alternate xloader that boots ATF/BL2 (fastboot) from UFS LUN1

[theopolis]

Hi! Thanks for all of the great work on the HiKey960 board.

I am not certain but it seems the current behavior of hisi-sec_xloader.img is to search LUN3 for a fastboot partition then load arm-trusted-firmware/BL2 from that partition.

I was curious if it is possible to produce an alternate version of the hisi-sec_xloader.img binary that loads the BL2/fastboot binary from the UFS LUN1? The LUN1 should be 4MB, plenty of space to hold the BL2 binary. You could call this hisi-alt_xloader.img.

My goal is to configure the UFS to write-protect LUN0/LUN1. This means setting bLUWriteProtect for LUN0/LUN1 and setting fPermanentWPEn to enabled for the UFS. I can combine this with TBB support for the HiKey in arm-trusted-firmware: https://github.com/ARM-software/arm-trusted-firmware/pull/1555 and create a write-protected ROM/root-of-trust from arm-trusted-firmware.

I know this is non-trivial work and I understand if it cannot be prioritized, but I figured I would at least ask. :smile:

[hzhuang1]

@theopolis No updates from hisilicon. I'll continue to ping them.

[hzhuang1]

@theopolis Here're a few questions from Hisilicon guys. I appended my comments on these questions. Teddy, please append your comments too.

1. Does Teddy think that hisi-sec_xloader.img is located in LUN3? hzhuang1: hisi-sec_xloader.img doesn't exist in LUN3. Since we define a related PCD value in HiKey960.dsc, hisi-sec_xloader.img exists in LUN0.

2. Teddy supported TBB on hikey960. hzhuang1: Yes, it's right. We could check the build_uefi.sh scripts in l-loader git repository. But we didn't prepare related documents yet. I'm sorry on inconvenience.

3. Teddy wants to integrate write-protection into TBB on HiKey960. And hisi-sec_xloader.img should be placed into LUN0/LUN1. Is it right? hzhuang1: Yes, I think so.

4. When hisi-sec_xloader.img is moved from LUN3 to LUN0/LUN1, code need to be changed. Is it right? hzhuang1: My understanding is hisi-sec_xloader.img locates at LUN0. If so, what should we do next for write-protection on UFS? Do you just want to add write-operation on LUN0?

[theopolis]

Right, hisi-sec_xloader.img is in LUN0. No change needed here.

That xloader expects the next stage, the BL2 (l-loader) code to be in LUN3. This is the logic I'd like to change. I'd like to keep l-loader in LUN1 so I can write-protect both LUN0 and LUN1.

This is because the l-loader holds the ROT public key hash and verifies the FIP/etc. All of the code and data loaded after l-loader can be in LUN3, which will remain R/W.

[BoboQu]

HI,theopolis,I have several questions to confirm:

1. Do you use UEFI as the fastboot?
2. In the UEFI system, the image file contains fip.bin and l-loader.bin. The BL2 package is stored in fip.bin. You only need to put BL2 in LUN0/LUN1 or fip.bin and l-loader.bin in LUN0/LUN1?.
3. If both fip.bin and l-loader.bin are stored in LUN0/LUN1, how to handle the upgrade problem because the LUN0/LUN1 is write-protected?