summaryrefslogtreecommitdiff
path: root/doc/imx/ahab
AgeCommit message (Collapse)Author
2020-07-01MLK-24362-5 doc: imx: ahab/habv4: Remove mentions to a specific CST versionVanessa Maegima
The mentioned CST PKI tree generation commands are compatible with the newer versions of the tool, so there is no need to hardcode the CST version. Add this information in the documentation. Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com>
2020-07-01MLK-24362-3 doc: imx: ahab: Fix app notes referencesVanessa Maegima
Remove AN revisions so it is not needed to update this when new versions are released. Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com>
2020-07-01MLK-24362-1 doc: imx: ahab: csf_examples: Fix typo in file nameVanessa Maegima
Old file name referred to "cst" instead of "csf". Fix this. Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com>
2020-04-26MLK-23180 doc: ahab: Update SECO event example descriptionBreno Lima
Update SECO event example description to clarify the error reported. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit 1018252a576697e8f80ab78a1dcb15f1866e1fb8)
2020-04-26MLK-23092 doc: ahab: Add encrypted boot documentation for i.MX8/8x devicesBreno Lima
Add AHAB encrypted boot documentation for i.MX8/8x family devices covering the following topics: - How to encrypt and sign the 2nd container in flash.bin image. - How to encrypt and sign a standalone container image. Include a CSF example to encrypt 2nd container in flash.bin image. Signed-off-by: Catia Han <yaqian.han@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> (cherry picked from commit dc18ee2c6c06ab9364dc08c70830acc8c6dcceac)
2020-04-26MLK-22513 doc: ahab: Update OS container image targetBreno Lima
Commit 28dd37699022("imx8: Clean up targets") in imx-mkimage project renamed flash_linux target to flash_kernel. Update AHAB documentation to align with this change. Reported-by: Frank Zhang <frank.zhang@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> (cherry picked from commit 8713142afd953e89bb6aa460716692fbb0a6a413)
2020-04-26MLK-22103 doc: ahab: Update imx-mkimage SPL build targetYe Li
Since we have changed imx-mkimage flash_spl_container target to flash_spl, also update it in u-boot ahab document. Signed-off-by: Ye Li <ye.li@nxp.com> Acked-by: Peng Fan <peng.fan@nxp.com> (cherry picked from commit f850d467db9cf3b9b58688b96f1b4d9d8632b07d) (cherry picked from commit 6b86e3f2f9dd7a29ee817119340ef61efb010cf6)
2020-04-26MLK-20935-4 doc: imx: ahab: Fix typo in mx8_mx8x_secure_boot.txt guideBreno Lima
Fix a typo in path provided for imx-mkimage iMX8QM and iMX8QXP directories. Reported-by: Marius Grigoras <marius.grigoras@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit c75243c1a87a10f003377d9c144bcf412ba80440) (cherry picked from commit ee024325a0a32b248c4ddb4bb04768bcfb933694)
2020-04-26MLK-20935-3 doc: imx: ahab: Add a note in SRK Hash fuses sanity checkBreno Lima
The commands included in introduction guide should not be used as reference for programming the SRK Hash fuses as they are in big endian. Add a note to avoid a possible mistake. Reported-by: Clement Le Marquis <clement.lemarquis@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit 137319826cc32d98a9b6890f35dd6670e104c2a5) (cherry picked from commit 03d49480f73ce62de4f759fe02dfcf82726b8b79)
2020-04-26MLK-20935-2 doc: imx: ahab: Include ahab_close commandBreno Lima
Since commit 771b824728ca ("MLK-20919 imx8: ahab: Add command to close the chip") the U-Boot is able to move the lifecycle from NXP closed to OEM closed. Update AHAB guides to use U-Boot ahab_close command instead of SCFW CLI. As the procedure is now independent of SCFW terminal we can remove this condition from documentation. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit 6f93d877e1454024f666a4810d24148cf595429e) (cherry picked from commit 4f6bc59ff94de150611d82b45365d24d356f30ef)
2020-04-26MLK-20916-2: doc: imx: ahab: Update AHAB document to include ahab_status commandBreno Lima
Since commit cf2acc5b7cde ("MLK-18942-2 imx8: ahab: Add ahab_status command") the U-Boot is able to display and parse the SECO events. Update AHAB guides to use U-Boot ahab_status command instead of SCFW CLI. Starting in SECO FW v0.2.0 engineering release an invalid image integrity is logged as an event in open mode. As ahab_status is able to return this event the note can be removed. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit 385ed19051a47f5858e8d326e5ee97f8a08a679d) (cherry picked from commit 4a88ca0aecec31d0877d7a620fa796a83387a195)
2020-04-26MLK-20553-3 doc: imx: ahab: Add Secure Boot documentation for i.MX8 and ↵Breno Lima
i.MX8x SPL targets The current U-Boot implementation includes SPL targets for i.MX8QM and i.MXQXP MEK boards: - imx8qxp_mek_spl_defconfig - imx8qxp_mek_spl_fspi_defconfig - imx8qm_mek_spl_defconfig - imx8qm_mek_spl_fspi_defconfig The U-Boot proper and ATF are included in an additional container being necessary a different procedure for signing the flash.bin image. Add a step-by-step guide covering the signing procedure. Add a CSF example for the 3rd container. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Frank Zhang <frank.zhang@nxp.com> Reviewed-by: Marius Grigoras <marius.grigoras@nxp.com> Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> (cherry picked from commit 04505024d38eebbb5f39133b502c8e450ca40215) (cherry picked from commit b139f10ccec5c57164f7e07e33984c845ce58b60)
2020-04-26MLK-20553-2 doc: imx: ahab: Add AHAB secure boot documentation for i.MX 8 ↵Clement Le Marquis
and 8X families Add AHAB secure boot step-by-step guide for i.MX8 and i.MX8x families devices. Add 3 CSF example files: - Example to sign flash.bin only using SRK keys. - Example to sign flash.bin using a subordinate SGK key. - Example to sign Linux image only using SRK keys. Signed-off-by: Clement Le Marquis <clement.lemarquis@nxp.com> Reviewed-by: Frank Zhang <frank.zhang@nxp.com> Reviewed-by: Marius Grigoras <marius.grigoras@nxp.com> Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> (cherry picked from commit 7c46caba3b528b0399242f99612e5b094b1a4703) (cherry picked from commit 20016c156f4f4e618de9eff6f5b1fc6a1c871e2a)
2020-04-26MLK-20553-1 doc: imx: ahab: Add AHAB introductionBreno Lima
The AHAB is currently supported in i.MX8QXP and i.MX8QM devices. Add an introductory document containing the following topics: - AHAB Secure Boot Architecture - System Control Unit (SCU) introduction - Security Controller (SECO) introduction - i.MX8/8x secure boot flow - AHAB PKI tree generation - SRK Table and SRK Hash generation Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Frank Zhang <frank.zhang@nxp.com> Reviewed-by: Marius Grigoras <marius.grigoras@nxp.com> Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> (cherry picked from commit 6e9ceb2526bd4a45c6ff669afb086cc3a0627e6b) (cherry picked from commit d3534f1d0e9a0f777160a4a6732a30a2bb545733)
generated by cgit v1.2.3 (git 2.0.4) at 2024-06-02 10:24:15 +0000