[S32G] OTA with Secure Boot
最后更新于
最后更新于
This document introduces how to burn s32g firmware(images) into the SD card with the secure boot. When the secure boot was enabled in one s32g SoC, wrong security configurations would lead to the SoC boot failure. We should be mindful of the security configurations such as the correct kernel public key and signed kernel image.
The security team has provided a script to obtain s32g firmware in the docker build environment. You can run the get_firmware.sh to archive this function, as a result, all firmware about the OTA will be written to the ota_fw directory. The s32g SoC images are outlined below figure:
fip.bin: ATF and U-boot firmware
fip.s32: IVT and ATF firmware
rsa2048_public.der : image public key
sec-boot.itb : Signed Linux Kernel (dtb + ramdisk + kernel)
u-boot-flashenv-sd.bin: uboot env
We can divide an SD card into three sections that are no filesystem (boot section), FAT32 (kernel section), and EXT4 (RootFS section).
The fip.bin, fip.s32, and uboot env binary are populated into the no filesystem boot section while the public key and signed Linux kernel are copied to the FAT32 format filesystem kernel section.
Assuming the file name mapped to the SD card is /dev/sdx and the FAT32 kernel partition is mounted on /mnt. Please note that all arguments in using the dd command are vital.
Note, the hse_secboot_enable will overlap the IVT at 0 addresses.
The secure boot is a verifying chain of ATF -> UBOOT-> Kernel, as a result, one of them is changed leading to boot Linux failure. All images should be re-burned when you use the OTA.
Before the first time booting, the SoC will execute the uboot command hse_secboot_enable rsa2048_public.der which will provision the public key and secure images to the HSE firmware of the s32g SoC. The process is shown in the following figure:
After the command is finished, simply reset the board to boot in secure mode. To verify if the board has booted in secure mode, check the BOOT_SEQ bit in the IVT, at offset 0x28:
