK 09.00.00.009. I was successfully able to flash my own keys and sign tiboot3.bin, tispl.bin and u-boot.img. My system boots up to U-Boot, but something's wrong with my fitImage as U-Boot refuses to load it. Here's the log:

> bootm 0x90000000 conf-se_se-k3-am642-test-cpu.dtb         
## Loading kernel from FIT Image at 90000000 ...                                
   Using 'conf-se_se-k3-am642-test-cpu.dtb' configuration         
   Verifying Hash Integrity ... fit_config_verify_required_keys: No signature nD
Bad Data Hash                                                                   
ERROR: can't get kernel image!

an iminfo shows the following:

> iminfo 0x90000000                                                       
                                                                                
## Checking Image at 90000000 ...                                               
   FIT image found                                                              
   FIT description: Kernel fitImage for Arago/6.1.46+gitAUTOINC+f8110d9ce8/sepce
    Image 0 (kernel-1)                                                          
     Description:  Linux kernel                                                 
     Type:         Kernel Image                                                 
     Compression:  gzip compressed                                              
     Data Start:   0x900000f8                                                   
     Data Size:    27106169 Bytes = 25.9 MiB                                    
     Architecture: AArch64                                                      
     OS:           Linux                                                        
     Load Address: 0x80008000                                                   
     Entry Point:  0x80008000                                                   
     Hash algo:    sha512                                                       
     Hash value:   dfde425c7f8ba0f9d3daa79a26ad0c09202b321f374a26e4fc465540c8a1e
    Image 1 (fdt-se_se-k3-am642-test-cpu.dtb)                     
     Description:  Flattened Device Tree blob                                   
     Type:         Flat Device Tree                                             
     Compression:  uncompressed                                                 
     Data Start:   0x919d9dc0                                                   
     Data Size:    58701 Bytes = 57.3 KiB                                       
     Architecture: AArch64                                                      
     Hash algo:    sha512                                                       
     Hash value:   e161ce3f516122d3b0521dbcb3d0018f88652423cea7f6da2cd1462dd6ac9
    Default Configuration: 'conf-se_se-k3-am642-test-cpu.dtb'     
    Configuration 0 (conf-se_se-k3-am642-test-cpu.dtb)            
     Description:  1 Linux kernel, FDT blob                                     
     Kernel:       kernel-1                                                     
     FDT:          fdt-se_se-k3-am642-test-cpu.dtb                
     Hash algo:    sha512                                                       
     Hash value:   unavailable                                                  
     Sign algo:    sha512,rsa4096:custMpk                                       
     Sign padding: pkcs-1.5                                                     
     Sign value:   1a07c185d50cb2a7d87aa1ea48761da10a9bdca63d60b9d78b4697274c13b
## Checking hash(es) for FIT Image at 90000000 ...                              
   Hash(es) for Image 0 (kernel-1): sha512+                                     
   Hash(es) for Image 1 (fdt-se_se-k3-am642-test-cpu.dtb): sha512

What worries me is the "Hash value: unavailable". As far as I understand the fitimage generation is performed trough the kernel task using a task called do_assemble_fitimage() that is inherited from the kernel-fitimage.class. On top of that the kernel-fitimage-ti-u-boot.class overrides the fit_image_assemble() method, adding some signature processes. I suppose something is not right in that area.

Looking at the log.do_assemble_fitimage_initramfs file I can see the following:

DEBUG: Python function extend_recipe_sysroot finished
DEBUG: Executing shell function do_assemble_fitimage_initramfs
gzip
FIT description: Kernel fitImage for Arago/6.1.46+gitAUTOINC+f8110d9ce8/sepcos-cpu-core
Created:         Mon Sep  4 04:45:34 2023
 Image 0 (kernel-1)
  Description:  Linux kernel
  Created:      Mon Sep  4 04:45:34 2023
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    27104488 Bytes = 26469.23 KiB = 25.85 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x80008000
  Entry Point:  0x80008000
  Hash algo:    sha512
  Hash value:   4bf2f18e13a970742bd7c68528c2787057ef5691c86caa39d4ee58a52dc8b32bee7ab9b298cc85f36e58ae5727c8235c1952afd8aab0faa7e70324591ab58486
 Image 1 (fdt-secheron_secheron-k3-am642-sepcos-cpu.dtb)
  Description:  Flattened Device Tree blob
  Created:      Mon Sep  4 04:45:34 2023
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    57021 Bytes = 55.68 KiB = 0.05 MiB
  Architecture: AArch64
  Hash algo:    sha512
  Hash value:   b8c37b73989be8a18cd5eed9134492e3d7c4e9956984936f648eed35cc07969a92e3bab65783584804e28b5e75613b882543940d21661aa7a49d102e3b0cfde6
 Default Configuration: 'conf-secheron_secheron-k3-am642-sepcos-cpu.dtb'
 Configuration 0 (conf-secheron_secheron-k3-am642-sepcos-cpu.dtb)
  Description:  1 Linux kernel, FDT blob
  Kernel:       kernel-1
  FDT:          fdt-secheron_secheron-k3-am642-sepcos-cpu.dtb
  Hash algo:    sha512
  Hash value:   unavailable
  Sign algo:    sha512,rsa4096:smpk
  Sign padding: pkcs-1.5
  Sign value:   unavailable
  Timestamp:    unavailable
Failed to add verification data for 'signature-1' signature node in 'conf-secheron_secheron-k3-am642-sepcos-cpu.dtb' configuration node
FIT description: Kernel fitImage for Arago/6.1.46+gitAUTOINC+f8110d9ce8/sepcos-cpu-core
Created:         Mon Sep  4 04:45:34 2023
 Image 0 (kernel-1)
  Description:  Linux kernel
  Created:      Mon Sep  4 04:45:34 2023
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    27104488 Bytes = 26469.23 KiB = 25.85 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x80008000
  Entry Point:  0x80008000
  Hash algo:    sha512
  Hash value:   4bf2f18e13a970742bd7c68528c2787057ef5691c86caa39d4ee58a52dc8b32bee7ab9b298cc85f36e58ae5727c8235c1952afd8aab0faa7e70324591ab58486
 Image 1 (fdt-secheron_secheron-k3-am642-sepcos-cpu.dtb)
  Description:  Flattened Device Tree blob
  Created:      Mon Sep  4 04:45:34 2023
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    57021 Bytes = 55.68 KiB = 0.05 MiB
  Architecture: AArch64
  Hash algo:    sha512
  Hash value:   b8c37b73989be8a18cd5eed9134492e3d7c4e9956984936f648eed35cc07969a92e3bab65783584804e28b5e75613b882543940d21661aa7a49d102e3b0cfde6
 Default Configuration: 'conf-secheron_secheron-k3-am642-sepcos-cpu.dtb'
 Configuration 0 (conf-secheron_secheron-k3-am642-sepcos-cpu.dtb)
  Description:  1 Linux kernel, FDT blob
  Kernel:       kernel-1
  FDT:          fdt-secheron_secheron-k3-am642-sepcos-cpu.dtb
  Hash algo:    sha512
  Hash value:   unavailable
  Sign algo:    sha512,rsa4096:smpk
  Sign padding: pkcs-1.5
  Sign value:   2ff3d1f5bd8ff7215b27007125739f01cce542be0b6713ff254adb7104734118df9dd9da965ef01be41549955b890e7490031cc87b52826798749d0c8bb344c909a478e864a4cd633390ab950df2740627f47160e6218fe0279aa7505c2a09b637ab8f39c57e5a2e835dce42cbe775abb466b8e1b69d4cad172fba1a67b3f9520de874deeddf64d4224e647a2eac05e2421341dd443d64a151681b2c8b09563338cf52ae9ac77dd95286e06f97ea8d7022c5fe8a477bd6fcc82319ad8c1380408ee5e995cea2ef536c47f7b6f36ca4ce40d2aa9589bf4ebbba6c256e02f8e957c7aca47fc6e38db300a28d5012c5ba927093507d015a9069a4d5e582511e81c0e57a14a2fd3dedee71a861437c16940802f898094f4dee6a7d41d23d052b780d25de363e48926faa9152e124ad0308c0d0a454b962218e79e8fe65e575768bdd9a24a02041943213f7e15e78dd05dbecb754f1115cae111986a8dda55f92d40c4b08cca5ac5e1994b3afd94feaa7482777ab089ea48a5a0f8f8ade6d13936ca2e57d159f4552024cfdc8cb800fa610c2e780d3a19b471b1cb8454e2c7a133606e9c4d5208485c3822b77d15f1350db7b935c3432d7f70476b2543861892883de760c6fbb059fd07fc90c66ce89d74d08cb56db0ed226a5d87a7e374c016d3a7cc5650f830d7ab924aa953934d31c350dacf342ff6633a1b51c6a231fc064a548
  Timestamp:    Mon Sep  4 04:45:34 2023
DEBUG: Shell function do_assemble_fitimage_initramfs finished

The interesting part is that message: "Failed to add verification data for 'signature-1' signature node in 'conf-secheron_secheron-k3-am642-sepcos-cpu.dtb' configuration node".

That message is emitted by uboot-mkimage, which is called from the fitimage_assemble() method. One can find the definition of that error message in "U-Boot git source"/tools/image-host.c:1070. The error is raised because the previous operation (ret = info.crypto->add_verify_data(&info, keydest);) failed, but I've got no clues on why.

Any help is appreciated, this is starting to drive me nuts.

Cheers
Pierre

over 2 years ago

0 Yogesh Siraswar over 2 years ago

TI__Mastermind 20855 points

Pierre,

Before we start looking into your custom changes, are you able to build and run the images from the SDK itself?

Thanks

Yogesh

0 Pierre Buffo over 2 years ago in reply to Yogesh Siraswar

Prodigy 110 points

Hi Yogesh,

It doesn't boot with bootm either (although the EFI boot works.), I tried with the tisdk-base-image. Here's the iminfo output:

>

## Checking Image at 90000000 ... FIT image found FIT description: Kernel Image 0 (kernel-1) Description:  Linux kernel Type:         Kernel Image Compression:  gzip compressed Data Start:   0x900000f4 Data Size:    8697411 Bytes = 8.3 MiB Architecture: AArch64 OS:           Linux Load Address: 0x81000000 Entry Point:  0x81000000 Hash algo:    sha512 Hash value:   9d74b126cffe Image 1 (fdt-ti_k3-am642-evm.dtb) Description:  Flattened Type:         Flat Device Tree Compression:  uncompressed Data Start:   0x9084b86c Data Size:    58210 Bytes = 56.8 KiB Architecture: AArch64 Load Address: 0x83000000 Hash algo:    sha512 Hash value:   8a875873a231 Image 2 (fdt-ti_k3-am642-sk.dtb) Description:  Flattened Type:         Flat Device Tree Compression:  uncompressed Data Start:   0x90859ce0 Data Size:    55585 Bytes = 54.3 KiB Architecture: AArch64 Load Address: 0x83000000 Hash algo:    sha512 Hash value:   1f431d613e3a Image 3 (fdt-ti_k3-am642-ev Description:  Flattened Type:         Flat Device Tree Compression:  uncompressed Data Start:   0x90867728 Data Size:    2225 Bytes = 2.2 KiB Architecture: AArch64 Load Address: 0x83080000 Hash algo:    sha512 Hash value:   3461edf747c9 Image 4 (fdt-ti_k3-am642-evm-nand.dtbo) Description:  Flattened Type:         Flat Device Tree Compression:  uncompressed Data Start:   0x908680f4 Data Size:    3102 Bytes = 3 KiB Architecture: AArch64 Load Address: 0x83080000 Hash algo:    sha512 Hash value:   ec35d0076678 Image 5 (fdt-ti_k3-am642-ev Description:  Flattened Type:         Flat Device Tree Compression:  uncompressed Data Start:   0x90868e3c Data Size:    2609 Bytes = 2.5 KiB Architecture: AArch64 Load Address: 0x83080000 Hash algo:    sha512 Hash value:   651312898eff Default Configuration: Configuration 0 (conf-ti_k3 Description:  1 Linux kernel, FDT blob Kernel:       kernel-1 FDT:          fdt-ti_k3-am642-evm.dtb Hash algo:    sha512 Hash value:   unavailable Sign algo:    sha512,rsa4096:smpk Sign padding: pkcs-1.5 Sign value:   9bb222965bc6 Configuration 1 (conf-ti_k3 Description:  0 Linux kernel, FDT blob Kernel:       kernel-1 FDT:          fdt-ti_k3-am642-sk.dtb Hash algo:    sha512 Hash value:   unavailable Sign algo:    sha512,rsa4096:smpk Sign padding: pkcs-1.5 Sign value:   e43a209f146b Configuration 2 (conf-ti_k3 Description:  0 FDT blob Kernel:       unavailable FDT:          fdt-ti_k3-am Hash algo:    sha512 Hash value:   unavailable Sign algo:    sha512,rsa4096:smpk Sign padding: pkcs-1.5 Sign value:   7bebf3f9e979 Configuration 3 (conf-ti_k3 Description:  0 FDT blob Kernel:       unavailable FDT:          fdt-ti_k3-am Hash algo:    sha512 Hash value:   unavailable Sign algo:    sha512,rsa4096:smpk Sign padding: pkcs-1.5 Sign value:   1d069f31f417 Configuration 4 (conf-ti_k3 Description:  0 FDT blob Kernel:       unavailable FDT:          fdt-ti_k3-am Hash algo:    sha512 Hash value:   unavailable Sign algo:    sha512,rsa4096:smpk Sign padding: pkcs-1.5 Sign value:   097c0298e29d ## Checking hash(es) for Hash(es) for Image 0 (kernel-1): sha512+ Hash(es) for Image Hash(es) for Image Hash(es) for Image Hash(es) for Image Hash(es) for Image

iminfo 0x90000000 fitImage for Arago/6.1.46+gitAUTOINC+f8110d9ce8/am64m d3af7b3a4b25c3c762b9019b0cfe4075a7a1247ac4572c07f Device Tree blob c7101a02b374fdadccd297b94da6a2e0bd78a5015563a1345 Device Tree blob fdc030a2f367c357b10d6c98bde589c448b402b999100536d m-icssg1-dualemac.dtbo) Device Tree blob 065e98182808117cf6ea31b8039ad2003fd045346f0f8a83e Device Tree blob 0748e02fd373d03925d2a6d613b880dfb4bc4e46231494904 m-icssg1-dualemac-mii.dtbo) Device Tree blob d6e8ba22ea1d51598db130a5e943a7f960118bbd102d7f355 'conf-ti_k3-am642-evm.dtb' -am642-evm.dtb) e4f9ba31310967f3831365eb1557090a0e9025156a0051259 -am642-sk.dtb) 5ef2b3b60482af217c7d0520eead12854e132b016b2cc65c9 -am642-evm-icssg1-dualemac.dtbo) 642-evm-icssg1-dualemac.dtbo e695547af6821b847bd885a601be070f526e8b303f66ec829 -am642-evm-nand.dtbo) 642-evm-nand.dtbo 43e1aacf875e6fb7ee207de182f03180c4e6616f74dfbbb66 -am642-evm-icssg1-dualemac-mii.dtbo) 642-evm-icssg1-dualemac-mii.dtbo 1cb1bb1fa9b02167dba1f98526aa7ce999349ef2e729de741 FIT Image at 90000000 ... 1 (fdt-ti_k3-am642-evm.dtb): sha512+ 2 (fdt-ti_k3-am642-sk.dtb): sha512+ 3 (fdt-ti_k3-am642-evm-icssg1-dualemac.dtbo): sha512+ 4 (fdt-ti_k3-am642-evm-nand.dtbo): sha512+ 5 (fdt-ti_k3-am642-evm-icssg1-dualemac-mii.dtbo): sha512+

Here's the output when I attempt to boot:

> bootm 0x90000000 conf-ti_k3-am642-evm.dtb                               
## Loading kernel from FIT Image at 90000000 ...                                
   Using 'conf-ti_k3-am642-evm.dtb' configuration                               
   Verifying Hash Integrity ... fit_config_verify_required_keys: No signature nD
Bad Data Hash                                                                   
ERROR: can't get kernel image!

Regards
Pierre

0 Yogesh Siraswar over 2 years ago in reply to Pierre Buffo

TI__Mastermind 20855 points

Pierre,

Can you please try by replacing u-boot.img (signed) from the pre-built images in the SDK.

Thanks

Yogesh

0 Pierre Buffo over 2 years ago in reply to Yogesh Siraswar

Prodigy 110 points

Hi Yogesh,

As requested I replaced my u-boot.img with the one from the SDK. But because I have secure boot enabled the u-boot.img from the SDK won't load (which is normal).

On the other hand I digged further and found the source of my issue. I managed to patch it for now but would still like to get to the bottom of it.

The issue, in fact, comes from a missing part of U-Boot dtb. More specifically the signature block containing the key, hence the error message above "No signature node". When attempting to boot a fitImage U-Boot will try to solve a cryptographic challenge, on one hand there's the signed fitImage on the other a reference key stored inside U-Boot dtb.

that U-Boot btd node (called signature) is generated by the kernel recipe at the same time it generates the signed fitImage, which totally makes sense as the 2 of them make a pair. In my situation the kernel recipe successfully updates the U-Boot dtb by appending the corresponding key. But U-Boot doesn't grab the updated version, hence no key is in u-boot.img.

The dirty fix:

Copy the signature node as generated by the kernel and manually put it in your U-Boot dts. the signature node looks like this:

signature {

		key-smpk {
			required = "conf";
			algo = "sha512,rsa4096";
			rsa,r-squared = <[ommited for obvious reasons]>;
			rsa,modulus = <[ommited for obvious reasons]>;
			rsa,exponent = <[ommited for obvious reasons]>;
			rsa,n0-inverse = <[ommited for obvious reasons]>;
			rsa,num-bits = <[ommited for obvious reasons]>;
			key-name-hint = "smpk";
		};
	};

The good fix:

Repair the yocto pipeline...

What I observed:

U-Boot generates a device tree as configured by the defconfig file, resolves all include files and so on. It generates a final dtb file.
The kernel generates its initramfs, integrates it to the kernel, generates the fitImage. It also copies U-Boot dtb, and updates it with the signature block.

But how is U-Boot supposed to grab back that updated dtb file ?

Regards
Pierre

0 Yogesh Siraswar over 2 years ago in reply to Pierre Buffo

TI__Mastermind 20855 points

Pierre,

Sorry for delayed response. Are you saying that our yocto recipe for HS build is not generating the u-boot.img correctly.

Thanks

Yogesh

Processors

Processors forum

TMDS64EVM: Issue to boot fitImage with secure boot enabled