AM625: Secure-Boot tutorial available?

Hi Markus,

There's AM62x security resource download portal, where security collaterals/links/tools... are hosted
User may request access to the portal with the link
https://www.ti.com/drr/opn/AM62X-RESTRICTED-SECURITY

Markus Bächle said:

1.) Is the above correct ?

Please refer to this e2e on how to sign u-boot/kernel via BINMAN.
RE: AM625: Compiling with Custom Keys in Yocto Build 

Markus Bächle said:

2.) I now need to get the Key fused. But as I didn't configure an AES-Key i'm not sure how to disable AES-Encryption / or is the default file used from the above yocto image?

Here is AM62x OTP keywriter user guide on the secure download portal
https://dr-download.ti.com/authenticated/software-development/application-software-framework/MD-W5I8h4voaD/09.01.00.05/AM62X_OTP_Keywriter_User_Guide_11.01.00.pdf

Best,
-Hong

Thanks for the Information above.

I already have the AM62X-RESTRICTED-SECURITY and also the Keywriter User Guide.

1.) Now I created a bootloader which is different to the original version - but how to verify the Key used and everything is properly setup?

2.) Next up from your link they used / u-boot / board/ ti / keys but my path for the keys is different?

3.) The OTP_Keywriter User-Guide does not explain how to disable AES-Encryption of the Image -> do we always need to encrypt it?

Thanks and regards,

Hi Markus,
Let me add my input on your questions.
1/. One option to verify the customer key programming process is booting the SW signed with the customer key on HS-SE.
2/. Yes, the key folder was changed in newer SDK from "board/ti/keys/" to "arch/arm/mach-k3/keys/"
3/. Will you clarify your question? is it on "AES-256 key" mentioned in the OTP keywriter user guide or binary encryption with SMEK?
Best,
-Hong

Hi Hong,

1.) My Problem is I only have a single Board by the time - so a fail is not acceptable by now. Therefore I want to ensure it will work properly. So I have to ensure it does work

2.) Thanks that clarified a lot

3.) Yes, SMEK. How to enable / disable it on both sides (within SBL / Keywriter).

When not supplied with the --smek during generation of the Keywriter it is not applied? Or is there a default-value used as soon as I write the OTP (e.g. 0xFFFF...)?

Same Question for the SBL. When not applied within the Yocto as smek.pem it will not be used during the Build (e.g. no AES)?

Thank you very much.

Best regards,

Markus

Another Question just came up:

How to name the files (custMpk.pem / smek.key ...) within arch/arm/mach-k3/keys/ (yocto)?

Or where are this names defined in order to supply it properly to the build?

Thanks

Hi Markus,

Markus Bächle said:

1.) My Problem is I only have a single Board by the time - so a fail is not acceptable by now. Therefore I want to ensure it will work properly. So I have to ensure it does work

Here're few dry-run options before programming the key on target
1/. check the key blob generation
build the otp key programming binary but commenting off "VPP ON" in R5 code, run the binary on target, capture both logs from R5 and M4, and check the M4 log to see if the key blob authentication passed, for example, the first part of M4 log looks good till "# Programming Keys..", and some error are expected after "# Programming Keys.." due to VPP is intentionally OFF for dry-run...

2/. VPP voltage
build the otp key programming binary but adding a spin loop after "VPP ON" in R5 code, run the binary on target. measure VPP pin to see if it meets VPP voltage requirements as noted in AM62x datasheet

Markus Bächle said:

When not supplied with the --smek during generation of the Keywriter it is not applied?

yes, you're right.

Markus Bächle said:

Same Question for the SBL. When not applied within the Yocto as smek.pem it will not be used during the Build (e.g. no AES)?

yes, in Linux SDK, only binary data blob authentication in RoT secure boot flow is supported, but not binary data blob decryption.

Markus Bächle said:

How to name the files (custMpk.pem / smek.key ...) within arch/arm/mach-k3/keys/ (yocto)?

Or where are this names defined in order to supply it properly to the build?

https://git.ti.com/cgit/ti-u-boot/ti-u-boot/tree/arch/arm/dts/k3-binman.dtsi?h=11.01.17#n15

Best,
-Hong

Best,
-Hong

Thanks for the reply.

Regarding smek.key - this is not mentioned in the binman.dtsi

Where do I have to put this key?

Hi Markus,
Linux SDK supports authentication on binary signed with the root key (SMPK), but not binary decryption (SMEK) in RoT secure boot flow. SMEK is not used in Linux SDK.
Best,
-Hong

Thanks - now its clear.

Just one last question: Somewhere I read even when SMEK is written I can provide un-encrypted images. Is this correct? As long as the certificate is provided the controller will accept it?

Thank you and regards,

Markus

Hi Markus,
yes, your understanding is correct that it is ok to program SMEK to OTP efuse, but the image is only signed, but not encrypted with SMEK.
Best,
-Hong

Thank you very much for your help.

The OTP is written and I confirmed by parsing the SOC-ID.

Also I checked my custMpk.pem by hasing and comparing with the value in the SOC-ID - both are equal.

I put my custMpk.pem into the Yocto-Build and created an image and started.

But the resulting image is not booting (no response at all on terminal).

--- 

As it seams not to use the certificate I did set "UBOOT_SIGN_ENABLE = "1"" within local.conf.

It seams to be using the keys now but I get following failure during Yocto build:

ERROR: u-boot-ti-staging-1_2025.01+git-r0_tisdk_5 do_deploy: Recipe u-boot-ti-staging is trying to install files into a shared area when those files already exist. The files and the manifests listing them are:
.../u-boot-nodtb.bin
(not matched to any task)
.../u-boot.dtb
(not matched to any task)
Please adjust the recipes so only one recipe provides a given file.
ERROR: Logfile of failure stored in: .../temp/log.do_deploy.3194855
ERROR: Task (.../u-boot-ti-staging_2025.01.bb:do_deploy) failed with exit code '1'

Hi Markus,
1/. will you upload either the raw or parsed soc_id log on HS-SE?
2/. which tiboot3.bin variant (*hs* or *hs-fs*) out of your u-boot build was used in boot testing on HS-SE?
Best,
-Hong

Hi Hong,

1.) My Soc-ID Text:

-----------------------
SoC ID Header Info:
-----------------------
NumBlocks : 2
-----------------------
SoC ID Public ROM Info:
-----------------------
SubBlockId : 1
SubBlockSize : 26
DeviceName : am62x
DeviceType : HSSE
DMSC ROM Version : [0, 1, 0, 1]
R5 ROM Version : [0, 1, 0, 1]
-----------------------
SoC ID Secure ROM Info:
-----------------------
Sec SubBlockId : 2
Sec SubBlockSize : 166
Sec Prime : 0
Sec Key Revision : 1
Sec Key Count : 1
Sec TI MPK Hash : d68ecb2c055dff11ade95bd927e837d2a53bc23b0a2800cebce4f106bcf309df2213912d77a157a8b7c2df40672a06a918034aa4c7d603e462481475225d49b8
Sec Cust MPK Hash : b494e1694516285b18d52cd75d5fa425d0d509784c2da48ae3464f411f66cf253a50f42fc93838bac03be61975538c510de650ef41305399250b7bfb9c90e187
Sec Unique ID : c1320dd767bc9219c74bf884d4b1f5d1ebc5ba930f05027e3a888e43f8565173

2.) I did just flash an SD-Card where the following link should be applicable:

  tiboot3.bin -> tiboot3-am62x-hs-fs...bin

Where I'm not sure is on the certificate used (custMpk.crt). I used the one created from SBL_Keywriter (final_certificate.bin) and had to modify it as this seems to be a binary and he wants to have an base64 version during build.

Thanks and regards,

Markus

Ok just tried also: 

openssl req -batch -new -x509 -key keys/dev.key -out keys/dev.crt

Where dev.key == dev.pem (renamed everything to custMpk.xxx)

But even with this certificate I do not get any response on the Serial-Port when starting from SD-Card