How to enable secure bootROM


(Ravi Kumar) #1

I wonder if there is support for secure/trusted boot on any Banana Pi board? And how to use it?


(bpi team) #2

your mean file system encryption??

what system are you want use??? debian or ubnutu??


(Ravi Kumar) #3

No,

I want enable signed images(RSA/ECC sign&verify) BootROM verifies the signature of the next bootloader with respect to ROTPK(public key in efuse area).

I have downloaded your sdk (BPI-M2P-bsp-master) and it is well organised. There is one folder: AllWinnerH3/BPI-M2P-bsp-master/u-boot-sunxi/sunxi_spl/sbrom what is this folder?

We want use H3 soc, but there is no proper information Secure boot sequence and Building Root Of trust.


(Ravi Kumar) #4

what is this file? AllWinnerH3/BPI-M2P-bsp-master/sunxi-pack/chips/sun8iw7p1/bin/sboot_sun8iw7p1.bin

is it signed image of “boot0_sdcard.fex” file?


(Ravi Kumar) #5

what is this file? AllWinnerH3/BPI-M2P-bsp-master/sunxi-pack/chips/sun8iw7p1/bin/sboot_sun8iw7p1.bin

is it signed image of “boot0_sdcard.fex” file?