docs: Move secure-boot reference to a sub-page

timg236 · timg236 · commit 6f8549e0dd46 · 2025-11-24T10:37:30.000Z
diff --git a/Readme.md b/Readme.md
@@ -185,158 +185,3 @@ Example metadata file contents written to `metadata/SERIAL_NUMBER.json`
 <a name="secure-boot"></a>
 ## Secure Boot
 This repository contains the low-level tools and firmware images for enabling secure-boot/verified boot on Compute Module 4 and  Compute Module 5.
-
-### Tutorial
-
-Creating a secure-boot system with encrypted file-system support from scratch can be a complicated process.
-
-The recommended starting point is the [Raspberry Pi Secure Boot Provisioner](https://github.com/raspberrypi/rpi-sb-provisioner)
-which provides an automated mechanism for installing [Raspberry Pi OS - pi-gen](https://github.com/RPi-Distro/pi-gen) images
-with secure-boot and root file-system encryption.
-
-If you are porting an existing Buildroot/Yocto image then please see the
-[secure boot code signing tutorial](secure-boot-example/README.md) uses a minimal buildroot initramfs OS image
-to demonstrate the low-level code-signing aspects.
-
-### Additional documentation
-
-* Secure boot BCM2711 [chain of trust diagram](docs/secure-boot-chain-of-trust-2711.pdf).
-* Secure boot BCM2712 [chain of trust diagram](docs/secure-boot-chain-of-trust-2712.pdf).
-* Secure boot [configuration properties](https://www.raspberrypi.com/documentation/computers/config_txt.html#secure-boot-configuration-properties).
-* Device tree [bootloader signed-boot property](https://www.raspberrypi.com/documentation/computers/configuration.html#bcm2711-and-bcm2712-specific-bootloader-properties-chosenbootloader).
-* Device tree [public key - NVMEM property](https://www.raspberrypi.com/documentation/computers/configuration.html#nvmem-nodes).
-* Raspberry Pi [OTP registers](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#otp-register-and-bit-definitions).
-* Raspberry Pi [device specific private key](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#device-specific-private-key).
-
-### Host Setup
-Secure boot require a 2048 bit RSA asymmetric keypair and the Python `pycrytodome` module to sign the bootloader EEPROM config and boot image.
-
-#### Install Python Crypto Support (the pycryptodomex module)
-```bash
-sudo apt install python3-pycryptodome
-```
-
-#### Create an RSA key-pair using OpenSSL. Must be 2048 bits
-```bash
-cd $HOME
-openssl genrsa 2048 > private.pem
-```
-
-### Secure Boot - configuration
-* Please see the [secure boot EEPROM guide](secure-boot-recovery/README.md) to enable via rpiboot `recovery.bin`.
-* Please see the [secure boot MSD guide](mass-storage-gadget64/README.md) for instructions about to mount the EMMC via USB mass-storage once secure-boot has been enabled.
-
-## Secure Boot - image creation
-Secure Boot requires self-contained ramdisk (`boot.img`) FAT image to be created containing the GPU
-firmware, kernel and any other dependencies that would normally be loaded from the boot partition.
-
-This plus a signature file (`boot.sig`) must be placed in the boot partition of the Raspberry Pi
-or network download location.
-
-The `boot.img` file should contain:-
-* The kernel
-* Device tree overlays
-* GPU firmware (start.elf and fixup.dat)
-* Linux initramfs containing the application OR scripts to mount/create an encrypted file-system.
-
-
-### Disk encryption
-Secure-boot is responsible for loading the Kernel + initramfs and loads all of the data
-from a single `boot.img` file stored on an unencrypted FAT/EFI partition.
-
-**There is no support in the ROM or firmware for full-disk encryption.**
-
-If a custom OS image needs to use an encrypted file-system then this would normally be implemented
-via scripts within the initramfs.
-
-Raspberry Pi computers do not have a secure enclave, however, it's possible to store a 256 bit
-[device specific private key](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#device-specific-private-key)
-in OTP. The key is accessible to any process with access to `/dev/vcio` (`vcmailbox`), therefore, the
-secure-boot OS must ensure that access to this interface is restricted.
-
-**It is not possible to prevent code running in ARM supervisor mode (e.g. kernel code) from accessing OTP hardware directly**
-
-See also:
-* [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)
-* [cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions)
-* [rpi-otp-private-key](./tools/rpi-otp-private-key)
-
-The [secure boot tutorial](secure-boot-example/README.md) contains a `boot.img` that supports cryptsetup and a simple example.
-
-### Building `boot.img` using buildroot
-
-The `secure-boot-example` directory contains a simple `boot.img` example with working HDMI,
-network, UART console and common tools in an initramfs.
-
-This was generated from the [raspberrypi-signed-boot](https://github.com/raspberrypi/buildroot/blob/raspberrypi-signed-boot/README.md)
-buildroot config. Whilst not a generic fully featured configuration it should be relatively
-straightforward to cherry-pick the `raspberrypi-secure-boot` package and helper scripts into
-other buildroot configurations.
-
-#### Minimum firmware version
-The firmware must be new enough to support secure boot. The latest firmware APT
-package supports secure boot. To download the firmware files directly.
-
-```bash
-git clone --depth 1 --branch stable https://github.com/raspberrypi/firmware
-```
-
-To check the version information within a `start4.elf` firmware file run
-```bash
-strings start4.elf | grep VC_BUILD_
-```
-
-#### Verifying the contents of a `boot.img` file
-To verify that the boot image has been created correctly use losetup to mount the .img file.
-
-```bash
-sudo su
-mkdir -p boot-mount
-LOOP=$(losetup -f)
-losetup -f boot.img
-mount ${LOOP} boot-mount/
-
-echo boot.img contains
-find boot-mount/
-
-umount boot-mount
-losetup -d ${LOOP}
-rmdir boot-mount
-```
-
-#### Signing the boot image
-For secure-boot, `rpi-eeprom-digest` extends the current `.sig` format of
-sha256 + timestamp to include an hex format RSA bit PKCS#1 v1.5 signature. The key length
-must be 2048 bits.
-
-```bash
-../tools/rpi-eeprom-digest -i boot.img -o boot.sig -k "${KEY_FILE}"
-```
-
-To verify the signature of an existing image set the `PUBLIC_KEY_FILE` environment variable
-to the path of the public key file in PEM format.
-
-```bash
-../tools/rpi-eeprom-digest -i boot.img -k "${PUBLIC_KEY_FILE}" -v boot.sig
-```
-
-
-#### Hardware security modules
-`rpi-eeprom-digest` is a shell script that wraps a call to `openssl dgst -sign`.
-If the private key is stored within a hardware security module instead of
-a .PEM file the `openssl` command will need to be replaced with the appropriate call to the HSM.
-
-`rpi-eeprom-digest` called by `update-pieeprom.sh` to sign the EEPROM config file.
-
-The RSA public key must be stored within the EEPROM so that it can be used by the bootloader.
-By default, the RSA public key is automatically extracted from the private key PEM file. Alternatively,
-the public key may be specified separately via the `-p` argument to `update-pieeprom.sh` and `rpi-eeprom-config`.
-
-To extract the public key in PEM format from a private key PEM file, run:
-```bash
-openssl rsa -in private.pem -pubout -out public.pem
-```
-
-#### Copy the secure boot image to the boot partition on the Raspberry Pi.
-Copy `boot.img` and `boot.sig` to the boot filesystem.
-Secure boot images can be loaded from any of the normal boot modes (e.g. SD, USB, Network).
diff --git a/docs/secure-boot.md b/docs/secure-boot.md
@@ -0,0 +1,172 @@
+# Secure boot
+
+This page describes how to enable secure-boot mode using the `rpiboot` provisioning tool and provides a low-level overview of how secure-boot works on a Raspberry Pi 4 (or newer). These tools are used by the [Raspberry Pi - Secure Boot Provisioner](https://github.com/raspberrypi/rpi-sb-provisioner), the officially supported application for provisioning secure-boot on Raspberry Pi devices.  
+
+Before programming secure-boot, a suitable OS image must be created. This is part of the application or product design process and is outside the scope of this document. We recommend using [rpi-image-gen](https://github.com/raspberrypi/rpi-image-gen) to generate custom Debian-based operating system images, though it is also possible to use Yocto or Buildroot.
+
+**Once secure-boot has been enabled by programming the one-time programmable (OTP) fuses, it cannot be disabled and a different key cannot be programmed.**
+
+
+## Secure-boot overview
+
+## Verified boot flow - chain-of-trust
+Secure-boot uses cryptographic signing to ensure the OS kernel and all required boot components loaded into RAM are authenticated using the customer’s private key. The bootloader firmware verifies these signatures, and the bootloader itself is verified by the SoC BootROM using the Raspberry Pi public keys embedded in the BootROM. The BootROM is fused into the silicon and serves as the immutable root of trust.
+
+### Secure-boot high-level flow
+* BootROM loads the second-stage (`bootsys`) from SPI flash and verifies it is signed by a valid Raspberry Pi BootROM key.  
+* `bootsys` loads the customer’s public key from EEPROM and checks it against the customer key hash stored in OTP, previously written via `rpiboot`.  
+* `bootsys` initializes SDRAM and loads `bootmain`. When loading firmware dependencies from SPI flash, it verifies each dependency’s hash against a list embedded within `bootsys` at build time.  
+* `bootmain` loads the OS boot ramdisk files (`boot.img` and `boot.sig`) from SD/EMMC/USB/NVMe/Network into memory. It verifies that the hash of `boot.img` matches `boot.sig` and that the RSA signature in `boot.sig` can be validated using the customer’s public key.  
+* `bootmain` then uses the verified ramdisk to load the GPU firmware (`start.elf`) and start the operating system. With secure-boot enabled, firmware only loads files from the verified ramdisk, ensuring the OS kernel and all dependencies are authenticated against the customer’s key.  
+
+If any signature or hash verification fails, the current boot mode is aborted and the firmware advances to the next boot mode.
+
+See also:-
+* Secure boot BCM2711 [chain of trust diagram](docs/secure-boot-chain-of-trust-2711.pdf).
+* Secure boot BCM2712 [chain of trust diagram](docs/secure-boot-chain-of-trust-2712.pdf).
+
+## boot.img files
+Secure-boot requires a self-contained ramdisk (`boot.img`) FAT image containing the GPU firmware, kernel and any other dependencies that would normally be loaded from the boot partition.
+
+This enables the bootloader to verify that the kernel and all dependencies loaded into memory can be validated against the signature in `boot.sig`, signed with the customer's private RSA key.
+
+The `boot.img` and corresponding `boot.sig` file must be placed in the device's boot partition or network download location.
+
+The `boot.img` file should contain:
+* config.txt
+* Device tree and overlay files
+* GPU firmware (`start.elf` and `fixup.dat`)
+* Linux kernel image
+* Linux initramfs containing the application OR scripts to mount/create an encrypted filesystem.
+
+### Additional documentation
+
+* Secure boot [configuration properties](https://www.raspberrypi.com/documentation/computers/config_txt.html#secure-boot-configuration-properties).
+* Device tree [bootloader signed-boot property](https://www.raspberrypi.com/documentation/computers/configuration.html#bcm2711-and-bcm2712-specific-bootloader-properties-chosenbootloader).
+* Device tree [public key - NVMEM property](https://www.raspberrypi.com/documentation/computers/configuration.html#nvmem-nodes).
+* Raspberry Pi [OTP registers](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#otp-register-and-bit-definitions).
+* Raspberry Pi [device specific private key](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#device-specific-private-key).
+
+## Configuring and running the rpiboot secure-boot tools
+
+### Host Setup
+Secure boot requires a 2048-bit RSA asymmetric keypair and the Python `pycryptodome` module to sign the bootloader EEPROM config and boot image.
+
+#### Install Python Crypto Support (the pycryptodomex module)
+```bash
+sudo apt install python3-pycryptodome
+```
+
+#### Create an RSA key-pair using OpenSSL. Must be 2048 bits
+Secure-boot requires that the SPI flash configuration and `boot.img` file is signed with the customer's RSA private key.
+
+It is **critical** that this key is stored securely and backed up. It should not be installed in the target OS image.
+
+For reference, this command will generate a private key in the expected format.
+```bash
+cd $HOME
+openssl genrsa 2048 > private.pem
+```
+
+### Programming the OTP and signed EEPROM image
+* Please see the [secure boot EEPROM guide](secure-boot-recovery/README.md) to enable via rpiboot `recovery.bin`.
+* Please see the [secure boot MSD guide](mass-storage-gadget64/README.md) for instructions about how to mount the eMMC via USB mass-storage once secure-boot has been enabled.
+
+### Disk encryption
+Secure-boot is responsible for loading the Kernel + initramfs and loads all of the data
+from a single `boot.img` file stored on an unencrypted FAT/EFI partition.
+
+**There is no support in the ROM or firmware for full-disk encryption.**
+
+Instead, we recommend storing the root filesystem within a LUKS container that is mounted by scripts within initramfs. The LUKS passphrase can be derived from a key stored in OTP.
+
+See [device specific private key](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#device-specific-private-key).
+
+The OTP key is protected against external access by the verified boot flow provided by secure-boot. However, Raspberry Pi computers do not have a secure hardware enclave, and within the secure-boot OS image this key is accessible to any process with access to `/dev/vcio` (`vcmailbox`).
+
+**It is not possible to prevent code running in ARM supervisor mode (e.g. kernel code) from accessing OTP hardware directly.**
+
+See also:
+* [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)
+* [cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions)
+* [rpi-otp-private-key](./tools/rpi-otp-private-key)
+
+The [secure boot tutorial](secure-boot-example/README.md) contains a `boot.img` that supports cryptsetup and a simple example.
+
+### Building `boot.img` using buildroot
+
+The `secure-boot-example` directory contains a simple `boot.img` example with working HDMI,
+network, UART console and common tools in an initramfs.
+
+This was generated from the [raspberrypi-signed-boot](https://github.com/raspberrypi/buildroot/blob/raspberrypi-signed-boot/README.md)
+buildroot config. Whilst not a generic fully featured configuration it should be relatively
+straightforward to cherry-pick the `raspberrypi-secure-boot` package and helper scripts into
+other buildroot configurations.
+
+#### Minimum firmware version
+The firmware must be new enough to support secure boot. The latest firmware APT
+package supports secure boot. To download the firmware files directly, run:
+
+```bash
+git clone --depth 1 --branch stable https://github.com/raspberrypi/firmware
+```
+
+To check the version information within a `start4.elf` firmware file run
+```bash
+strings start4.elf | grep VC_BUILD_
+```
+
+#### Verifying the contents of a `boot.img` file
+To verify that the boot image has been created correctly use losetup to mount the .img file.
+
+```bash
+sudo su
+mkdir -p boot-mount
+LOOP=$(losetup -f)
+losetup ${LOOP} boot.img
+mount ${LOOP} boot-mount/
+
+echo boot.img contains
+find boot-mount/
+
+umount boot-mount
+losetup -d ${LOOP}
+rmdir boot-mount
+```
+
+#### Signing the boot image
+For secure-boot, `rpi-eeprom-digest` extends the current `.sig` format of
+sha256 + timestamp to include a hex-format RSA PKCS#1 v1.5 signature. The key length
+must be 2048 bits.
+
+```bash
+../tools/rpi-eeprom-digest -i boot.img -o boot.sig -k "${KEY_FILE}"
+```
+
+To verify the signature of an existing image set the `PUBLIC_KEY_FILE` environment variable
+to the path of the public key file in PEM format.
+
+```bash
+../tools/rpi-eeprom-digest -i boot.img -k "${PUBLIC_KEY_FILE}" -v boot.sig
+```
+
+
+#### Hardware security modules
+`rpi-eeprom-digest` is a shell script that wraps a call to `openssl dgst -sign`.
+If the private key is stored within a hardware security module instead of
+a .PEM file the `openssl` command will need to be replaced with the appropriate call to the HSM.
+
+`rpi-eeprom-digest` is called by `update-pieeprom.sh` to sign the EEPROM config file.
+
+The RSA public key must be stored within the EEPROM so that it can be used by the bootloader.
+By default, the RSA public key is automatically extracted from the private key PEM file. Alternatively,
+the public key may be specified separately via the `-p` argument to `update-pieeprom.sh` and `rpi-eeprom-config`.
+
+To extract the public key in PEM format from a private key PEM file, run:
+```bash
+openssl rsa -in private.pem -pubout -out public.pem
+```
+
+#### Copy the secure boot image to the boot partition on the Raspberry Pi.
+Copy `boot.img` and `boot.sig` to the boot filesystem.
+Secure boot images can be loaded from any of the normal boot modes (e.g. SD, USB, Network).
