AM62A7: Uboot booting signed and encrypted Linux fit image

Joseph Tingin

Part Number: AM62A7

Hi,

I am using ti-processor-sdk-linux-edgeai-am62a-evm-11.01.07.05 to build Uboot and I can boot to Uboot on my HS-SE board successfully. I am signing the tiboot, tispl, and u-boot images through binman.

Now when I try to boot my signed and encrypted Linux fit image from U-boot, I get the following error:

fdt_magic(fdt) = d00dfeed
fdt_magic(fdt) = d00dfeed
   Using 'conf-2' configuration
   Verifying Hash Integrity ... OK
   Trying 'kernel' kernel subimage
     Description:  Stella Linux kernel
     Type:         Kernel Image
     Compression:  gzip compressed
     Data Start:   0x8f0000e4
     Data Size:    8315158 Bytes = 7.9 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x83000000
     Entry :  0x830000P    Hash algo:    crc32
     Hash value:   9ccf37ae
   Verifying Hash Integrity ... crc32+ OK
fdt_magic(fdt) = d00dfeed
fdt_magic(fdt) = d00dfeed
## Loading ramdisk from FIT Image at 8f000000 ...
fdt_magic(fdt) = d00dfeed
fdt_magic(fdt) = d00dfeed
   Using 'conf-2' configuration
   Verifying Hash Integrity ... OK
   Trying 'ramdisk-1' ramdisk subimage
     Description:  Compressed Initramfs
     Type:         RAMDisk Image
     Compression:  zstd compressed
     Data Start:   0x8f7fc688
     Data Size:    50885399 Bytes = 48.5 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x85000000
     Entry Point:  0x85000000
     Hash algo:    sha1
     Hash value:   223eacefa1c1d91c27389fd88c4867640adc55d7
   Verifying Hash Integrity ... sha1+ OK
   Loading ramdisk from 0x8f7fc688 to 0x85000000
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
fdt_magic(fdt) = d00dfeed
fdt_magic(fd d00dfeed
fdt_magic(fdt) = d00dfeed
## Loading fdt from FIT Image at 8f000000 ...
fdt_magic(fdt) = d00dfeed
fdt_magic(fdt) = d00dfeed
   Using 'conf-2' configuration
   Verifying Hash Integrity ... OK
   Trying 'fdt-1' fdt subimage
     Description:  Stella Flattened Device Tree blob
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x8f7ee2ec
     Data Size:    58070 Bytes = 56.7 KiB
     Architecture: AArch64
     Load Address: 0x82000000
     Hash alg    crc32
     Hash value:   2674846c
   Verifying Hash Integrity ... crc32+ OK
   Loading fdt from 0x8f7ee2ec to 0x82000000
fdt_magic(fdt) = 30820702
  DEBUG IH_TYPE_FLATDT loadbuf address 0000000082000000
 fdt_check_header() return = -9
fdt_magic(fdt) = 30820702
Subimage data is not a FDTCould not find a valid device tree

In an older ti-processor-sdk-linux-am62axx-evm-08.06.00.45 Uboot, I am able to boot the same fit image successfully.

I added some debug and found that in the newer SDK version, CONFIG_FIT_IMAGE_POST_PROCESS is now disabled and has a dependency on CONFIG_SOCFPGA_SECURE_VAB_AUTH. In the older SDK version, CONFIG_FIT_IMAGE_POST_PROCESS is enabled. My understanding is this config is needed to authenticate each image in the fit and even decrypt it.

Why is CONFIG_FIT_IMAGE_POST_PROCESS now disabled and dependent on this specific config?

Is there a new signing flow for the Linux fit image?

This is my current signing flow for the Linux fit image:

Sign and encrypt Image using appimage_x509_cert_gen.py
Sign and encrypt rootfs using appimage_x509_cert_gen.py
Sign and encrypt fdt using appimage_x509_cert_gen.py
Make fit image "mkimage -f config.its fitimage"

Thank you,

Joseph

6 days ago

0 Bin Liu 3 days ago

TI__Guru**** 175331 points

Hi,

I am routing your query to our security expert for comments.

0 Hong Guan64 3 days ago in reply to Bin Liu

TI__Guru 74030 points

Hi Joseph,

There was change in u-boot proper verifying the kernel FIT image starting from SDK 9.x, where the generic u-boot FIT signature verification is used
to verify the kernel FIT image instead of the TISCI API.

It is still possible to verify/decrypt kernel/dtb with the TISCI API.
Please refer to the FAQ for your reference, where there're two options to sign binary, either with the root RSA key or the auxiliary RSA key, where the public key hash is imported with public keyring feature
[FAQ] Binary blob authentication and decryption using TIFS on AM62x

Best,
-Hong

0 Joseph Tingin 3 days ago in reply to Hong Guan64

Prodigy 250 points

Hi Hong,

Thanks for providing the different options to sign binaries. We'll move to this new signing and verification method soon and see which option is best for us.

Is there any drawback in using the option I mentioned where I re-enable CONFIG_FIT_IMAGE_POST_PROCESS and continue signing using the old method?

Thanks,

Joseph

0 Hong Guan64 2 days ago in reply to Joseph Tingin

TI__Guru 74030 points

Hi Joseph,

Using the generic u-boot FIT signature scheme in u-boot proper verifying the kernel FIT image makes it possible with the Signed Configurations as noted here
https://git.ti.com/cgit/ti-u-boot/ti-u-boot/tree/doc/usage/fit/signature.rst#n206

In the meantime, signature verification ONLY (no decryption) is supported in the generic u-boot FIT signature scheme.

It is up to user to choose which option to integrate depending on user's securiry requriement/use case.

Best,
-Hong

Processors

Processors forum

AM62A7: Uboot booting signed and encrypted Linux fit image