[people/ms/u-boot.git] / doc / README.ti-secure

README on how boot images are created for secure TI devices

CONFIG_TI_SECURE_DEVICE:
Secure TI devices require a boot image that is authenticated by ROM
code to function. Without this, even JTAG remains locked and the
device is essentially useless. In order to create a valid boot image for
a secure device from TI, the initial public software image must be signed
and combined with various headers, certificates, and other binary images.

Information on the details on the complete boot image format can be obtained
from Texas Instruments. The tools used to generate boot images for secure
devices are part of a secure development package (SECDEV) that can be
downloaded from:

	http://www.ti.com/mysecuresoftware (login required)

The secure development package is access controlled due to NDA and export
control restrictions. Access must be requested and granted by TI before the
package is viewable and downloadable. Contact TI, either online or by way
of a local TI representative, to request access.

When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process requires
the presence and use of these tools in order to create a viable boot image.
The build process will look for the environment variable TI_SECURE_DEV_PKG,
which should be the path of the installed SECDEV package. If the
TI_SECURE_DEV_PKG variable is not defined or if it is defined but doesn't
point to a valid SECDEV package, a warning is issued during the build to
indicate that a final secure bootable image was not created.

Within the SECDEV package exists an image creation script:

${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh

This is called as part of the SPL/u-boot build process. As the secure boot
image formats and requirements differ between secure SOC from TI, the
purpose of this script is to abstract these details as much as possible.

The script is basically the only required interface to the TI SECDEV package
for secure TI devices.

Invoking the script for AM43xx Secure Devices
=============================================

create-boot-image.sh <IMAGE_FLAG> <INPUT_FILE> <OUTPUT_FILE> <SPL_LOAD_ADDR>

<IMAGE_FLAG> is a value that specifies the type of the image to generate OR
the action the image generation tool will take. Valid values are:
	SPI_X-LOADER - Generates an image for SPI flash (byte swapped)
	XIP_X-LOADER - Generates a single stage u-boot for NOR/QSPI XiP
	ISSW - Generates an image for all other boot modes

<INPUT_FILE> is the full path and filename of the public world boot loader
binary file (depending on the boot media, this is usually either
u-boot-spl.bin or u-boot.bin).

<OUTPUT_FILE> is the full path and filename of the final secure image. The
output binary images should be used in place of the standard non-secure
binary images (see the platform-specific user's guides and releases notes
for how the non-secure images are typically used)
	u-boot-spl_HS_SPI_X-LOADER - byte swapped boot image for SPI flash
	u-boot_HS_XIP_X-LOADER - boot image for NOR or QSPI flash
	u-boot-spl_HS_ISSW - boot image for all other boot media

<SPL_LOAD_ADDR> is the address at which SOC ROM should load the <INPUT_FILE>

Invoking the script for DRA7xx/AM57xx Secure Devices
====================================================

create-boot-image.sh <IMAGE_TYPE> <INPUT_FILE> <OUTPUT_FILE>

<IMAGE_TYPE> is a value that specifies the type of the image to generate OR
the action the image generation tool will take. Valid values are:
	X-LOADER - Generates an image for NOR or QSPI boot modes
	MLO - Generates an image for SD/MMC/eMMC boot modes
	ULO - Generates an image for USB/UART peripheral boot modes
	Note: ULO is not yet used by the u-boot build process

<INPUT_FILE> is the full path and filename of the public world boot loader
binary file (for this platform, this is always u-boot-spl.bin).

<OUTPUT_FILE> is the full path and filename of the final secure image. The
output binary images should be used in place of the standard non-secure
binary images (see the platform-specific user's guides and releases notes
for how the non-secure images are typically used)
	u-boot-spl_HS_MLO - boot image for SD/MMC/eMMC. This image is
		copied to a file named MLO, which is the name that
		the device ROM bootloader requires for loading from
		the FAT partition of an SD card (same as on
		non-secure devices)
	u-boot-spl_HS_X-LOADER - boot image for all other flash memories
		including QSPI and NOR flash
Commit	Line	Data
98350f7f DA	1	README on how boot images are created for secure TI devices
	2
	3	CONFIG_TI_SECURE_DEVICE:
	4	Secure TI devices require a boot image that is authenticated by ROM
	5	code to function. Without this, even JTAG remains locked and the
	6	device is essentially useless. In order to create a valid boot image for
	7	a secure device from TI, the initial public software image must be signed
	8	and combined with various headers, certificates, and other binary images.
	9
	10	Information on the details on the complete boot image format can be obtained
	11	from Texas Instruments. The tools used to generate boot images for secure
	12	devices are part of a secure development package (SECDEV) that can be
	13	downloaded from:
	14
	15	http://www.ti.com/mysecuresoftware (login required)
	16
	17	The secure development package is access controlled due to NDA and export
	18	control restrictions. Access must be requested and granted by TI before the
	19	package is viewable and downloadable. Contact TI, either online or by way
	20	of a local TI representative, to request access.
	21
	22	When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process requires
	23	the presence and use of these tools in order to create a viable boot image.
	24	The build process will look for the environment variable TI_SECURE_DEV_PKG,
	25	which should be the path of the installed SECDEV package. If the
	26	TI_SECURE_DEV_PKG variable is not defined or if it is defined but doesn't
	27	point to a valid SECDEV package, a warning is issued during the build to
	28	indicate that a final secure bootable image was not created.
	29
	30	Within the SECDEV package exists an image creation script:
	31
	32	${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh
	33
	34	This is called as part of the SPL/u-boot build process. As the secure boot
	35	image formats and requirements differ between secure SOC from TI, the
	36	purpose of this script is to abstract these details as much as possible.
	37
	38	The script is basically the only required interface to the TI SECDEV package
	39	for secure TI devices.
	40
	41	Invoking the script for AM43xx Secure Devices
	42	=============================================
	43
	44	create-boot-image.sh <IMAGE_FLAG> <INPUT_FILE> <OUTPUT_FILE> <SPL_LOAD_ADDR>
	45
	46	<IMAGE_FLAG> is a value that specifies the type of the image to generate OR
	47	the action the image generation tool will take. Valid values are:
	48	SPI_X-LOADER - Generates an image for SPI flash (byte swapped)
	49	XIP_X-LOADER - Generates a single stage u-boot for NOR/QSPI XiP
	50	ISSW - Generates an image for all other boot modes
	51
	52	<INPUT_FILE> is the full path and filename of the public world boot loader
	53	binary file (depending on the boot media, this is usually either
	54	u-boot-spl.bin or u-boot.bin).
	55
	56	<OUTPUT_FILE> is the full path and filename of the final secure image. The
	57	output binary images should be used in place of the standard non-secure
	58	binary images (see the platform-specific user's guides and releases notes
	59	for how the non-secure images are typically used)
	60	u-boot-spl_HS_SPI_X-LOADER - byte swapped boot image for SPI flash
	61	u-boot_HS_XIP_X-LOADER - boot image for NOR or QSPI flash
	62	u-boot-spl_HS_ISSW - boot image for all other boot media
	63
	64	<SPL_LOAD_ADDR> is the address at which SOC ROM should load the <INPUT_FILE>
65
66	Invoking the script for DRA7xx/AM57xx Secure Devices
67	====================================================
68
69	create-boot-image.sh <IMAGE_TYPE> <INPUT_FILE> <OUTPUT_FILE>
70
71	<IMAGE_TYPE> is a value that specifies the type of the image to generate OR
72	the action the image generation tool will take. Valid values are:
73	X-LOADER - Generates an image for NOR or QSPI boot modes
74	MLO - Generates an image for SD/MMC/eMMC boot modes
75	ULO - Generates an image for USB/UART peripheral boot modes
76	Note: ULO is not yet used by the u-boot build process
77
78	<INPUT_FILE> is the full path and filename of the public world boot loader
79	binary file (for this platform, this is always u-boot-spl.bin).
80
81	<OUTPUT_FILE> is the full path and filename of the final secure image. The
82	output binary images should be used in place of the standard non-secure
83	binary images (see the platform-specific user's guides and releases notes
84	for how the non-secure images are typically used)
85	u-boot-spl_HS_MLO - boot image for SD/MMC/eMMC. This image is
86	copied to a file named MLO, which is the name that
87	the device ROM bootloader requires for loading from
88	the FAT partition of an SD card (same as on
89	non-secure devices)
90	u-boot-spl_HS_X-LOADER - boot image for all other flash memories
91	including QSPI and NOR flash