Skip to content

GitLab

Commit 6f625747 authored by Douglas Raillard's avatar Douglas Raillard
Browse files

Convert documentation to reStructuredText 



Due to recent issues in the rendering of the documentation on GitHub and
some long-standing issues like the lack of automatic table of content in
Markdown, the documentation has been converted to reStructuredText.
Basic constructs looks pretty similar to Markdown.

Automatically convert GitHub markdown documentation to reStructuredText
using pandoc.

Change-Id: If20b695acedc6d1b49c8d9fb64efd6b6ba23f4a9
Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
parent 7af4d2b6
Show whitespace changes
Inline Side-by-side
docs/rt-svc-writers-guide.rst 0 → 100644
View file @ 6f625747
EL3 Runtime Service Writers Guide for ARM Trusted Firmware
==========================================================
.. section-numbering::
:suffix: .
.. contents::
--------------
Introduction
------------
This document describes how to add a runtime service to the EL3 Runtime
Firmware component of ARM Trusted Firmware (BL31).
Software executing in the normal world and in the trusted world at exception
levels lower than EL3 will request runtime services using the Secure Monitor
Call (SMC) instruction. These requests will follow the convention described in
the SMC Calling Convention PDD (`SMCCC`_). The `SMCCC`_ assigns function
identifiers to each SMC request and describes how arguments are passed and
results are returned.
SMC Functions are grouped together based on the implementor of the service, for
example a subset of the Function IDs are designated as "OEM Calls" (see `SMCCC`_
for full details). The EL3 runtime services framework in BL31 enables the
independent implementation of services for each group, which are then compiled
into the BL31 image. This simplifies the integration of common software from
ARM to support `PSCI`_, Secure Monitor for a Trusted OS and SoC specific
software. The common runtime services framework ensures that SMC Functions are
dispatched to their respective service implementation - the `Firmware Design`_
provides details of how this is achieved.
The interface and operation of the runtime services depends heavily on the
concepts and definitions described in the `SMCCC`_, in particular SMC Function
IDs, Owning Entity Numbers (OEN), Fast and Standard calls, and the SMC32 and
SMC64 calling conventions. Please refer to that document for a full explanation
of these terms.
Owning Entities, Call Types and Function IDs
--------------------------------------------
The SMC Function Identifier includes a OEN field. These values and their
meaning are described in `SMCCC`_ and summarized in table 1 below. Some entities
are allocated a range of of OENs. The OEN must be interpreted in conjunction
with the SMC call type, which is either *Fast* or *Yielding*. Fast calls are
uninterruptible whereas Yielding calls can be pre-empted. The majority of
Owning Entities only have allocated ranges for Fast calls: Yielding calls are
reserved exclusively for Trusted OS providers or for interoperability with
legacy 32-bit software that predates the `SMCCC`_.
::
Type OEN Service
Fast 0 ARM Architecture calls
Fast 1 CPU Service calls
Fast 2 SiP Service calls
Fast 3 OEM Service calls
Fast 4 Standard Service calls
Fast 5-47 Reserved for future use
Fast 48-49 Trusted Application calls
Fast 50-63 Trusted OS calls
Yielding 0- 1 Reserved for existing ARMv7 calls
Yielding 2-63 Trusted OS Standard Calls
*Table 1: Service types and their corresponding Owning Entity Numbers*
Each individual entity can allocate the valid identifiers within the entity
range as they need - it is not necessary to coordinate with other entities of
the same type. For example, two SoC providers can use the same Function ID
within the SiP Service calls OEN range to mean different things - as these
calls should be specific to the SoC. The Standard Runtime Calls OEN is used for
services defined by ARM standards, such as `PSCI`_.
The SMC Function ID also indicates whether the call has followed the SMC32
calling convention, where all parameters are 32-bit, or the SMC64 calling
convention, where the parameters are 64-bit. The framework identifies and
rejects invalid calls that use the SMC64 calling convention but that originate
from an AArch32 caller.
The EL3 runtime services framework uses the call type and OEN to identify a
specific handler for each SMC call, but it is expected that an individual
handler will be responsible for all SMC Functions within a given service type.
Getting started
---------------
ARM Trusted Firmware has a `services`_ directory in the source tree under which
each owning entity can place the implementation of its runtime service. The
`PSCI`_ implementation is located here in the `lib/psci`_ directory.
Runtime service sources will need to include the `runtime\_svc.h`_ header file.
Registering a runtime service
-----------------------------
A runtime service is registered using the ``DECLARE_RT_SVC()`` macro, specifying
the name of the service, the range of OENs covered, the type of service and
initialization and call handler functions.
::
#define DECLARE_RT_SVC(_name, _start, _end, _type, _setup, _smch)
- ``_name`` is used to identify the data structure declared by this macro, and
is also used for diagnostic purposes
- ``_start`` and ``_end`` values must be based on the ``OEN_*`` values defined in
`smcc.h`_
- ``_type`` must be one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
- ``_setup`` is the initialization function with the ``rt_svc_init`` signature:
.. code:: c
typedef int32_t (*rt_svc_init)(void);
- ``_smch`` is the SMC handler function with the ``rt_svc_handle`` signature:
.. code:: c
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
u_register_t x1, u_register_t x2,
u_register_t x3, u_register_t x4,
void *cookie,
void *handle,
u_register_t flags);
Details of the requirements and behavior of the two callbacks is provided in
the following sections.
During initialization the services framework validates each declared service
to ensure that the following conditions are met:
#. The ``_start`` OEN is not greater than the ``_end`` OEN
#. The ``_end`` OEN does not exceed the maximum OEN value (63)
#. The ``_type`` is one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
#. ``_setup`` and ``_smch`` routines have been specified
`std\_svc\_setup.c`_ provides an example of registering a runtime service:
.. code:: c
/* Register Standard Service Calls as runtime service */
DECLARE_RT_SVC(
std_svc,
OEN_STD_START,
OEN_STD_END,
SMC_TYPE_FAST,
std_svc_setup,
std_svc_smc_handler
);
Initializing a runtime service
------------------------------
Runtime services are initialized once, during cold boot, by the primary CPU
after platform and architectural initialization is complete. The framework
performs basic validation of the declared service before calling
the service initialization function (``_setup`` in the declaration). This
function must carry out any essential EL3 initialization prior to receiving a
SMC Function call via the handler function.
On success, the initialization function must return ``0``. Any other return value
will cause the framework to issue a diagnostic:
::
Error initializing runtime service <name of the service>
and then ignore the service - the system will continue to boot but SMC calls
will not be passed to the service handler and instead return the *Unknown SMC
Function ID* result ``0xFFFFFFFF``.
If the system must not be allowed to proceed without the service, the
initialization function must itself cause the firmware boot to be halted.
If the service uses per-CPU data this must either be initialized for all CPUs
during this call, or be done lazily when a CPU first issues an SMC call to that
service.
Handling runtime service requests
---------------------------------
SMC calls for a service are forwarded by the framework to the service's SMC
handler function (``_smch`` in the service declaration). This function must have
the following signature:
.. code:: c
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
u_register_t x1, u_register_t x2,
u_register_t x3, u_register_t x4,
void *cookie,
void *handle,
u_register_t flags);
The handler is responsible for:
#. Determining that ``smc_fid`` is a valid and supported SMC Function ID,
otherwise completing the request with the *Unknown SMC Function ID*:
.. code:: c
SMC_RET1(handle, SMC_UNK);
#. Determining if the requested function is valid for the calling security
state. SMC Calls can be made from both the normal and trusted worlds and
the framework will forward all calls to the service handler.
The ``flags`` parameter to this function indicates the caller security state
in bit[0], where a value of ``1`` indicates a non-secure caller. The
``is_caller_secure(flags)`` and ``is_caller_non_secure(flags)`` can be used to
test this condition.
If invalid, the request should be completed with:
.. code:: c
SMC_RET1(handle, SMC_UNK);
#. Truncating parameters for calls made using the SMC32 calling convention.
Such calls can be determined by checking the CC field in bit[30] of the
``smc_fid`` parameter, for example by using:
::
if (GET_SMC_CC(smc_fid) == SMC_32) ...
For such calls, the upper bits of the parameters x1-x4 and the saved
parameters X5-X7 are UNDEFINED and must be explicitly ignored by the
handler. This can be done by truncating the values to a suitable 32-bit
integer type before use, for example by ensuring that functions defined
to handle individual SMC Functions use appropriate 32-bit parameters.
#. Providing the service requested by the SMC Function, utilizing the
immediate parameters x1-x4 and/or the additional saved parameters X5-X7.
The latter can be retrieved using the ``SMC_GET_GP(handle, ref)`` function,
supplying the appropriate ``CTX_GPREG_Xn`` reference, e.g.
.. code:: c
uint64_t x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
#. Implementing the standard SMC32 Functions that provide information about
the implementation of the service. These are the Call Count, Implementor
UID and Revision Details for each service documented in section 6 of the
`SMCCC`_.
The ARM Trusted Firmware expects owning entities to follow this
recommendation.
#. Returning the result to the caller. The `SMCCC`_ allows for up to 256 bits
of return value in SMC64 using X0-X3 and 128 bits in SMC32 using W0-W3. The
framework provides a family of macros to set the multi-register return
value and complete the handler:
.. code:: c
SMC_RET1(handle, x0);
SMC_RET2(handle, x0, x1);
SMC_RET3(handle, x0, x1, x2);
SMC_RET4(handle, x0, x1, x2, x3);
The ``cookie`` parameter to the handler is reserved for future use and can be
ignored. The ``handle`` is returned by the SMC handler - completion of the
handler function must always be via one of the ``SMC_RETn()`` macros.
NOTE: The PSCI and Test Secure-EL1 Payload Dispatcher services do not follow
all of the above requirements yet.
Services that contain multiple sub-services
-------------------------------------------
It is possible that a single owning entity implements multiple sub-services. For
example, the Standard calls service handles ``0x84000000``-``0x8400FFFF`` and
``0xC4000000``-``0xC400FFFF`` functions. Within that range, the `PSCI`_ service
handles the ``0x84000000``-``0x8400001F`` and ``0xC4000000``-``0xC400001F`` functions.
In that respect, `PSCI`_ is a 'sub-service' of the Standard calls service. In
future, there could be additional such sub-services in the Standard calls
service which perform independent functions.
In this situation it may be valuable to introduce a second level framework to
enable independent implementation of sub-services. Such a framework might look
very similar to the current runtime services framework, but using a different
part of the SMC Function ID to identify the sub-service. Trusted Firmware does
not provide such a framework at present.
Secure-EL1 Payload Dispatcher service (SPD)
-------------------------------------------
Services that handle SMC Functions targeting a Trusted OS, Trusted Application,
or other Secure-EL1 Payload are special. These services need to manage the
Secure-EL1 context, provide the *Secure Monitor* functionality of switching
between the normal and secure worlds, deliver SMC Calls through to Secure-EL1
and generally manage the Secure-EL1 Payload through CPU power-state transitions.
TODO: Provide details of the additional work required to implement a SPD and
the BL31 support for these services. Or a reference to the document that will
provide this information....
--------------
*Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved.*
.. _SMCCC: http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
.. _Firmware Design: ./firmware-design.rst
.. _services: ../services
.. _lib/psci: ../lib/psci
.. _runtime\_svc.h: ../include/common/runtime_svc.h
.. _smcc.h: ../include/lib/smcc.h
.. _std\_svc\_setup.c: ../services/std_svc/std_svc_setup.c
docs/spd/optee-dispatcher.rst 0 → 100644
View file @ 6f625747
OP-TEE Dispatcher
=================
`OP-TEE OS`_ is a Trusted OS running as Secure EL1.
To build and execute OP-TEE follow the instructions at
`OP-TEE build.git`_
--------------
*Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved.*
.. _OP-TEE OS: https://github.com/OP-TEE/build
.. _OP-TEE build.git: https://github.com/OP-TEE/build
docs/spd/tlk-dispatcher.rst 0 → 100644
View file @ 6f625747
Trusted Little Kernel (TLK) Dispatcher
======================================
TLK dispatcher adds support for NVIDIA's Trusted Little Kernel (TLK) to work
with the Trusted Firmware. TLK-D can be compiled by including it in the
platform's makefile. TLK is primarily meant to work with Tegra SoCs, so until
Trusted Firmware starts supporting Tegra, the dispatcher code can only be
compiled for other platforms.
In order to compile TLK-D, we need a BL32 image to be present. Since, TLKD
just needs to compile, any BL32 image would do. To use TLK as the BL32, please
refer to the "Build TLK" section.
Once a BL32 is ready, TLKD can be included in the image by adding "SPD=tlkd"
to the build command.
Trusted Little Kernel (TLK)
===========================
TLK is a Trusted OS running as Secure EL1. It is a Free Open Source Software
(FOSS) release of the NVIDIA® Trusted Little Kernel (TLK) technology, which
extends technology made available with the development of the Little Kernel (LK).
You can download the LK modular embedded preemptive kernel for use on ARM,
x86, and AVR32 systems from https://github.com/travisg/lk
NVIDIA implemented its Trusted Little Kernel (TLK) technology, designed as a
free and open-source trusted execution environment (OTE).
TLK features include:
• Small, pre-emptive kernel
• Supports multi-threading, IPCs, and thread scheduling
• Added TrustZone features
• Added Secure Storage
• Under MIT/FreeBSD license
NVIDIA extensions to Little Kernel (LK) include:
• User mode
• Address-space separation for TAs
• TLK Client Application (CA) library
• TLK TA library
• Crypto library (encrypt/decrypt, key handling) via OpenSSL
• Linux kernel driver
• Cortex A9/A15 support
• Power Management
• TrustZone memory carve-out (reconfigurable)
• Page table management
• Debugging support over UART (USB planned)
TLK is hosted by NVIDIA on http://nv-tegra.nvidia.com under the
3rdparty/ote\_partner/tlk.git repository. Detailed information about
TLK and OTE can be found in the Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf
manual located under the "documentation" directory\_.
Build TLK
=========
To build and execute TLK, follow the instructions from "Building a TLK Device"
section from Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf manual.
Input parameters to TLK
=======================
TLK expects the TZDRAM size and a structure containing the boot arguments. BL2
passes this information to the EL3 software as members of the bl32\_ep\_info
struct, where bl32\_ep\_info is part of bl31\_params\_t (passed by BL2 in X0)
Example:
--------
::
bl32_ep_info->args.arg0 = TZDRAM size available for BL32
bl32_ep_info->args.arg1 = unused (used only on ARMv7)
bl32_ep_info->args.arg2 = pointer to boot args
docs/spd/trusty-dispatcher.rst 0 → 100644
View file @ 6f625747
Trusty Dispatcher
=================
Trusty is a a set of software components, supporting a Trusted Execution
Environment (TEE) on mobile devices, published and maintained by Google.
Detailed information and build instructions can be found on the Android
Open Source Project (AOSP) webpage for Trusty hosted at
https://source.android.com/security/trusty
Supported platforms
===================
Out of all the platforms supported by the ARM Trusted Firmware, Trusty is
verified and supported by NVIDIA's Tegra SoCs.
docs/trusted-board-boot.rst 0 → 100644
View file @ 6f625747
Trusted Board Boot Design Guide
===============================
.. section-numbering::
:suffix: .
.. contents::
The Trusted Board Boot (TBB) feature prevents malicious firmware from running on
the platform by authenticating all firmware images up to and including the
normal world bootloader. It does this by establishing a Chain of Trust using
Public-Key-Cryptography Standards (PKCS).
This document describes the design of ARM Trusted Firmware TBB, which is an
implementation of the Trusted Board Boot Requirements (TBBR) specification,
ARM DEN0006C-1. It should be used in conjunction with the `Firmware Update`_
design document, which implements a specific aspect of the TBBR.
Chain of Trust
--------------
A Chain of Trust (CoT) starts with a set of implicitly trusted components. On
the ARM development platforms, these components are:
- A SHA-256 hash of the Root of Trust Public Key (ROTPK). It is stored in the
trusted root-key storage registers.
- The BL1 image, on the assumption that it resides in ROM so cannot be
tampered with.
The remaining components in the CoT are either certificates or boot loader
images. The certificates follow the `X.509 v3`_ standard. This standard
enables adding custom extensions to the certificates, which are used to store
essential information to establish the CoT.
In the TBB CoT all certificates are self-signed. There is no need for a
Certificate Authority (CA) because the CoT is not established by verifying the
validity of a certificate's issuer but by the content of the certificate
extensions. To sign the certificates, the PKCS#1 SHA-256 with RSA Encryption
signature scheme is used with a RSA key length of 2048 bits. Future version of
Trusted Firmware will support additional cryptographic algorithms.
The certificates are categorised as "Key" and "Content" certificates. Key
certificates are used to verify public keys which have been used to sign content
certificates. Content certificates are used to store the hash of a boot loader
image. An image can be authenticated by calculating its hash and matching it
with the hash extracted from the content certificate. The SHA-256 function is
used to calculate all hashes. The public keys and hashes are included as
non-standard extension fields in the `X.509 v3`_ certificates.
The keys used to establish the CoT are:
- **Root of trust key**
The private part of this key is used to sign the BL2 content certificate and
the trusted key certificate. The public part is the ROTPK.
- **Trusted world key**
The private part is used to sign the key certificates corresponding to the
secure world images (SCP\_BL2, BL31 and BL32). The public part is stored in
one of the extension fields in the trusted world certificate.
- **Non-trusted world key**
The private part is used to sign the key certificate corresponding to the
non secure world image (BL33). The public part is stored in one of the
extension fields in the trusted world certificate.
- **BL3-X keys**
For each of SCP\_BL2, BL31, BL32 and BL33, the private part is used to
sign the content certificate for the BL3-X image. The public part is stored
in one of the extension fields in the corresponding key certificate.
The following images are included in the CoT:
- BL1
- BL2
- SCP\_BL2 (optional)
- BL31
- BL33
- BL32 (optional)
The following certificates are used to authenticate the images.
- **BL2 content certificate**
It is self-signed with the private part of the ROT key. It contains a hash
of the BL2 image.
- **Trusted key certificate**
It is self-signed with the private part of the ROT key. It contains the
public part of the trusted world key and the public part of the non-trusted
world key.
- **SCP\_BL2 key certificate**
It is self-signed with the trusted world key. It contains the public part of
the SCP\_BL2 key.
- **SCP\_BL2 content certificate**
It is self-signed with the SCP\_BL2 key. It contains a hash of the SCP\_BL2
image.
- **BL31 key certificate**
It is self-signed with the trusted world key. It contains the public part of
the BL31 key.
- **BL31 content certificate**
It is self-signed with the BL31 key. It contains a hash of the BL31 image.
- **BL32 key certificate**
It is self-signed with the trusted world key. It contains the public part of
the BL32 key.
- **BL32 content certificate**
It is self-signed with the BL32 key. It contains a hash of the BL32 image.
- **BL33 key certificate**
It is self-signed with the non-trusted world key. It contains the public
part of the BL33 key.
- **BL33 content certificate**
It is self-signed with the BL33 key. It contains a hash of the BL33 image.
The SCP\_BL2 and BL32 certificates are optional, but they must be present if the
corresponding SCP\_BL2 or BL32 images are present.
Trusted Board Boot Sequence
---------------------------
The CoT is verified through the following sequence of steps. The system panics
if any of the steps fail.
- BL1 loads and verifies the BL2 content certificate. The issuer public key is
read from the verified certificate. A hash of that key is calculated and
compared with the hash of the ROTPK read from the trusted root-key storage
registers. If they match, the BL2 hash is read from the certificate.
Note: the matching operation is platform specific and is currently
unimplemented on the ARM development platforms.
- BL1 loads the BL2 image. Its hash is calculated and compared with the hash
read from the certificate. Control is transferred to the BL2 image if all
the comparisons succeed.
- BL2 loads and verifies the trusted key certificate. The issuer public key is
read from the verified certificate. A hash of that key is calculated and
compared with the hash of the ROTPK read from the trusted root-key storage
registers. If the comparison succeeds, BL2 reads and saves the trusted and
non-trusted world public keys from the verified certificate.
The next two steps are executed for each of the SCP\_BL2, BL31 & BL32 images.
The steps for the optional SCP\_BL2 and BL32 images are skipped if these images
are not present.
- BL2 loads and verifies the BL3x key certificate. The certificate signature
is verified using the trusted world public key. If the signature
verification succeeds, BL2 reads and saves the BL3x public key from the
certificate.
- BL2 loads and verifies the BL3x content certificate. The signature is
verified using the BL3x public key. If the signature verification succeeds,
BL2 reads and saves the BL3x image hash from the certificate.
The next two steps are executed only for the BL33 image.
- BL2 loads and verifies the BL33 key certificate. If the signature
verification succeeds, BL2 reads and saves the BL33 public key from the
certificate.
- BL2 loads and verifies the BL33 content certificate. If the signature
verification succeeds, BL2 reads and saves the BL33 image hash from the
certificate.
The next step is executed for all the boot loader images.
- BL2 calculates the hash of each image. It compares it with the hash obtained
from the corresponding content certificate. The image authentication succeeds
if the hashes match.
The Trusted Board Boot implementation spans both generic and platform-specific
BL1 and BL2 code, and in tool code on the host build machine. The feature is
enabled through use of specific build flags as described in the `User Guide`_.
On the host machine, a tool generates the certificates, which are included in
the FIP along with the boot loader images. These certificates are loaded in
Trusted SRAM using the IO storage framework. They are then verified by an
Authentication module included in the Trusted Firmware.
The mechanism used for generating the FIP and the Authentication module are
described in the following sections.
Authentication Framework
------------------------
The authentication framework included in the Trusted Firmware provides support
to implement the desired trusted boot sequence. ARM platforms use this framework
to implement the boot requirements specified in the TBBR-client document.
More information about the authentication framework can be found in the
`Auth Framework`_ document.
Certificate Generation Tool
---------------------------
The ``cert_create`` tool is built and runs on the host machine as part of the
Trusted Firmware build process when ``GENERATE_COT=1``. It takes the boot loader
images and keys as inputs (keys must be in PEM format) and generates the
certificates (in DER format) required to establish the CoT. New keys can be
generated by the tool in case they are not provided. The certificates are then
passed as inputs to the ``fiptool`` utility for creating the FIP.
The certificates are also stored individually in the in the output build
directory.
The tool resides in the ``tools/cert_create`` directory. It uses OpenSSL SSL
library version 1.0.1 or later to generate the X.509 certificates. Instructions
for building and using the tool can be found in the `User Guide`_.
--------------
*Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.*
.. _Firmware Update: firmware-update.rst
.. _X.509 v3: http://www.ietf.org/rfc/rfc5280.txt
.. _User Guide: user-guide.rst
.. _Auth Framework: auth-framework.rst
docs/user-guide.rst 0 → 100644
View file @ 6f625747
ARM Trusted Firmware User Guide
===============================
.. section-numbering::
:suffix: .
.. contents::
This document describes how to build ARM Trusted Firmware (TF) and run it with a
tested set of other software components using defined configurations on the Juno
ARM development platform and ARM Fixed Virtual Platform (FVP) models. It is
possible to use other software components, configurations and platforms but that
is outside the scope of this document.
This document assumes that the reader has previous experience running a fully
bootable Linux software stack on Juno or FVP using the prebuilt binaries and
filesystems provided by `Linaro`_. Further information may
be found in the `Instructions for using the Linaro software deliverables`_. It also assumes that the user understands the role of
the different software components required to boot a Linux system:
- Specific firmware images required by the platform (e.g. SCP firmware on Juno)
- Normal world bootloader (e.g. UEFI or U-Boot)
- Device tree
- Linux kernel image
- Root filesystem
Note: the ARM TF v1.3 release was tested with Linaro Release 16.06, and the
latest version of ARM TF is tested with Linaro Release 17.01.
This document also assumes that the user is familiar with the FVP models and
the different command line options available to launch the model.
This document should be used in conjunction with the `Firmware Design`_.
Host machine requirements
-------------------------
The minimum recommended machine specification for building the software and
running the FVP models is a dual-core processor running at 2GHz with 12GB of
RAM. For best performance, use a machine with a quad-core processor running at
2.6GHz with 16GB of RAM.
The software has been tested on Ubuntu 14.04 LTS (64-bit). Packages used for
building the software were installed from that distribution unless otherwise
specified.
The software has also been built on Windows 7 Enterprise SP1, using CMD.EXE,
Cygwin, and Msys (MinGW) shells, using version 4.9.1 of the GNU toolchain.
Tools
-----
Install the required packages to build Trusted Firmware with the following
command:
::
sudo apt-get install build-essential gcc make git libssl-dev
Download and install the AArch32 or AArch64 little-endian GCC cross compiler.
The `Linaro Release Notes`_ documents which version of the
compiler to use for a given Linaro Release. Also, these
`Linaro instructions`_ provide further guidance.
Optionally, Trusted Firmware can be built using clang or ARM Compiler 6.
See instructions below on how to switch the default compiler.
In addition, the following optional packages and tools may be needed:
- ``device-tree-compiler`` package if you need to rebuild the Flattened Device
Tree (FDT) source files (``.dts`` files) provided with this software.
- For debugging, ARM `Development Studio 5 (DS-5)`_.
Getting the Trusted Firmware source code
----------------------------------------
Download the Trusted Firmware source code from Github:
::
git clone https://github.com/ARM-software/arm-trusted-firmware.git
Building the Trusted Firmware
-----------------------------
- Before building Trusted Firmware, the environment variable ``CROSS_COMPILE``
must point to the Linaro cross compiler.
For AArch64:
::
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu-
For AArch32:
::
export CROSS_COMPILE=<path-to-aarch32-gcc>/bin/arm-linux-gnueabihf-
It is possible to build Trusted Firmware using clang or ARM Compiler 6.
To do so ``CC`` needs to point to the clang or armclang binary. Only the
compiler is switched; the assembler and linker need to be provided by
the GNU toolchain, thus ``CROSS_COMPILE`` should be set as described above.
ARM Compiler 6 will be selected when the base name of the path assigned
to ``CC`` matches the string 'armclang'.
For AArch64 using ARM Compiler 6:
::
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu-
make CC=<path-to-armclang>/bin/armclang PLAT=<platform> all
Clang will be selected when the base name of the path assigned to ``CC``
contains the string 'clang'. This is to allow both clang and clang-X.Y
to work.
For AArch64 using clang:
::
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu-
make CC=<path-to-clang>/bin/clang PLAT=<platform> all
- Change to the root directory of the Trusted Firmware source tree and build.
For AArch64:
::
make PLAT=<platform> all
For AArch32:
::
make PLAT=<platform> ARCH=aarch32 AARCH32_SP=sp_min all
Notes:
- If ``PLAT`` is not specified, ``fvp`` is assumed by default. See the
`Summary of build options`_ for more information on available build
options.
- (AArch32 only) Currently only ``PLAT=fvp`` is supported.
- (AArch32 only) ``AARCH32_SP`` is the AArch32 EL3 Runtime Software and it
corresponds to the BL32 image. A minimal ``AARCH32_SP``, sp\_min, is
provided by ARM Trusted Firmware to demonstrate how PSCI Library can
be integrated with an AArch32 EL3 Runtime Software. Some AArch32 EL3
Runtime Software may include other runtime services, for example
Trusted OS services. A guide to integrate PSCI library with AArch32
EL3 Runtime Software can be found `here`_.
- (AArch64 only) The TSP (Test Secure Payload), corresponding to the BL32
image, is not compiled in by default. Refer to the
`Building the Test Secure Payload`_ section below.
- By default this produces a release version of the build. To produce a
debug version instead, refer to the "Debugging options" section below.
- The build process creates products in a ``build`` directory tree, building
the objects and binaries for each boot loader stage in separate
sub-directories. The following boot loader binary files are created
from the corresponding ELF files:
- ``build/<platform>/<build-type>/bl1.bin``
- ``build/<platform>/<build-type>/bl2.bin``
- ``build/<platform>/<build-type>/bl31.bin`` (AArch64 only)
- ``build/<platform>/<build-type>/bl32.bin`` (mandatory for AArch32)
where ``<platform>`` is the name of the chosen platform and ``<build-type>``
is either ``debug`` or ``release``. The actual number of images might differ
depending on the platform.
- Build products for a specific build variant can be removed using:
::
make DEBUG=<D> PLAT=<platform> clean
... where ``<D>`` is ``0`` or ``1``, as specified when building.
The build tree can be removed completely using:
::
make realclean
Summary of build options
~~~~~~~~~~~~~~~~~~~~~~~~
ARM Trusted Firmware build system supports the following build options. Unless
mentioned otherwise, these options are expected to be specified at the build
command line and are not to be modified in any component makefiles. Note that
the build system doesn't track dependency for build options. Therefore, if any
of the build options are changed from a previous build, a clean build must be
performed.
Common build options
^^^^^^^^^^^^^^^^^^^^
- ``AARCH32_SP`` : Choose the AArch32 Secure Payload component to be built as
as the BL32 image when ``ARCH=aarch32``. The value should be the path to the
directory containing the SP source, relative to the ``bl32/``; the directory
is expected to contain a makefile called ``<aarch32_sp-value>.mk``.
- ``ARCH`` : Choose the target build architecture for ARM Trusted Firmware.
It can take either ``aarch64`` or ``aarch32`` as values. By default, it is
defined to ``aarch64``.
- ``ARM_CCI_PRODUCT_ID``: Choice of ARM CCI product used by the platform. This
is used to determine the number of valid slave interfaces available in the
ARM CCI driver. Default is 400 (that is, CCI-400).
- ``ARM_ARCH_MAJOR``: The major version of ARM Architecture to target when
compiling ARM Trusted Firmware. Its value must be numeric, and defaults to
8 . See also, *ARMv8 Architecture Extensions* in `Firmware Design`_.
- ``ARM_ARCH_MINOR``: The minor version of ARM Architecture to target when
compiling ARM Trusted Firmware. Its value must be a numeric, and defaults
to 0. See also, *ARMv8 Architecture Extensions* in `Firmware Design`_.
- ``ARM_GIC_ARCH``: Choice of ARM GIC architecture version used by the ARM
Legacy GIC driver for implementing the platform GIC API. This API is used
by the interrupt management framework. Default is 2 (that is, version 2.0).
This build option is deprecated.
- ``ARM_PLAT_MT``: This flag determines whether the ARM platform layer has to
cater for the multi-threading ``MT`` bit when accessing MPIDR. When this
flag is set, the functions which deal with MPIDR assume that the ``MT`` bit
in MPIDR is set and access the bit-fields in MPIDR accordingly. Default
value of this flag is 0.
- ``BL2``: This is an optional build option which specifies the path to BL2
image for the ``fip`` target. In this case, the BL2 in the ARM Trusted
Firmware will not be built.
- ``BL2U``: This is an optional build option which specifies the path to
BL2U image. In this case, the BL2U in the ARM Trusted Firmware will not
be built.
- ``BL31``: This is an optional build option which specifies the path to
BL31 image for the ``fip`` target. In this case, the BL31 in the ARM
Trusted Firmware will not be built.
- ``BL31_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the BL31 private key in PEM format. If ``SAVE_KEYS=1``,
this file name will be used to save the key.
- ``BL32``: This is an optional build option which specifies the path to
BL32 image for the ``fip`` target. In this case, the BL32 in the ARM
Trusted Firmware will not be built.
- ``BL32_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the BL32 private key in PEM format. If ``SAVE_KEYS=1``,
this file name will be used to save the key.
- ``BL33``: Path to BL33 image in the host file system. This is mandatory for
``fip`` target in case the BL2 from ARM Trusted Firmware is used.
- ``BL33_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the BL33 private key in PEM format. If ``SAVE_KEYS=1``,
this file name will be used to save the key.
- ``BUILD_MESSAGE_TIMESTAMP``: String used to identify the time and date of the
compilation of each build. It must be set to a C string (including quotes
where applicable). Defaults to a string that contains the time and date of
the compilation.
- ``BUILD_STRING``: Input string for VERSION\_STRING, which allows the TF build
to be uniquely identified. Defaults to the current git commit id.
- ``CFLAGS``: Extra user options appended on the compiler's command line in
addition to the options set by the build system.
- ``COLD_BOOT_SINGLE_CPU``: This option indicates whether the platform may
release several CPUs out of reset. It can take either 0 (several CPUs may be
brought up) or 1 (only one CPU will ever be brought up during cold reset).
Default is 0. If the platform always brings up a single CPU, there is no
need to distinguish between primary and secondary CPUs and the boot path can
be optimised. The ``plat_is_my_cpu_primary()`` and
``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
to be implemented in this case.
- ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
register state when an unexpected exception occurs during execution of
BL31. This option defaults to the value of ``DEBUG`` - i.e. by default
this is only enabled for a debug build of the firmware.
- ``CREATE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
certificate generation tool to create new keys in case no valid keys are
present or specified. Allowed options are '0' or '1'. Default is '1'.
- ``CTX_INCLUDE_AARCH32_REGS`` : Boolean option that, when set to 1, will cause
the AArch32 system registers to be included when saving and restoring the
CPU context. The option must be set to 0 for AArch64-only platforms (that
is on hardware that does not implement AArch32, or at least not at EL1 and
higher ELs). Default value is 1.
- ``CTX_INCLUDE_FPREGS``: Boolean option that, when set to 1, will cause the FP
registers to be included when saving and restoring the CPU context. Default
is 0.
- ``DEBUG``: Chooses between a debug and release build. It can take either 0
(release) or 1 (debug) as values. 0 is the default.
- ``EL3_PAYLOAD_BASE``: This option enables booting an EL3 payload instead of
the normal boot flow. It must specify the entry point address of the EL3
payload. Please refer to the "Booting an EL3 payload" section for more
details.
- ``ENABLE_ASSERTIONS``: This option controls whether or not calls to ``assert()``
are compiled out. For debug builds, this option defaults to 1, and calls to
``assert()`` are left in place. For release builds, this option defaults to 0
and calls to ``assert()`` function are compiled out. This option can be set
independently of ``DEBUG``. It can also be used to hide any auxiliary code
that is only required for the assertion and does not fit in the assertion
itself.
- ``ENABLE_PMF``: Boolean option to enable support for optional Performance
Measurement Framework(PMF). Default is 0.
- ``ENABLE_PSCI_STAT``: Boolean option to enable support for optional PSCI
functions ``PSCI_STAT_RESIDENCY`` and ``PSCI_STAT_COUNT``. Default is 0.
In the absence of an alternate stat collection backend, ``ENABLE_PMF`` must
be enabled. If ``ENABLE_PMF`` is set, the residency statistics are tracked in
software.
- ``ENABLE_RUNTIME_INSTRUMENTATION``: Boolean option to enable runtime
instrumentation which injects timestamp collection points into
Trusted Firmware to allow runtime performance to be measured.
Currently, only PSCI is instrumented. Enabling this option enables
the ``ENABLE_PMF`` build option as well. Default is 0.
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
checks in GCC. Allowed values are "all", "strong" and "0" (default).
"strong" is the recommended stack protection level if this feature is
desired. 0 disables the stack protection. For all values other than 0, the
``plat_get_stack_protector_canary()`` platform hook needs to be implemented.
The value is passed as the last component of the option
``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
- ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
deprecated platform APIs, helper functions or drivers within Trusted
Firmware as error. It can take the value 1 (flag the use of deprecated
APIs as error) or 0. The default is 0.
- ``FIP_NAME``: This is an optional build option which specifies the FIP
filename for the ``fip`` target. Default is ``fip.bin``.
- ``FWU_FIP_NAME``: This is an optional build option which specifies the FWU
FIP filename for the ``fwu_fip`` target. Default is ``fwu_fip.bin``.
- ``GENERATE_COT``: Boolean flag used to build and execute the ``cert_create``
tool to create certificates as per the Chain of Trust described in
`Trusted Board Boot`_. The build system then calls ``fiptool`` to
include the certificates in the FIP and FWU\_FIP. Default value is '0'.
Specify both ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=1`` to include support
for the Trusted Board Boot feature in the BL1 and BL2 images, to generate
the corresponding certificates, and to include those certificates in the
FIP and FWU\_FIP.
Note that if ``TRUSTED_BOARD_BOOT=0`` and ``GENERATE_COT=1``, the BL1 and BL2
images will not include support for Trusted Board Boot. The FIP will still
include the corresponding certificates. This FIP can be used to verify the
Chain of Trust on the host machine through other mechanisms.
Note that if ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=0``, the BL1 and BL2
images will include support for Trusted Board Boot, but the FIP and FWU\_FIP
will not include the corresponding certificates, causing a boot failure.
- ``HANDLE_EA_EL3_FIRST``: When defined External Aborts and SError Interrupts
will be always trapped in EL3 i.e. in BL31 at runtime.
- ``HW_ASSISTED_COHERENCY``: On most ARM systems to-date, platform-specific
software operations are required for CPUs to enter and exit coherency.
However, there exists newer systems where CPUs' entry to and exit from
coherency is managed in hardware. Such systems require software to only
initiate the operations, and the rest is managed in hardware, minimizing
active software management. In such systems, this boolean option enables ARM
Trusted Firmware to carry out build and run-time optimizations during boot
and power management operations. This option defaults to 0 and if it is
enabled, then it implies ``WARMBOOT_ENABLE_DCACHE_EARLY`` is also enabled.
- ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
runtime software in AArch32 mode, which is required to run AArch32 on Juno.
By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
images.
- ``LDFLAGS``: Extra user options appended to the linkers' command line in
addition to the one set by the build system.
- ``LOAD_IMAGE_V2``: Boolean option to enable support for new version (v2) of
image loading, which provides more flexibility and scalability around what
images are loaded and executed during boot. Default is 0.
Note: ``TRUSTED_BOARD_BOOT`` is currently only supported for AArch64 when
``LOAD_IMAGE_V2`` is enabled.
- ``LOG_LEVEL``: Chooses the log level, which controls the amount of console log
output compiled into the build. This should be one of the following:
::
0 (LOG_LEVEL_NONE)
10 (LOG_LEVEL_NOTICE)
20 (LOG_LEVEL_ERROR)
30 (LOG_LEVEL_WARNING)
40 (LOG_LEVEL_INFO)
50 (LOG_LEVEL_VERBOSE)
All log output up to and including the log level is compiled into the build.
The default value is 40 in debug builds and 20 in release builds.
- ``NON_TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
specifies the file that contains the Non-Trusted World private key in PEM
format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
- ``NS_BL2U``: Path to NS\_BL2U image in the host file system. This image is
optional. It is only needed if the platform makefile specifies that it
is required in order to build the ``fwu_fip`` target.
- ``NS_TIMER_SWITCH``: Enable save and restore for non-secure timer register
contents upon world switch. It can take either 0 (don't save and restore) or
1 (do save and restore). 0 is the default. An SPD may set this to 1 if it
wants the timer registers to be saved and restored.
- ``PL011_GENERIC_UART``: Boolean option to indicate the PL011 driver that
the underlying hardware is not a full PL011 UART but a minimally compliant
generic UART, which is a subset of the PL011. The driver will not access
any register that is not part of the SBSA generic UART specification.
Default value is 0 (a full PL011 compliant UART is present).
- ``PLAT``: Choose a platform to build ARM Trusted Firmware for. The chosen
platform name must be subdirectory of any depth under ``plat/``, and must
contain a platform makefile named ``platform.mk``.
- ``PRELOADED_BL33_BASE``: This option enables booting a preloaded BL33 image
instead of the normal boot flow. When defined, it must specify the entry
point address for the preloaded BL33 image. This option is incompatible with
``EL3_PAYLOAD_BASE``. If both are defined, ``EL3_PAYLOAD_BASE`` has priority
over ``PRELOADED_BL33_BASE``.
- ``PROGRAMMABLE_RESET_ADDRESS``: This option indicates whether the reset
vector address can be programmed or is fixed on the platform. It can take
either 0 (fixed) or 1 (programmable). Default is 0. If the platform has a
programmable reset address, it is expected that a CPU will start executing
code directly at the right address, both on a cold and warm reset. In this
case, there is no need to identify the entrypoint on boot and the boot path
can be optimised. The ``plat_get_my_entrypoint()`` platform porting interface
does not need to be implemented in this case.
- ``PSCI_EXTENDED_STATE_ID``: As per PSCI1.0 Specification, there are 2 formats
possible for the PSCI power-state parameter viz original and extended
State-ID formats. This flag if set to 1, configures the generic PSCI layer
to use the extended format. The default value of this flag is 0, which
means by default the original power-state format is used by the PSCI
implementation. This flag should be specified by the platform makefile
and it governs the return value of PSCI\_FEATURES API for CPU\_SUSPEND
smc function id. When this option is enabled on ARM platforms, the
option ``ARM_RECOM_STATE_ID_ENC`` needs to be set to 1 as well.
- ``RESET_TO_BL31``: Enable BL31 entrypoint as the CPU reset vector instead
of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
entrypoint) or 1 (CPU reset to BL31 entrypoint).
The default value is 0.
- ``RESET_TO_SP_MIN``: SP\_MIN is the minimal AArch32 Secure Payload provided in
ARM Trusted Firmware. This flag configures SP\_MIN entrypoint as the CPU
reset vector instead of the BL1 entrypoint. It can take the value 0 (CPU
reset to BL1 entrypoint) or 1 (CPU reset to SP\_MIN entrypoint). The default
value is 0.
- ``ROT_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the ROT private key in PEM format. If ``SAVE_KEYS=1``, this
file name will be used to save the key.
- ``SAVE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
certificate generation tool to save the keys used to establish the Chain of
Trust. Allowed options are '0' or '1'. Default is '0' (do not save).
- ``SCP_BL2``: Path to SCP\_BL2 image in the host file system. This image is optional.
If a SCP\_BL2 image is present then this option must be passed for the ``fip``
target.
- ``SCP_BL2_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
file that contains the SCP\_BL2 private key in PEM format. If ``SAVE_KEYS=1``,
this file name will be used to save the key.
- ``SCP_BL2U``: Path to SCP\_BL2U image in the host file system. This image is
optional. It is only needed if the platform makefile specifies that it
is required in order to build the ``fwu_fip`` target.
- ``SEPARATE_CODE_AND_RODATA``: Whether code and read-only data should be
isolated on separate memory pages. This is a trade-off between security and
memory usage. See "Isolating code and read-only data on separate memory
pages" section in `Firmware Design`_. This flag is disabled by default and
affects all BL images.
- ``SPD``: Choose a Secure Payload Dispatcher component to be built into the
Trusted Firmware. This build option is only valid if ``ARCH=aarch64``. The
value should be the path to the directory containing the SPD source,
relative to ``services/spd/``; the directory is expected to
contain a makefile called ``<spd-value>.mk``.
- ``SPIN_ON_BL1_EXIT``: This option introduces an infinite loop in BL1. It can
take either 0 (no loop) or 1 (add a loop). 0 is the default. This loop stops
execution in BL1 just before handing over to BL31. At this point, all
firmware images have been loaded in memory, and the MMU and caches are
turned off. Refer to the "Debugging options" section for more details.
- ``TRUSTED_BOARD_BOOT``: Boolean flag to include support for the Trusted Board
Boot feature. When set to '1', BL1 and BL2 images include support to load
and verify the certificates and images in a FIP, and BL1 includes support
for the Firmware Update. The default value is '0'. Generation and inclusion
of certificates in the FIP and FWU\_FIP depends upon the value of the
``GENERATE_COT`` option.
Note: This option depends on ``CREATE_KEYS`` to be enabled. If the keys
already exist in disk, they will be overwritten without further notice.
- ``TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
specifies the file that contains the Trusted World private key in PEM
format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
- ``TSP_INIT_ASYNC``: Choose BL32 initialization method as asynchronous or
synchronous, (see "Initializing a BL32 Image" section in
`Firmware Design`_). It can take the value 0 (BL32 is initialized using
synchronous method) or 1 (BL32 is initialized using asynchronous method).
Default is 0.
- ``TSP_NS_INTR_ASYNC_PREEMPT``: A non zero value enables the interrupt
routing model which routes non-secure interrupts asynchronously from TSP
to EL3 causing immediate preemption of TSP. The EL3 is responsible
for saving and restoring the TSP context in this routing model. The
default routing model (when the value is 0) is to route non-secure
interrupts to TSP allowing it to save its context and hand over
synchronously to EL3 via an SMC.
- ``USE_COHERENT_MEM``: This flag determines whether to include the coherent
memory region in the BL memory map or not (see "Use of Coherent memory in
Trusted Firmware" section in `Firmware Design`_). It can take the value 1
(Coherent memory region is included) or 0 (Coherent memory region is
excluded). Default is 1.
- ``V``: Verbose build. If assigned anything other than 0, the build commands
are printed. Default is 0.
- ``VERSION_STRING``: String used in the log output for each TF image. Defaults
to a string formed by concatenating the version number, build type and build
string.
- ``WARMBOOT_ENABLE_DCACHE_EARLY`` : Boolean option to enable D-cache early on
the CPU after warm boot. This is applicable for platforms which do not
require interconnect programming to enable cache coherency (eg: single
cluster platforms). If this option is enabled, then warm boot path
enables D-caches immediately after enabling MMU. This option defaults to 0.
- ``ENABLE_SPE_FOR_LOWER_ELS`` : Boolean option to enable Statistical Profiling
extensions. This is an optional architectural feature available only for
AArch64 8.2 onwards. This option defaults to 1 but is automatically
disabled when the target architecture is AArch32 or AArch64 8.0/8.1.
ARM development platform specific build options
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- ``ARM_BL31_IN_DRAM``: Boolean option to select loading of BL31 in TZC secured
DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
BL31 in TZC secured DRAM. If TSP is present, then setting this option also
sets the TSP location to DRAM and ignores the ``ARM_TSP_RAM_LOCATION`` build
flag.
- ``ARM_BOARD_OPTIMISE_MEM``: Boolean option to enable or disable optimisation
of the memory reserved for each image. This affects the maximum size of each
BL image as well as the number of allocated memory regions and translation
tables. By default this flag is 0, which means it uses the default
unoptimised values for these macros. ARM development platforms that wish to
optimise memory usage need to set this flag to 1 and must override the
related macros.
- ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
frame registers by setting the ``CNTCTLBase.CNTACR<N>`` register bits. The
frame number ``<N>`` is defined by ``PLAT_ARM_NSTIMER_FRAME_ID``, which should
match the frame used by the Non-Secure image (normally the Linux kernel).
Default is true (access to the frame is allowed).
- ``ARM_DISABLE_TRUSTED_WDOG``: boolean option to disable the Trusted Watchdog.
By default, ARM platforms use a watchdog to trigger a system reset in case
an error is encountered during the boot process (for example, when an image
could not be loaded or authenticated). The watchdog is enabled in the early
platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
Trusted Watchdog may be disabled at build time for testing or development
purposes.
- ``ARM_RECOM_STATE_ID_ENC``: The PSCI1.0 specification recommends an encoding
for the construction of composite state-ID in the power-state parameter.
The existing PSCI clients currently do not support this encoding of
State-ID yet. Hence this flag is used to configure whether to use the
recommended State-ID encoding or not. The default value of this flag is 0,
in which case the platform is configured to expect NULL in the State-ID
field of power-state parameter.
- ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
location of the ROTPK hash returned by the function ``plat_get_rotpk_info()``
for ARM platforms. Depending on the selected option, the proper private key
must be specified using the ``ROT_KEY`` option when building the Trusted
Firmware. This private key will be used by the certificate generation tool
to sign the BL2 and Trusted Key certificates. Available options for
``ARM_ROTPK_LOCATION`` are:
- ``regs`` : return the ROTPK hash stored in the Trusted root-key storage
registers. The private key corresponding to this ROTPK hash is not
currently available.
- ``devel_rsa`` : return a development public key hash embedded in the BL1
and BL2 binaries. This hash has been obtained from the RSA public key
``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY`` when
creating the certificates.
- ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
- ``tsram`` : Trusted SRAM (default option)
- ``tdram`` : Trusted DRAM (if available)
- ``dram`` : Secure region in DRAM (configured by the TrustZone controller)
- ``ARM_XLAT_TABLES_LIB_V1``: boolean option to compile the Trusted Firmware
with version 1 of the translation tables library instead of version 2. It is
set to 0 by default, which selects version 2.
- ``ARM_CRYPTOCELL_INTEG`` : bool option to enable Trusted Firmware to invoke
ARM® TrustZone® CryptoCell functionality for Trusted Board Boot on capable
ARM platforms. If this option is specified, then the path to the CryptoCell
SBROM library must be specified via ``CCSBROM_LIB_PATH`` flag.
For a better understanding of these options, the ARM development platform memory
map is explained in the `Firmware Design`_.
ARM CSS platform specific build options
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- ``CSS_DETECT_PRE_1_7_0_SCP``: Boolean flag to detect SCP version
incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
compatible change to the MTL protocol, used for AP/SCP communication.
Trusted Firmware no longer supports earlier SCP versions. If this option is
set to 1 then Trusted Firmware will detect if an earlier version is in use.
Default is 1.
- ``CSS_LOAD_SCP_IMAGES``: Boolean flag, which when set, adds SCP\_BL2 and
SCP\_BL2U to the FIP and FWU\_FIP respectively, and enables them to be loaded
during boot. Default is 1.
- ``CSS_USE_SCMI_DRIVER``: Boolean flag which selects SCMI driver instead of
SCPI driver for communicating with the SCP during power management operations.
If this option is set to 1, then SCMI driver will be used. Default is 0.
ARM FVP platform specific build options
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- ``FVP_CLUSTER_COUNT`` : Configures the cluster count to be used to
build the topology tree within Trusted Firmware. By default the
Trusted Firmware is configured for dual cluster topology and this option
can be used to override the default value.
- ``FVP_INTERCONNECT_DRIVER``: Selects the interconnect driver to be built. The
default interconnect driver depends on the value of ``FVP_CLUSTER_COUNT`` as
explained in the options below:
- ``FVP_CCI`` : The CCI driver is selected. This is the default
if 0 < ``FVP_CLUSTER_COUNT`` <= 2.
- ``FVP_CCN`` : The CCN driver is selected. This is the default
if ``FVP_CLUSTER_COUNT`` > 2.
- ``FVP_USE_GIC_DRIVER`` : Selects the GIC driver to be built. Options:
- ``FVP_GIC600`` : The GIC600 implementation of GICv3 is selected
- ``FVP_GICV2`` : The GICv2 only driver is selected
- ``FVP_GICV3`` : The GICv3 only driver is selected (default option)
- ``FVP_GICV3_LEGACY``: The Legacy GICv3 driver is selected (deprecated)
Note: If Trusted Firmware is compiled with this option on FVPs with
GICv3 hardware, then it configures the hardware to run in GICv2
emulation mode
- ``FVP_USE_SP804_TIMER`` : Use the SP804 timer instead of the Generic Timer
for functions that wait for an arbitrary time length (udelay and mdelay).
The default value is 0.
Debugging options
~~~~~~~~~~~~~~~~~
To compile a debug version and make the build more verbose use
::
make PLAT=<platform> DEBUG=1 V=1 all
AArch64 GCC uses DWARF version 4 debugging symbols by default. Some tools (for
example DS-5) might not support this and may need an older version of DWARF
symbols to be emitted by GCC. This can be achieved by using the
``-gdwarf-<version>`` flag, with the version being set to 2 or 3. Setting the
version to 2 is recommended for DS-5 versions older than 5.16.
When debugging logic problems it might also be useful to disable all compiler
optimizations by using ``-O0``.
NOTE: Using ``-O0`` could cause output images to be larger and base addresses
might need to be recalculated (see the **Memory layout on ARM development
platforms** section in the `Firmware Design`_).
Extra debug options can be passed to the build system by setting ``CFLAGS`` or
``LDFLAGS``:
.. code:: makefile
CFLAGS='-O0 -gdwarf-2' \
make PLAT=<platform> DEBUG=1 V=1 all
Note that using ``-Wl,`` style compilation driver options in ``CFLAGS`` will be
ignored as the linker is called directly.
It is also possible to introduce an infinite loop to help in debugging the
post-BL2 phase of the Trusted Firmware. This can be done by rebuilding BL1 with
the ``SPIN_ON_BL1_EXIT=1`` build flag. Refer to the "Summary of build options"
section. In this case, the developer may take control of the target using a
debugger when indicated by the console output. When using DS-5, the following
commands can be used:
::
# Stop target execution
interrupt
#
# Prepare your debugging environment, e.g. set breakpoints
#
# Jump over the debug loop
set var $AARCH64::$Core::$PC = $AARCH64::$Core::$PC + 4
# Resume execution
continue
Building the Test Secure Payload
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The TSP is coupled with a companion runtime service in the BL31 firmware,
called the TSPD. Therefore, if you intend to use the TSP, the BL31 image
must be recompiled as well. For more information on SPs and SPDs, see the
`Secure-EL1 Payloads and Dispatchers`_ section in the `Firmware Design`_.
First clean the Trusted Firmware build directory to get rid of any previous
BL31 binary. Then to build the TSP image use:
::
make PLAT=<platform> SPD=tspd all
An additional boot loader binary file is created in the ``build`` directory:
::
build/<platform>/<build-type>/bl32.bin
Checking source code style
~~~~~~~~~~~~~~~~~~~~~~~~~~
When making changes to the source for submission to the project, the source
must be in compliance with the Linux style guide, and to assist with this check
the project Makefile contains two targets, which both utilise the
``checkpatch.pl`` script that ships with the Linux source tree.
To check the entire source tree, you must first download a copy of
``checkpatch.pl`` (or the full Linux source), set the ``CHECKPATCH`` environment
variable to point to the script and build the target checkcodebase:
::
make CHECKPATCH=<path-to-linux>/linux/scripts/checkpatch.pl checkcodebase
To just check the style on the files that differ between your local branch and
the remote master, use:
::
make CHECKPATCH=<path-to-linux>/linux/scripts/checkpatch.pl checkpatch
If you wish to check your patch against something other than the remote master,
set the ``BASE_COMMIT`` variable to your desired branch. By default, ``BASE_COMMIT``
is set to ``origin/master``.
Building and using the FIP tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Firmware Image Package (FIP) is a packaging format used by the Trusted Firmware
project to package firmware images in a single binary. The number and type of
images that should be packed in a FIP is platform specific and may include TF
images and other firmware images required by the platform. For example, most
platforms require a BL33 image which corresponds to the normal world bootloader
(e.g. UEFI or U-Boot).
The TF build system provides the make target ``fip`` to create a FIP file for the
specified platform using the FIP creation tool included in the TF project.
Examples below show how to build a FIP file for FVP, packaging TF images and a
BL33 image.
For AArch64:
::
make PLAT=fvp BL33=<path/to/bl33.bin> fip
For AArch32:
::
make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path/to/bl33.bin> fip
Note that AArch32 support for Normal world boot loader (BL33), like U-boot or
UEFI, on FVP is not available upstream. Hence custom solutions are required to
allow Linux boot on FVP. These instructions assume such a custom boot loader
(BL33) is available.
The resulting FIP may be found in:
::
build/fvp/<build-type>/fip.bin
For advanced operations on FIP files, it is also possible to independently build
the tool and create or modify FIPs using this tool. To do this, follow these
steps:
It is recommended to remove old artifacts before building the tool:
::
make -C tools/fiptool clean
Build the tool:
::
make [DEBUG=1] [V=1] fiptool
The tool binary can be located in:
::
./tools/fiptool/fiptool
Invoking the tool with ``--help`` will print a help message with all available
options.
Example 1: create a new Firmware package ``fip.bin`` that contains BL2 and BL31:
::
./tools/fiptool/fiptool create \
--tb-fw build/<platform>/<build-type>/bl2.bin \
--soc-fw build/<platform>/<build-type>/bl31.bin \
fip.bin
Example 2: view the contents of an existing Firmware package:
::
./tools/fiptool/fiptool info <path-to>/fip.bin
Example 3: update the entries of an existing Firmware package:
::
# Change the BL2 from Debug to Release version
./tools/fiptool/fiptool update \
--tb-fw build/<platform>/release/bl2.bin \
build/<platform>/debug/fip.bin
Example 4: unpack all entries from an existing Firmware package:
::
# Images will be unpacked to the working directory
./tools/fiptool/fiptool unpack <path-to>/fip.bin
Example 5: remove an entry from an existing Firmware package:
::
./tools/fiptool/fiptool remove \
--tb-fw build/<platform>/debug/fip.bin
Note that if the destination FIP file exists, the create, update and
remove operations will automatically overwrite it.
The unpack operation will fail if the images already exist at the
destination. In that case, use -f or --force to continue.
More information about FIP can be found in the `Firmware Design`_ document.
Migrating from fip\_create to fiptool
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The previous version of fiptool was called fip\_create. A compatibility script
that emulates the basic functionality of the previous fip\_create is provided.
However, users are strongly encouraged to migrate to fiptool.
- To create a new FIP file, replace "fip\_create" with "fiptool create".
- To update a FIP file, replace "fip\_create" with "fiptool update".
- To dump the contents of a FIP file, replace "fip\_create --dump"
with "fiptool info".
Building FIP images with support for Trusted Board Boot
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Trusted Board Boot primarily consists of the following two features:
- Image Authentication, described in `Trusted Board Boot`_, and
- Firmware Update, described in `Firmware Update`_
The following steps should be followed to build FIP and (optionally) FWU\_FIP
images with support for these features:
#. Fulfill the dependencies of the ``mbedtls`` cryptographic and image parser
modules by checking out a recent version of the `mbed TLS Repository`_. It
is important to use a version that is compatible with TF and fixes any
known security vulnerabilities. See `mbed TLS Security Center`_ for more
information. The latest version of TF is tested with tag ``mbedtls-2.4.2``.
The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS
source files the modules depend upon.
``include/drivers/auth/mbedtls/mbedtls_config.h`` contains the configuration
options required to build the mbed TLS sources.
Note that the mbed TLS library is licensed under the Apache version 2.0
license. Using mbed TLS source code will affect the licensing of
Trusted Firmware binaries that are built using this library.
#. To build the FIP image, ensure the following command line variables are set
while invoking ``make`` to build Trusted Firmware:
- ``MBEDTLS_DIR=<path of the directory containing mbed TLS sources>``
- ``TRUSTED_BOARD_BOOT=1``
- ``GENERATE_COT=1``
In the case of ARM platforms, the location of the ROTPK hash must also be
specified at build time. Two locations are currently supported (see
``ARM_ROTPK_LOCATION`` build option):
- ``ARM_ROTPK_LOCATION=regs``: the ROTPK hash is obtained from the Trusted
root-key storage registers present in the platform. On Juno, this
registers are read-only. On FVP Base and Cortex models, the registers
are read-only, but the value can be specified using the command line
option ``bp.trusted_key_storage.public_key`` when launching the model.
On both Juno and FVP models, the default value corresponds to an
ECDSA-SECP256R1 public key hash, whose private part is not currently
available.
- ``ARM_ROTPK_LOCATION=devel_rsa``: use the ROTPK hash that is hardcoded
in the ARM platform port. The private/public RSA key pair may be
found in ``plat/arm/board/common/rotpk``.
Example of command line using RSA development keys:
::
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
make PLAT=<platform> TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
BL33=<path-to>/<bl33_image> \
all fip
The result of this build will be the bl1.bin and the fip.bin binaries. This
FIP will include the certificates corresponding to the Chain of Trust
described in the TBBR-client document. These certificates can also be found
in the output build directory.
#. The optional FWU\_FIP contains any additional images to be loaded from
Non-Volatile storage during the `Firmware Update`_ process. To build the
FWU\_FIP, any FWU images required by the platform must be specified on the
command line. On ARM development platforms like Juno, these are:
- NS\_BL2U. The AP non-secure Firmware Updater image.
- SCP\_BL2U. The SCP Firmware Update Configuration image.
Example of Juno command line for generating both ``fwu`` and ``fwu_fip``
targets using RSA development:
::
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
make PLAT=juno TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
BL33=<path-to>/<bl33_image> \
SCP_BL2=<path-to>/<scp_bl2_image> \
SCP_BL2U=<path-to>/<scp_bl2u_image> \
NS_BL2U=<path-to>/<ns_bl2u_image> \
all fip fwu_fip
Note: The BL2U image will be built by default and added to the FWU\_FIP.
The user may override this by adding ``BL2U=<path-to>/<bl2u_image>``
to the command line above.
Note: Building and installing the non-secure and SCP FWU images (NS\_BL1U,
NS\_BL2U and SCP\_BL2U) is outside the scope of this document.
The result of this build will be bl1.bin, fip.bin and fwu\_fip.bin binaries.
Both the FIP and FWU\_FIP will include the certificates corresponding to the
Chain of Trust described in the TBBR-client document. These certificates
can also be found in the output build directory.
Building the Certificate Generation Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The ``cert_create`` tool is built as part of the TF build process when the ``fip``
make target is specified and TBB is enabled (as described in the previous
section), but it can also be built separately with the following command:
::
make PLAT=<platform> [DEBUG=1] [V=1] certtool
For platforms that do not require their own IDs in certificate files,
the generic 'cert\_create' tool can be built with the following command:
::
make USE_TBBR_DEFS=1 [DEBUG=1] [V=1] certtool
``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
verbose. The following command should be used to obtain help about the tool:
::
./tools/cert_create/cert_create -h
Building a FIP for Juno and FVP
-------------------------------
This section provides Juno and FVP specific instructions to build Trusted
Firmware, obtain the additional required firmware, and pack it all together in
a single FIP binary. It assumes that a `Linaro Release`_
has been installed.
Note: Linaro Release 16.06 only includes pre-built binaries for AArch64. For
AArch32, pre-built binaries are only available from Linaro Release 16.12.
Note: follow the full instructions for one platform before switching to a
different one. Mixing instructions for different platforms may result in
corrupted binaries.
#. Clean the working directory
::
make realclean
#. Obtain SCP\_BL2 (Juno) and BL33 (all platforms)
Use the fiptool to extract the SCP\_BL2 and BL33 images from the FIP
package included in the Linaro release:
::
# Build the fiptool
make [DEBUG=1] [V=1] fiptool
# Unpack firmware images from Linaro FIP
./tools/fiptool/fiptool unpack \
<path/to/linaro/release>/fip.bin
The unpack operation will result in a set of binary images extracted to the
working directory. The SCP\_BL2 image corresponds to ``scp-fw.bin`` and BL33
corresponds to ``nt-fw.bin``.
Note: the fiptool will complain if the images to be unpacked already
exist in the current directory. If that is the case, either delete those
files or use the ``--force`` option to overwrite.
Note for AArch32, the instructions below assume that nt-fw.bin is a custom
Normal world boot loader that supports AArch32.
#. Build TF images and create a new FIP for FVP
::
# AArch64
make PLAT=fvp BL33=nt-fw.bin all fip
# AArch32
make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=nt-fw.bin all fip
#. Build TF images and create a new FIP for Juno
For AArch64:
Building for AArch64 on Juno simply requires the addition of ``SCP_BL2``
as a build parameter.
::
make PLAT=juno all fip \
BL33=<path-to-juno-oe-uboot>/SOFTWARE/bl33-uboot.bin \
SCP_BL2=<path-to-juno-busybox-uboot>/SOFTWARE/scp_bl2.bin
For AArch32:
Hardware restrictions on Juno prevent cold reset into AArch32 execution mode,
therefore BL1 and BL2 must be compiled for AArch64, and BL32 is compiled
separately for AArch32.
- Before building BL32, the environment variable ``CROSS_COMPILE`` must point
to the AArch32 Linaro cross compiler.
::
export CROSS_COMPILE=<path-to-aarch32-gcc>/bin/arm-linux-gnueabihf-
- Build BL32 in AArch32.
::
make ARCH=aarch32 PLAT=juno AARCH32_SP=sp_min \
RESET_TO_SP_MIN=1 JUNO_AARCH32_EL3_RUNTIME=1 bl32
- Before building BL1 and BL2, the environment variable ``CROSS_COMPILE``
must point to the AArch64 Linaro cross compiler.
::
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu-
- The following parameters should be used to build BL1 and BL2 in AArch64
and point to the BL32 file.
::
make ARCH=aarch64 PLAT=juno LOAD_IMAGE_V2=1 JUNO_AARCH32_EL3_RUNTIME=1 \
BL33=<path-to-juno32-oe-uboot>/SOFTWARE/bl33-uboot.bin \
SCP_BL2=<path-to-juno32-oe-uboot>/SOFTWARE/scp_bl2.bin SPD=tspd \
BL32=<path-to-bl32>/bl32.bin all fip
The resulting BL1 and FIP images may be found in:
::
# Juno
./build/juno/release/bl1.bin
./build/juno/release/fip.bin
# FVP
./build/fvp/release/bl1.bin
./build/fvp/release/fip.bin
EL3 payloads alternative boot flow
----------------------------------
On a pre-production system, the ability to execute arbitrary, bare-metal code at
the highest exception level is required. It allows full, direct access to the
hardware, for example to run silicon soak tests.
Although it is possible to implement some baremetal secure firmware from
scratch, this is a complex task on some platforms, depending on the level of
configuration required to put the system in the expected state.
Rather than booting a baremetal application, a possible compromise is to boot
``EL3 payloads`` through the Trusted Firmware instead. This is implemented as an
alternative boot flow, where a modified BL2 boots an EL3 payload, instead of
loading the other BL images and passing control to BL31. It reduces the
complexity of developing EL3 baremetal code by:
- putting the system into a known architectural state;
- taking care of platform secure world initialization;
- loading the SCP\_BL2 image if required by the platform.
When booting an EL3 payload on ARM standard platforms, the configuration of the
TrustZone controller is simplified such that only region 0 is enabled and is
configured to permit secure access only. This gives full access to the whole
DRAM to the EL3 payload.
The system is left in the same state as when entering BL31 in the default boot
flow. In particular:
- Running in EL3;
- Current state is AArch64;
- Little-endian data access;
- All exceptions disabled;
- MMU disabled;
- Caches disabled.
Booting an EL3 payload
~~~~~~~~~~~~~~~~~~~~~~
The EL3 payload image is a standalone image and is not part of the FIP. It is
not loaded by the Trusted Firmware. Therefore, there are 2 possible scenarios:
- The EL3 payload may reside in non-volatile memory (NVM) and execute in
place. In this case, booting it is just a matter of specifying the right
address in NVM through ``EL3_PAYLOAD_BASE`` when building the TF.
- The EL3 payload needs to be loaded in volatile memory (e.g. DRAM) at
run-time.
To help in the latter scenario, the ``SPIN_ON_BL1_EXIT=1`` build option can be
used. The infinite loop that it introduces in BL1 stops execution at the right
moment for a debugger to take control of the target and load the payload (for
example, over JTAG).
It is expected that this loading method will work in most cases, as a debugger
connection is usually available in a pre-production system. The user is free to
use any other platform-specific mechanism to load the EL3 payload, though.
Booting an EL3 payload on FVP
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The EL3 payloads boot flow requires the CPU's mailbox to be cleared at reset for
the secondary CPUs holding pen to work properly. Unfortunately, its reset value
is undefined on the FVP platform and the FVP platform code doesn't clear it.
Therefore, one must modify the way the model is normally invoked in order to
clear the mailbox at start-up.
One way to do that is to create an 8-byte file containing all zero bytes using
the following command:
::
dd if=/dev/zero of=mailbox.dat bs=1 count=8
and pre-load it into the FVP memory at the mailbox address (i.e. ``0x04000000``)
using the following model parameters:
::
--data cluster0.cpu0=mailbox.dat@0x04000000 [Base FVPs]
--data=mailbox.dat@0x04000000 [Foundation FVP]
To provide the model with the EL3 payload image, the following methods may be
used:
#. If the EL3 payload is able to execute in place, it may be programmed into
flash memory. On Base Cortex and AEM FVPs, the following model parameter
loads it at the base address of the NOR FLASH1 (the NOR FLASH0 is already
used for the FIP):
::
-C bp.flashloader1.fname="/path/to/el3-payload"
On Foundation FVP, there is no flash loader component and the EL3 payload
may be programmed anywhere in flash using method 3 below.
#. When using the ``SPIN_ON_BL1_EXIT=1`` loading method, the following DS-5
command may be used to load the EL3 payload ELF image over JTAG:
::
load /path/to/el3-payload.elf
#. The EL3 payload may be pre-loaded in volatile memory using the following
model parameters:
::
--data cluster0.cpu0="/path/to/el3-payload"@address [Base FVPs]
--data="/path/to/el3-payload"@address [Foundation FVP]
The address provided to the FVP must match the ``EL3_PAYLOAD_BASE`` address
used when building the Trusted Firmware.
Booting an EL3 payload on Juno
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If the EL3 payload is able to execute in place, it may be programmed in flash
memory by adding an entry in the ``SITE1/HBI0262x/images.txt`` configuration file
on the Juno SD card (where ``x`` depends on the revision of the Juno board).
Refer to the `Juno Getting Started Guide`_, section 2.3 "Flash memory
programming" for more information.
Alternatively, the same DS-5 command mentioned in the FVP section above can
be used to load the EL3 payload's ELF file over JTAG on Juno.
Preloaded BL33 alternative boot flow
------------------------------------
Some platforms have the ability to preload BL33 into memory instead of relying
on Trusted Firmware to load it. This may simplify packaging of the normal world
code and improve performance in a development environment. When secure world
cold boot is complete, Trusted Firmware simply jumps to a BL33 base address
provided at build time.
For this option to be used, the ``PRELOADED_BL33_BASE`` build option has to be
used when compiling the Trusted Firmware. For example, the following command
will create a FIP without a BL33 and prepare to jump to a BL33 image loaded at
address 0x80000000:
::
make PRELOADED_BL33_BASE=0x80000000 PLAT=fvp all fip
Boot of a preloaded bootwrapped kernel image on Base FVP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following example uses the AArch64 boot wrapper. This simplifies normal
world booting while also making use of TF features. It can be obtained from its
repository with:
::
git clone git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git
After compiling it, an ELF file is generated. It can be loaded with the
following command:
::
<path-to>/FVP_Base_AEMv8A-AEMv8A \
-C bp.secureflashloader.fname=bl1.bin \
-C bp.flashloader0.fname=fip.bin \
-a cluster0.cpu0=<bootwrapped-kernel.elf> \
--start cluster0.cpu0=0x0
The ``-a cluster0.cpu0=<bootwrapped-kernel.elf>`` option loads the ELF file. It
also sets the PC register to the ELF entry point address, which is not the
desired behaviour, so the ``--start cluster0.cpu0=0x0`` option forces the PC back
to 0x0 (the BL1 entry point address) on CPU #0. The ``PRELOADED_BL33_BASE`` define
used when compiling the FIP must match the ELF entry point.
Boot of a preloaded bootwrapped kernel image on Juno
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The procedure to obtain and compile the boot wrapper is very similar to the case
of the FVP. The execution must be stopped at the end of bl2\_main(), and the
loading method explained above in the EL3 payload boot flow section may be used
to load the ELF file over JTAG on Juno.
Running the software on FVP
---------------------------
The latest version of the AArch64 build of ARM Trusted Firmware has been tested
on the following ARM FVPs (64-bit host machine only).
- ``Foundation_Platform`` (Version 10.2, Build 10.2.20)
- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.4, Build 0.8.8402)
- ``FVP_Base_Cortex-A57x4-A53x4`` (Version 8.4, Build 0.8.8402)
The latest version of the AArch32 build of ARM Trusted Firmware has been tested
on the following ARM FVPs (64-bit host machine only).
- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.4, Build 0.8.8402)
- ``FVP_Base_Cortex-A32x4`` (Version 10.1, Build 10.1.32)
NOTE: The build numbers quoted above are those reported by launching the FVP
with the ``--version`` parameter.
NOTE: The software will not work on Version 1.0 of the Foundation FVP.
The commands below would report an ``unhandled argument`` error in this case.
NOTE: FVPs can be launched with ``--cadi-server`` option such that a
CADI-compliant debugger (for example, ARM DS-5) can connect to and control its
execution.
The Foundation FVP is a cut down version of the AArch64 Base FVP. It can be
downloaded for free from `ARM's website`_.
Please refer to the FVP documentation for a detailed description of the model
parameter options. A brief description of the important ones that affect the ARM
Trusted Firmware and normal world software behavior is provided below.
Note the instructions in the following sections assume that Linaro Release 16.06
is being used.
Obtaining the Flattened Device Trees
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Depending on the FVP configuration and Linux configuration used, different
FDT files are required. FDTs for the Foundation and Base FVPs can be found in
the Trusted Firmware source directory under ``fdts/``. The Foundation FVP has a
subset of the Base FVP components. For example, the Foundation FVP lacks CLCD
and MMC support, and has only one CPU cluster.
Note: It is not recommended to use the FDTs built along the kernel because not
all FDTs are available from there.
- ``fvp-base-gicv2-psci.dtb``
For use with both AEMv8 and Cortex-A57-A53 Base FVPs with
Base memory map configuration.
- ``fvp-base-gicv2-psci-aarch32.dtb``
For use with AEMv8 and Cortex-A32 Base FVPs running Linux in AArch32 state
with Base memory map configuration.
- ``fvp-base-gicv3-psci.dtb``
(Default) For use with both AEMv8 and Cortex-A57-A53 Base FVPs with Base
memory map configuration and Linux GICv3 support.
- ``fvp-base-gicv3-psci-aarch32.dtb``
For use with AEMv8 and Cortex-A32 Base FVPs running Linux in AArch32 state
with Base memory map configuration and Linux GICv3 support.
- ``fvp-foundation-gicv2-psci.dtb``
For use with Foundation FVP with Base memory map configuration.
- ``fvp-foundation-gicv3-psci.dtb``
(Default) For use with Foundation FVP with Base memory map configuration
and Linux GICv3 support.
Running on the Foundation FVP with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``Foundation_Platform`` parameters should be used to boot Linux with
4 CPUs using the AArch64 build of ARM Trusted Firmware.
::
<path-to>/Foundation_Platform \
--cores=4 \
--secure-memory \
--visualization \
--gicv3 \
--data="<path-to>/<bl1-binary>"@0x0 \
--data="<path-to>/<FIP-binary>"@0x08000000 \
--data="<path-to>/<fdt>"@0x83000000 \
--data="<path-to>/<kernel-binary>"@0x80080000 \
--block-device="<path-to>/<file-system-image>"
Notes:
- BL1 is loaded at the start of the Trusted ROM.
- The Firmware Image Package is loaded at the start of NOR FLASH0.
- The Linux kernel image and device tree are loaded in DRAM.
- The default use-case for the Foundation FVP is to use the ``--gicv3`` option
and enable the GICv3 device in the model. Note that without this option,
the Foundation FVP defaults to legacy (Versatile Express) memory map which
is not supported by ARM Trusted Firmware.
Running on the AEMv8 Base FVP with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
with 8 CPUs using the AArch64 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_AEMv8A-AEMv8A \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cluster0.NUM_CORES=4 \
-C cluster1.NUM_CORES=4 \
-C cache_state_modelled=1 \
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running on the AEMv8 Base FVP (AArch32) with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
with 8 CPUs using the AArch32 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_AEMv8A-AEMv8A \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cluster0.NUM_CORES=4 \
-C cluster1.NUM_CORES=4 \
-C cache_state_modelled=1 \
-C cluster0.cpu0.CONFIG64=0 \
-C cluster0.cpu1.CONFIG64=0 \
-C cluster0.cpu2.CONFIG64=0 \
-C cluster0.cpu3.CONFIG64=0 \
-C cluster1.cpu0.CONFIG64=0 \
-C cluster1.cpu1.CONFIG64=0 \
-C cluster1.cpu2.CONFIG64=0 \
-C cluster1.cpu3.CONFIG64=0 \
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running on the Cortex-A57-A53 Base FVP with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
boot Linux with 8 CPUs using the AArch64 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cache_state_modelled=1 \
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running on the Cortex-A32 Base FVP (AArch32) with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
boot Linux with 4 CPUs using the AArch32 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_Cortex-A32x4 \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cache_state_modelled=1 \
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running on the AEMv8 Base FVP with reset to BL31 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
with 8 CPUs using the AArch64 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_AEMv8A-AEMv8A \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cluster0.NUM_CORES=4 \
-C cluster1.NUM_CORES=4 \
-C cache_state_modelled=1 \
-C cluster0.cpu0.RVBAR=0x04023000 \
-C cluster0.cpu1.RVBAR=0x04023000 \
-C cluster0.cpu2.RVBAR=0x04023000 \
-C cluster0.cpu3.RVBAR=0x04023000 \
-C cluster1.cpu0.RVBAR=0x04023000 \
-C cluster1.cpu1.RVBAR=0x04023000 \
-C cluster1.cpu2.RVBAR=0x04023000 \
-C cluster1.cpu3.RVBAR=0x04023000 \
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04023000 \
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000 \
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Notes:
- Since a FIP is not loaded when using BL31 as reset entrypoint, the
``--data="<path-to><bl31|bl32|bl33-binary>"@<base-address-of-binary>``
parameter is needed to load the individual bootloader images in memory.
BL32 image is only needed if BL31 has been built to expect a Secure-EL1
Payload.
- The ``-C cluster<X>.cpu<Y>.RVBAR=@<base-address-of-bl31>`` parameter, where
X and Y are the cluster and CPU numbers respectively, is used to set the
reset vector for each core.
- Changing the default value of ``ARM_TSP_RAM_LOCATION`` will also require
changing the value of
``--data="<path-to><bl32-binary>"@<base-address-of-bl32>`` to the new value of
``BL32_BASE``.
Running on the AEMv8 Base FVP (AArch32) with reset to SP\_MIN entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
with 8 CPUs using the AArch32 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_AEMv8A-AEMv8A \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cluster0.NUM_CORES=4 \
-C cluster1.NUM_CORES=4 \
-C cache_state_modelled=1 \
-C cluster0.cpu0.CONFIG64=0 \
-C cluster0.cpu1.CONFIG64=0 \
-C cluster0.cpu2.CONFIG64=0 \
-C cluster0.cpu3.CONFIG64=0 \
-C cluster1.cpu0.CONFIG64=0 \
-C cluster1.cpu1.CONFIG64=0 \
-C cluster1.cpu2.CONFIG64=0 \
-C cluster1.cpu3.CONFIG64=0 \
-C cluster0.cpu0.RVBAR=0x04001000 \
-C cluster0.cpu1.RVBAR=0x04001000 \
-C cluster0.cpu2.RVBAR=0x04001000 \
-C cluster0.cpu3.RVBAR=0x04001000 \
-C cluster1.cpu0.RVBAR=0x04001000 \
-C cluster1.cpu1.RVBAR=0x04001000 \
-C cluster1.cpu2.RVBAR=0x04001000 \
-C cluster1.cpu3.RVBAR=0x04001000 \
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000 \
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Note: The load address of ``<bl32-binary>`` depends on the value ``BL32_BASE``.
It should match the address programmed into the RVBAR register as well.
Running on the Cortex-A57-A53 Base FVP with reset to BL31 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
boot Linux with 8 CPUs using the AArch64 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cache_state_modelled=1 \
-C cluster0.cpu0.RVBARADDR=0x04023000 \
-C cluster0.cpu1.RVBARADDR=0x04023000 \
-C cluster0.cpu2.RVBARADDR=0x04023000 \
-C cluster0.cpu3.RVBARADDR=0x04023000 \
-C cluster1.cpu0.RVBARADDR=0x04023000 \
-C cluster1.cpu1.RVBARADDR=0x04023000 \
-C cluster1.cpu2.RVBARADDR=0x04023000 \
-C cluster1.cpu3.RVBARADDR=0x04023000 \
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04023000 \
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000 \
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running on the Cortex-A32 Base FVP (AArch32) with reset to SP\_MIN entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
boot Linux with 4 CPUs using the AArch32 build of ARM Trusted Firmware.
::
<path-to>/FVP_Base_Cortex-A32x4 \
-C pctl.startup=0.0.0.0 \
-C bp.secure_memory=1 \
-C bp.tzc_400.diagnostics=1 \
-C cache_state_modelled=1 \
-C cluster0.cpu0.RVBARADDR=0x04001000 \
-C cluster0.cpu1.RVBARADDR=0x04001000 \
-C cluster0.cpu2.RVBARADDR=0x04001000 \
-C cluster0.cpu3.RVBARADDR=0x04001000 \
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04001000 \
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
--data cluster0.cpu0="<path-to>/<fdt>"@0x83000000 \
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
Running the software on Juno
----------------------------
This version of the ARM Trusted Firmware has been tested on Juno r0 and Juno r1.
To execute the software stack on Juno, the version of the Juno board recovery
image indicated in the `Linaro Release Notes`_ must be installed. If you have an
earlier version installed or are unsure which version is installed, please
re-install the recovery image by following the
`Instructions for using Linaro's deliverables on Juno`_.
Preparing Trusted Firmware images
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
After building Trusted Firmware, the files ``bl1.bin`` and ``fip.bin`` need copying
to the ``SOFTWARE/`` directory of the Juno SD card.
Other Juno software information
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please visit the `ARM Platforms Portal`_ to get support and obtain any other Juno
software information. Please also refer to the `Juno Getting Started Guide`_ to
get more detailed information about the Juno ARM development platform and how to
configure it.
Testing SYSTEM SUSPEND on Juno
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The SYSTEM SUSPEND is a PSCI API which can be used to implement system suspend
to RAM. For more details refer to section 5.16 of `PSCI`_. To test system suspend
on Juno, at the linux shell prompt, issue the following command:
::
echo +10 > /sys/class/rtc/rtc0/wakealarm
echo -n mem > /sys/power/state
The Juno board should suspend to RAM and then wakeup after 10 seconds due to
wakeup interrupt from RTC.
--------------
*Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.*
.. _Linaro: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated
.. _Instructions for using the Linaro software deliverables: https://community.arm.com/dev-platforms/b/documents/posts/instructions-for-using-the-linaro-software-deliverables
.. _Firmware Design: firmware-design.rst
.. _Linaro Release Notes: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated
.. _Linaro instructions: https://community.arm.com/dev-platforms/b/documents/posts/instructions-for-using-the-linaro-software-deliverables
.. _Development Studio 5 (DS-5): http://www.arm.com/products/tools/software-tools/ds-5/index.php
.. _Summary of build options: #user-content-summary-of-build-options
.. _here: ./psci-lib-integration-guide.rst
.. _Building the Test Secure Payload: #user-content-building-the-test-secure-payload
.. _Trusted Board Boot: trusted-board-boot.rst
.. _Secure-EL1 Payloads and Dispatchers: firmware-design.rst#user-content-secure-el1-payloads-and-dispatchers
.. _Firmware Update: ./firmware-update.rst
.. _mbed TLS Repository: https://github.com/ARMmbed/mbedtls.git
.. _mbed TLS Security Center: https://tls.mbed.org/security
.. _Linaro Release: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated
.. _Juno Getting Started Guide: http://infocenter.arm.com/help/topic/com.arm.doc.dui0928e/DUI0928E_juno_arm_development_platform_gsg.pdf
.. _ARM's website: https://developer.arm.com/products/system-design/fixed-virtual-platforms
.. _Instructions for using Linaro's deliverables on Juno: https://community.arm.com/dev-platforms/b/documents/posts/using-linaros-deliverables-on-juno
.. _ARM Platforms Portal: https://community.arm.com/groups/arm-development-platforms
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
license.rst 0 → 100644
View file @ 6f625747
Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above copyright notice, this
list of conditions and the following disclaimer in the documentation and/or
other materials provided with the distribution.
- Neither the name of ARM nor the names of its contributors may be used to
endorse or promote products derived from this software without specific prior
written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--------------
Note:
Individual files contain the following tag instead of the full license text.
::
SPDX-License-Identifier: BSD-3-Clause
This enables machine processing of license information based on the SPDX
License Identifiers that are here available: http://spdx.org/licenses/
maintainers.rst 0 → 100644
View file @ 6f625747
ARM Trusted Firmware Maintainers
================================
ARM Trusted Firmware is an ARM maintained project. All contributions are
ultimately merged by the maintainers listed below. Technical ownership of some
parts of the codebase is delegated to the sub-maintainers listed below. An
acknowledgement from these sub-maintainers may be required before the
maintainers merge a contribution.
Maintainers
-----------
Dan Handley (dan.handley@arm.com, `danh-arm`_)
David Cunado (david.cunado@arm.com, `davidcunado-arm`_)
OPTEE and QEMU platform sub-maintainer
--------------------------------------
Jens Wiklander (jens.wiklander@linaro.org, `jenswi-linaro`_)
Files:
- docs/spd/optee-dispatcher.md
- docs/plat/qemu.md
- services/spd/opteed/\*
- plat/qemu/\*
TLK/Trusty SPDs and NVidia platforms sub-maintainer
---------------------------------------------------
Varun Wadekar (vwadekar@nvidia.com, `vwadekar`_)
Files:
- docs/spd/tlk-dispatcher.md
- docs/spd/trusty-dispatcher.md
- include/bl32/payloads/tlk.h
- include/lib/cpus/aarch64/denver.h
- lib/cpus/aarch64/denver.S
- services/spd/tlkd/\*
- services/spd/trusty/\*
- plat/nvidia/\*
eMMC/UFS drivers and HiSilicon platform sub-maintainer
------------------------------------------------------
Haojian Zhuang (haojian.zhuang@linaro.org, `hzhuang1`_)
Files:
- docs/plat/hikey.md
- docs/plat/hikey960.md
- drivers/emmc/\*
- drivers/partition/\*
- drivers/synopsys/emmc/\*
- drivers/synopsys/ufs/\*
- drivers/ufs/\*
- include/drivers/dw\_ufs.h
- include/drivers/emmc.h
- include/drivers/ufs.h
- include/drivers/synopsys/dw\_mmc.h
- plat/hisilicon/\*
MediaTek platform sub-maintainer
--------------------------------
Yidi Lin (林以廸 yidi.lin@mediatek.com, `mtk09422`_)
Files:
- plat/mediatek/\*
RockChip platform sub-maintainer
--------------------------------
Tony Xie (tony.xie@rock-chips.com, `TonyXie06`_
or `rkchrome`_)
Files:
- plat/rockchip/\*
Xilinx platform sub-maintainer
------------------------------
Sören Brinkmann (soren.brinkmann@xilinx.com, `sorenb-xlnx`_)
Files:
- docs/plat/xilinx-zynqmp.md
- plat/xilinx/\*
.. _danh-arm: https://github.com/danh-arm
.. _davidcunado-arm: https://github.com/davidcunado-arm
.. _jenswi-linaro: https://github.com/jenswi-linaro
.. _vwadekar: https://github.com/vwadekar
.. _hzhuang1: https://github.com/hzhuang1
.. _mtk09422: https://github.com/mtk09422
.. _TonyXie06: https://github.com/TonyXie06
.. _rkchrome: https://github.com/rkchrome
.. _sorenb-xlnx: https://github.com/sorenb-xlnx
readme.rst 0 → 100644
View file @ 6f625747
ARM Trusted Firmware - version 1.3
==================================
ARM Trusted Firmware provides a reference implementation of secure world
software for `ARMv8-A`_, including a `Secure Monitor`_ executing at
Exception Level 3 (EL3). It implements various ARM interface standards, such as
the Power State Coordination Interface (`PSCI`_), Trusted Board Boot Requirements
(TBBR, ARM DEN0006C-1) and `SMC Calling Convention`_. As far as possible
the code is designed for reuse or porting to other ARMv8-A model and hardware
platforms.
ARM will continue development in collaboration with interested parties to
provide a full reference implementation of PSCI, TBBR and Secure Monitor code
to the benefit of all developers working with ARMv8-A TrustZone technology.
License
-------
The software is provided under a BSD-3-Clause `license`_. Contributions to this
project are accepted under the same license with developer sign-off as
described in the `Contributing Guidelines`_.
This project contains code from other projects as listed below. The original
license text is included in those source files.
- The stdlib source code is derived from FreeBSD code.
- The libfdt source code is dual licensed. It is used by this project under
the terms of the BSD-2-Clause license.
This Release
------------
This release provides a suitable starting point for productization of secure
world boot and runtime firmware, executing in either the AArch32 or AArch64
execution state.
Users are encouraged to do their own security validation, including penetration
testing, on any secure world code derived from ARM Trusted Firmware.
Functionality
~~~~~~~~~~~~~
- Initialization of the secure world (for example, exception vectors, control
registers, interrupt controller and interrupts for the platform), before
transitioning into the normal world at the Exception Level and Register
Width specified by the platform.
- Library support for CPU specific reset and power down sequences. This
includes support for errata workarounds.
- Drivers for both versions 2.0 and 3.0 of the ARM Generic Interrupt
Controller specifications (GICv2 and GICv3). The latter also enables GICv3
hardware systems that do not contain legacy GICv2 support.
- Drivers to enable standard initialization of ARM System IP, for example
Cache Coherent Interconnect (CCI), Cache Coherent Network (CCN), Network
Interconnect (NIC) and TrustZone Controller (TZC).
- SMC (Secure Monitor Call) handling, conforming to the
`SMC Calling Convention`_ using an EL3 runtime services framework.
- `PSCI`_ library support for the Secondary CPU Boot, CPU Hotplug, CPU Idle
and System Shutdown/Reset/Suspend use-cases.
This library is pre-integrated with the provided AArch64 EL3 Runtime
Software, and is also suitable for integration into other EL3 Runtime
Software.
- A minimal AArch32 Secure Payload to demonstrate `PSCI`_ library integration
on platforms with AArch32 EL3 Runtime Software.
- Secure Monitor library code such as world switching, EL1 context management
and interrupt routing.
When using the provided AArch64 EL3 Runtime Software, this must be
integrated with a Secure-EL1 Payload Dispatcher (SPD) component to
customize the interaction with a Secure-EL1 Payload (SP), for example a
Secure OS.
- A Test Secure-EL1 Payload and Dispatcher to demonstrate AArch64 Secure
Monitor functionality and Secure-EL1 interaction with PSCI.
- AArch64 SPDs for the `OP-TEE Secure OS`_ and `NVidia Trusted Little Kernel`_.
- A Trusted Board Boot implementation, conforming to all mandatory TBBR
requirements. This includes image authentication using certificates, a
Firmware Update (or recovery mode) boot flow, and packaging of the various
firmware images into a Firmware Image Package (FIP) to be loaded from
non-volatile storage.
The TBBR implementation is currently only supported in the AArch64 build.
- Support for alternative boot flows. Some platforms have their own boot
firmware and only require the AArch64 EL3 Runtime Software provided by this
project. Other platforms require minimal initialization before booting
into an arbitrary EL3 payload.
For a full description of functionality and implementation details, please
see the `Firmware Design`_ and supporting documentation. The `Change Log`_
provides details of changes made since the last release.
Platforms
~~~~~~~~~
The AArch64 build of this release has been tested on variants r0, r1 and r2
of the `Juno ARM Development Platform`_ with `Linaro Release 16.06`_.
The AArch64 build of this release has been tested on the following ARM
`FVP`_\ s (64-bit host machine only, with `Linaro Release 16.06`_):
- ``Foundation_Platform`` (Version 10.1, Build 10.1.32)
- ``FVP_Base_AEMv8A-AEMv8A`` (Version 7.7, Build 0.8.7701)
- ``FVP_Base_Cortex-A57x4-A53x4`` (Version 7.7, Build 0.8.7701)
- ``FVP_Base_Cortex-A57x1-A53x1`` (Version 7.7, Build 0.8.7701)
- ``FVP_Base_Cortex-A57x2-A53x4`` (Version 7.7, Build 0.8.7701)
The AArch32 build of this release has been tested on the following ARM
`FVP`_\ s (64-bit host machine only, with `Linaro Release 16.06`_):
- ``FVP_Base_AEMv8A-AEMv8A`` (Version 7.7, Build 0.8.7701)
- ``FVP_Base_Cortex-A32x4`` (Version 10.1, Build 10.1.32)
The Foundation FVP can be downloaded free of charge. The Base FVPs can be
licensed from ARM: see `www.arm.com/fvp`_.
This release also contains the following platform support:
- MediaTek MT6795 and MT8173 SoCs
- NVidia T210 and T132 SoCs
- QEMU emulator
- RockChip RK3368 and RK3399 SoCs
- Xilinx Zynq UltraScale + MPSoC
Still to Come
~~~~~~~~~~~~~
- AArch32 TBBR support and ongoing TBBR alignment.
- More platform support.
- Ongoing support for new architectural features, CPUs and System IP.
- Ongoing `PSCI`_ alignment and feature support.
- Ongoing security hardening, optimization and quality improvements.
For a full list of detailed issues in the current code, please see the
`Change Log`_ and the `GitHub issue tracker`_.
Getting Started
---------------
Get the Trusted Firmware source code from
`GitHub`_.
See the `User Guide`_ for instructions on how to install, build and use
the Trusted Firmware with the ARM `FVP`_\ s.
See the `Firmware Design`_ for information on how the ARM Trusted Firmware works.
See the `Porting Guide`_ as well for information about how to use this
software on another ARMv8-A platform.
See the `Contributing Guidelines`_ for information on how to contribute to this
project and the `Acknowledgments`_ file for a list of contributors to the
project.
Feedback and support
~~~~~~~~~~~~~~~~~~~~
ARM welcomes any feedback on the Trusted Firmware. Please send feedback using
the `GitHub issue tracker`_.
ARM licensees may contact ARM directly via their partner managers.
--------------
*Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved.*
.. _ARMv8-A: http://www.arm.com/products/processors/armv8-architecture.php
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html
.. _license: ./license.rst
.. _Contributing Guidelines: ./contributing.rst
.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
.. _NVidia Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
.. _Firmware Design: ./docs/firmware-design.rst
.. _Change Log: ./docs/change-log.rst
.. _Juno ARM Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
.. _Linaro Release 16.06: https://community.arm.com/docs/DOC-10952#jive_content_id_Linaro_Release_1606
.. _FVP: http://www.arm.com/fvp
.. _www.arm.com/fvp: http://www.arm.com/fvp
.. _GitHub issue tracker: https://github.com/ARM-software/tf-issues/issues
.. _GitHub: https://www.github.com/ARM-software/arm-trusted-firmware
.. _User Guide: ./docs/user-guide.rst
.. _Porting Guide: ./docs/porting-guide.rst
.. _Acknowledgments: ./acknowledgements.rst
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment