16f625747SDouglas RaillardARM Trusted Firmware for Socionext UniPhier SoCs 26f625747SDouglas Raillard================================================ 36f625747SDouglas Raillard 4*58b6fccfSMasahiro Yamada 56f625747SDouglas RaillardSocionext UniPhier ARMv8-A SoCs use ARM Trusted Firmware as the secure world 66f625747SDouglas Raillardfirmware, supporting BL1, BL2, and BL31. 76f625747SDouglas Raillard 86f625747SDouglas RaillardUniPhier SoC family implements its internal boot ROM, so BL1 is used as pseudo 9*58b6fccfSMasahiro YamadaROM (i.e. runs in RAM). The internal boot ROM loads 64KB [1]_ image from a 106f625747SDouglas Raillardnon-volatile storage to the on-chip SRAM. Unfortunately, BL1 does not fit in 116f625747SDouglas Raillardthe 64KB limit if `Trusted Board Boot`_ (TBB) is enabled. To solve this problem, 126f625747SDouglas RaillardSocionext provides a first stage loader called `UniPhier BL`_. This loader runs 136f625747SDouglas Raillardin the on-chip SRAM, initializes the DRAM, expands BL1 there, and hands the 146f625747SDouglas Raillardcontrol over to it. Therefore, all images of ARM Trusted Firmware run in DRAM. 156f625747SDouglas Raillard 166f625747SDouglas RaillardThe UniPhier platform works with/without TBB. See below for the build process 176f625747SDouglas Raillardof each case. The image authentication for the UniPhier platform fully 186f625747SDouglas Raillardcomplies with the Trusted Board Boot Requirements (TBBR) specification. 196f625747SDouglas Raillard 206f625747SDouglas RaillardThe UniPhier BL does not implement the authentication functionality, that is, 216f625747SDouglas Raillardit can not verify the BL1 image by itself. Instead, the UniPhier BL assures 226f625747SDouglas Raillardthe BL1 validity in a different way; BL1 is GZIP-compressed and appended to 236f625747SDouglas Raillardthe UniPhier BL. The concatenation of the UniPhier BL and the compressed BL1 246f625747SDouglas Raillardfits in the 64KB limit. The concatenated image is loaded by the boot ROM 256f625747SDouglas Raillard(and verified if the chip fuses are blown). 266f625747SDouglas Raillard 276f625747SDouglas Raillard 286f625747SDouglas RaillardBoot Flow 296f625747SDouglas Raillard--------- 306f625747SDouglas Raillard 31*58b6fccfSMasahiro Yamada1. The Boot ROM 326f625747SDouglas Raillard 336f625747SDouglas Raillard This is hard-wired ROM, so never corrupted. It loads the UniPhier BL (with 346f625747SDouglas Raillard compressed-BL1 appended) into the on-chip SRAM. If the SoC fuses are blown, 356f625747SDouglas Raillard the image is verified by the SoC's own method. 366f625747SDouglas Raillard 37*58b6fccfSMasahiro Yamada2. UniPhier BL 386f625747SDouglas Raillard 396f625747SDouglas Raillard This runs in the on-chip SRAM. After the minimum SoC initialization and DRAM 406f625747SDouglas Raillard setup, it decompresses the appended BL1 image into the DRAM, then jumps to 416f625747SDouglas Raillard the BL1 entry. 426f625747SDouglas Raillard 43*58b6fccfSMasahiro Yamada3. BL1 446f625747SDouglas Raillard 456f625747SDouglas Raillard This runs in the DRAM. It extracts BL2 from FIP (Firmware Image Package). 466f625747SDouglas Raillard If TBB is enabled, the BL2 is authenticated by the standard mechanism of ARM 476f625747SDouglas Raillard Trusted Firmware. 486f625747SDouglas Raillard 49*58b6fccfSMasahiro Yamada4. BL2, BL31, and more 506f625747SDouglas Raillard 516f625747SDouglas Raillard They all run in the DRAM, and are authenticated by the standard mechanism if 526f625747SDouglas Raillard TBB is enabled. See `Firmware Design`_ for details. 536f625747SDouglas Raillard 54*58b6fccfSMasahiro Yamada 556f625747SDouglas RaillardBasic Build 566f625747SDouglas Raillard----------- 576f625747SDouglas Raillard 586f625747SDouglas RaillardBL1 must be compressed for the reason above. The UniPhier's platform makefile 596f625747SDouglas Raillardprovides a build target ``bl1_gzip`` for this. 606f625747SDouglas Raillard 616f625747SDouglas RaillardFor a non-secure boot loader (aka BL33), U-Boot is well supported for UniPhier 626f625747SDouglas RaillardSoCs. The U-Boot image (``u-boot.bin``) must be built in advance. For the build 636f625747SDouglas Raillardprocedure of U-Boot, refer to the document in the `U-Boot`_ project. 646f625747SDouglas Raillard 65*58b6fccfSMasahiro YamadaTo build minimum functionality for UniPhier (without TBB):: 666f625747SDouglas Raillard 676f625747SDouglas Raillard make CROSS_COMPILE=<gcc-prefix> PLAT=uniphier BL33=<path-to-BL33> bl1_gzip fip 686f625747SDouglas Raillard 696f625747SDouglas RaillardOutput images: 706f625747SDouglas Raillard 716f625747SDouglas Raillard- ``bl1.bin.gzip`` 726f625747SDouglas Raillard- ``fip.bin`` 736f625747SDouglas Raillard 74*58b6fccfSMasahiro Yamada 756f625747SDouglas RaillardOptional features 766f625747SDouglas Raillard----------------- 776f625747SDouglas Raillard 786f625747SDouglas Raillard- Trusted Board Boot 796f625747SDouglas Raillard 806f625747SDouglas Raillard `mbed TLS`_ is needed as the cryptographic and image parser modules. 816f625747SDouglas Raillard Refer to the `User Guide`_ for the appropriate version of mbed TLS. 826f625747SDouglas Raillard 83*58b6fccfSMasahiro Yamada To enable TBB, add the following options to the build command:: 846f625747SDouglas Raillard 856f625747SDouglas Raillard TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=<path-to-mbedtls> 866f625747SDouglas Raillard 876f625747SDouglas Raillard- System Control Processor (SCP) 886f625747SDouglas Raillard 896f625747SDouglas Raillard If desired, FIP can include an SCP BL2 image. If BL2 finds an SCP BL2 image 906f625747SDouglas Raillard in FIP, BL2 loads it into DRAM and kicks the SCP. Most of UniPhier boards 916f625747SDouglas Raillard still work without SCP, but SCP provides better power management support. 926f625747SDouglas Raillard 93*58b6fccfSMasahiro Yamada To include SCP BL2, add the following option to the build command:: 946f625747SDouglas Raillard 956f625747SDouglas Raillard SCP_BL2=<path-to-SCP> 966f625747SDouglas Raillard 976f625747SDouglas Raillard- BL32 (Secure Payload) 986f625747SDouglas Raillard 99*58b6fccfSMasahiro Yamada To enable BL32, add the following options to the build command:: 1006f625747SDouglas Raillard 1016f625747SDouglas Raillard SPD=<spd> BL32=<path-to-BL32> 1026f625747SDouglas Raillard 1036f625747SDouglas Raillard If you use TSP for BL32, ``BL32=<path-to-BL32>`` is not required. Just add the 104*58b6fccfSMasahiro Yamada following:: 1056f625747SDouglas Raillard 1066f625747SDouglas Raillard SPD=tspd 1076f625747SDouglas Raillard 108*58b6fccfSMasahiro Yamada 109*58b6fccfSMasahiro Yamada.. [1] Some SoCs can load 80KB, but the software implementation must be aligned 110*58b6fccfSMasahiro Yamada to the lowest common denominator. 1116f625747SDouglas Raillard.. _Trusted Board Boot: ../trusted-board-boot.rst 1126f625747SDouglas Raillard.. _UniPhier BL: https://github.com/uniphier/uniphier-bl 1136f625747SDouglas Raillard.. _Firmware Design: ../firmware-design.rst 1146f625747SDouglas Raillard.. _U-Boot: https://www.denx.de/wiki/U-Boot 1156f625747SDouglas Raillard.. _mbed TLS: https://tls.mbed.org/ 1166f625747SDouglas Raillard.. _User Guide: ../user-guide.rst 117