xref: /rk3399_ARM-atf/readme.rst (revision ff2743e544f0f82381ebb9dff8f14eacb837d2e0) 
1Trusted Firmware-A - version 1.5
2================================
3
4Trusted Firmware-A (TF-A) provides a reference implementation of secure world
5software for `Armv7-A and Armv8-A`_, including a `Secure Monitor`_ executing
6at Exception Level 3 (EL3). It implements various Arm interface standards,
7such as:
8
9-  The `Power State Coordination Interface (PSCI)`_
10-  Trusted Board Boot Requirements (TBBR, Arm DEN0006C-1)
11-  `SMC Calling Convention`_
12-  `System Control and Management Interface`_
13-  `Software Delegated Exception Interface (SDEI)`_
14
15Where possible, the code is designed for reuse or porting to other Armv7-A and
16Armv8-A model and hardware platforms.
17
18Arm will continue development in collaboration with interested parties to
19provide a full reference implementation of Secure Monitor code and Arm standards
20to the benefit of all developers working with Armv7-A and Armv8-A TrustZone
21technology.
22
23License
24-------
25
26The software is provided under a BSD-3-Clause `license`_. Contributions to this
27project are accepted under the same license with developer sign-off as
28described in the `Contributing Guidelines`_.
29
30This project contains code from other projects as listed below. The original
31license text is included in those source files.
32
33-  The stdlib source code is derived from FreeBSD code, which uses various
34   BSD licenses, including BSD-3-Clause and BSD-2-Clause.
35
36-  The libfdt source code is dual licensed. It is used by this project under
37   the terms of the BSD-2-Clause license.
38
39-  The LLVM compiler-rt source code is dual licensed. It is used by this
40   project under the terms of the NCSA license (also known as the University of
41   Illinois/NCSA Open Source License).
42
43-  The zlib source code is licensed under the Zlib license, which is a
44   permissive license compatible with BSD-3-Clause.
45
46This release
47------------
48
49This release provides a suitable starting point for productization of secure
50world boot and runtime firmware, in either the AArch32 or AArch64 execution
51state.
52
53Users are encouraged to do their own security validation, including penetration
54testing, on any secure world code derived from TF-A.
55
56Functionality
57~~~~~~~~~~~~~
58
59-  Initialization of the secure world, for example exception vectors, control
60   registers and interrupts for the platform.
61
62-  Library support for CPU specific reset and power down sequences. This
63   includes support for errata workarounds and the latest Arm DynamIQ CPUs.
64
65-  Drivers to enable standard initialization of Arm System IP, for example
66   Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI),
67   Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone
68   Controller (TZC).
69
70-  A generic `SCMI`_ driver to interface with conforming power controllers, for
71   example the Arm System Control Processor (SCP).
72
73-  SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
74   Convention`_ using an EL3 runtime services framework.
75
76-  `PSCI`_ library support for CPU, cluster and system power management
77   use-cases.
78   This library is pre-integrated with the AArch64 EL3 Runtime Software, and
79   is also suitable for integration with other AArch32 EL3 Runtime Software,
80   for example an AArch32 Secure OS.
81
82-  A minimal AArch32 Secure Payload (SP\_MIN) to demonstrate `PSCI`_ library
83   integration with AArch32 EL3 Runtime Software.
84
85-  Secure Monitor library code such as world switching, EL1 context management
86   and interrupt routing.
87   When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the
88   AArch64 EL3 Runtime Software must be integrated with a dispatcher component
89   (SPD) to customize the interaction with the SP.
90
91-  A Test SP/SPD to demonstrate AArch64 Secure Monitor functionality and SP
92   interaction with PSCI.
93
94-  SPDs for the `OP-TEE Secure OS`_, `NVidia Trusted Little Kernel`_
95   and `Trusty Secure OS`_.
96
97-  A Trusted Board Boot implementation, conforming to all mandatory TBBR
98   requirements. This includes image authentication, Firmware Update (or
99   recovery mode), and packaging of the various firmware images into a
100   Firmware Image Package (FIP).
101
102-  Pre-integration of TBB with the Arm CryptoCell product, to take advantage of
103   its hardware Root of Trust and crypto acceleration services.
104
105-  Reliability, Availability, and Serviceability (RAS) functionality, including
106
107   -  A Secure Partition Manager (SPM) to manage Secure Partitions in
108      Secure-EL0, which can be used to implement simple management and
109      security services.
110
111   -  An SDEI dispatcher to route interrupt-based SDEI events.
112
113   -  An Exception Handling Framework (EHF) that allows dispatching of EL3
114      interrupts to their registered handlers, to facilitate firmware-first
115      error handling.
116
117-  A dynamic configuration framework that enables each of the firmware images
118   to be configured at runtime if required by the platform. It also enables
119   loading of a hardware configuration (for example, a kernel device tree)
120   as part of the FIP, to be passed through the firmware stages.
121
122-  Support for alternative boot flows, for example to support platforms where
123   the EL3 Runtime Software is loaded using other firmware or a separate
124   secure system processor, or where a non-TF-A ROM expects BL2 to be loaded
125   at EL3.
126
127-  Support for the GCC, LLVM and Arm Compiler 6 toolchains.
128
129For a full description of functionality and implementation details, please
130see the `Firmware Design`_ and supporting documentation. The `Change Log`_
131provides details of changes made since the last release.
132
133Platforms
134~~~~~~~~~
135
136Various AArch32 and AArch64 builds of this release has been tested on variants
137r0, r1 and r2 of the `Juno Arm Development Platform`_.
138
139Various AArch64 builds of this release have been tested on the following Arm
140Fixed Virtual Platforms (`FVP`_) without shifted affinities, and that do not
141support threaded CPU cores (64-bit host machine only):
142
143NOTE: Unless otherwise stated, the FVP Version is 11.2 Build 11.2.33.
144
145-  ``Foundation_Platform``
146-  ``FVP_Base_AEMv8A-AEMv8A`` (and also Version 9.0, Build 0.8.9005)
147-  ``FVP_Base_Cortex-A35x4``
148-  ``FVP_Base_Cortex-A53x4``
149-  ``FVP_Base_Cortex-A57x4-A53x4``
150-  ``FVP_Base_Cortex-A57x4``
151-  ``FVP_Base_Cortex-A72x4-A53x4``
152-  ``FVP_Base_Cortex-A72x4``
153-  ``FVP_Base_Cortex-A73x4-A53x4``
154-  ``FVP_Base_Cortex-A73x4``
155
156Additionally, various AArch64 builds were tested on the following Arm `FVP`_ s
157with shifted affinities, supporting threaded CPU cores (64-bit host machine
158only).
159
160-  ``FVP_Base_Cortex-A55x4-A75x4`` (Version 0.0, build 0.0.4395)
161-  ``FVP_Base_Cortex-A55x4`` (Version 0.0, build 0.0.4395)
162-  ``FVP_Base_Cortex-A75x4`` (Version 0.0, build 0.0.4395)
163-  ``FVP_Base_RevC-2xAEMv8A``
164
165Various AArch32 builds of this release has been tested on the following Arm
166`FVP`_\ s without shifted affinities, and that do not support threaded CPU cores
167(64-bit host machine only):
168
169-  ``FVP_Base_AEMv8A-AEMv8A``
170-  ``FVP_Base_Cortex-A32x4``
171
172The Foundation FVP can be downloaded free of charge. The Base FVPs can be
173licensed from Arm. See the `Arm FVP website`_.
174
175All the above platforms have been tested with `Linaro Release 17.10`_.
176
177This release also contains the following platform support:
178
179-  HiKey, HiKey960 and Poplar boards
180-  MediaTek MT6795 and MT8173 SoCs
181-  NVidia T132, T186 and T210 SoCs
182-  QEMU emulator
183-  Raspberry Pi 3 board
184-  RockChip RK3328, RK3368 and RK3399 SoCs
185-  Socionext UniPhier SoC family
186-  Xilinx Zynq UltraScale + MPSoC
187
188Still to come
189~~~~~~~~~~~~~
190
191-  More platform support.
192
193-  Improved dynamic configuration support.
194
195-  Ongoing support for new architectural features, CPUs and System IP.
196
197-  Ongoing support for new Arm system architecture specifications.
198
199-  Ongoing security hardening, optimization and quality improvements.
200
201For a full list of detailed issues in the current code, please see the `Change
202Log`_ and the `GitHub issue tracker`_.
203
204Getting started
205---------------
206
207Get the TF-A source code from `GitHub`_.
208
209See the `User Guide`_ for instructions on how to install, build and use
210the TF-A with the Arm `FVP`_\ s.
211
212See the `Firmware Design`_ for information on how the TF-A works.
213
214See the `Porting Guide`_ as well for information about how to use this
215software on another Armv7-A or Armv8-A platform.
216
217See the `Contributing Guidelines`_ for information on how to contribute to this
218project and the `Acknowledgments`_ file for a list of contributors to the
219project.
220
221Feedback and support
222~~~~~~~~~~~~~~~~~~~~
223
224Arm welcomes any feedback on TF-A. If you think you have found a security
225vulnerability, please report this using the process defined in the TF-A
226`Security Centre`_. For all other feedback, please use the
227`GitHub issue tracker`_.
228
229Arm licensees may contact Arm directly via their partner managers.
230
231--------------
232
233*Copyright (c) 2013-2018, Arm Limited and Contributors. All rights reserved.*
234
235.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
236.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
237.. _Power State Coordination Interface (PSCI): PSCI_
238.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
239.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf
240.. _System Control and Management Interface: SCMI_
241.. _SCMI: http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
242.. _Software Delegated Exception Interface (SDEI): SDEI_
243.. _SDEI: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
244.. _Juno Arm Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
245.. _Arm FVP website: FVP_
246.. _FVP: https://developer.arm.com/products/system-design/fixed-virtual-platforms
247.. _Linaro Release 17.10: https://community.arm.com/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease17.10
248.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
249.. _NVidia Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
250.. _Trusty Secure OS: https://source.android.com/security/trusty
251.. _GitHub: https://www.github.com/ARM-software/arm-trusted-firmware
252.. _GitHub issue tracker: https://github.com/ARM-software/tf-issues/issues
253.. _Security Centre: https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Centre
254.. _license: ./license.rst
255.. _Contributing Guidelines: ./contributing.rst
256.. _Acknowledgments: ./acknowledgements.rst
257.. _Firmware Design: ./docs/firmware-design.rst
258.. _Change Log: ./docs/change-log.rst
259.. _User Guide: ./docs/user-guide.rst
260.. _Porting Guide: ./docs/porting-guide.rst
261