• Sandrine Bailleux's avatar
    CSS: Enable booting of EL3 payloads · 4c117f6c
    Sandrine Bailleux authored
    This patch adds support for booting EL3 payloads on CSS platforms,
    for example Juno. In this scenario, the Trusted Firmware follows
    its normal boot flow up to the point where it would normally pass
    control to the BL31 image. At this point, it jumps to the EL3
    payload entry point address instead.
    
    Before handing over to the EL3 payload, the data SCP writes for AP
    at the beginning of the Trusted SRAM is restored, i.e. we zero the
    first 128 bytes and restore the SCP Boot configuration. The latter
    is saved before transferring the BL30 image to SCP and is restored
    just after the transfer (in BL2). The goal is to make it appear that
    the EL3 payload is the first piece of software to run on the target.
    
    The BL31 entrypoint info structure is updated to make the primary
    CPU jump to the EL3 payload instead of the BL31 image.
    
    The mailbox is populated with the EL3 payload entrypoint address,
    which releases the secondary CPUs out of their holding pen (if the
    SCP has powered them on). The arm_program_trusted_mailbox() function
    has been exported for this purpose.
    
    The TZC-400 configuration in BL2 is simplified: it grants secure
    access only to the whole DRAM. Other security initialization is
    unchanged.
    
    This alternative boot flow is disabled by default. A new build option
    EL3_PAYLOAD_BASE has been introduced to enable it and provide the EL3
    payload's entry point address. The build system has been modified
    such that BL31 and BL33 are not compiled and/or not put in the FIP in
    this case, as those images are not used in this boot flow.
    
    Change-Id: Id2e26fa57988bbc32323a0effd022ab42f5b5077
    4c117f6c
porting-guide.md 70 KB