From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.5 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB623C63793 for ; Thu, 22 Jul 2021 09:04:06 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 26F9560FEA for ; Thu, 22 Jul 2021 09:04:06 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 26F9560FEA Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=foss.st.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 17D8C82991; Thu, 22 Jul 2021 11:04:03 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="EQ1v4+3A"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id CDE1E829EC; Thu, 22 Jul 2021 11:04:00 +0200 (CEST) Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 270BA8164D for ; Thu, 22 Jul 2021 11:03:57 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1837f80f6a=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 16M91kYH004191; Thu, 22 Jul 2021 11:03:53 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=selector1; bh=ed+7RdT6eBUpMaygIdKT1S5vicjOgKBYUeMU1jE/hIQ=; b=EQ1v4+3A9Ke5ZgLP5DEfXAli7zZ1VXxTNydr87dLmHY9/JYmN/8S7DGZn24BvUD27U2W P5ex7vQ4SZmRaAO0spW2s+6CEVmxAFDIPSeT2dyPBlvGFdOSit4TDLPf2lmz2/c4rtK3 Iwds/a/j/XeD1dA2U3YrndfVwT0wzuRm0y17OWWayKdZWQJooSTgo5EL58QNZuv4rI9f OrAomGVZmwQUhQUO46BN/ldna7ruJqt7bRNQzV/GYEv1Y/iD1k6wXHGgzohYafM4dCI1 nmp1TTBxqfwd5jBs7tMOEgWRsrKiTrvWJqyLMvfRVkA7rajU6RjSplKtf76o8PehfcFE Rg== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39y43wrp5t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 22 Jul 2021 11:03:53 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 47EFE10003A; Thu, 22 Jul 2021 11:03:52 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 0B34C21D3A3; Thu, 22 Jul 2021 11:03:52 +0200 (CEST) Received: from lmecxl0994.lme.st.com (10.75.127.50) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 22 Jul 2021 11:03:51 +0200 Subject: Re: U-BOOT 2021.07 and STM32MP15x issues for Trusted Boot Chain To: gianluca , CC: Gianluca Renzi , U-Boot STM32 , Patrice CHOTARD References: <454648fd-7145-fe3f-c95d-dd17c33d8f17@eurek.it> From: Patrick DELAUNAY Message-ID: <6ba30090-b390-9e07-4d1a-b21ae0d40106@foss.st.com> Date: Thu, 22 Jul 2021 11:03:50 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <454648fd-7145-fe3f-c95d-dd17c33d8f17@eurek.it> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Originating-IP: [10.75.127.50] X-ClientProxiedBy: SFHDAG2NODE1.st.com (10.75.127.4) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-22_04:2021-07-22, 2021-07-22 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Hi Gianluca, On 7/22/21 10:01 AM, gianluca wrote: > Hello list, > I was wondering what I am doing wrong following the procedure > explained in the doc/board/st/stm32mp1.rst documentation file. > > I am using the latest git version (the Makefile says 2021.07). > > My goal is to run from sdcard in trusted boot chain (TrustZone secure > monitor) the evaluation kit STM32MP157C-DK2. > > The procedure says: > >> The **Trusted** boot chain >> `````````````````````````` >> >> defconfig_file : stm32mp15_trusted_defconfig >> >> +-------------+-------------------------+------------+-------+ >>     |  ROM code   | FSBL                    | SSBL       | OS | >>     + +-------------------------+------------+-------+ >>     |             |Trusted Firmware-A (TF-A)| U-Boot     | Linux | >> +-------------+-------------------------+------------+-------+ >>     | TrustZone   |secure monitor | >> +-------------+-------------------------+------------+-------+ >> >> TF-A performs a full initialization of Secure peripherals and installs a >> secure monitor, BL32: >> >>   * SPMin provided by TF-A or >>   * OP-TEE from specific partitions (teeh, teed, teex). >> >> U-Boot is running in normal world and uses the secure monitor to access >> to secure resources. > > As far as I understand there is only a single first-stage-boot-loader > (FSBL) and a second-stage-boot-loader (SSBL), otherwise in the *Basic > Boot Chain* I have FSBL1 and FSBL2 _and_ a SSBL. > > FSBL1 / FBSL2 => can be use for basic or trusted boot chain = it is 2 copy for the FSBL for failsafe update the ROM code will check integrity of FSBL1 ..... if it is failing, it will use FSBL2 instead This feature allo to always boot even if FSBL1 update is interrupted.... if this feature is not needed you can remove the second FSBL partition. >> Build Procedure >> --------------- >> >> 1. Install the required tools for U-Boot >> >>    * install package needed in U-Boot makefile >>      (libssl-dev, swig, libpython-dev...) >> >>    * install ARMv7 toolchain for 32bit Cortex-A (from Linaro, >>      from SDK for STM32MP15x, or any crosstoolchains from your >> distribution) >>      (you can use any gcc cross compiler compatible with U-Boot) >> > > Done. I am in a Debian Buster DevelWorkstation, so everything is > coming from the official repos. > > At the moment the arm toolchain is: > arm-linux-gnueabihf-gcc -v > (...) >> >> 6. Output files >> >>    BootRom and TF-A expect binaries with STM32 image header >>    SPL expects Gianlucafile with U-Boot uImage header >> >>    So in the output directory (selected by KBUILD_OUTPUT), >>    you can found the needed files: >> >>   - For **Trusted** boot (with or without OP-TEE) >> >>      - FSBL = **tf-a.stm32** (provided by TF-A compilation) >>      - SSBL = **u-boot.stm32** > > No tf-a.stm32 for TrustZone Boot but only the u-boot.stm32 file. > "tf-a.stm32" is provided by TF-A compilation (see after. >> >>   - For Basic boot >> >>      - FSBL = spl/u-boot-spl.stm32 >>      - SSBL = u-boot.img > > find . -name 'tf-a.stm32' > > find . -name '*tf-a*' > > find . -name '*tfa*' > ./include/config/tfaboot.h > ./include/config/arch/support/tfaboot.h > > Where is the tf-a.stm32????? > > Something missing by my side??? > > > Regards, > Gianluca Renzi "TF-A"  = "Trusted Firmware-A"  is a separate component and it need to be compiled separately. TF-A references = - https://www.trustedfirmware.org/projects/tf-a/ - https://trustedfirmware-a.readthedocs.io/en/latest/ => https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/ For build information at upstream, you can check https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/docs/plat/stm32mp1.rst For first test you can use SP_min as secure monitor: |make CROSS_COMPILE=arm-linux-gnueabihf- PLAT=stm32mp1 ARCH=aarch32 ARM_ARCH_MAJOR=7 AARCH32_SP=sp_min STM32MP_SDMMC=1 STM32MP_EMMC=1 STM32MP_RAW_NAND=1 STM32MP_SPI_NAND=1 STM32MP_SPI_NOR=1 DTB_FILE_NAME=stm32mp157c-ev1.dtb | I will update the stm32mp1 readme to indicate these missing information. you need to compile 2 projects - TF-A => FSBL - U-Boot => SSBL PS: to have a full secure support support with FIP (when  it will be supported on TF-A side), you can use OP-TEE as the secure OS.... but it is a separate project TF-A REF = - https://www.op-tee.org/ - https://optee.readthedocs.io/en/latest/ - BUILD = https://optee.readthedocs.io/en/latest/building/devices/stm32mp1.html => https://github.com/OP-TEE/optee_os In this case you need to compile the binary include in FIP - OP-TEE => Secure OS - U-Boot => SSBL Then you can compile: - TF-A => FSBL & FIP (including OP-TEE and U-Boot) Regards Patrick