dasharo/slimbootloader.github.io
0
0
Fork 0
mirror of https://github.com/Dasharo/slimbootloader.github.io.git synced 2026-03-06 15:26:36 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
bc9010f2c7ed0488a67abfa96374b1dbae5e717d
slimbootloader.github.io/tutorials/ex_feature_custom_verified_boot.html

233 lines
15 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
<meta charset="utf-8" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Exercise \- Feature Customization - Verified Boot &mdash; Slim Bootloader 1.0 documentation</title>
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
<link rel="stylesheet" href="../_static/graphviz.css" type="text/css" />
<link rel="stylesheet" href="../_static/custom.css" type="text/css" />
<link rel="shortcut icon" href="../_static/sbl_logo_blue_32x32_icon.ico"/>
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js"></script>
<script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/sphinx_highlight.js"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="Exercise \- Feature Customization - Boot Order" href="ex_feature_custom_boot_order.html" />
<link rel="prev" title="Exercise \- Feature Customization - Splash" href="ex_feature_custom_splash.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Slim Bootloader
<img src="../_static/sbl_logo_white_200x200.png" class="logo" alt="Logo"/>
</a>
<div class="version">
1.0
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../introduction/index.html">Introduction</a></li>
<li class="toctree-l1"><a class="reference internal" href="../getting-started/index.html">Getting Started</a></li>
<li class="toctree-l1"><a class="reference internal" href="../supported-hardware/index.html">Supported Hardware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developer-guides/index.html">Developers Guide</a></li>
<li class="toctree-l1"><a class="reference internal" href="../security/index.html">Security Features</a></li>
<li class="toctree-l1"><a class="reference internal" href="../how-tos/index.html">How-Tos</a></li>
<li class="toctree-l1"><a class="reference internal" href="../tools/index.html">Tools</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Tutorials</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="ex_build_sbl_for_qemu.html">Exercise \- Build SBL for QEMU</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_run_sbl_on_qemu.html">Exercise \- Run SBL on QEMU</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_debug_sbl_on_qemu_with_gdb.html">Exercise \- Debug SBL on QEMU with GDB</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_sbl_shell_cli.html">Exercise \- SBL Shell/CLI</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_boot_to_linux.html">Exercise \- Boot to Linux</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_feature_custom_splash.html">Exercise \- Feature Customization - Splash</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">Exercise \- Feature Customization - Verified Boot</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_feature_custom_boot_order.html">Exercise \- Feature Customization - Boot Order</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_uefi_payload.html">Exercise \- UEFI Payload</a></li>
<li class="toctree-l2"><a class="reference internal" href="ex_corrupt_sbl_component.html">Exercise \- Corrupt SBL Component</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../specs/index.html">Specifications</a></li>
<li class="toctree-l1"><a class="reference internal" href="../references/references.html">References and Links</a></li>
<li class="toctree-l1"><a class="reference internal" href="../references/terminology.html">Terminology and Acronyms</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Slim Bootloader</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Tutorials</a></li>
<li class="breadcrumb-item active">Exercise \- Feature Customization - Verified Boot</li>
<li class="wy-breadcrumbs-aside">
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="exercise-feature-customization-verified-boot">
<span id="exercisefeaturecustomverifiedboot"></span><h1>Exercise \- Feature Customization - Verified Boot<a class="headerlink" href="#exercise-feature-customization-verified-boot" title="Permalink to this heading"></a></h1>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p><strong>In this exercise, well learn how to enable and verify Verified Boot, it will demonstrate that boot stage signature verification will fail if a user modifies a byte in one of the stages</strong></p>
</div>
<p>You can execute SBL with the following steps:</p>
<ol class="arabic simple">
<li><p>Use HEX editor to modify one byte in the SBL image:</p></li>
</ol>
<blockquote>
<div><p>1.) Rebuild SBL by using the following command:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">python</span> <span class="n">BuildLoader</span><span class="o">.</span><span class="n">py</span> <span class="n">build</span> <span class="n">qemu</span>
</pre></div>
</div>
<p>2.) Completion: you will see <code class="docutils literal notranslate"><span class="pre">Done</span> <span class="pre">[qemu]</span></code> on the screen after compile completed</p>
<p>3.) Check Flash Map on stage2 offset located at where (example here stage2 is located at 0x18000000)</p>
<img alt="Compile completed" class="align-center" src="../_images/ex6-1.jpg" />
</div></blockquote>
<div class="line-block">
<div class="line"><br /></div>
</div>
<blockquote>
<div><p>4.) Open <code class="docutils literal notranslate"><span class="pre">SlimBootloader.bin</span></code> on <code class="docutils literal notranslate"><span class="pre">&lt;sbl_tree&gt;\Outputs\qemu\</span></code></p>
<p>5.) Goto offset <code class="docutils literal notranslate"><span class="pre">0x18000000</span></code> and select one byte to modify it to <code class="docutils literal notranslate"><span class="pre">0x00</span></code>, and save the image</p>
<blockquote>
<div><img alt="Compile completed" class="align-center" src="../_images/ex6-2.jpg" />
</div></blockquote>
<p>6.) Example here updated offset <code class="docutils literal notranslate"><span class="pre">0x18000025</span></code> (Make sure to <strong>SAVE</strong> the changes!)</p>
</div></blockquote>
<div class="line-block">
<div class="line"><br /></div>
</div>
<ol class="arabic simple" start="2">
<li><p>Execute SBL on QEMU by using the following command</p></li>
</ol>
<blockquote>
<div><ul>
<li><p>Windows:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="s2">&quot;C:\Program Files\qemu\qemu-system-x86_64.exe&quot;</span> <span class="o">-</span><span class="n">m</span> <span class="mi">256</span><span class="n">M</span> <span class="o">-</span><span class="n">machine</span> <span class="n">q35</span> <span class="o">-</span><span class="n">serial</span> <span class="n">stdio</span> <span class="o">-</span><span class="n">pflash</span> <span class="n">Outputs</span>\<span class="n">qemu</span>\<span class="n">SlimBootloader</span><span class="o">.</span><span class="n">bin</span>
</pre></div>
</div>
</li>
<li><p>Linux:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">qemu</span><span class="o">-</span><span class="n">system</span><span class="o">-</span><span class="n">x86_64</span> <span class="o">-</span><span class="n">m</span> <span class="mi">256</span><span class="n">M</span> <span class="o">-</span><span class="n">machine</span> <span class="n">q35</span> <span class="o">-</span><span class="n">serial</span> <span class="n">mon</span><span class="p">:</span><span class="n">stdio</span> <span class="o">-</span><span class="n">nographic</span> <span class="o">-</span><span class="n">pflash</span> <span class="n">Outputs</span><span class="o">/</span><span class="n">qemu</span><span class="o">/</span><span class="n">SlimBootloader</span><span class="o">.</span><span class="n">bin</span>
</pre></div>
</div>
</li>
</ul>
</div></blockquote>
<ol class="arabic" start="3">
<li><p>Boot up failed on stage 1B</p>
<img alt="Compile completed" class="align-center" src="../_images/ex6-3.jpg" />
</li>
<li><p>Modify board configuration file, <strong>CHANGE</strong> the line in file <code class="docutils literal notranslate"><span class="pre">&lt;sbl_tree&gt;\Platform\QemuBoardPkg\BoardConfig.py</span></code></p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="bp">self</span><span class="o">.</span><span class="n">HAVE_VERIFIED_BOOT</span> <span class="o">=</span> <span class="mi">0</span>
</pre></div>
</div>
<img alt="Compile completed" class="align-center" src="../_images/ex6-4.jpg" />
</li>
</ol>
<hr class="docutils" />
<ol class="arabic" start="5">
<li><p>Rebuild SBL by using the following command:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">python</span> <span class="n">BuildLoader</span><span class="o">.</span><span class="n">py</span> <span class="n">build</span> <span class="n">qemu</span>
</pre></div>
</div>
</li>
<li><p>Completion: you will see <code class="docutils literal notranslate"><span class="pre">Done</span> <span class="pre">[qemu]</span></code> on the screen after compile completed</p></li>
<li><p>Use HEX editor to modify one byte in the SlimBootloader image:</p>
<p>1.) Open <code class="docutils literal notranslate"><span class="pre">SlimBootloader.bin</span></code> on <code class="docutils literal notranslate"><span class="pre">&lt;sbl_tree&gt;\Outputs\qemu\</span></code></p>
<p>2.) Goto offset <code class="docutils literal notranslate"><span class="pre">0x18000025</span></code> and modify it to <code class="docutils literal notranslate"><span class="pre">0x00</span></code>, and <em>SAVE</em> the image</p>
<p>3.) Execute SBL on QEMU by using the following command:</p>
<blockquote>
<div><ul>
<li><p>Windows:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="s2">&quot;C:\Program Files\qemu\qemu-system-x86_64.exe&quot;</span> <span class="o">-</span><span class="n">m</span> <span class="mi">256</span><span class="n">M</span> <span class="o">-</span><span class="n">machine</span> <span class="n">q35</span> <span class="o">-</span><span class="n">serial</span> <span class="n">stdio</span> <span class="o">-</span><span class="n">pflash</span> <span class="n">Outputs</span>\<span class="n">qemu</span>\<span class="n">SlimBootloader</span><span class="o">.</span><span class="n">bin</span>
</pre></div>
</div>
</li>
<li><p>Linux:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">qemu</span><span class="o">-</span><span class="n">system</span><span class="o">-</span><span class="n">x86_64</span> <span class="o">-</span><span class="n">m</span> <span class="mi">256</span><span class="n">M</span> <span class="o">-</span><span class="n">machine</span> <span class="n">q35</span> <span class="o">-</span><span class="n">serial</span> <span class="n">mon</span><span class="p">:</span><span class="n">stdio</span> <span class="o">-</span><span class="n">nographic</span> <span class="o">-</span><span class="n">pflash</span> <span class="n">Outputs</span><span class="o">/</span><span class="n">qemu</span><span class="o">/</span><span class="n">SlimBootloader</span><span class="o">.</span><span class="n">bin</span>
</pre></div>
</div>
</li>
</ul>
</div></blockquote>
</li>
</ol>
<blockquote>
<div><img alt="Compile completed" class="align-center" src="../_images/ex6-5.jpg" />
</div></blockquote>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p><code class="docutils literal notranslate"><span class="pre">BoardConfig.py</span></code> contains lots of options for customization. Most of the SBL static features and Flash image layout can be customized here.</p>
</div>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="ex_feature_custom_splash.html" class="btn btn-neutral float-left" title="Exercise \- Feature Customization - Splash" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="ex_feature_custom_boot_order.html" class="btn btn-neutral float-right" title="Exercise \- Feature Customization - Boot Order" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2018 - 2024, Intel Corporation.
<span class="lastupdated">Last updated on Jun 07, 2024.
</span></p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink