user-guide.md 57.9 KB
Newer Older
1
2
3
4
5
ARM Trusted Firmware User Guide
===============================

Contents :

6
7
8
1.  [Introduction](#1--introduction)
2.  [Host machine requirements](#2--host-machine-requirements)
3.  [Tools](#3--tools)
9
10
4.  [Getting the Trusted Firmware source code](#4--getting-the-trusted-firmware-source-code)
5.  [Building the Trusted Firmware](#5--building-the-trusted-firmware)
11
6.  [Building a FIP for Juno and FVP](#6--building-a-fip-for-juno-and-fvp)
12
7.  [EL3 payloads alternative boot flow](#7--el3-payloads-alternative-boot-flow)
13
8.  [Preloaded BL33 alternative boot flow](#8--preloaded-bl33-alternative-boot-flow)
14
15
9.  [Running the software on FVP](#9--running-the-software-on-fvp)
10. [Running the software on Juno](#10--running-the-software-on-juno)
16
17
18
19


1.  Introduction
----------------
20

21
This document describes how to build ARM Trusted Firmware (TF) and run it with a
22
23
24
25
tested set of other software components using defined configurations on the Juno
ARM development platform and ARM Fixed Virtual Platform (FVP) models. It is
possible to use other software components, configurations and platforms but that
is outside the scope of this document.
26

27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
This document assumes that the reader has previous experience running a fully
bootable Linux software stack on Juno or FVP using the prebuilt binaries and
filesystems provided by [Linaro][Linaro Release Notes]. Further information may
be found in the [Instructions for using the Linaro software deliverables][Linaro
SW Instructions]. It also assumes that the user understands the role of the
different software components required to boot a Linux system:

*   Specific firmware images required by the platform (e.g. SCP firmware on Juno)
*   Normal world bootloader (e.g. UEFI or U-Boot)
*   Device tree
*   Linux kernel image
*   Root filesystem

This document also assumes that the user is familiar with the FVP models and
the different command line options available to launch the model.

This document should be used in conjunction with the [Firmware Design].
44
45


46
47
2.  Host machine requirements
-----------------------------
48

49
The minimum recommended machine specification for building the software and
50
51
52
running the FVP models is a dual-core processor running at 2GHz with 12GB of
RAM.  For best performance, use a machine with a quad-core processor running at
2.6GHz with 16GB of RAM.
53

54
55
56
The software has been tested on Ubuntu 14.04 LTS (64-bit). Packages used for
building the software were installed from that distribution unless otherwise
specified.
57

58
59
60
The software has also been built on Windows 7 Enterprise SP1, using CMD.EXE,
Cygwin, and Msys (MinGW) shells, using version 4.9.1 of the GNU toolchain.

61
62
3.  Tools
---------
63

64
65
Install the required packages to build Trusted Firmware with the following
command:
66

67
    sudo apt-get install build-essential gcc make git libssl-dev
68

69
70
Download and install the AArch64 little-endian GCC cross compiler as indicated
in the [Linaro instructions][Linaro SW Instructions].
71

72
In addition, the following optional packages and tools may be needed:
73

74
75
*   `device-tree-compiler` package if you need to rebuild the Flattened Device
    Tree (FDT) source files (`.dts` files) provided with this software.
76

77
*   For debugging, ARM [Development Studio 5 (DS-5)][DS-5].
78
79


80
81
4.  Getting the Trusted Firmware source code
--------------------------------------------
82

83
Download the Trusted Firmware source code from Github:
84

85
    git clone https://github.com/ARM-software/arm-trusted-firmware.git
86

87
88
89
90

5.  Building the Trusted Firmware
---------------------------------

91
92
*   Before building Trusted Firmware, the environment variable `CROSS_COMPILE`
    must point to the Linaro cross compiler:
93

94
        export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu-
95

96
*   Change to the root directory of the Trusted Firmware source tree and build:
97

98
        make PLAT=<platform> all
99

100
    Notes:
101

102
103
104
    *   If `PLAT` is not specified, `fvp` is assumed by default. See the
        "Summary of build options" for more information on available build
        options.
105

106
107
108
    *   The TSP (Test Secure Payload), corresponding to the BL32 image, is not
        compiled in by default. Refer to the "Building the Test Secure Payload"
        section below.
109

110
111
    *   By default this produces a release version of the build. To produce a
        debug version instead, refer to the "Debugging options" section below.
112

113
114
115
116
    *   The build process creates products in a `build` directory tree, building
        the objects and binaries for each boot loader stage in separate
        sub-directories.  The following boot loader binary files are created
        from the corresponding ELF files:
117

118
119
120
        *   `build/<platform>/<build-type>/bl1.bin`
        *   `build/<platform>/<build-type>/bl2.bin`
        *   `build/<platform>/<build-type>/bl31.bin`
121

122
123
124
        where `<platform>` is the name of the chosen platform and `<build-type>`
        is either `debug` or `release`. The actual number of images might differ
        depending on the platform.
125

126
*   Build products for a specific build variant can be removed using:
127

128
        make DEBUG=<D> PLAT=<platform> clean
129
130
131
132
133
134

    ... where `<D>` is `0` or `1`, as specified when building.

    The build tree can be removed completely using:

        make realclean
135

136
137
138
139
140
141
142
143
144
### Summary of build options

ARM Trusted Firmware build system supports the following build options. Unless
mentioned otherwise, these options are expected to be specified at the build
command line and are not to be modified in any component makefiles. Note that
the build system doesn't track dependency for build options. Therefore, if any
of the build options are changed from a previous build, a clean build must be
performed.

145
146
#### Common build options

147
148
*   `SCP_BL2`: Path to SCP_BL2 image in the host file system. This image is optional.
    If a SCP_BL2 image is present then this option must be passed for the `fip`
149
    target.
150

151
*   `BL33`: Path to BL33 image in the host file system. This is mandatory for
152
153
154
155
156
157
158
    `fip` target in case the BL2 from ARM Trusted Firmware is used.

*   `BL2`: This is an optional build option which specifies the path to BL2
    image for the `fip` target. In this case, the BL2 in the ARM Trusted
    Firmware will not be built.

*   `BL31`:  This is an optional build option which specifies the path to
159
    BL31 image for the `fip` target. In this case, the BL31 in the ARM
160
161
162
    Trusted Firmware will not be built.

*   `BL32`:  This is an optional build option which specifies the path to
163
    BL32 image for the `fip` target. In this case, the BL32 in the ARM
164
    Trusted Firmware will not be built.
165

166
167
168
*   `FIP_NAME`: This is an optional build option which specifies the FIP
    filename for the `fip` target. Default is `fip.bin`.

169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
*   `FWU_FIP_NAME`: This is an optional build option which specifies the FWU
    FIP filename for the `fwu_fip` target. Default is `fwu_fip.bin`.

*   `BL2U`:  This is an optional build option which specifies the path to
    BL2U image. In this case, the BL2U in the ARM Trusted Firmware will not
    be built.

*   `SCP_BL2U`: Path to SCP_BL2U image in the host file system. This image is
    optional. It is only needed if the platform makefile specifies that it
    is required in order to build the `fwu_fip` target.

*   `NS_BL2U`: Path to NS_BL2U image in the host file system. This image is
    optional. It is only needed if the platform makefile specifies that it
    is required in order to build the `fwu_fip` target.

184
*   `DEBUG`: Chooses between a debug and release build. It can take either 0
185
    (release) or 1 (debug) as values. 0 is the default.
186

187
188
189
190
191
192
193
194
195
196
197
198
199
*   `LOG_LEVEL`: Chooses the log level, which controls the amount of console log
    output compiled into the build. This should be one of the following:

        0  (LOG_LEVEL_NONE)
        10 (LOG_LEVEL_NOTICE)
        20 (LOG_LEVEL_ERROR)
        30 (LOG_LEVEL_WARNING)
        40 (LOG_LEVEL_INFO)
        50 (LOG_LEVEL_VERBOSE)

    All log output up to and including the log level is compiled into the build.
    The default value is 40 in debug builds and 20 in release builds.

200
201
*   `NS_TIMER_SWITCH`: Enable save and restore for non-secure timer register
    contents upon world switch. It can take either 0 (don't save and restore) or
202
203
    1 (do save and restore). 0 is the default. An SPD may set this to 1 if it
    wants the timer registers to be saved and restored.
204

205
*   `PLAT`: Choose a platform to build ARM Trusted Firmware for. The chosen
206
207
    platform name must be subdirectory of any depth under `plat/`, and must
    contain a platform makefile named `platform.mk`.
208

209
210
211
212
*   `ARCH` : Choose the target build architecture for ARM Trusted Firmware.
    It can take either `aarch64` or `aarch32` as values. By default, it is
    defined to `aarch64`.

213
*   `SPD`: Choose a Secure Payload Dispatcher component to be built into the
214
215
216
    Trusted Firmware. This build option is only valid if `ARCH=aarch64`. The
    value should be the path to the directory containing the SPD source,
    relative to `services/spd/`; the directory is expected to
217
    contain a makefile called `<spd-value>.mk`.
218

219
220
221
222
223
*   `AARCH32_SP` : Choose the AArch32 Secure Payload component to be built as
    as the BL32 image when `ARCH=aarch32`. The value should be the path to the
    directory containing the SP source, relative to the `bl32/`; the directory
    is expected to contain a makefile called `<aarch32_sp-value>.mk`.

224
*   `V`: Verbose build. If assigned anything other than 0, the build commands
225
    are printed. Default is 0.
226

227
228
*   `ARM_GIC_ARCH`: Choice of ARM GIC architecture version used by the ARM
    Legacy GIC driver for implementing the platform GIC API. This API is used
229
    by the interrupt management framework. Default is 2 (that is, version 2.0).
230
    This build option is deprecated.
231

232
233
234
235
*   `ARM_CCI_PRODUCT_ID`: Choice of ARM CCI product used by the platform. This
    is used to determine the number of valid slave interfaces available in the
    ARM CCI driver. Default is 400 (that is, CCI-400).

236
*   `RESET_TO_BL31`: Enable BL31 entrypoint as the CPU reset vector instead
237
    of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
238
    entrypoint) or 1 (CPU reset to BL31 entrypoint).
239
240
    The default value is 0.

241
242
*   `CRASH_REPORTING`: A non-zero value enables a console dump of processor
    register state when an unexpected exception occurs during execution of
243
    BL31. This option defaults to the value of `DEBUG` - i.e. by default
244
    this is only enabled for a debug build of the firmware.
245

246
247
*   `ASM_ASSERTION`: This flag determines whether the assertion checks within
    assembly source files are enabled or not. This option defaults to the
248
    value of `DEBUG` - that is, by default this is only enabled for a debug
249
250
    build of the firmware.

251
252
253
254
*   `TSP_INIT_ASYNC`: Choose BL32 initialization method as asynchronous or
    synchronous, (see "Initializing a BL32 Image" section in [Firmware
    Design]). It can take the value 0 (BL32 is initialized using
    synchronous method) or 1 (BL32 is initialized using asynchronous method).
255
256
    Default is 0.

257
258
259
260
261
262
*   `USE_COHERENT_MEM`: This flag determines whether to include the coherent
    memory region in the BL memory map or not (see "Use of Coherent memory in
    Trusted Firmware" section in [Firmware Design]). It can take the value 1
    (Coherent memory region is included) or 0 (Coherent memory region is
    excluded). Default is 1.

263
264
265
266
267
268
269
*   `TSP_NS_INTR_ASYNC_PREEMPT`: A non zero value enables the interrupt
    routing model which routes non-secure interrupts asynchronously from TSP
    to EL3 causing immediate preemption of TSP. The EL3 is responsible
    for saving and restoring the TSP context in this routing model. The
    default routing model (when the value is 0) is to route non-secure
    interrupts to TSP allowing it to save its context and hand over
    synchronously to EL3 via an SMC.
270

271
272
*   `TRUSTED_BOARD_BOOT`: Boolean flag to include support for the Trusted Board
    Boot feature. When set to '1', BL1 and BL2 images include support to load
273
274
275
276
    and verify the certificates and images in a FIP, and BL1 includes support
    for the Firmware Update. The default value is '0'. Generation and inclusion
    of certificates in the FIP and FWU_FIP depends upon the value of the
    `GENERATE_COT` option.
277
278
279

*   `GENERATE_COT`: Boolean flag used to build and execute the `cert_create`
    tool to create certificates as per the Chain of Trust described in
dp-arm's avatar
dp-arm committed
280
    [Trusted Board Boot].  The build system then calls `fiptool` to
281
    include the certificates in the FIP and FWU_FIP. Default value is '0'.
282

283
284
285
286
    Specify both `TRUSTED_BOARD_BOOT=1` and `GENERATE_COT=1` to include support
    for the Trusted Board Boot feature in the BL1 and BL2 images, to generate
    the corresponding certificates, and to include those certificates in the
    FIP and FWU_FIP.
287
288
289

    Note that if `TRUSTED_BOARD_BOOT=0` and `GENERATE_COT=1`, the BL1 and BL2
    images will not include support for Trusted Board Boot. The FIP will still
290
    include the corresponding certificates. This FIP can be used to verify the
291
292
293
    Chain of Trust on the host machine through other mechanisms.

    Note that if `TRUSTED_BOARD_BOOT=1` and `GENERATE_COT=0`, the BL1 and BL2
294
295
    images will include support for Trusted Board Boot, but the FIP and FWU_FIP
    will not include the corresponding certificates, causing a boot failure.
296
297
298
299
300

*   `CREATE_KEYS`: This option is used when `GENERATE_COT=1`. It tells the
    certificate generation tool to create new keys in case no valid keys are
    present or specified. Allowed options are '0' or '1'. Default is '1'.

301
302
303
304
305
306
307
*   `SAVE_KEYS`: This option is used when `GENERATE_COT=1`. It tells the
    certificate generation tool to save the keys used to establish the Chain of
    Trust. Allowed options are '0' or '1'. Default is '0' (do not save).

    Note: This option depends on 'CREATE_KEYS' to be enabled. If the keys
    already exist in disk, they will be overwritten without further notice.

308
*   `ROT_KEY`: This option is used when `GENERATE_COT=1`. It specifies the
309
310
    file that contains the ROT private key in PEM format. If `SAVE_KEYS=1`, this
    file name will be used to save the key.
311
312
313

*   `TRUSTED_WORLD_KEY`: This option is used when `GENERATE_COT=1`. It
    specifies the file that contains the Trusted World private key in PEM
314
    format. If `SAVE_KEYS=1`, this file name will be used to save the key.
315
316
317

*   `NON_TRUSTED_WORLD_KEY`: This option is used when `GENERATE_COT=1`. It
    specifies the file that contains the Non-Trusted World private key in PEM
318
    format. If `SAVE_KEYS=1`, this file name will be used to save the key.
319

320
321
*   `SCP_BL2_KEY`: This option is used when `GENERATE_COT=1`. It specifies the
    file that contains the SCP_BL2 private key in PEM format. If `SAVE_KEYS=1`,
322
    this file name will be used to save the key.
323
324

*   `BL31_KEY`: This option is used when `GENERATE_COT=1`. It specifies the
325
    file that contains the BL31 private key in PEM format. If `SAVE_KEYS=1`,
326
    this file name will be used to save the key.
327
328

*   `BL32_KEY`: This option is used when `GENERATE_COT=1`. It specifies the
329
    file that contains the BL32 private key in PEM format. If `SAVE_KEYS=1`,
330
    this file name will be used to save the key.
331
332

*   `BL33_KEY`: This option is used when `GENERATE_COT=1`. It specifies the
333
    file that contains the BL33 private key in PEM format. If `SAVE_KEYS=1`,
334
    this file name will be used to save the key.
335

336
337
*   `PROGRAMMABLE_RESET_ADDRESS`: This option indicates whether the reset
    vector address can be programmed or is fixed on the platform. It can take
338
339
340
    either 0 (fixed) or 1 (programmable). Default is 0. If the platform has a
    programmable reset address, it is expected that a CPU will start executing
    code directly at the right address, both on a cold and warm reset. In this
341
342
343
    case, there is no need to identify the entrypoint on boot and the boot path
    can be optimised. The `plat_get_my_entrypoint()` platform porting interface
    does not need to be implemented in this case.
344

345
346
347
348
349
350
351
352
*   `COLD_BOOT_SINGLE_CPU`: This option indicates whether the platform may
    release several CPUs out of reset. It can take either 0 (several CPUs may be
    brought up) or 1 (only one CPU will ever be brought up during cold reset).
    Default is 0. If the platform always brings up a single CPU, there is no
    need to distinguish between primary and secondary CPUs and the boot path can
    be optimised. The `plat_is_my_cpu_primary()` and
    `plat_secondary_cold_boot_setup()` platform porting interfaces do not need
    to be implemented in this case.
353

354
355
356
357
358
359
360
361
362
*   `PSCI_EXTENDED_STATE_ID`: As per PSCI1.0 Specification, there are 2 formats
    possible for the PSCI power-state parameter viz original and extended
    State-ID formats. This flag if set to 1, configures the generic PSCI layer
    to use the extended format. The default value of this flag is 0, which
    means by default the original power-state format is used by the PSCI
    implementation. This flag should be specified by the platform makefile
    and it governs the return value of PSCI_FEATURES API for CPU_SUSPEND
    smc function id.

363
364
365
366
*   `ERROR_DEPRECATED`: This option decides whether to treat the usage of
    deprecated platform APIs, helper functions or drivers within Trusted
    Firmware as error. It can take the value 1 (flag the use of deprecated
    APIs as error) or 0. The default is 0.
367

368
369
370
*   `SPIN_ON_BL1_EXIT`: This option introduces an infinite loop in BL1. It can
    take either 0 (no loop) or 1 (add a loop). 0 is the default. This loop stops
    execution in BL1 just before handing over to BL31. At this point, all
371
372
    firmware images have been loaded in memory, and the MMU and caches are
    turned off. Refer to the "Debugging options" section for more details.
373

374
375
376
377
*   `EL3_PAYLOAD_BASE`: This option enables booting an EL3 payload instead of
    the normal boot flow. It must specify the entry point address of the EL3
    payload. Please refer to the "Booting an EL3 payload" section for more
    details.
378

379
380
381
*   `PRELOADED_BL33_BASE`: This option enables booting a preloaded BL33 image
    instead of the normal boot flow. When defined, it must specify the entry
    point address for the preloaded BL33 image. This option is incompatible with
382
    `EL3_PAYLOAD_BASE`. If both are defined, `EL3_PAYLOAD_BASE` has priority
383
    over `PRELOADED_BL33_BASE`.
384

385
386
387
388
389
*   `PL011_GENERIC_UART`: Boolean option to indicate the PL011 driver that
    the underlying hardware is not a full PL011 UART but a minimally compliant
    generic UART, which is a subset of the PL011. The driver will not access
    any register that is not part of the SBSA generic UART specification.
    Default value is 0 (a full PL011 compliant UART is present).
390

391
392
393
394
395
396
*   `CTX_INCLUDE_AARCH32_REGS` : Boolean option that, when set to 1, will cause
    the AArch32 system registers to be included when saving and restoring the
    CPU context. The option must be set to 0 for AArch64-only platforms (that
    is on hardware that does not implement AArch32, or at least not at EL1 and
    higher ELs). Default value is 1.

397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
*   `CTX_INCLUDE_FPREGS`: Boolean option that, when set to 1, will cause the FP
    registers to be included when saving and restoring the CPU context. Default
    is 0.

*   `DISABLE_PEDANTIC`: When set to 1 it will disable the -pedantic option in
    the GCC command line. Default is 0.

*   `BUILD_STRING`: Input string for VERSION_STRING, which allows the TF build
    to be uniquely identified. Defaults to the current git commit id.

*   `VERSION_STRING`: String used in the log output for each TF image. Defaults
    to a string formed by concatenating the version number, build type and build
    string.

*   `BUILD_MESSAGE_TIMESTAMP`: String used to identify the time and date of the
    compilation of each build. It must be set to a C string (including quotes
    where applicable). Defaults to a string that contains the time and date of
    the compilation.

416
417
418
*   `HANDLE_EA_EL3_FIRST`: When defined External Aborts and SError Interrupts
    will be always trapped in EL3 i.e. in BL31 at runtime.

419
420
421
*   `ENABLE_PMF`: Boolean option to enable support for optional Performance
     Measurement Framework(PMF). Default is 0.

422
423
424
425
426
*   `ENABLE_PSCI_STAT`: Boolean option to enable support for optional PSCI
     functions `PSCI_STAT_RESIDENCY` and `PSCI_STAT_COUNT`. Default is 0.
     Enabling this option enables the `ENABLE_PMF` build option as well.
     The PMF is used for collecting the statistics.

427
428
429
430
431
432
*   `SEPARATE_CODE_AND_RODATA`: Whether code and read-only data should be
    isolated on separate memory pages. This is a trade-off between security and
    memory usage. See "Isolating code and read-only data on separate memory
    pages" section in [Firmware Design]. This flag is disabled by default and
    affects all BL images.

433
434
435
436
437
438
*   `LOAD_IMAGE_V2`: Boolean option to enable support for new version (v2) of
    image loading, which provides more flexibility and scalability around what
    images are loaded and executed during boot. Default is 0.
    Note: `TRUSTED_BOARD_BOOT` is currently not supported when `LOAD_IMAGE_V2`
    is enabled.

439
#### ARM development platform specific build options
440

441
*   `ARM_TSP_RAM_LOCATION`: location of the TSP binary. Options:
442
    -   `tsram` : Trusted SRAM (default option)
443
    -   `tdram` : Trusted DRAM (if available)
444
    -   `dram`  : Secure region in DRAM (configured by the TrustZone controller)
445

446
447
For a better understanding of these options, the ARM development platform memory
map is explained in the [Firmware Design].
448

449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
*   `ARM_ROTPK_LOCATION`: used when `TRUSTED_BOARD_BOOT=1`. It specifies the
    location of the ROTPK hash returned by the function `plat_get_rotpk_info()`
    for ARM platforms. Depending on the selected option, the proper private key
    must be specified using the `ROT_KEY` option when building the Trusted
    Firmware. This private key will be used by the certificate generation tool
    to sign the BL2 and Trusted Key certificates. Available options for
    `ARM_ROTPK_LOCATION` are:

    -   `regs` : return the ROTPK hash stored in the Trusted root-key storage
        registers. The private key corresponding to this ROTPK hash is not
        currently available.
    -   `devel_rsa` : return a development public key hash embedded in the BL1
        and BL2 binaries. This hash has been obtained from the RSA public key
        `arm_rotpk_rsa.der`, located in `plat/arm/board/common/rotpk`. To use
        this option, `arm_rotprivk_rsa.pem` must be specified as `ROT_KEY` when
        creating the certificates.

466
467
468
469
470
471
472
473
*   `ARM_RECOM_STATE_ID_ENC`: The PSCI1.0 specification recommends an encoding
    for the construction of composite state-ID in the power-state parameter.
    The existing PSCI clients currently do not support this encoding of
    State-ID yet. Hence this flag is used to configure whether to use the
    recommended State-ID encoding or not. The default value of this flag is 0,
    in which case the platform is configured to expect NULL in the State-ID
    field of power-state parameter.

474
475
476
477
478
479
480
481
*   `ARM_DISABLE_TRUSTED_WDOG`: boolean option to disable the Trusted Watchdog.
    By default, ARM platforms use a watchdog to trigger a system reset in case
    an error is encountered during the boot process (for example, when an image
    could not be loaded or authenticated). The watchdog is enabled in the early
    platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
    Trusted Watchdog may be disabled at build time for testing or development
    purposes.

482
483
484
485
486
487
*   `ARM_CONFIG_CNTACR`: boolean option to unlock access to the CNTBase<N>
    frame registers by setting the CNTCTLBase.CNTACR<N> register bits. The
    frame number <N> is defined by 'PLAT_ARM_NSTIMER_FRAME_ID', which should
    match the frame used by the Non-Secure image (normally the Linux kernel).
    Default is true (access to the frame is allowed).

488
489
490
491
492
493
494
*   `ARM_BOARD_OPTIMISE_MEM`: Boolean option to enable or disable optimisation
    of the memory reserved for each image. This affects the maximum size of each
    BL image as well as the number of allocated memory regions and translation
    tables. By default this flag is 0, which means it uses the default
    unoptimised values for these macros. ARM development platforms that wish to
    optimise memory usage need to set this flag to 1 and must override the
    related macros.
495

David Wang's avatar
David Wang committed
496
497
498
499
500
501
*   'ARM_BL31_IN_DRAM': Boolean option to select loading of BL31 in TZC secured
    DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
    BL31 in TZC secured DRAM. If TSP is present, then setting this option also
    sets the TSP location to DRAM and ignores the `ARM_TSP_RAM_LOCATION` build
    flag.

502
503
504
505
506
507
508
509
510
#### ARM CSS platform specific build options

*   `CSS_DETECT_PRE_1_7_0_SCP`: Boolean flag to detect SCP version
    incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
    compatible change to the MTL protocol, used for AP/SCP communication.
    Trusted Firmware no longer supports earlier SCP versions. If this option is
    set to 1 then Trusted Firmware will detect if an earlier version is in use.
    Default is 1.

511
512
513
514
*   `CSS_LOAD_SCP_IMAGES`: Boolean flag, which when set, adds SCP_BL2 and
    SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
    during boot. Default is 1.

515
516
517
518
519
#### ARM FVP platform specific build options

*   `FVP_USE_GIC_DRIVER`   : Selects the GIC driver to be built. Options:
    -    `FVP_GICV2`       : The GICv2 only driver is selected
    -    `FVP_GICV3`       : The GICv3 only driver is selected (default option)
520
521
522
523
    -    `FVP_GICV3_LEGACY`: The Legacy GICv3 driver is selected (deprecated)
          Note: If Trusted Firmware is compiled with this option on FVPs with
          GICv3 hardware, then it configures the hardware to run in GICv2
          emulation mode
524

525
526
527
528
529
*   `FVP_CLUSTER_COUNT`    : Configures the cluster count to be used to
     build the topology tree within Trusted Firmware. By default the
     Trusted Firmware is configured for dual cluster topology and this option
     can be used to override the default value.

530
531
532
*   `FVP_USE_SP804_TIMER`  : Use the SP804 timer instead of the Generic Timer
     for functions that wait for an arbitrary time length (udelay and mdelay).
     The default value is 0.
533

534
535
536
537
538
539
540
541
*    `FVP_INTERCONNECT_DRIVER`: Selects the interconnect driver to be built. The
     default interconnect driver depends on the value of `FVP_CLUSTER_COUNT` as
     explained in the options below:
     -    `FVP_CCI`           : The CCI driver is selected. This is the default
                                if 0 < `FVP_CLUSTER_COUNT` <= 2.
     -    `FVP_CCN`           : The CCN driver is selected. This is the default
                                if `FVP_CLUSTER_COUNT` > 2.

542
### Debugging options
543
544
545

To compile a debug version and make the build more verbose use

546
    make PLAT=<platform> DEBUG=1 V=1 all
547
548
549
550
551
552
553
554
555
556
557

AArch64 GCC uses DWARF version 4 debugging symbols by default. Some tools (for
example DS-5) might not support this and may need an older version of DWARF
symbols to be emitted by GCC. This can be achieved by using the
`-gdwarf-<version>` flag, with the version being set to 2 or 3. Setting the
version to 2 is recommended for DS-5 versions older than 5.16.

When debugging logic problems it might also be useful to disable all compiler
optimizations by using `-O0`.

NOTE: Using `-O0` could cause output images to be larger and base addresses
558
559
might need to be recalculated (see the **Memory layout on ARM development
platforms** section in the [Firmware Design]).
560
561
562

Extra debug options can be passed to the build system by setting `CFLAGS`:

563
    CFLAGS='-O0 -gdwarf-2'                                     \
564
    make PLAT=<platform> DEBUG=1 V=1 all
565

566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
It is also possible to introduce an infinite loop to help in debugging the
post-BL2 phase of the Trusted Firmware. This can be done by rebuilding BL1 with
the `SPIN_ON_BL1_EXIT=1` build flag. Refer to the "Summary of build options"
section. In this case, the developer may take control of the target using a
debugger when indicated by the console output. When using DS-5, the following
commands can be used:

    # Stop target execution
    interrupt

    #
    # Prepare your debugging environment, e.g. set breakpoints
    #

    # Jump over the debug loop
    set var $AARCH64::$Core::$PC = $AARCH64::$Core::$PC + 4

    # Resume execution
    continue
585

586

587
588
### Building the Test Secure Payload

589
590
The TSP is coupled with a companion runtime service in the BL31 firmware,
called the TSPD. Therefore, if you intend to use the TSP, the BL31 image
591
592
593
594
must be recompiled as well. For more information on SPs and SPDs, see the
"Secure-EL1 Payloads and Dispatchers" section in the [Firmware Design].

First clean the Trusted Firmware build directory to get rid of any previous
595
BL31 binary. Then to build the TSP image use:
596

597
    make PLAT=<platform> SPD=tspd all
598
599
600

An additional boot loader binary file is created in the `build` directory:

601
    `build/<platform>/<build-type>/bl32.bin`
602
603


604
605
606
607
608
609
### Checking source code style

When making changes to the source for submission to the project, the source
must be in compliance with the Linux style guide, and to assist with this check
the project Makefile contains two targets, which both utilise the
`checkpatch.pl` script that ships with the Linux source tree.
610

611
612
613
To check the entire source tree, you must first download a copy of
`checkpatch.pl` (or the full Linux source), set the `CHECKPATCH` environment
variable to point to the script and build the target checkcodebase:
614

615
    make CHECKPATCH=<path-to-linux>/linux/scripts/checkpatch.pl checkcodebase
616

617
618
To just check the style on the files that differ between your local branch and
the remote master, use:
619

620
    make CHECKPATCH=<path-to-linux>/linux/scripts/checkpatch.pl checkpatch
621

622
623
624
If you wish to check your patch against something other than the remote master,
set the `BASE_COMMIT` variable to your desired branch. By default, `BASE_COMMIT`
is set to `origin/master`.
625
626


627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
### Building and using the FIP tool

Firmware Image Package (FIP) is a packaging format used by the Trusted Firmware
project to package firmware images in a single binary. The number and type of
images that should be packed in a FIP is platform specific and may include TF
images and other firmware images required by the platform. For example, most
platforms require a BL33 image which corresponds to the normal world bootloader
(e.g. UEFI or U-Boot).

The TF build system provides the make target `fip` to create a FIP file for the
specified platform using the FIP creation tool included in the TF project. For
example, to build a FIP file for FVP, packaging TF images and a BL33 image:

    make PLAT=fvp BL33=<path/to/bl33.bin> fip

The resulting FIP may be found in:

    `build/fvp/<build-type>/fip.bin`

For advanced operations on FIP files, it is also possible to independently build
the tool and create or modify FIPs using this tool. To do this, follow these
steps:

It is recommended to remove old artifacts before building the tool:

dp-arm's avatar
dp-arm committed
652
    make -C tools/fiptool clean
653
654
655
656
657
658
659

Build the tool:

    make [DEBUG=1] [V=1] fiptool

The tool binary can be located in:

dp-arm's avatar
dp-arm committed
660
    ./tools/fiptool/fiptool
661
662
663
664
665
666

Invoking the tool with `--help` will print a help message with all available
options.

Example 1: create a new Firmware package `fip.bin` that contains BL2 and BL31:

dp-arm's avatar
dp-arm committed
667
    ./tools/fiptool/fiptool create \
668
669
670
671
672
673
        --tb-fw build/<platform>/<build-type>/bl2.bin \
        --soc-fw build/<platform>/<build-type>/bl31.bin \
        fip.bin

Example 2: view the contents of an existing Firmware package:

dp-arm's avatar
dp-arm committed
674
    ./tools/fiptool/fiptool info <path-to>/fip.bin
675
676
677
678

Example 3: update the entries of an existing Firmware package:

    # Change the BL2 from Debug to Release version
dp-arm's avatar
dp-arm committed
679
    ./tools/fiptool/fiptool update \
680
681
682
683
684
685
        --tb-fw build/<platform>/release/bl2.bin \
        build/<platform>/debug/fip.bin

Example 4: unpack all entries from an existing Firmware package:

    # Images will be unpacked to the working directory
dp-arm's avatar
dp-arm committed
686
687
688
689
690
691
692
693
694
695
696
697
    ./tools/fiptool/fiptool unpack <path-to>/fip.bin

Example 5: remove an entry from an existing Firmware package:

    ./tools/fiptool/fiptool remove \
        --tb-fw build/<platform>/debug/fip.bin

Note that if the destination FIP file exists, the create, update and
remove operations will automatically overwrite it.

The unpack operation will fail if the images already exist at the
destination.  In that case, use -f or --force to continue.
698
699
700

More information about FIP can be found in the [Firmware Design document]
[Firmware Design].
701

dp-arm's avatar
dp-arm committed
702
703
704
705
706
707
708
709
710
711
#### Migrating from fip_create to fiptool

The previous version of fiptool was called fip_create.  A compatibility script
that emulates the basic functionality of the previous fip_create is provided.
However, users are strongly encouraged to migrate to fiptool.

*   To create a new FIP file, replace "fip_create" with "fiptool create".
*   To update a FIP file, replace "fip_create" with "fiptool update".
*   To dump the contents of a FIP file, replace "fip_create --dump"
    with "fiptool info".
712

713
714
715
### Building FIP images with support for Trusted Board Boot

Trusted Board Boot primarily consists of the following two features:
716

717
718
719
720
721
*   Image Authentication, described in [Trusted Board Boot], and
*   Firmware Update, described in [Firmware Update]

The following steps should be followed to build FIP and (optionally) FWU_FIP
images with support for these features:
722

723
1.  Fulfill the dependencies of the `mbedtls` cryptographic and image parser
Juan Castillo's avatar
Juan Castillo committed
724
725
726
727
    modules by checking out a recent version of the [mbed TLS Repository]. It
    is important to use a version that is compatible with TF and fixes any
    known security vulnerabilities. See [mbed TLS Security Center] for more
    information. This version of TF is tested with tag `mbedtls-2.2.0`.
728

Juan Castillo's avatar
Juan Castillo committed
729
    The `drivers/auth/mbedtls/mbedtls_*.mk` files contain the list of mbed TLS
730
731
    source files the modules depend upon.
    `include/drivers/auth/mbedtls/mbedtls_config.h` contains the configuration
Juan Castillo's avatar
Juan Castillo committed
732
    options required to build the mbed TLS sources.
733

Juan Castillo's avatar
Juan Castillo committed
734
735
    Note that the mbed TLS library is licensed under the Apache version 2.0
    license. Using mbed TLS source code will affect the licensing of
736
737
    Trusted Firmware binaries that are built using this library.

738
739
2.  To build the FIP image, ensure the following command line variables are set
    while invoking `make` to build Trusted Firmware:
740

Juan Castillo's avatar
Juan Castillo committed
741
    *   `MBEDTLS_DIR=<path of the directory containing mbed TLS sources>`
742
743
744
    *   `TRUSTED_BOARD_BOOT=1`
    *   `GENERATE_COT=1`

745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
    In the case of ARM platforms, the location of the ROTPK hash must also be
    specified at build time. Two locations are currently supported (see
    `ARM_ROTPK_LOCATION` build option):

    *   `ARM_ROTPK_LOCATION=regs`: the ROTPK hash is obtained from the Trusted
        root-key storage registers present in the platform. On Juno, this
        registers are read-only. On FVP Base and Cortex models, the registers
        are read-only, but the value can be specified using the command line
        option `bp.trusted_key_storage.public_key` when launching the model.
        On both Juno and FVP models, the default value corresponds to an
        ECDSA-SECP256R1 public key hash, whose private part is not currently
        available.

    *   `ARM_ROTPK_LOCATION=devel_rsa`: use the ROTPK hash that is hardcoded
        in the ARM platform port. The private/public RSA key pair may be
        found in `plat/arm/board/common/rotpk`.

    Example of command line using RSA development keys:

Juan Castillo's avatar
Juan Castillo committed
764
        MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
765
766
767
        make PLAT=<platform> TRUSTED_BOARD_BOOT=1 GENERATE_COT=1        \
        ARM_ROTPK_LOCATION=devel_rsa                                    \
        ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem        \
768
        BL33=<path-to>/<bl33_image>                                     \
769
770
        all fip

771
772
773
774
    The result of this build will be the bl1.bin and the fip.bin binaries. This
    FIP will include the certificates corresponding to the Chain of Trust
    described in the TBBR-client document. These certificates can also be found
    in the output build directory.
775

776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
3.  The optional FWU_FIP contains any additional images to be loaded from
    Non-Volatile storage during the [Firmware Update] process. To build the
    FWU_FIP, any FWU images required by the platform must be specified on the
    command line. On ARM development platforms like Juno, these are:

    *   NS_BL2U. The AP non-secure Firmware Updater image.
    *   SCP_BL2U. The SCP Firmware Update Configuration image.

    Example of Juno command line for generating both `fwu` and `fwu_fip`
    targets using RSA development:

        MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
        make PLAT=juno TRUSTED_BOARD_BOOT=1 GENERATE_COT=1              \
        ARM_ROTPK_LOCATION=devel_rsa                                    \
        ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem        \
791
792
793
794
        BL33=<path-to>/<bl33_image>                                     \
        SCP_BL2=<path-to>/<scp_bl2_image>                               \
        SCP_BL2U=<path-to>/<scp_bl2u_image>                             \
        NS_BL2U=<path-to>/<ns_bl2u_image>                               \
795
796
797
798
799
800
801
802
803
804
805
806
807
808
        all fip fwu_fip

    Note:   The BL2U image will be built by default and added to the FWU_FIP.
            The user may override this by adding `BL2U=<path-to>/<bl2u_image>`
            to the command line above.

    Note:   Building and installing the non-secure and SCP FWU images (NS_BL1U,
            NS_BL2U and SCP_BL2U) is outside the scope of this document.

    The result of this build will be bl1.bin, fip.bin and fwu_fip.bin binaries.
    Both the FIP and FWU_FIP will include the certificates corresponding to the
    Chain of Trust described in the TBBR-client document. These certificates
    can also be found in the output build directory.

809

810
### Building the Certificate Generation Tool
811

812
813
814
The `cert_create` tool is built as part of the TF build process when the `fip`
make target is specified and TBB is enabled (as described in the previous
section), but it can also be built separately with the following command:
815

816
    make PLAT=<platform> [DEBUG=1] [V=1] certtool
817

818
819
820
Specifying the platform is mandatory since the tool is platform specific.
`DEBUG=1` builds the tool in debug mode. `V=1` makes the build process more
verbose. The following command should be used to obtain help about the tool:
821

822
    ./tools/cert_create/cert_create -h
823

824

825
826
6.  Building a FIP for Juno and FVP
-----------------------------------
827

828
829
830
831
This section provides Juno and FVP specific instructions to build Trusted
Firmware, obtain the additional required firmware, and pack it all together in
a single FIP binary. It assumes that a [Linaro Release][Linaro Release Notes]
has been installed.
832

833
834
835
Note: follow the full instructions for one platform before switching to a
different one. Mixing instructions for different platforms may result in
corrupted binaries.
836

837
1.  Clean the working directory
838

839
        make realclean
840

841
2.  Obtain SCP_BL2 (Juno) and BL33 (all platforms)
842

dp-arm's avatar
dp-arm committed
843
    Use the fiptool to extract the SCP_BL2 and BL33 images from the FIP
844
    package included in the Linaro release:
845

dp-arm's avatar
dp-arm committed
846
        # Build the fiptool
847
        make [DEBUG=1] [V=1] fiptool
848

849
        # Unpack firmware images from Linaro FIP
dp-arm's avatar
dp-arm committed
850
        ./tools/fiptool/fiptool unpack \
851
             <path/to/linaro/release>/fip.bin
852

853
854
855
    The unpack operation will result in a set of binary images extracted to the
    working directory. The SCP_BL2 image corresponds to `scp-fw.bin` and BL33
    corresponds to `nt-fw.bin`.
856

dp-arm's avatar
dp-arm committed
857
    Note: the fiptool will complain if the images to be unpacked already
858
859
    exist in the current directory. If that is the case, either delete those
    files or use the `--force` option to overwrite.
860

861
3.  Build TF images and create a new FIP
862

863
864
        # Juno
        make PLAT=juno SCP_BL2=scp-fw.bin BL33=nt-fw.bin all fip
865

866
867
        # FVP
        make PLAT=fvp BL33=nt-fw.bin all fip
868

869
The resulting BL1 and FIP images may be found in:
870

871
872
873
    # Juno
    ./build/juno/release/bl1.bin
    ./build/juno/release/fip.bin
874

875
876
877
    # FVP
    ./build/fvp/release/bl1.bin
    ./build/fvp/release/fip.bin
878

879

880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
7.  EL3 payloads alternative boot flow
--------------------------------------

On a pre-production system, the ability to execute arbitrary, bare-metal code at
the highest exception level is required. It allows full, direct access to the
hardware, for example to run silicon soak tests.

Although it is possible to implement some baremetal secure firmware from
scratch, this is a complex task on some platforms, depending on the level of
configuration required to put the system in the expected state.

Rather than booting a baremetal application, a possible compromise is to boot
`EL3 payloads` through the Trusted Firmware instead. This is implemented as an
alternative boot flow, where a modified BL2 boots an EL3 payload, instead of
loading the other BL images and passing control to BL31. It reduces the
complexity of developing EL3 baremetal code by:

*   putting the system into a known architectural state;
*   taking care of platform secure world initialization;
899
*   loading the SCP_BL2 image if required by the platform.
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915

When booting an EL3 payload on ARM standard platforms, the configuration of the
TrustZone controller is simplified such that only region 0 is enabled and is
configured to permit secure access only. This gives full access to the whole
DRAM to the EL3 payload.

The system is left in the same state as when entering BL31 in the default boot
flow. In particular:

*   Running in EL3;
*   Current state is AArch64;
*   Little-endian data access;
*   All exceptions disabled;
*   MMU disabled;
*   Caches disabled.

916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
### Booting an EL3 payload

The EL3 payload image is a standalone image and is not part of the FIP. It is
not loaded by the Trusted Firmware. Therefore, there are 2 possible scenarios:

*   The EL3 payload may reside in non-volatile memory (NVM) and execute in
    place. In this case, booting it is just a matter of specifying the right
    address in NVM through `EL3_PAYLOAD_BASE` when building the TF.

*   The EL3 payload needs to be loaded in volatile memory (e.g. DRAM) at
    run-time.

To help in the latter scenario, the `SPIN_ON_BL1_EXIT=1` build option can be
used. The infinite loop that it introduces in BL1 stops execution at the right
moment for a debugger to take control of the target and load the payload (for
example, over JTAG).

It is expected that this loading method will work in most cases, as a debugger
connection is usually available in a pre-production system. The user is free to
use any other platform-specific mechanism to load the EL3 payload, though.

#### Booting an EL3 payload on FVP

The EL3 payloads boot flow requires the CPU's mailbox to be cleared at reset for
the secondary CPUs holding pen to work properly. Unfortunately, its reset value
is undefined on the FVP platform and the FVP platform code doesn't clear it.
Therefore, one must modify the way the model is normally invoked in order to
clear the mailbox at start-up.

One way to do that is to create an 8-byte file containing all zero bytes using
the following command:

    dd if=/dev/zero of=mailbox.dat bs=1 count=8

and pre-load it into the FVP memory at the mailbox address (i.e. `0x04000000`)
using the following model parameters:

    --data cluster0.cpu0=mailbox.dat@0x04000000   [Base FVPs]
    --data=mailbox.dat@0x04000000                 [Foundation FVP]

To provide the model with the EL3 payload image, the following methods may be
used:

1.  If the EL3 payload is able to execute in place, it may be programmed into
    flash memory. On Base Cortex and AEM FVPs, the following model parameter
    loads it at the base address of the NOR FLASH1 (the NOR FLASH0 is already
    used for the FIP):

        -C bp.flashloader1.fname="/path/to/el3-payload"

    On Foundation FVP, there is no flash loader component and the EL3 payload
    may be programmed anywhere in flash using method 3 below.

2.  When using the `SPIN_ON_BL1_EXIT=1` loading method, the following DS-5
    command may be used to load the EL3 payload ELF image over JTAG:

        load /path/to/el3-payload.elf

3.  The EL3 payload may be pre-loaded in volatile memory using the following
    model parameters:

        --data cluster0.cpu0="/path/to/el3-payload"@address  [Base FVPs]
        --data="/path/to/el3-payload"@address                [Foundation FVP]

    The address provided to the FVP must match the `EL3_PAYLOAD_BASE` address
    used when building the Trusted Firmware.

#### Booting an EL3 payload on Juno

If the EL3 payload is able to execute in place, it may be programmed in flash
memory by adding an entry in the `SITE1/HBI0262x/images.txt` configuration file
on the Juno SD card (where `x` depends on the revision of the Juno board).
Refer to the [Juno Getting Started Guide], section 2.3 "Flash memory
programming" for more information.

Alternatively, the same DS-5 command mentioned in the FVP section above can
be used to load the EL3 payload's ELF file over JTAG on Juno.

994

995
996
997
998
999
1000
1001
1002
1003
8.  Preloaded BL33 alternative boot flow
----------------------------------------

Some platforms have the ability to preload BL33 into memory instead of relying
on Trusted Firmware to load it. This may simplify packaging of the normal world
code and improve performance in a development environment. When secure world
cold boot is complete, Trusted Firmware simply jumps to a BL33 base address
provided at build time.

1004
1005
1006
1007
For this option to be used, the `PRELOADED_BL33_BASE` build option has to be
used when compiling the Trusted Firmware. For example, the following command
will create a FIP without a BL33 and prepare to jump to a BL33 image loaded at
address 0x80000000:
1008

1009
    make PRELOADED_BL33_BASE=0x80000000 PLAT=fvp all fip
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030

#### Boot of a preloaded bootwrapped kernel image on Base FVP

The following example uses the AArch64 boot wrapper. This simplifies normal
world booting while also making use of TF features. It can be obtained from its
repository with:

    git clone git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git

After compiling it, an ELF file is generated. It can be loaded with the
following command:

    <path-to>/FVP_Base_AEMv8A-AEMv8A              \
        -C bp.secureflashloader.fname=bl1.bin     \
        -C bp.flashloader0.fname=fip.bin          \
        -a cluster0.cpu0=<bootwrapped-kernel.elf> \
        --start cluster0.cpu0=0x0

The `-a cluster0.cpu0=<bootwrapped-kernel.elf>` option loads the ELF file. It
also sets the PC register to the ELF entry point address, which is not the
desired behaviour, so the `--start cluster0.cpu0=0x0` option forces the PC back
1031
1032
to 0x0 (the BL1 entry point address) on CPU #0. The `PRELOADED_BL33_BASE` define
used when compiling the FIP must match the ELF entry point.
1033
1034
1035
1036
1037
1038
1039
1040
1041

#### Boot of a preloaded bootwrapped kernel image on Juno

The procedure to obtain and compile the boot wrapper is very similar to the case
of the FVP. Once compiled, the `SPIN_ON_BL1_EXIT=1` loading method explained
above in the EL3 payload boot flow section may be used to load the ELF file over
JTAG on Juno.


1042
1043
1044
1045
1046
1047
1048
9.  Running the software on FVP
-------------------------------

This version of the ARM Trusted Firmware has been tested on the following ARM
FVPs (64-bit versions only).

*   `Foundation_Platform` (Version 9.5, Build 9.5.40)
1049
1050
1051
1052
*   `FVP_Base_AEMv8A-AEMv8A` (Version 7.6, Build 0.8.7605)
*   `FVP_Base_Cortex-A57x4-A53x4` (Version 7.6, Build 0.8.7605)
*   `FVP_Base_Cortex-A57x1-A53x1` (Version 7.6, Build 0.8.7605)
*   `FVP_Base_Cortex-A57x2-A53x4` (Version 7.6, Build 0.8.7605)
1053
1054
1055
1056
1057
1058
1059

NOTE: The build numbers quoted above are those reported by launching the FVP
with the `--version` parameter. `Foundation_Platform` tarball for `--version`
9.5.40 is labeled as version 9.5.41.

NOTE: The software will not work on Version 1.0 of the Foundation FVP.
The commands below would report an `unhandled argument` error in this case.
1060

1061
1062
1063
1064
1065
1066
1067
1068
NOTE: The Foundation FVP does not provide a debugger interface.

The Foundation FVP is a cut down version of the AArch64 Base FVP. It can be
downloaded for free from [ARM's website][ARM FVP website].

Please refer to the FVP documentation for a detailed description of the model
parameter options. A brief description of the important ones that affect the ARM
Trusted Firmware and normal world software behavior is provided below.
1069

1070
### Obtaining the Flattened Device Trees
1071
1072

Depending on the FVP configuration and Linux configuration used, different
1073
FDT files are required. FDTs for the Foundation and Base FVPs can be found in
1074
the Trusted Firmware source directory under `fdts/`. The Foundation FVP has a
1075
subset of the Base FVP components. For example, the Foundation FVP lacks CLCD
1076
and MMC support, and has only one CPU cluster.
1077

1078
1079
1080
Note: It is not recommended to use the FDTs built along the kernel because not
all FDTs are available from there.

1081
1082
*   `fvp-base-gicv2-psci.dtb`

1083
    For use with both AEMv8 and Cortex-A57-A53 Base FVPs with
1084
    Base memory map configuration.
1085
1086
1087

*   `fvp-base-gicv3-psci.dtb`

1088
1089
    (Default) For use with both AEMv8 and Cortex-A57-A53 Base FVPs with Base
    memory map configuration and Linux GICv3 support.
1090

1091
1092
*   `fvp-foundation-gicv2-psci.dtb`

1093
    For use with Foundation FVP with Base memory map configuration.
1094
1095
1096

*   `fvp-foundation-gicv3-psci.dtb`

1097
1098
    (Default) For use with Foundation FVP with Base memory map configuration
    and Linux GICv3 support.
1099

1100
### Running on the Foundation FVP with reset to BL1 entrypoint
1101

1102
The following `Foundation_Platform` parameters should be used to boot Linux with
1103
1104
4 CPUs using the ARM Trusted Firmware.

1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
    <path-to>/Foundation_Platform                   \
    --cores=4                                       \
    --secure-memory                                 \
    --visualization                                 \
    --gicv3                                         \
    --data="<path-to>/<bl1-binary>"@0x0             \
    --data="<path-to>/<FIP-binary>"@0x08000000      \
    --data="<path-to>/<fdt>"@0x83000000             \
    --data="<path-to>/<kernel-binary>"@0x80080000   \
    --block-device="<path-to>/<file-system-image>"
1115

1116
1117
1118
1119
Notes:
*   BL1 is loaded at the start of the Trusted ROM.
*   The Firmware Image Package is loaded at the start of NOR FLASH0.
*   The Linux kernel image and device tree are loaded in DRAM.
1120
1121
1122
1123
*   The default use-case for the Foundation FVP is to use the `--gicv3` option
    and enable the GICv3 device in the model. Note that without this option,
    the Foundation FVP defaults to legacy (Versatile Express) memory map which
    is not supported by ARM Trusted Firmware.
1124
1125
1126
1127
1128

### Running on the AEMv8 Base FVP with reset to BL1 entrypoint

The following `FVP_Base_AEMv8A-AEMv8A` parameters should be used to boot Linux
with 8 CPUs using the ARM Trusted Firmware.
1129

1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
    <path-to>/FVP_Base_AEMv8A-AEMv8A                            \
    -C pctl.startup=0.0.0.0                                     \
    -C bp.secure_memory=1                                       \
    -C bp.tzc_400.diagnostics=1                                 \
    -C cluster0.NUM_CORES=4                                     \
    -C cluster1.NUM_CORES=4                                     \
    -C cache_state_modelled=1                                   \
    -C bp.secureflashloader.fname="<path-to>/<bl1-binary>"      \
    -C bp.flashloader0.fname="<path-to>/<FIP-binary>"           \
    --data cluster0.cpu0="<path-to>/<fdt>"@0x83000000           \
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
1141
    -C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
1142

1143
1144
### Running on the Cortex-A57-A53 Base FVP with reset to BL1 entrypoint

1145
1146
1147
The following `FVP_Base_Cortex-A57x4-A53x4` model parameters should be used to
boot Linux with 8 CPUs using the ARM Trusted Firmware.

1148
1149
1150
1151
1152
1153
1154
1155
1156
    <path-to>/FVP_Base_Cortex-A57x4-A53x4                       \
    -C pctl.startup=0.0.0.0                                     \
    -C bp.secure_memory=1                                       \
    -C bp.tzc_400.diagnostics=1                                 \
    -C cache_state_modelled=1                                   \
    -C bp.secureflashloader.fname="<path-to>/<bl1-binary>"      \
    -C bp.flashloader0.fname="<path-to>/<FIP-binary>"           \
    --data cluster0.cpu0="<path-to>/<fdt>"@0x83000000           \
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
1157
    -C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
1158

1159
### Running on the AEMv8 Base FVP with reset to BL31 entrypoint
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170

The following `FVP_Base_AEMv8A-AEMv8A` parameters should be used to boot Linux
with 8 CPUs using the ARM Trusted Firmware.

    <path-to>/FVP_Base_AEMv8A-AEMv8A                             \
    -C pctl.startup=0.0.0.0                                      \
    -C bp.secure_memory=1                                        \
    -C bp.tzc_400.diagnostics=1                                  \
    -C cluster0.NUM_CORES=4                                      \
    -C cluster1.NUM_CORES=4                                      \
    -C cache_state_modelled=1                                    \
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
    -C cluster0.cpu0.RVBAR=0x04023000                            \
    -C cluster0.cpu1.RVBAR=0x04023000                            \
    -C cluster0.cpu2.RVBAR=0x04023000                            \
    -C cluster0.cpu3.RVBAR=0x04023000                            \
    -C cluster1.cpu0.RVBAR=0x04023000                            \
    -C cluster1.cpu1.RVBAR=0x04023000                            \
    -C cluster1.cpu2.RVBAR=0x04023000                            \
    -C cluster1.cpu3.RVBAR=0x04023000                            \
    --data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04023000    \
    --data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000    \
1181
    --data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000    \
1182
1183
    --data cluster0.cpu0="<path-to>/<fdt>"@0x83000000            \
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000  \
1184
1185
    -C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"

1186
Notes:
1187

1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
*   Since a FIP is not loaded when using BL31 as reset entrypoint, the
    `--data="<path-to><bl31|bl32|bl33-binary>"@<base-address-of-binary>`
    parameter is needed to load the individual bootloader images in memory.
    BL32 image is only needed if BL31 has been built to expect a Secure-EL1
    Payload.

*   The `-C cluster<X>.cpu<Y>.RVBAR=@<base-address-of-bl31>` parameter, where
    X and Y are the cluster and CPU numbers respectively, is used to set the
    reset vector for each core.

*   Changing the default value of `ARM_TSP_RAM_LOCATION` will also require
    changing the value of
    `--data="<path-to><bl32-binary>"@<base-address-of-bl32>` to the new value of
    `BL32_BASE`.

### Running on the Cortex-A57-A53 Base FVP with reset to BL31 entrypoint
1204
1205
1206
1207
1208
1209
1210
1211
1212

The following `FVP_Base_Cortex-A57x4-A53x4` model parameters should be used to
boot Linux with 8 CPUs using the ARM Trusted Firmware.

    <path-to>/FVP_Base_Cortex-A57x4-A53x4                        \
    -C pctl.startup=0.0.0.0                                      \
    -C bp.secure_memory=1                                        \
    -C bp.tzc_400.diagnostics=1                                  \
    -C cache_state_modelled=1                                    \
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
    -C cluster0.cpu0.RVBARADDR=0x04023000                        \
    -C cluster0.cpu1.RVBARADDR=0x04023000                        \
    -C cluster0.cpu2.RVBARADDR=0x04023000                        \
    -C cluster0.cpu3.RVBARADDR=0x04023000                        \
    -C cluster1.cpu0.RVBARADDR=0x04023000                        \
    -C cluster1.cpu1.RVBARADDR=0x04023000                        \
    -C cluster1.cpu2.RVBARADDR=0x04023000                        \
    -C cluster1.cpu3.RVBARADDR=0x04023000                        \
    --data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04023000    \
    --data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000    \
1223
    --data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000    \
1224
1225
    --data cluster0.cpu0="<path-to>/<fdt>"@0x83000000            \
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000  \
1226
1227
    -C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"

1228

1229
10.  Running the software on Juno
1230
---------------------------------
1231

1232
This version of the ARM Trusted Firmware has been tested on Juno r0 and Juno r1.
1233

1234
1235
1236
1237
1238
To execute the software stack on Juno, the version of the Juno board recovery
image indicated in the [Linaro Release Notes] must be installed. If you have an
earlier version installed or are unsure which version is installed, please
re-install the recovery image by following the [Instructions for using Linaro's
deliverables on Juno][Juno Instructions].
1239

1240
### Preparing Trusted Firmware images
1241

1242
After building Trusted Firmware, the files `bl1.bin` and `fip.bin` need copying
1243
to the `SOFTWARE/` directory of the Juno SD card.
1244

1245
### Other Juno software information
1246

1247
1248
1249
1250
Please visit the [ARM Platforms Portal] to get support and obtain any other Juno
software information. Please also refer to the [Juno Getting Started Guide] to
get more detailed information about the Juno ARM development platform and how to
configure it.
1251

1252
1253
1254
### Testing SYSTEM SUSPEND on Juno

The SYSTEM SUSPEND is a PSCI API which can be used to implement system suspend
1255
1256
to RAM. For more details refer to section 5.16 of [PSCI]. To test system suspend
on Juno, at the linux shell prompt, issue the following command:
1257

1258
    echo +10 > /sys/class/rtc/rtc0/wakealarm
1259
1260
1261
1262
    echo -n mem > /sys/power/state

The Juno board should suspend to RAM and then wakeup after 10 seconds due to
wakeup interrupt from RTC.
1263

1264

1265
1266
- - - - - - - - - - - - - - - - - - - - - - - - - -

1267
_Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved._
1268
1269


1270
[Firmware Design]:             firmware-design.md
1271
[ARM FVP website]:             http://www.arm.com/fvp
1272
[Linaro Release Notes]:        https://community.arm.com/docs/DOC-10952#jive_content_id_Linaro_Release_1602
1273
1274
1275
[ARM Platforms Portal]:        https://community.arm.com/groups/arm-development-platforms
[Linaro SW Instructions]:      https://community.arm.com/docs/DOC-10803
[Juno Instructions]:           https://community.arm.com/docs/DOC-10804
1276
[FVP Instructions]:            https://community.arm.com/docs/DOC-10831
1277
[Juno Getting Started Guide]:  http://infocenter.arm.com/help/topic/com.arm.doc.dui0928e/DUI0928E_juno_arm_development_platform_gsg.pdf
1278
[DS-5]:                        http://www.arm.com/products/tools/software-tools/ds-5/index.php
Juan Castillo's avatar
Juan Castillo committed
1279
1280
[mbed TLS Repository]:         https://github.com/ARMmbed/mbedtls.git
[mbed TLS Security Center]:    https://tls.mbed.org/security
1281
[PSCI]:                        http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf "Power State Coordination Interface PDD (ARM DEN 0022C)"
1282
[Trusted Board Boot]:          trusted-board-boot.md
1283
[Firmware Update]:             ./firmware-update.md