diff options
author | Daisuke Nojiri <dnojiri@chromium.org> | 2016-09-23 17:40:15 -0700 |
---|---|---|
committer | Martin Roth <martinroth@google.com> | 2016-10-21 19:42:23 +0200 |
commit | a51d2db4f03844cae1d3e0eb72e305fcb0c9c8d3 (patch) | |
tree | 25e282186cf3e2b7dea6f40860b44418fcadc2b6 | |
parent | 8337a3867b232fbd1dac5f7bc2774d6df27335ae (diff) | |
download | coreboot-a51d2db4f03844cae1d3e0eb72e305fcb0c9c8d3.tar.xz |
marvell/mvmap2315: Compose BOOTBLOCK region
This patch adds a Makefile rule for mvmap2315 to install a BDB and
bootblock code in the BOOTBLOCK region. The resulting BDB has a
header and data both signed by a RSA-4096 key.
BUG=chrome-os-partner:57889
BRANCH=none
TEST=emerge-rotor coreboot and examined the output binary. Booted
coreboot.rom.
Change-Id: I1e20a09b12f8f8ed4d095aa588e3eb930f359fc5
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/16747
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
-rw-r--r-- | src/soc/marvell/mvmap2315/Makefile.inc | 75 |
1 files changed, 74 insertions, 1 deletions
diff --git a/src/soc/marvell/mvmap2315/Makefile.inc b/src/soc/marvell/mvmap2315/Makefile.inc index d30ab68e95..c6426f1fd0 100644 --- a/src/soc/marvell/mvmap2315/Makefile.inc +++ b/src/soc/marvell/mvmap2315/Makefile.inc @@ -63,4 +63,77 @@ romstage-y += wdt.c CPPFLAGS_common += -Isrc/soc/marvell/mvmap2315/include/ -endif +# +# Common Boot Flow parameters +# +BOOTBLOCK_REGION_SIZE = 131072 +BOOTBLOCK_TYPE = 1 +BOOTBLOCK_PARTITION = 1 +BOOTBLOCK_LOAD_ADDRESS = 0xe000c000 +BDB = $(obj)/bdb.bin +BDB_LOAD_ADDRESS = 0xe0000000 +DATA_VERSION = 2 + +# +# Keys used to create BDB +# +KEYDIR = $(VBOOT_SOURCE)/tests/testkeys +BDBKEY_PUB = $(KEYDIR)/bdbkey.keyb +BDBKEY_PRI = $(KEYDIR)/bdbkey.pem +BDBKEY_DIGEST = $(VBOOT_SOURCE)/tests/testdata/bdbkey_digest.bin +# Use bdbkeys because mvmap2315's bootROM doesn't support RSA3072b with +# exponent 3 and the algorithms for BDB key and data key have to match. +DATAKEY_PUB = $(KEYDIR)/bdbkey.keyb +DATAKEY_PRI = $(KEYDIR)/bdbkey.pem + +# Calculate bootblock.raw.bin's size and offset +.PHONY: bootblock_offset +bootblock_offset: $(objcbfs)/bootblock.raw.bin + $(eval BOOTBLOCK_SIZE = $(call file-size, $<)) + $(eval BOOTBLOCK_OFFSET = $(call int-subtract, \ + $(BOOTBLOCK_REGION_SIZE) $(BOOTBLOCK_SIZE))) + +# +# Create BDB +# +# TODO: Verify sign algorithms of the BDB key and data key are supported +$(BDB): $(objcbfs)/bootblock.raw.bin $(FUTILITY) bootblock_offset \ + $(BDBKEY_PRI) $(BDBKEY_PUB) $(DATAKEY_PRI) $(DATAKEY_PUB) \ + $(VBOOT_SOURCE)/tests/testdata/bdbkey_digest.bin + $(FUTILITY) bdb --create $@.tmp \ + --bdbkey_pri $(BDBKEY_PRI) --bdbkey_pub $(BDBKEY_PUB) \ + --datakey_pri $(DATAKEY_PRI) --datakey_pub $(DATAKEY_PUB) \ + --load_address $(BDB_LOAD_ADDRESS) + $(FUTILITY) bdb --add $@.tmp \ + --data $< \ + --offset $(BOOTBLOCK_OFFSET) \ + --partition $(BOOTBLOCK_PARTITION) \ + --type $(BOOTBLOCK_TYPE) \ + --load_address $(BOOTBLOCK_LOAD_ADDRESS) + $(FUTILITY) bdb --resign $@.tmp \ + --datakey_pri $(DATAKEY_PRI) \ + --data_version $(DATA_VERSION) + $(FUTILITY) bdb --verify $@.tmp --key_digest $(BDBKEY_DIGEST) + mv $@.tmp $@ + +# +# Create custom bootblock.bin +# +# This overrides generic pattern rule *.raw.bin -> *.bin for bootblock.bin. +# bootblock.bin is structured as follows: +# +------------------+ +# | BDB | +# +------------------+ +# | 000............0 | +# +------------------+ +# |bootblock.raw.bin | +# +------------------+ +# And this will be placed in BOOTBLOCK region. +$(objcbfs)/bootblock.bin: $(objcbfs)/bootblock.raw.bin $(BDB) bootblock_offset + dd if=/dev/zero bs=1 count=$(BOOTBLOCK_REGION_SIZE) of=$@.tmp + dd if=$(BDB) bs=1 count=$(call file-size, $(BDB)) conv=notrunc of=$@.tmp + dd if=$(objcbfs)/bootblock.raw.bin bs=1 count=$(BOOTBLOCK_SIZE) \ + seek=$(BOOTBLOCK_OFFSET) conv=notrunc of=$@.tmp + mv $@.tmp $@ + +endif
\ No newline at end of file |