[coreboot-gerrit] Patch set updated for coreboot: marvell/mvmap2315: Compose BOOTBLOCK region
Daisuke Nojiri (dnojiri@chromium.org)
gerrit at coreboot.org
Tue Oct 18 00:02:17 CEST 2016
Daisuke Nojiri (dnojiri at chromium.org) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/16747
-gerrit
commit 582bb302eff8a80ebddf6b6476d673ea7ebddd55
Author: Daisuke Nojiri <dnojiri at chromium.org>
Date: Fri Sep 23 17:40:15 2016 -0700
marvell/mvmap2315: Compose BOOTBLOCK region
This patch adds a Makefile rule for mvmap2315 to install a BDB and
bootblock code in the BOOTBLOCK region. The resulting BDB has a
header and data both signed by a RSA-4096 key.
BUG=chrome-os-partner:57889
BRANCH=none
TEST=emerge-rotor coreboot and examined the output binary
Change-Id: I1e20a09b12f8f8ed4d095aa588e3eb930f359fc5
Signed-off-by: Daisuke Nojiri <dnojiri at chromium.org>
---
src/soc/marvell/mvmap2315/Makefile.inc | 75 +++++++++++++++++++++++++++++++++-
1 file changed, 74 insertions(+), 1 deletion(-)
diff --git a/src/soc/marvell/mvmap2315/Makefile.inc b/src/soc/marvell/mvmap2315/Makefile.inc
index d30ab68..ba1883e 100644
--- a/src/soc/marvell/mvmap2315/Makefile.inc
+++ b/src/soc/marvell/mvmap2315/Makefile.inc
@@ -63,4 +63,77 @@ romstage-y += wdt.c
CPPFLAGS_common += -Isrc/soc/marvell/mvmap2315/include/
-endif
+#
+# Common Boot Flow parameters
+#
+BOOTBLOCK_REGION_SIZE = 131072
+BOOTBLOCK_TYPE = 1
+BOOTBLOCK_PARTITION = 1
+BOOTBLOCK_LOAD_ADDRESS = 0xe0008000
+BDB = $(obj)/bdb.bin
+BDB_LOAD_ADDRESS = 0xe0000000
+DATA_VERSION = 2
+
+#
+# Keys used to create BDB
+#
+KEYDIR = $(VBOOT_SOURCE)/tests/testkeys
+BDBKEY_PUB = $(KEYDIR)/bdbkey.keyb
+BDBKEY_PRI = $(KEYDIR)/bdbkey.pem
+BDBKEY_DIGEST = $(VBOOT_SOURCE)/tests/testdata/bdbkey_digest.bin
+# Use bdbkeys because mvmap2315's bootROM doesn't support RSA3072b with
+# exponent 3 and the algorithms for BDB key and data key have to match.
+DATAKEY_PUB = $(KEYDIR)/bdbkey.keyb
+DATAKEY_PRI = $(KEYDIR)/bdbkey.pem
+
+# Calculate bootblock.raw.bin's size and offset
+.PHONY: bootblock_offset
+bootblock_offset: $(objcbfs)/bootblock.raw.bin
+ $(eval BOOTBLOCK_SIZE = $(call file-size, $<))
+ $(eval BOOTBLOCK_OFFSET = $(call int-subtract, \
+ $(BOOTBLOCK_REGION_SIZE) $(BOOTBLOCK_SIZE)))
+
+#
+# Create BDB
+#
+# TODO: Verify sign algorithms of the BDB key and data key are supported
+$(BDB): $(objcbfs)/bootblock.raw.bin $(FUTILITY) bootblock_offset \
+ $(BDBKEY_PRI) $(BDBKEY_PUB) $(DATAKEY_PRI) $(DATAKEY_PUB) \
+ $(VBOOT_SOURCE)/tests/testdata/bdbkey_digest.bin
+ $(FUTILITY) bdb --create $@.tmp \
+ --bdbkey_pri $(BDBKEY_PRI) --bdbkey_pub $(BDBKEY_PUB) \
+ --datakey_pri $(DATAKEY_PRI) --datakey_pub $(DATAKEY_PUB) \
+ --load_address $(BDB_LOAD_ADDRESS)
+ $(FUTILITY) bdb --add $@.tmp \
+ --data $< \
+ --offset $(BOOTBLOCK_OFFSET) \
+ --partition $(BOOTBLOCK_PARTITION) \
+ --type $(BOOTBLOCK_TYPE) \
+ --load_address $(BOOTBLOCK_LOAD_ADDRESS)
+ $(FUTILITY) bdb --resign $@.tmp \
+ --datakey_pri $(DATAKEY_PRI) \
+ --data_version $(DATA_VERSION)
+ $(FUTILITY) bdb --verify $@.tmp --key_digest $(BDBKEY_DIGEST)
+ mv $@.tmp $@
+
+#
+# Create custom bootblock.bin
+#
+# This overrides generic pattern rule *.raw.bin -> *.bin for bootblock.bin.
+# bootblock.bin is structured as follows:
+# +------------------+
+# | BDB |
+# +------------------+
+# | 000............0 |
+# +------------------+
+# |bootblock.raw.bin |
+# +------------------+
+# And this will be placed in BOOTBLOCK region.
+$(objcbfs)/bootblock.bin: $(objcbfs)/bootblock.raw.bin $(BDB) bootblock_offset
+ dd if=/dev/zero bs=1 count=$(BOOTBLOCK_REGION_SIZE) of=$@.tmp
+ dd if=$(BDB) bs=1 count=$(call file-size, $(BDB)) conv=notrunc of=$@.tmp
+ dd if=$(objcbfs)/bootblock.raw.bin bs=1 count=$(BOOTBLOCK_SIZE) \
+ seek=$(BOOTBLOCK_OFFSET) conv=notrunc of=$@.tmp
+ mv $@.tmp $@
+
+endif
\ No newline at end of file
More information about the coreboot-gerrit
mailing list