Home | History | Annotate | Download | only in plat 
      1 ARM Trusted Firmware for Socionext UniPhier SoCs
      2 ================================================
      3 
      4 Socionext UniPhier ARMv8-A SoCs use ARM Trusted Firmware as the secure world
      5 firmware, supporting BL1, BL2, and BL31.
      6 
      7 UniPhier SoC family implements its internal boot ROM, so BL1 is used as pseudo
      8 ROM (i.e. runs in RAM). The internal boot ROM loads 64KB `1`_ image from a
      9 non-volatile storage to the on-chip SRAM. Unfortunately, BL1 does not fit in
     10 the 64KB limit if `Trusted Board Boot`_ (TBB) is enabled. To solve this problem,
     11 Socionext provides a first stage loader called `UniPhier BL`_. This loader runs
     12 in the on-chip SRAM, initializes the DRAM, expands BL1 there, and hands the
     13 control over to it. Therefore, all images of ARM Trusted Firmware run in DRAM.
     14 
     15 The UniPhier platform works with/without TBB. See below for the build process
     16 of each case. The image authentication for the UniPhier platform fully
     17 complies with the Trusted Board Boot Requirements (TBBR) specification.
     18 
     19 The UniPhier BL does not implement the authentication functionality, that is,
     20 it can not verify the BL1 image by itself. Instead, the UniPhier BL assures
     21 the BL1 validity in a different way; BL1 is GZIP-compressed and appended to
     22 the UniPhier BL. The concatenation of the UniPhier BL and the compressed BL1
     23 fits in the 64KB limit. The concatenated image is loaded by the boot ROM
     24 (and verified if the chip fuses are blown).
     25 
     26 ::
     27 
     28      to the lowest common denominator.
     29 
     30 Boot Flow
     31 ---------
     32 
     33 #. The Boot ROM
     34 
     35 This is hard-wired ROM, so never corrupted. It loads the UniPhier BL (with
     36 compressed-BL1 appended) into the on-chip SRAM. If the SoC fuses are blown,
     37 the image is verified by the SoC's own method.
     38 
     39 #. UniPhier BL
     40 
     41 This runs in the on-chip SRAM. After the minimum SoC initialization and DRAM
     42 setup, it decompresses the appended BL1 image into the DRAM, then jumps to
     43 the BL1 entry.
     44 
     45 #. BL1
     46 
     47 This runs in the DRAM. It extracts BL2 from FIP (Firmware Image Package).
     48 If TBB is enabled, the BL2 is authenticated by the standard mechanism of ARM
     49 Trusted Firmware.
     50 
     51 #. BL2, BL31, and more
     52 
     53 They all run in the DRAM, and are authenticated by the standard mechanism if
     54 TBB is enabled. See `Firmware Design`_ for details.
     55 
     56 Basic Build
     57 -----------
     58 
     59 BL1 must be compressed for the reason above. The UniPhier's platform makefile
     60 provides a build target ``bl1_gzip`` for this.
     61 
     62 For a non-secure boot loader (aka BL33), U-Boot is well supported for UniPhier
     63 SoCs. The U-Boot image (``u-boot.bin``) must be built in advance. For the build
     64 procedure of U-Boot, refer to the document in the `U-Boot`_ project.
     65 
     66 To build minimum functionality for UniPhier (without TBB):
     67 
     68 ::
     69 
     70     make CROSS_COMPILE=<gcc-prefix> PLAT=uniphier BL33=<path-to-BL33> bl1_gzip fip
     71 
     72 Output images:
     73 
     74 -  ``bl1.bin.gzip``
     75 -  ``fip.bin``
     76 
     77 Optional features
     78 -----------------
     79 
     80 -  Trusted Board Boot
     81 
     82 `mbed TLS`_ is needed as the cryptographic and image parser modules.
     83 Refer to the `User Guide`_ for the appropriate version of mbed TLS.
     84 
     85 To enable TBB, add the following options to the build command:
     86 
     87 ::
     88 
     89       TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=<path-to-mbedtls>
     90 
     91 -  System Control Processor (SCP)
     92 
     93 If desired, FIP can include an SCP BL2 image. If BL2 finds an SCP BL2 image
     94 in FIP, BL2 loads it into DRAM and kicks the SCP. Most of UniPhier boards
     95 still work without SCP, but SCP provides better power management support.
     96 
     97 To include SCP\_BL2, add the following option to the build command:
     98 
     99 ::
    100 
    101       SCP_BL2=<path-to-SCP>
    102 
    103 -  BL32 (Secure Payload)
    104 
    105 To enable BL32, add the following option to the build command:
    106 
    107 ::
    108 
    109       SPD=<spd> BL32=<path-to-BL32>
    110 
    111 If you use TSP for BL32, ``BL32=<path-to-BL32>`` is not required. Just add the
    112 following:
    113 
    114 ::
    115 
    116       SPD=tspd
    117 
    118 .. _1: Some%20SoCs%20can%20load%2080KB,%20but%20the%20software%20implementation%20must%20be%20aligned
    119 .. _Trusted Board Boot: ../trusted-board-boot.rst
    120 .. _UniPhier BL: https://github.com/uniphier/uniphier-bl
    121 .. _Firmware Design: ../firmware-design.rst
    122 .. _U-Boot: https://www.denx.de/wiki/U-Boot
    123 .. _mbed TLS: https://tls.mbed.org/
    124 .. _User Guide: ../user-guide.rst
    125