Add Secure Boot documentation for AM62Lx #687
Open
Pratham-T wants to merge 3 commits intoTexasInstruments:masterfrom
Open
Add Secure Boot documentation for AM62Lx #687Pratham-T wants to merge 3 commits intoTexasInstruments:masterfrom
Pratham-T wants to merge 3 commits intoTexasInstruments:masterfrom
Conversation
Pratham-T
requested review from
StaticRocket,
VeeruPrudhvi,
cshilwant,
gehariprasath,
jeevantelukula,
praneethbajjuri and
uditkumarti
as code owners
github-actions
Bot
assigned
bryanbrattlof,
devarsht,
gehariprasath,
jmenti,
praneethbajjuri,
r-vignesh and
uditkumarti
There was a problem hiding this comment.
Pull request overview
Adds AM62LX-focused documentation to the U-Boot User’s Guide describing how secure boot is enabled via U-Boot’s FIT verified-boot flow (signed u-boot.img verified by SPL).
Changes:
- Add a new
UG-Secure-Bootpage documenting the verified-boot chain for AM62LX. - Link the new page from the U-Boot User’s Guide toctree.
- Include the new page in the AM62LX documentation TOC so it’s built for that device.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| source/linux/Foundational_Components/U-Boot/Users-Guide.rst | Adds UG-Secure-Boot to the U-Boot User’s Guide toctree. |
| source/linux/Foundational_Components/U-Boot/UG-Secure-Boot.rst | New documentation page describing U-Boot FIT signing + SPL verification flow and key replacement steps. |
| configs/AM62LX/AM62LX_linux_toc.txt | Ensures the new secure-boot page is included in the AM62LX doc build. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Secure boot page is missing AM62L specific documentation. Due to very large difference with other SoCs in the boot flow, this contains many differences in documentation as well. This commit adds any AM62L specific information in the Secure Boot section, and adds it to its TOC. Signed-off-by: T Pratham <t-pratham@ti.com>
Changes the indentation to 3 spaces, adds :file: and :code: directive to appropriate places, and wrap long lines to 80 characters. While here, also update the name "U-Boot" to have a consistent case everywhere, and update ATF to TF-A. Signed-off-by: T Pratham <t-pratham@ti.com>
Add a new page in the U-Boot user guide documenting secure boot enablement using U-Boot's verified boot framework in AM62LX. For AM62LX, u-boot.img signing and verification has been moved to leverage the mechanisms provided in U-Boot from using HSM core in other K3 devices. This page aims to address this change in AM62LX. Signed-off-by: T Pratham <t-pratham@ti.com>
Pratham-T
changed the title
StaticRocket
requested changes
Apr 23, 2026
Comment on lines
+42
to
43
| .. Image:: /images/AM62L_KF.png | ||
| :scale: 70% |
Member
There was a problem hiding this comment.
Suggested change
| .. Image:: /images/AM62L_KF.png | |
| :scale: 70% | |
| .. Image:: /images/AM62L_KF.png | |
| :scale: 70% |
Comment on lines
+55
to
+56
| .. Image:: /images/K3_KF.png | ||
| :scale: 70% |
Member
There was a problem hiding this comment.
Suggested change
| .. Image:: /images/K3_KF.png | |
| :scale: 70% | |
| .. Image:: /images/K3_KF.png | |
| :scale: 70% |
| authentication and verification of U-Boot image using U-Boot verified boot. | ||
|
|
||
| On most other K3 devices, signing and verification of all boot binaries takes | ||
| place in the Hardware Security Module (HSM), and thereafter U-Boot hands off |
Member
There was a problem hiding this comment.
Suggested change
| place in the Hardware Security Module (HSM), and thereafter U-Boot hands off | |
| place in the Hardware Security Module (HSM). Thereafter, U-Boot hands off |
|
|
||
| The complete Secure Boot documentation is available at: | ||
| :ref:`foundational-secure-boot`. This page specifically covers the | ||
| authentication and verification of U-Boot image using U-Boot verified boot. |
Member
There was a problem hiding this comment.
Suggested change
| authentication and verification of U-Boot image using U-Boot verified boot. | |
| authentication and verification of U-Boot image using `U-Boot Verified Boot`_. |
We can use a named link here since there are a few instances where it would be nice to indicate this is a larger concept and not just the name of some tool or single stage.
| On AM62Lx, we have transitioned to use the native U-Boot secure boot framework | ||
| for a part of this chain of trust. The U-Boot documentation covers more theory | ||
| on this at | ||
| `U-Boot Verified Boot <https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html>`__ |
Member
There was a problem hiding this comment.
Suggested change
| `U-Boot Verified Boot <https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html>`__ | |
| `U-Boot Verified Boot <https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html>`_ |
One underscore makes this a named link and allows you to reference it anywhere in this file with the name U-Boot Verified Boot
| on this at | ||
| `U-Boot Verified Boot <https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html>`__ | ||
| and `U-Boot FIT Signature Verification <https://docs.u-boot.org/en/latest/usage/fit/signature.html#signed-configurations>`__. | ||
| The thing to note is, we are applying the same concepts to U-Boot FIT as the |
Member
There was a problem hiding this comment.
Suggested change
| The thing to note is, we are applying the same concepts to U-Boot FIT as the | |
| The thing to note is, we are applying the same concepts to the U-Boot Flattened Image Tree (FIT) as the |
|
|
||
| The verification of :file:`tiboot3.bin` and :file:`tispl.bin` is still handled | ||
| inside the HSM. However, we hand off the chain of trust to U-Boot just after | ||
| this. The :file:`u-boot.img` is a signed FIT image. The U-Boot SPL binary |
Member
There was a problem hiding this comment.
Suggested change
| this. The :file:`u-boot.img` is a signed FIT image. The U-Boot SPL binary | |
| this. The :file:`u-boot.img` is a signed FIT image. The U-Boot Secondary Program Loader (SPL) binary |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds Secure Boot documentation for AM62Lx.
Firstly, add AM62Lx specific content in the
Foundational_Components_Secure_Boot.rst.While we are here, also fix formatting and other issues. Update indentation, make spellings coherent, add relevant
:file:and:code:directives, etc.Next add a new page in the U-Boot user guide documenting secure boot enablement using U-Boot's verified boot framework in AM62LX. For AM62LX,
u-boot.imgsigning and verification has been moved to leverage the mechanisms provided in U-Boot from using HSM core in other K3 devices. This page aims to address this change in AM62LX.