MTK secure boot.pdf

1.BasicFeature

WhyisSoftwareSecureBoot?

DevicerequirementsofWidevinelevel3securityforDRMcontents’protection.

(https://en.wikipedia.org/wiki/Digital_rights_management)

–DevicemanufacturersmustprovideaBootLoaderthatloadssignedsystemimagesonly.

Fordevicesthatallowuserstoloadacustomoperatingsystemorgainrootprivilegesonthedeviceby

unlockingtheBootLoader,devicemanufacturersmustsupportthefollowing:

•DevicemanufacturersmustprovideaBootLoaderthatallowsaWidevinekey-boxtobewrittenonly

SecureBootisresponsibleforvalidatingthelegalityofbootloaderbinarieswhenSOCisstarted.The

BootloaderbinaryisstartedbytheRomCodeofSOC,sotheauthenticationoftheBootloaderneedsto

beimplementedbyRomCode.WhereisthepublickeyusedbytheBootloaderauthentication?The

answeristhatintheefuseunitofSOC,thefactoryneedstousethetoolsprovidedbySOC

manufacturerstoburnthepublickeytoSOC(nochangecanbemadeafteraburn)intheproduction

phaseoftheproduct.

▪FeatureDescription:

–Software-basedprotection

–Formatandfirstloadersupgradearenotallowed

–Lockedstateprotection(configurable)

2)Formatandfirstloaders’upgradearenotallowedoncelockedSECROaredownloaded.

3)BROMcommandispermanentlydisabledoncethepre-loaderisdownloadedtotarget.

4)DAneedstobeverifiedbypre-loaderinpre-loaderdownloadmode.

5)Onceunlockflowisnotdone,thefollowingoperationsarenotallowed.

–Formatoperationisforbidden

–ImagedownloadoperationexceptforSECRO

–BLdownloadisforbidden

–Securebootcheckforsignedimages

2.MTKSecureBoot

2.1NormalDownloadProcedure(notusedwitheffuse)

6.DASYNCwithFLASHTOOLcopyPre-Loadertostorage

7.DAdownloadtheU-BOOT(lk)tostorage(checkimagesignature)

8.DAdownloadtheLinuxKerneltostorage(checkimagesignature)

9.DAdownloadotherimagestostorage(checkimagesignature)

OverallDownloadProcedure

2.2EmergencyDownloadProcedure(usedwitheffuse)

1.BootROMisactivatedwhenthedeviceispoweredon

2.BootROMinitializessoftwarestack,communicationports,andbootablestorages

3.BootROMhandshakeswithflashtoolviaUSBwhenemergencyDLkeyispressed

EmergencyDownloadProcedure

2.3BootupProcedure

1.BootROMisactivatedwhenthedeviceispoweredon.

2.BootROMinitializessoftwarestack,communicationports,andbootablestorages

3.BootROMloadsthepre-loaderfromstoragetoL2ShareSramsinceDRAMisnotinitializedyet

4.BootROMjumpstopre-loaderandexecutes

5.Pre-loaderinitializesDRAMandloadsU-BoottoDRAM

6.Pre-loaderjumpstoU-Boot/LKandexecutesthenU-Boot/LKdoessomeinitializations,suchas

display.

7.U-Boot/LKloadsthebootimage,includingtheLinuxkernelandtheramdisk,fromstorageto