导航

    全志在线开发者论坛
    • 注册
    • 登录
    • 搜索
    • 版块
    • 话题
    • 在线文档
    • 社区主页

    V851S 打开Secure boot sboot引导启动失败

    V Series
    @why
    2
    3
    1451
    正在加载更多帖子
    • 从旧到新
    • 从新到旧
    • 最多赞同
    回复
    • 在新帖中回复
    登录后回复
    此主题已被删除。只有拥有主题管理权限的用户可以查看。
    • O
      olongcha LV 4 最后由 编辑

      参照文档<Tina_Linux_安全_开发指南.pdf>

      • 成功通过pack -s 生成了secure固件

      • 烧写secure固件后,按照下面log判断,应该是成功烧写了文档所说的 efuse ”secure enable bit“

      • 因为目前还在调试阶段并且板子只有1块,所以还不想先烧录rotpk.bin。 我看文档说,只打开secure enable bit 不烧录rotpk.bin 是可以烧写安全固件的
        5ea26e5d-260d-444e-9ac2-40ae0c1d03aa-image.png

      • 目前开机卡在了开机log的位置,根据文档猜测应该是卡在sboot里面。但是sboot的源码又是闭源的,没法追踪
        cf30dc0c-3871-457d-8be7-d4b37cc1b448-image.png

      • 开机log:

      [86]HELLO! SBOOT is starting!OT
[89]sboot commit : 4b419f21ba
[157][pmu]: bus read error
[160]set pll start
[162]periph0 has been enabled
[165]set pll end
[166]board init ok
[168]DRAM use internal ZQ!!
[171]ZQ value = 0x31
[173]chip id check OK
[175]POWER SETTING ERROR!
[177]DRAM BOOT DRIVE INFO: V0.16
[180]DRAM CLK = 528 MHz
[182]DRAM Type = 2 (2:DDR2,3:DDR3)
[185]DRAMC read ODT  off.
[188]DRAM ODT off.
[190]DRAM SIZE =64 M
[192]dram_tpr4:0x0
[196]DRAM simple test OK.
[198]rtc standby flag is 0x0, super standby flag is 0x0
[203]dram size =64
[205]audio:avcc calibration
[208]spinand UBOOT_START_BLK_NUM 8 UBOOT_LAST_BLK_NUM 32
[213]block from 8 to 32
[675]Check is correct.
[677]OLD version: 0.0
[679]NEW version: 0.0
[684]don't have rotpk, skip check
[691]sample_atoi err: ch 0x00 is not a digit or hex ch
[696]__merge_extension_value err1: in sunxi_bytes_merge
[701]get extension value failed
[704]sunxi_rsa_calc: probe extension failed
[708]root certif verify itself failed
      • 修改点:
      diff --git a/device/config/chips/v851s/configs/xxxx/board.dts b/device/config/chips/v851s/configs/xxxx/board.dts
index 951e43a41..c671bd9fa 100755
--- a/device/config/chips/v851s/configs/xxxx/board.dts
+++ b/device/config/chips/v851s/configs/xxxx/board.dts
@@ -10,6 +10,13 @@
 
 /{
        compatible = "allwinner,sun8iw21p1", "arm,sun8iw21p1", "allwinner,v851s";
+
+       reserved-memory {
+               optee_reserve {
+                       reg = <0 0x41980000 0 0x00080000>;
+               };
+       };
+
        soc@03000000 {
                wlan: wlan@0 {
                        compatible    = "allwinner,sunxi-wlan";
diff --git a/device/config/chips/v851s/configs/xxxx/linux/config-4.9 b/device/config/chips/v851s/configs/xxxx/linux/config-4.9
index 792a64c1e..a7023ae0c 100755
--- a/device/config/chips/v851s/configs/xxxx/linux/config-4.9
+++ b/device/config/chips/v851s/configs/xxxx/linux/config-4.9
@@ -1160,16 +1160,14 @@ CONFIG_SERIAL_SUNXI_CONSOLE=y
 # CONFIG_TCG_TPM is not set
 # CONFIG_XILLYBUS is not set
 # CONFIG_SUNXI_SCR is not set
-# CONFIG_SUNXI_SYS_INFO is not set
+CONFIG_SUNXI_SYS_INFO=y
+# CONFIG_SUNXI_QA_TEST is not set
 # CONFIG_SUNXI_SMC is not set
-CONFIG_DUMP_REG=y
-CONFIG_DUMP_REG_MISC=y
+# CONFIG_DUMP_REG is not set
 # CONFIG_SUNXI_TIMER_TEST is not set
 # CONFIG_SUNXI_TRANSFORM is not set
 # CONFIG_SUNXI_DI is not set
-CONFIG_SUNXI_G2D=y
-CONFIG_SUNXI_G2D_MIXER=y
-CONFIG_SUNXI_G2D_ROTATE=y
+# CONFIG_SUNXI_G2D is not set
 # CONFIG_SUNXI_DSPO is not set
 CONFIG_SUNXI_NNA_VIP=y
 # CONFIG_SUNXI_NNA_GALCORE is not set
@@ -2335,7 +2333,13 @@ CONFIG_ANDROID=y
 #
 # CONFIG_FPGA is not set
 # CONFIG_SUNXI_MPP is not set
-# CONFIG_TEE is not set
+CONFIG_TEE=y
+
+#
+# TEE drivers
+#
+CONFIG_OPTEE=y
+# CONFIG_OPTEE_BENCHMARK is not set
 
 #
 # Firmware Drivers
diff --git a/device/config/chips/v851s/configs/xxxx/uboot-board.dts b/device/config/chips/v851s/configs/xxxx/uboot-board.dts
index 8e603bdd4..1d216d290 100755
--- a/device/config/chips/v851s/configs/xxxx/uboot-board.dts
+++ b/device/config/chips/v851s/configs/xxxx/uboot-board.dts
@@ -17,6 +17,15 @@
                enable-active-high;
        };
 
+       firmware {
+               optee {
+                       shm_base = <0x418E0000>;
+                       shm_size = <0x00020000>;
+                       ta_ram_base = <0x41a00000>;
+                       ta_ram_size = <0x00100000>;
+               };
+       };
+
        box_start_os0 {
                compatible = "allwinner,box_start_os";
                start_type = <0x1>;
diff --git a/target/allwinner/v851s-xxxx/defconfig b/target/allwinner/v851s-xxxx/defconfig
index 79ad4391a..b9a3da692 100755
--- a/target/allwinner/v851s-xxxx/defconfig
+++ b/target/allwinner/v851s-xxxx/defconfig
@@ -76,8 +76,8 @@ CONFIG_SUNXI_SD_BOOT_KERNEL_FORMAT_BOOTIMG=y
 # CONFIG_SUNXI_MKBOOTIMG_ADD_DTB is not set
 # CONFIG_SUNXI_SMALL_STORAGE_OTA is not set
 # CONFIG_SUNXI_RECOVERY_INITRAMFS_PART is not set
-CONFIG_SUNXI_RECOVERY_INITRAMFS_KERNEL_FORMAT_UIMAGE=y
-# CONFIG_SUNXI_RECOVERY_INITRAMFS_KERNEL_FORMAT_BOOTIMG is not set
+# CONFIG_SUNXI_RECOVERY_INITRAMFS_KERNEL_FORMAT_UIMAGE is not set
+CONFIG_SUNXI_RECOVERY_INITRAMFS_KERNEL_FORMAT_BOOTIMG=y
 # CONFIG_SUNXI_SEPARATE_APP_FROM_ROOTFS is not set
 # CONFIG_SUNXI_SEPARATE_DATA_FROM_ROOTFS is not set
 # CONFIG_CUSTOMIZE_IMAGE_NAME is not set

      @whycan 晕哥可以帮忙看一下吗?感谢!

      whycan 1 条回复 最后回复 回复 引用 分享 0
      • whycan
        whycan晕哥 LV 9 @olongcha 最后由 编辑

        T113-S3 / V853 安全固件学习记录
        https://bbs.aw-ol.com/topic/2834/share/1

        O 1 条回复 最后回复 回复 引用 分享 1
        • O
          olongcha LV 4 @whycan 最后由 编辑

          @whycan 这个贴我也有看,但是似乎都是基于烧了rotpk.bin的情况分析的。所以这个rotpk.bin是一定要烧才能启动吗,不烧的话跑不下去是吗?上面文档的描述,又好像是不烧可以启动。还望指点一下

          1 条回复 最后回复 回复 引用 分享 0
          • 1 / 1
          • First post
            Last post

          Copyright © 2024 深圳全志在线有限公司 粤ICP备2021084185号 粤公网安备44030502007680号

          行为准则 | 用户协议 | 隐私权政策