On 7/28/21 10:50 AM, guillaume pivetta via TF-A wrote:
Hi, I’m trying to implement a secure boot on a STM32MP1 without using the FIP file.
Hi Guillaume,
Sorry for this very late reply.
For now , I am not able to use FIP format during the boot process so I use a depreciated boot process with TF-Av2.2 as FSBL and U-Boot as SSBL to boot my Board.
That's quite an old software. If you can, I'd suggest you update the software to the version delivered by ST, based on a v2.4 label. The sources are available there: https://github.com/STMicroelectronics/arm-trusted-firmware And you should take the v2.4-stm32mp branch.
In this software, FIP is available, and with a better support for TUSTED_BOARD_BOOT.
My boot process do Romcode -> TF-A (BL2) -> SP_min (BL32) -> U-Boot (BL33) -> Linux kernel
I succefully implemented signature authentification between U-Boot and Linux image, but between TF-A and U-Boot it’s a little bit harder.
I learned on ST wiki how to sign my u-boot binary with the STM32MP_SigningTool_CLI, but when I sign my binary with a custom private key, TF-A don’t authentified it on boot, even if i tryed to pass my key to TF-A at compilation time with the BL33_KEY argument, which i think is dedicated to the FIP usage.
I found, in the sources of TF-A, what I think being a developpement key, named « arm_rotpk_ecdsa.pem ».
And when I sign my binary with this key, I am able to perform the signature check and continu my boot process. So I tryed to change this key with a custom one and recompile TF-A to update the key in the final binary, but it seem that it is not so simple.
I found yesterday that the auth_mod_init() function wasn’t call because I had forgotten the TUSTED_BOARD_BOOT=1 compilation argument. But when I activate it, the compilation doesn’t work and i see
« build/arm-trusted-firmware-v2.2/bl2/bl2_main.c:91: undefined reference to `auth_mod_init' »
Whitch traditionnaly append when linker don’t find the .o where the functions are implemented.
I would like to know if it is possible to implement some kind of authentification with custom keys without FIP and if yes where can i find some hints/ressources/tutorial ?
I don’t find a lot of ressources about secure boot without FIP so I hope you will be able to help me.
If you can switch to a newer software with FIP, you can check: https://wiki.st.com/stm32mpu/wiki/How_to_configure_TF-A_FIP
Else, the page that could help you is there: https://wiki.st.com/stm32mpu-ecosystem-v2/wiki/STM32MP15_secure_boot
If you need more help, the better is to use the links given at the bottom of the wiki pages: ST Support Center (https://community.st.com/s/onlinesupport) or ST Community MPU Forum (https://community.st.com/s/topic/0TO0X0000003u2AWAQ/stm32-mpus).
Best regards, Yann
tf-a@lists.trustedfirmware.org