PXA3xx Boot ROM Reference Manual - Marvell

More documents

Recommendations

Info

PXA3xx Processors and Tavor ProcessorBoot ROM Reference ManualFigure 8:Trusted Boot Operation Using the Trusted Image ModuleFinal step: Operating system runsand the system is fully functional.Validateand TransferOS loader runs after the OEM boot module:1 Loads the trusted image module.2 Validates OS images using image informationin the trusted image module.3 Transfers control to the OS.Validateand TransferOEM boot module runs next after successfulvalidation:1 Loads the trusted image module.2 Validates the OS loader using imageinformation in the trusted image module.3 Transfers control to the OS loader.Validateand TransferBoot ROM runs first when the core jumps to the reset vector:1 Loads the trusted image module.2 Uses the digital signature to validate the trustedimage module.3 Uses the image information to locate and validate theOEM boot module image.4 Transfers control to the OEM boot module.9.1.1 Trusted Image Module ValidationFlash LayoutOEM Boot ModuleOperating SystemOS LoaderTrusted Image Module- Version information- Flash information- Image information- OEM boot module- OS loader- OS- Key information- Digital signatureThe trusted image module is a required component for the Marvell ® Wireless Trusted Platform(Marvell WTP). The Boot ROM uses the trusted image module to locate and validate all otherimages in the flash memory that require validation. It also locates state information needed forinitializing the Wireless Trusted Module (WTM) after a power state change.When the Boot ROM runs, it locates the trusted image module based on the usage cases describedbelow. After it is found, it is validated as follows:1. The SHA-1 hash is calculated using all information up to but excluding the digital signaturelocated in the RSADigS[64]field.2. The digital signature is decrypted using the WTM to get the encrypted hash value.3. The calculated hash is compared to the encrypted hash.After the validation of the trusted image module, the Trusted Boot ROM uses the information in thetrusted image module to complete the platform validation and setup. The Boot ROM uses the WTMto compare the OEM computed hash of the OEM binding key to the hash stored in the Marvell WTMfuses, during the provisioning stage. If the hashes match, the trusted keys for the platform areloaded from the trusted image module to the WTM. The following platform keys are required:• JTAG Re-enable Key – Re-enables the JTAG port on the processor. If the flash device has aone-time programmable register, the hash of this key is stored in this register and in the trustedimage module.• Platform Binding Key – Binds the platform to the processor. The hash of this key is programmedinto the WTM fuses at the provisioning stage.• Trusted Certificate Authority Key – Performs as an OEM authorization key to enable certainsecure functions on the platform.Step 3Step 2Step 112345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758Doc. No. MV-S301208-00 Rev. - PUBLIC RELEASE Copyright © 2010 MarvellPage 88
9.1.2 NAND FlashThe Trusted Boot ROM supports booting from x8 or x16 NAND devices attached to Chip Select 0 ofthe processor data flash controller. Large- and small-block devices are supported; contact a MarvellApplications Engineer for information about specific devices.The trusted image module is expected to be located in Block 0 at offset 0x0 of the NAND device.The Trusted Boot ROM loads the first page of Block 0 and searches for the "TIMH" identifierembedded in the version information of the trusted image module. If the structure is found, it isloaded into the internal SRAM of the system. From this point on, the Trusted Boot ROM uses thetrusted image module to load and validate the OEM boot module. If the trusted image module is notfound, an error condition is reported and the boot operation halts.The OEM boot module is described by the image information contained in the “IMAGEINFORMATION” array. It is identified by the "OBMI" image identifier, which is a required identifier forproper use with the Trusted Boot ROM. Using the information that describes the OEM boot module,the image is loaded from the flash offset pointed to by FlashEntryAddr to the location pointed toby LoadAddr. The number of bytes loaded is determined by the ImageSize entry.After the image has been loaded to the correct address, the image must be validated. The hash ofthe OEM boot module is calculated using the WTM. The ImageSizeToHash field determines howmuch of the image was used in the SHA-1 hash calculation. The hash calculated by the WTM is thencompared to the hash stored in the Hash[8] array field. If the hashes match, control is transferredto the OEM boot module.9.1.3 XIP Flash on Chip Select 2The Trusted Boot ROM supports booting from an XIP device attached to Chip Select 2 of theprocessor static memory controller. Several XIP devices are supported; contact your MarvellApplications Engineer for questions about specific devices.The trusted image module is expected to be located at offset 0x0 of the XIP device. For Chip Select2, the XIP device is memory-mapped to 0x1000_0000; this is the address where the trusted imagemodule must reside. The Trusted Boot ROM searches for the "TIMH" identifier embedded in theversion information of the trusted image module. If the structure is found, it is loaded into the internalSRAM of the system. From this point, the Trusted Boot ROM uses the trusted image module to loadthe OEM boot module. If the trusted image module is not found, an error condition is reported andthe boot operation halts.The OEM boot module is described by the image information contained in the image informationarray. It is identified by the "OBMI" image identifier, which is a required identifier for proper use withthe Trusted Boot ROM. Using the information that describes the OEM boot module, the image isloaded from the flash offset pointed to by FlashEntryAddr to the location pointed to byLoadAddr. The ImageSize entry determines the number of bytes that are loaded.After the image has been loaded to the correct address, the image must be validated. The hash ofthe OEM boot module is calculated using the WTM. The ImageSizeToHash field determines howmuch of the image was used in the SHA-1 hash calculation. The hash calculated by the WTM is thencompared to the hash stored in the Hash[8]array field. Upon a successful compare operation,control is transferred to the OEM boot module.9.1.4 XIP Flash on Chip Select 0The Trusted Boot ROM supports booting from an XIP device attached to Chip Select 0 of theprocessor static memory controller. Several XIP devices are supported; contact your MarvellApplications Engineer for questions about specific devices.The trusted image module is expected to be located at offset 0x0 of the XIP device. For Chip Select0, the XIP device is memory-mapped to 0x0000_0000; the address where the trusted imagemodule must reside is 0x0000_C000. The Trusted Boot ROM searches for the "TIMH" identifier12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758Copyright © 2010 Marvell PUBLIC RELEASE Doc. No. MV-S301208-00 Rev. -Page 89
Page 1 and 2:
CoverMarvell® PXA3xx Processors an
Page 3 and 4:
Table of Contents1 Boot ROM Functio
Page 5 and 6:
6.3.5 USB Vendor Request Package ..
Page 7 and 8:
Figure 1:PXA3xx Top Level Boot ROM
Page 9 and 10:
Table 42: Host Commands ...........
Page 11 and 12:
1 Boot ROM Functional Overview1.1 G
Page 13 and 14:
Figure 1:PXA3xx Top Level Boot ROM
Page 15 and 16:
Boot ROM Differences2 Boot ROM Diff
Page 17 and 18:
Boot ROM DifferencesTIM/NTIM/OBM Su
Page 19 and 20:
Boot ROM DifferencesPXA31x and Tavo
Page 21 and 22:
Boot ROM DifferencesPXA31x and Tavo
Page 23 and 24:
3 Software RequirementsThis chapter
Page 25 and 26:
Typedef struct S_Reloc{USHORT Heade
Page 27 and 28:
4 Methods for Platform Provisioning
Page 29 and 30:
4. If the same OEM boot module is u
Page 31 and 32:
multiple versions of the Device Key
Page 34 and 35:
PXA3xx Processor and Tavor Processo
Page 36 and 37:
PXA3xx Processor and Tavor Processo
Page 38 and 39: PXA3xx Processor and Tavor Processo
Page 72 and 73: PXA3xx Processors and Tavor Process
Page 112: Marvell Semiconductor, Inc.700 Firs
show all

PXA3xx Boot ROM Reference Manual - Marvell

Create successful ePaper yourself

Delete template?

Save as template?