Skip to main content

spl + rtos + kernel + rootfs 安全启动实现

一 安全启动说明

  • CPU 启动的时验证 SPL 的的签名,保证代码没有更改过。 利⽤ RSA 的⾮对称加解特性, 私钥加密, 只有公钥可以解密. 把 SPL 的 HASH 值加密, 在启动的时候验通过公钥解密,检校 HASH 是否正确. 这样只有有私钥的才能使⽤, 防⽌代码发⽣变化.
  • CPU启动时候使⽤ USERKEY 解密(可选) 代码段可以通过 AES 加密. 启动过程中⽤ AES 解密, 保证⽤⼾的代码是加密的, 防⽌泄露. AES 的秘钥要与 CPU 内部烧录的秘钥相同.
  • CPU 启动时候使⽤ CHIPKEY 解密(可选) 代码是通过 CPU 的⾃⾝的 CHIPKEY 解密的, 每个CPU的 CHIPKEY 是不同的, ⽽通过这个 KEY 加密的 Firmware 也是不同的, 保证了 FLASH ⾥⾯的代码是⽆法 COPY 的

CPU 内部保存了3个 KEY:

  • RSA的公钥签名, 保证公钥是和⽤⼾的私钥对应.
  • USERKEY, 保证⽤⼾使⽤ OTA 时代码是加密的.
  • CHIPKEY, 保证每个 CPU 的KEY是不同的.

这三个 KEY 是保存 CPU 内部 EFUSE 中, 在⾮安全核不可读取, 对外不开放. 在使⽤安全 BOOT 前需要烧录, 并打开security功能的BIT位.

具体签名和解密流程如下:

1

安全启动流程概述:

Linux系统加载SPL,在SPL中验签rtos,验签成功以后,加载rtos系统,在RTOS系统中对kernel进行解密和验签,对rootfs进行验签。

对于 rootfs,采用只签名,不加密的方式

二 软硬件环境说明

本文以 X1600e HALLY6_BASEBOARD_V2.0 开发板为例进行说明

2.1 硬件环境说明

​ 需要有对 efuse 使能的电路, 本开发板采取efuse_en脚外接PC02(默认低电平失能), 拉高使能.

1

此处注意外接io及默认使能电平需要与烧录工具efuse设置匹配. io不对会导致烧录不进去,电平不匹配会导致芯片可能烧坏.

2.2 软件实现说明

2.2.1 linux设置

LINUX 系统使用的配置为: x1600e_halley6_nand_5.10_defconfig

2.2.1.1 uboot 修改

确定uboot文件:

本开发板使用主配置文件 x1600e_halley6_nand_5.10_defconfig

build$ grep -nr  "uboot_config" configs/x1600e_halley6_nand_5.10_defconfig
5:APP_uboot_config=x1600e_base_halley6_xImage_sfc_nand                      //uboot配置

查找/Linux工程目录/bootloader/uboot-x2000/boards.cfg内的x1600e_base_halley6_xImage_sfc_nand 

x1600e_base_halley6_xImage_sfc_nand  mips        xburst x1600_base   ingenic    x1600       x1600_base:SPL_SFC_NAND,MTD_SFCNAND,SPL_OS_BOOT,SPL_PARAMS_FIXER,X1600E_DDR,LPJ="5496832"

可以看到uboot使用的为x1600_base, 位于bootloader/uboot-x2000/include/configs下的x1600_base.h文件, 改动后内容如下:

#ifndef __X1600_BASE_H__
#define __X1600_BASE_H__

#define CONFIG_ROOTFS_SQUASHFS
#define CONFIG_ROOTFS2_SQUASHFS

#define CONFIG_SPL_SERIAL_SUPPORT

#define CONFIG_JZ_SCBOOT             /*spl和kernel的解密和验签*/ 
#define CONFIG_JZ_SECURE_ROOTFS      /*验签rootfs*/
#define CONFIG_SPL_RTOS_LOAD_KERNEL  /*添加rtos启动linux系统加载kernel的宏*/
#define CONFIG_JZ_SECURE_SUPPORT     /*开启secure的支持*/


#include "x1600_base_common.h"

#endif /* __X1600_BASE_H__ */

由于添加加密相关的宏,会导致uboot编译固件变大,故需要扩容,修放方法如下:

需要修改偏移地址。

修改 x1600_base_common.h 文件

CONFIG_SPIFLASH_PART_OFFSET 0x5800 改为: CONFIG_SPIFLASH_PART_OFFSET 0x5c00

bootloader/uboot-x2000$ ls include/configs/x1600_base_common.h
-#define CONFIG_SPIFLASH_PART_OFFSET            0x5800
+#define CONFIG_SPIFLASH_PART_OFFSET            0x5c00
2.2.1.2 kernel 修改
kernel/kernel$ git diff module_drivers/drivers/mtd/devices/ingenic_sfc_v2/spinand.h

-#define SPIFLASH_PARAMER_OFFSET        0x5800
+#define SPIFLASH_PARAMER_OFFSET        0x5c00

2.2.2 rtos设置

RTOS 系统使用的配置为: x1600e_nand_defconfig

RTOS代码获取方法见 Halley6_X1600E_V2.0 开发板RTOS快速上手文档。具体路径查看网站:Halley6开发平台-->RTOS开发平台-->Halley6_X1600E_V2.0 开发板RTOS快速上手

2.2.2.1 rtos 偏移地址修改

修改rtos偏移地址为 0x5c00

freertos$ git diff xburst/soc-x1600/sfc_nand_params.h

-#define SFC_FLASH_PARAMER_OFFSET        0x5800
+#define SFC_FLASH_PARAMER_OFFSET        0x5c00
2.2.2.2 rtos 安全启动修改

本文默认使用的是nand,nor也可以支持, 但是对于 nor 介质来说,rtos 不能挂载文件系统,因为 rtos 和 linux 的文件系统格式不一样,如果在 rtos 挂载文件系统,会破坏 linux 文件系统的分区(需在 rtos 的 iconfig 中取消掉文件系统勾选)

2

nand flash是需要勾选上设备文件系统

1

1

勾选 rtos 跳转到 linux

2

勾选 secure boot 驱动

2

勾选 secureboot安全启动 ,勾选kernel验签+解密 和 rootfs验签

对于如何使用 spl 启动 rtos 去 load kernel,查看文档《x1600linux系统rtos提前显示logo》

三 签名和加密

注:本文档描述的功能只适用于 cloner-2.5.40-ubuntu_alpha/windows_alpha 以上的烧录工具

x1600、x2000、x2600使用的工具一样,都在securitytool/x2000目录下

3.1 生成秘钥

生成秘钥的工具在烧录工具目录的 securitytool/x2000/keytool/ 下:

2 

cloner-2.5.54.4-ubuntu_alpha/securitytool/x2000/keytool$ ls
keygen-32  keygen-64  qm_cn.qm

cloner-2.5.54.4-ubuntu_alpha/securitytool/x2000/keytool$ sudo ./keygen-64

其中 keygen-32 对于 32 位 pc,keygen-64 对应 64 位 pc

运行:sudo ./keygen-64

2

点击 Generate Key 后就会在当前路径下生成秘钥,也可以点击 Path 选择生成的路径。

如下会生成 key.bin,pri_key.pem ,user_key.bin

cloner-2.5.54.4-ubuntu_alpha/securitytool/x2000/keytool$ ls -lh
total 37M
-rw-r--r-- 1 root root  588 6月  12 21:31 key.bin
-rwxrwxr-x 1 root root  22M 4月  29  2024 keygen-32
-rwxrwxr-x 1 root root  16M 4月  29  2024 keygen-64
-rw-r--r-- 1 root root 1.7K 6月  12 21:31 pri_key.pem
-rwxrwxr-x 1 root root  536 4月  28  2024 qm_cn.qm
-rw-r--r-- 1 root root   64 6月  12 21:31 user_key.bin

将秘钥拷贝到烧录工具的对应位置

  • 将 key.bin 拷贝到烧录工具 security/x2000/下:

    securitytool/x2000/keytool$ cp key.bin ../../../security/x2000/ -arf

  • 将 pri_key.pem 和 user_key.bin 拷贝到烧录工具的 securitytool/x2000/sigtool/security_key下:

    cloner-2.5.54.4-ubuntu_alpha/securitytool/x2000/keytool$ cp pri_key.pem ../sigtool/security_key/ -arf
    cloner-2.5.54.4-ubuntu_alpha/securitytool/x2000/keytool$ cp user_key.bin ../sigtool/security_key/ -arf

3.2 签名和加密的工具

签名工具在烧录工具目录的 securitytool/x2000/sigtool/ 下:

image-20231114163903973

其中 sigtool-32、sigtool-64、sigtool.exe 为对应 pc 下使用的工具

创建文件settings.ini , 写入内容

[debug]
value=1

运行:sudo ./sigtool-64

image-20231114164220755

其中 AES 选上为启用加密功能,不选为只签名。

3.3 签名和加密

在对镜像进⾏加密之前, 先烧录⼀次未加密过的镜像, 待spl能加载kernel, kernel挂载⽂件系统, ⽂件系统起来后,确定镜像可⽤即可进⾏签名镜像操作

3.3.1 burn bin

操作如图:

image-20231114164957025

选择好后点击 sign,就会在烧录工具目录下的 firmwares/x1600/目录下生成spl_sec.bin 和 uboot_sec.bin

3.3.2 spl bin

操作如图:

image-20231114165414660

选择好后点击 sign,就会在对应的目录下生成加密后的文件,对于上面的文件就会生成 u-boot-spl-pad-dst.bin,等会烧录 spl 时要选择这个文件

3.3.3 kernel bin

操作如图:

image-20231114165846882

选择好后点击 sign,就会在对应的目录下生成加密后的文件,对于上面的文件就会生成 xImage-dst.bin,等会烧录 kernel 时要选择这个文件。

3.3.4 rootfs

对于 rootfs ,采用不加密,只签名. 具体操作如下:

image-20231114170228186

选择好后点击 sign,就会在对应的目录下生成加密后的文件,对于上面的文件就会生成 rootfs-dst.squashfs,然后使用 dd 命令分离出签名信息(等会需要将该签名信息烧录到 flash 中):

dd if=rootfs-dst.squashfs of=signature bs=2048 count=1

如图,signature 就是签名信息,等会需要烧录这个文件:

image-20231114170605692 

output$ cat xImage-dst.bin signature > xImage-dst-with-rootfs-sig.bin
    
output$ ls -lh
total 48M
drwxr-xr-x 2 root  root  4.0K 6月  13 16:26 'New Folder'
-rw-r--r-- 1 root  root   11M 6月  17 15:00  rootfs-dst.squashfs
-rw-r--r-- 1 kenny kenny  11M 6月  17 14:53  rootfs.squashfs
-rw-rw-r-- 1 kenny kenny 2.0K 6月  17 15:00  signature
-rw-rw-r-- 1 kenny kenny  26K 6月  17 14:53  u-boot-spl-pad.bin
-rw-r--r-- 1 root  root   26K 6月  17 14:58  u-boot-spl-pad-dst.bin
-rw-rw-r-- 1 kenny kenny 4.5M 6月  17 14:52  xImage
-rw-r--r-- 1 root  root  4.5M 6月  17 15:00  xImage-dst.bin
-rw-rw-r-- 1 kenny kenny 4.5M 6月  17 15:00  xImage-dst-with-rootfs-sig.bin

到时烧录的时候,kernel的固件选择 xImage-dst-with-rootfs-sig.bin

3.3.5 rtos bin

操作如下:

image-20231114170921810

选择好后点击 sign,就会在对应的目录下生成加密后的文件,对于上面的文件就会生成 zero-dst.bin,等会烧录 rtos 时要选择这个文件

四 烧录

本文档使用 cloner-2.5.40-ubuntu_alpha 烧录工具:

4.1 选择配置文件

image-20231114180814239

4.2 分区配置

4.3 启用安全烧录

4.4 选择烧录文件

4.5 修改参数偏移地址

参数偏移地址修改跟上文中代码一致

五 问题汇总

1. 烧录到boot 40%变红

可能是cpu烧坏了, 需要重新更换cpu.

efuse烧录有严格的供电要求, 写⼊efuse时, 给efuse的供电时间不能超过200ms, ⼀旦超过200ms就会烧坏efuse, 导致整个芯⽚不能正常使⽤, 此时就需要更换主控芯⽚了

2 烧录到boot 90% SEND KU ERR 变红

直接表现是烧录⼯具烧录之前解码固件失败, 根本原因应该是efuse因为某些原因没有写⼊成功.

此时应当检查efuse的供电及使能电平, 确保硬件设计和烧录⼯具设置的⼀致. 排除此处原因后, 重新烧录可以成功的.

3 换其他烧录⼯具烧录后系统⽆法启动

由于efuse中数据位跳变是不可逆的, 所以⼀定要保证⽤此加密烧录后的系统再次更新还是使⽤同样的烧录⼯具和密钥来完成的. 如果使⽤新的烧录⼯具烧录了其他的密钥, 那么再⽤原先的烧录⼯具也⽆法再次烧录正确的密钥了, 引起系统可能再也启动不了了. 到此步, 只能更换主控芯⽚才能再次使⽤了.

六 系统解密流程

22

对应log

U-Boot SPL 2013.07-00024-gddb7bfbcc-dirty (Jun 17 2025 - 14:51:59)
ERROR EPC 83fb08e4
CPA_CPAPCR:02e049cd
CPM_CPMPCR:0af0c9cd
CPM_CPEPCR:019051cd
CPM_CPCCR:9a094410
SOC: X1600E
DDR: X1600E-LPDDR2 type is : LPDDR2
ddr_inno_phy_init ..! 11:  00000006
mr1 = 0x83010011
mr2 = 0x04020011
mr3 = 0x01030011
mr10 = 0xff0a0011
mr63 = 0x003f0011
DDRP_INNOPHY_CALIB_DELAY_AL:00000051
DDRP_INNOPHY_CALIB_DELAY_AH:00000051
-----ddr_readl(DDRP_INNOPHY_CALIB_DONE): 00000003
ddr calib finish
451, VID=0x0000009b, PID=0x00000012
Security boot...
[0.000000] xburst rtos @ Jun 17 2025 14:44:25, epc: 83fb08e4
[0.000106] pwm clk rate 300000000
[0.001307] Supported Nand Flash, ATO25D1GA(9b:12)
[0.042095] stmmac - user ID: 0x20, Synopsys ID: 0x37
[0.042282]  Ring mode enabled
[0.042386]  DMA HW capability register supported Enhanced/Alternate descriptors
[0.042655]  Enabled extended descriptors
[0.042796]  RX Checksum Offload Engine supported (type 2)
[0.042991]  TX Checksum insertion supported
[0.043142]  Enable RX Mitigation via HW Watchdog Timer
[0.055087] Found mac phy id 0x02430c54
[0.066255] vendor init...
[0.066346]  load kernel address.
[0.066459]  load kernel address.
[0.066615] load kernel===319
[0.327581] max brightness = 100
[0.327708] brightness = 100
[0.983977] Security boot...
[1.666106] Security boot...
[2.547632] load kernel===325
[2.547947] jump to image linux
[2.548065] cmdargs = console=ttyS2,3000000n8  mem=64M@0x0  init=/linuxrc flashtype=nand clk_ignore_unused  root=/dev/mtdblock_bbt_ro2 rootfstype=squashfs ro
[2.548591] entry point = 80f00000
Uncompressing Linux...
Ok, booting the kernel.
[    0.000000] Linux version 5.10.186+ (kenny@kenny-MS-7B89) (mips-linux-gnu-gcc (Ingenic MIPS LINUX Tools R5.2.2 Default_xburst1_glibc2.38 Fix utmp64 2024.04-16 03:41:00) 7.2.0, GNU ld (GNU Binutils) 2.27) #4 PREEMPT Fri Jun 13 17:39:57 CST 2025
[    0.000000] CPU0 RESET ERROR PC:83FB08E4
[    0.000000] printk: bootconsole [early0] enabled
[    0.000000] CPU0 revision is: 00d00000 (Ingenic XBurst)
[    0.000000] FPU revision is: 00b70000
[    0.000000] ddr_size: 64 MBytes
[    0.000000] OF: fdt: No chosen node found, continuing without
[    0.000000] MIPS: machine is ingenic,x1600
[    0.000000] SOC: X1600E
[    0.000000] User-defined physical RAM map overwrite
[    0.000000] reg-64M not found!
[    0.000000] Reserved memory: created DMA memory pool at 0x02000000, size 32 MiB, 32768 KiB
[    0.000000] OF: reserved mem: initialized node reserved_mem@0x2000000, compatible id shared-dma-pool
[    0.000000] cma: Failed to reserve 64 MiB
[    0.000000] Primary instruction cache 16kB, VIVT, 8-way, linesize 32 bytes.
[    0.000000] Primary data cache 16kB, 8-way, VIPT, no aliases, linesize 32 bytes
[    0.000000] Unified secondary cache 128kB 8-way, linesize 32 bytes.
[    0.000000] Zone ranges:
[    0.000000]   Normal   [mem 0x0000000000000000-0x0000000003ffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x0000000003ffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000003ffffff]
[    0.000000] Built 1 zonelists, mobility grouping off.  Total pages: 16256
[    0.000000] Kernel command line: console=ttyS2,3000000n8  mem=64M@0x0  init=/linuxrc flashtype=nand clk_ignore_unused  root=/dev/mtdblock_bbt_ro2 rootfstype=squashfs ro
[    0.000000] Dentry cache hash table entries: 8192 (order: 3, 32768 bytes, linear)
[    0.000000] Inode-cache hash table entries: 4096 (order: 2, 16384 bytes, linear)
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 21924K/65536K available (7219K kernel code, 354K rwdata, 2180K rodata, 284K init, 125K bss, 43612K reserved, 0K cma-reserved)
[    0.000000] rcu: Preemptible hierarchical RCU implementation.
[    0.000000]  Trampoline variant of Tasks RCU enabled.
[    0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[    0.000000] NR_IRQS: 200
[    0.000000] x1600 Clock Power Management Unit init!
[    0.000000] =========== x1600 clocks: =============
[    0.000000]  apll     = 1104000000 , mpll     = 1400000000, ddr = 350000000
[    0.000000]  cpu_clk  = 1104000000 , l2c_clk  = 552000000
[    0.000000]  ahb0_clk = 280000000 , ahb2_clk = 280000000
[    0.000000]  apb_clk  = 140000000 , ext_clk  = 24000000
[    0.000000] 
[    0.000000] Previous Boot Time is 3080659 us
[    0.000000] clocksource: ingenic_clocksource: mask: 0xffffffffffffffff max_cycles: 0x1623fa770, max_idle_ns: 1763180808952 ns
[    0.000007] sched_clock: 64 bits at 1500kHz, resolution 666ns, wraps every 4398046510951ns
[    0.001343] Console: colour dummy device 80x25
[    0.001566] Calibrating delay loop... 1099.36 BogoMIPS (lpj=5496832)
[    0.090679] pid_max: default: 32768 minimum: 301
[    0.091055] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.091376] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.093385] rcu: Hierarchical SRCU implementation.
[    0.094491] devtmpfs: initialized
[    0.100067] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.100558] futex hash table entries: 256 (order: 0, 7168 bytes, linear)
[    0.100996] pinctrl core: initialized pinctrl subsystem
[    0.103465] NET: Registered protocol family 16
[    0.140228] ingenic pinctrl 10010000.pinctrl: 4 gpio chip add success, pins 128
[    0.141899] ingenic pinctrl 10010000.pinctrl: ingenic pinctrl probe success
[    0.264263] SCSI subsystem initialized
[    0.264779] usbcore: registered new interface driver usbfs
[    0.265101] usbcore: registered new interface driver hub
[    0.265397] usbcore: registered new device driver usb
[    0.265869] mc: Linux media interface: v0.10
[    0.266122] videodev: Linux video capture interface: v2.00
[    0.266679] Advanced Linux Sound Architecture Driver Initialized.
[    0.275860] ingenic-dma 13420000.dma: IRQ pdmam not found
[    0.288440] ingenic-dma 13420000.dma: INGENIC SoC DMA initialized
[    0.291941] clocksource: Switched to clocksource ingenic_clocksource
[    0.330849] NET: Registered protocol family 2
[    0.331186] IP idents hash table entries: 2048 (order: 2, 16384 bytes, linear)
[    0.334971] tcp_listen_portaddr_hash hash table entries: 256 (order: 0, 6144 bytes, linear)
[    0.335379] TCP established hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.335735] TCP bind hash table entries: 1024 (order: 2, 20480 bytes, linear)
[    0.336081] TCP: Hash tables configured (established 1024 bind 1024)
[    0.336502] UDP hash table entries: 256 (order: 1, 12288 bytes, linear)
[    0.336831] UDP-Lite hash table entries: 256 (order: 1, 12288 bytes, linear)
[    0.337359] NET: Registered protocol family 1
[    0.341251] Initialise system trusted keyrings
[    0.341919] workingset: timestamp_bits=30 max_order=13 bucket_order=0
[    0.342745] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    0.516307] Key type asymmetric registered
[    0.516502] Asymmetric key parser 'x509' registered
[    0.516734] io scheduler mq-deadline registered
[    0.516931] io scheduler kyber registered
[    0.526177] dwc2 13500000.otg: supply vusb_d not found, using dummy regulator
[    0.526906] dwc2 13500000.otg: supply vusb_a not found, using dummy regulator
[    0.842302] dwc2 13500000.otg: EPs: 9, dedicated fifos, 3576 entries in SPRAM
[    0.842837] dwc2 13500000.otg: DWC OTG Controller
[    0.843086] dwc2 13500000.otg: new USB bus registered, assigned bus number 1
[    0.843429] dwc2 13500000.otg: irq 9, io mem 0x13500000
[    0.843833] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.10
[    0.844193] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[    0.844501] usb usb1: Product: DWC OTG Controller
[    0.844705] usb usb1: Manufacturer: Linux 5.10.186+ dwc2_hsotg
[    0.844956] usb usb1: SerialNumber: 13500000.otg
[    0.846405] hub 1-0:1.0: USB hub found
[    0.846626] hub 1-0:1.0: 1 port detected
[    0.849111] usbcore: registered new interface driver usb-storage
[    0.849713] i2c /dev entries driver
[    0.850591] usbcore: registered new interface driver uvcvideo
[    0.850850] USB Video Class driver (1.1.1)
[    0.855057] usbcore: registered new interface driver usbkbd
[    0.855497] usbcore: registered new interface driver usbmouse
[    0.857747] NET: Registered protocol family 17
[    0.861361] jz-cdbus cdbus: Ingenic cdbus driver init successfully!
[    0.862741] Enter 'CDT' mode.
[    0.862885] Enter 'DMA Descriptor chain' mode.
[    0.863107] create CDT index: 0 ~ 4,  index number:5.
[    0.863873] ingenic-sfc 13440000.sfc: id_manufactory = ff, id_device 9b
[    0.864207] ingenic-sfc 13440000.sfc: id_manufactory = 9b, id_device 12
[    0.864495] ingenic-sfc 13440000.sfc: Found Supported device, id_manufactory = 0x9b, id_device = 0x12
[    0.864885] use nand common get feature interface!
[    0.865101] create CDT index: 5 ~ 22,  index number:18.
[    0.865742] Creating 5 MTD partitions on "sfc_nand":
[    0.865976] 0x000000000000-0x000000100000 : "uboot"
[    0.873925] 0x000000100000-0x000000900000 : "kernel"
[    0.883419] 0x000000900000-0x000006900000 : "rootfs"
[    0.933779] 0x000006900000-0x000006a00000 : "rtos"
[    0.936815] 0x000006a00000-0x000008000000 : "userdata"
[    0.954656] 10030000.serial: ttyS0 at MMIO 0x10030000 (irq = 55, base_baud = 8750000) is a uart0
[    0.958897] 10032000.serial: ttyS2 at MMIO 0x10032000 (irq = 53, base_baud = 8750000) is a uart2
[    0.959350] printk: console [ttyS2] enabled
[    0.959350] printk: console [ttyS2] enabled
[    0.959765] printk: bootconsole [early0] disabled
[    0.959765] printk: bootconsole [early0] disabled
[    0.968474] rtc-ingenic 10003000.rtc: registered as rtc0
[    0.968852] rtc-ingenic 10003000.rtc: setting system clock to 2020-03-01T12:31:56 UTC (1583065916)
[    0.969379] ingenic RTC probe success 
[    0.971611] Loading compiled-in X.509 certificates
[    0.986113] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[    0.990707] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[    0.991254] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[    0.991747] cfg80211: failed to load regulatory.db
[    0.992399] clk: Not disabling unused clocks
[    0.992669] ALSA device list:
[    0.992845]   No soundcards found.
[    1.031374] mtd: rootfs 100663296 131072 0
[    1.035504] VFS: Mounted root (squashfs filesystem) readonly on device 50:2.
[    1.038225] devtmpfs: mounted
[    1.039095] Freeing unused kernel memory: 284K
[    1.039405] This architecture does not have kernel memory protection.
[    1.039798] Run /linuxrc as init process
[    1.067395] process '/bin/busybox' started with executable stack
Starting mdev... OK