Safeguard ALP with NXP Secure Boot

Transcript

1. Copyright © SUSE April 2024 Safeguard SUSE ALP with NXP

   Secure boot Alexandre Vicenzi

2. Copyright © SUSE — I'm Alex — Applications team –

   SLE BCI – Container Ecosystem — Previously Automotive team About me 2

3. Copyright © SUSE — Proof of concept — Customer request

   — Not tested in production Disclaimer 3

4. Copyright © SUSE — Standard developed by PC industry —

   Authenticity – Ensure that the image is from a trusted source — Integrity – Ensure that the image has not been tampered with — Each component of the boot process is digitally signed — Each component of the boot process gets verified – Verification failure aborts the boot process — Secure boot? Trusted boot? Chain of Trust? What is secure boot? 4

5. Copyright © SUSE — Sign each image — Authenticate each

   image before execution — Boot States with Arm Trusted Firmware (TF-A) – BL1 - Boot ROM – Embedded in the hardware – BL2 - Platform initialization – Initialize DRAM – Validates BL31, BL32 and BL33 – BL31 - Runtime firmware - TF-A – BL32 - Trusted OS - OP-TEE – Optional – BL33 - U-Boot How it works? 5 BL1 Boot ROM BL2 Platform Initialization BL31 TF-A BL32 OP-TEE 1 2 3 4 BL33 U-Boot Kernel 6 5 fip.bin bl2.pbl

6. Copyright © SUSE — Security – Boot verified and trusted

   images only – Image has not been tampered with — Compliance – Cyber Resilience Act (EU) Why we need it? 6

7. Copyright © SUSE — Available for the i.MX family –

   High Assurance Boot (HABv4) — Available for QorIQ family – QorIQ Trust Architecture Hardware support 7

8. Copyright © SUSE — Prepare the image – Build binaries

   – Prepare rootfs – Sign binaries — Setup the board – Steps varies by board and platform – Enable secure boot – Program required keys – It is a one-time operation – Can't be undone – Fuses are physically blown — Flash the image — Power on the board Steps for secure boot on NXP 8

9. Copyright © SUSE — Many bits need to be signed

   — Signing happens at different stages — NXP Code Signing Tool – NXP software for image signing – Collection of command-line tools — Each NXP platform has its own CST – NXP Code Signing Tool for i.MX High Assurance Boot (HAB) – NXP Code Signing Tool for QorIQ and Layerscape Image signing tool 9

10. Copyright © SUSE — Generate RSA key pair with CST

    – Super Root Key (SRK) — Prepare binaries – NXP blobs – Kernel, Initramfs, Device Tree (dtb) – ARM Trusted Firmware, U-Boot – U-Boot Boot Script and FIT image — Signing binaries – ARM Trusted Firmware handles it during build time – Requires CST to sign — Generate secure boot headers – CST provides this functionality Building an image 10

11. Copyright © SUSE — TF-A supports two options for Chain

    of Trust – NXP CSF headers or X 509 certificates — CSF header is embedded into each image – BL31 (TF-A), BL32 (OP-TEE, optional) and BL33 (U-Boot) — Build for LX2160A requires a few items – NXP blobs (Reset Config Word Tree and DDR PHY) – U-Boot and OP-TEE (Optional) – CST and Signing Keys (SRK) – RSA key pair (srk.pri and srk.pub) must be in TF-A root folder Arm Trusted Firmware (TF-A) 11 $ make PLAT=lx2160ardb \ TRUSTED_BOARD_BOOT=1 \ CST_DIR=/cst \ DDR_PHY_BIN_PATH=ddr-phy-binary/lx2160a \ fip_ddr $ make PLAT=lx2160ardb \ TRUSTED_BOARD_BOOT=1 \ CST_DIR=/cst \ BOOT_MODE=sd \ RCW=/rcw/rcw_2200_750_3200_19_5_2.bin \ BL33=/boot/u-boot.bin \ all fip pbl Compile FIP and PBL Compile FIP-DDR fip_ddr can't be mixed with other targets

12. Copyright © SUSE /dts-v1/; / { description = "FIT Image";

    #address-cells = <1>; images { kernel { description = "Linux kernel image"; data = /incbin/("uImage.bin"); type = "kernel"; arch = "arm64"; os = "linux"; compression = "none"; load = <0x81000000>; entry = <0x81000000>; hash-1 { algo = "sha256"; }; }; fdt { description = "Flattened DTB"; data = /incbin/("uImage.dtb"); type = "flat_dt"; arch = "arm64"; compression = "none"; hash-1 { algo = "sha256"; }; }; ramdisk { description = "Initial ramdisk image"; data = /incbin/("initramfs.img"); type = "ramdisk"; arch = "arm64"; os = "linux"; compression = "gzip"; load = <0x90000000>; entry = <0x90000000>; hash-1 { algo = "sha256"; }; }; }; configurations { default = "standard"; standard { description = "Default boot config"; kernel = "kernel"; ramdisk = "ramdisk"; fdt = "fdt"; }; }; }; Flattened Image Tree (FIT) 12 — FIT uses the Flattened Device Tree (DTB) format — Binaries are embedded inside it – kernel, ramdisk, etc. — Definition is an Image Tree Source (.its) — Binary is an Image Tree Blob (.itb) — Created using U-Boot mkimage tool lx2160a.its Boot Configuration Kernel Image Device Tree Blob Initramfs Image $ mkimage -f lx2160a.its kernel.itb Compile FIT image

13. Copyright © SUSE setenv bootargs console=ttyAMA0,115200 root=LABEL=ROOT rw rootwait load

    mmc 0:1 ${load_addr} kernel.itb bootm ${load_addr} $ mkimage -A arm64 -O linux -T script -C none -d boot.cmd boot.scr U-Boot Boot Script 13 Kernel Arguments Load FIT into memory Boot from memory Compile boot script boot.cmd — U-Boot-specific script for boot — Standardized method to boot independently of the board used — Script is often named boot.scr or boot.scr.uimg – Can be overwritten by U-Boot settings – Use lx2160ardb_boot.scr for LX2160A — Created using U-Boot mkimage tool

14. Copyright © SUSE — CST provides helper scripts to create

    secure boot headers — Input files controls file names, keys and other settings — No need to customize input files – But you may need to rename your files — CST creates secure headers for many files – Kernel image, Initramfs, DTB – NXP blobs (MC, DPC, DLP) – U-Boot Boot Script, FIT Image — All headers are concatenated into secboot_hdrs_sdboot.bin Secure Boot Headers 14 $ cst/platforms/lx2160_sd.sh Create secure boot headers

15. Copyright © SUSE — KIWI can be used to build

    images — User defined scripts to perform many actions – Most ARM images use scripts to write U-Boot or perform partition changes – pre_disk_sync.sh is used to change the root tree contents – Copy files to their proper location – NXP blobs, FIT Image, Secure boot headers, etc – editbootinstall.sh is used only to write binaries into their respective offsets – Each file has its own offset – Offset varies by board and media storage (eMMC, SD, etc) — The private key used to sign needs to be stored in OBS – Can't be hosted on public instances Open Build Service 15

16. Copyright © SUSE © SUSE LLC. All Rights Reserved. SUSE

    and the SUSE logo are registered trademarks of SUSE LLC in the United States and other countries. All third-party trademarks are the property of their respective owners. For more information, contact SUSE at: +1 800 796 3700 (U.S./Canada) Frankenstrasse 146 90461 Nürnberg www.suse.com Thank you