diff --git a/bl32/tsp/tsp.ld.S b/bl32/tsp/tsp.ld.S index 53bce7d..797d8d7 100644 --- a/bl32/tsp/tsp.ld.S +++ b/bl32/tsp/tsp.ld.S @@ -36,7 +36,7 @@ MEMORY { - RAM (rwx): ORIGIN = TZDRAM_BASE, LENGTH = TZDRAM_SIZE + RAM (rwx): ORIGIN = TSP_SEC_MEM_BASE, LENGTH = TSP_SEC_MEM_SIZE } @@ -119,5 +119,5 @@ __COHERENT_RAM_UNALIGNED_SIZE__ = __COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__; - ASSERT(. <= TZDRAM_BASE + (1 << 21), "BL32 image does not fit in the first 2MB of Trusted DRAM.") + ASSERT(. <= BL32_LIMIT, "BL3-2 image does not fit.") } diff --git a/docs/porting-guide.md b/docs/porting-guide.md index 721ba1b..9ca3779 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -191,9 +191,36 @@ image. Must be aligned on a page-size boundary. * **#define : NS_IMAGE_OFFSET** + Defines the base address in non-secure DRAM where BL2 loads the BL3-3 binary image. Must be aligned on a page-size boundary. +If the BL3-2 image is supported by the platform, the following constants must +be defined as well: + +* **#define : TSP_SEC_MEM_BASE** + + Defines the base address of the secure memory used by the BL3-2 image on the + platform. + +* **#define : TSP_SEC_MEM_SIZE** + + Defines the size of the secure memory used by the BL3-2 image on the + platform. + +* **#define : BL32_BASE** + + Defines the base address in secure memory where BL2 loads the BL3-2 binary + image. Must be inside the secure memory identified by `TSP_SEC_MEM_BASE` and + `TSP_SEC_MEM_SIZE` constants. Must also be aligned on a page-size boundary. + +* **#define : BL32_LIMIT** + + Defines the maximum address that the BL3-2 image can occupy. Must be inside + the secure memory identified by `TSP_SEC_MEM_BASE` and `TSP_SEC_MEM_SIZE` + constants. + + ### File : platform_macros.S [mandatory] Each platform must export a file of this name with the following @@ -207,6 +234,7 @@ this macro can be defined to be empty in case GIC register reporting is not desired. + ### Other mandatory modifications The following mandatory modifications may be implemented in any file diff --git a/docs/user-guide.md b/docs/user-guide.md index a13d29b..bfdf582 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -89,7 +89,8 @@ By default this produces a release version of the build. To produce a debug version instead, refer to the "Debugging options" section below. UEFI can be used as the BL3-3 image, refer to the "Obtaining the normal world software" - section below. + section below. By default this won't compile the TSP in, refer to the + "Building the Test Secure Payload" section below. The build process creates products in a `build` directory tree, building the objects and binaries for each boot loader stage in separate @@ -252,6 +253,48 @@ NOTE: The Foundation FVP does not provide a debugger interface. +### Building the Test Secure Payload + +The TSP is coupled with a companion runtime service in the BL3-1 firmware, +called the TSPD. Therefore, if you intend to use the TSP, the BL3-1 image +must be recompiled as well. For more information on SPs and SPDs, see the +"Secure-EL1 Payloads and Dispatchers" section in the [Firmware Design]. + +First clean the Trusted Firmware build directory to get rid of any previous +BL3-1 binary. Then to build the TSP image and include it into the FIP use: + + CROSS_COMPILE=/bin/aarch64-none-elf- \ + BL33=/ \ + make PLAT=fvp SPD=tspd all fip + +An additional boot loader binary file is created in the `build` directory: + + * `build///bl32.bin` + +The Firmware Package contains this new image: + + Firmware Image Package ToC: + --------------------------- + - Trusted Boot Firmware BL2: offset=0xD8, size=0x6000 + file: './build/fvp/release/bl2.bin' + - EL3 Runtime Firmware BL3-1: offset=0x60D8, size=0x9000 + file: './build/fvp/release/bl31.bin' + - Secure Payload BL3-2 (Trusted OS): offset=0xF0D8, size=0x3000 + file: './build/fvp/release/bl32.bin' + - Non-Trusted Firmware BL3-3: offset=0x120D8, size=0x280000 + file: '../FVP_AARCH64_EFI.fd' + --------------------------- + Creating "build/fvp/release/fip.bin" + +On FVP, the TSP binary runs from Trusted SRAM by default. It is also possible +to run it from Trusted DRAM. This is controlled by the build configuration +`TSP_RAM_LOCATION`: + + CROSS_COMPILE=/bin/aarch64-none-elf- \ + BL33=/ \ + make PLAT=fvp SPD=tspd TSP_RAM_LOCATION=tdram all fip + + ### Checking source code style When making changes to the source for submission to the project, the source diff --git a/plat/fvp/bl2_plat_setup.c b/plat/fvp/bl2_plat_setup.c index 80bb52e..8cdcd5c 100644 --- a/plat/fvp/bl2_plat_setup.c +++ b/plat/fvp/bl2_plat_setup.c @@ -132,11 +132,13 @@ /* Initialise the IO layer and register platform IO devices */ io_setup(); +#if TSP_RAM_LOCATION_ID == TSP_IN_TZDRAM /* * Ensure that the secure DRAM memory used for passing BL31 arguments * does not overlap with the BL32_BASE. */ - assert (BL32_BASE > TZDRAM_BASE + sizeof(bl31_args_t)); + assert(BL32_BASE > TZDRAM_BASE + sizeof(bl31_args_t)); +#endif /* Use the Trusted DRAM for passing args to BL31 */ bl2_to_bl31_args = (bl31_args_t *) TZDRAM_BASE; @@ -158,9 +160,9 @@ bl2_to_bl31_args->bl32_meminfo.free_base = BL32_BASE; bl2_to_bl31_args->bl32_meminfo.total_size = - (TZDRAM_BASE + TZDRAM_SIZE) - BL32_BASE; + (TSP_SEC_MEM_BASE + TSP_SEC_MEM_SIZE) - BL32_BASE; bl2_to_bl31_args->bl32_meminfo.free_size = - (TZDRAM_BASE + TZDRAM_SIZE) - BL32_BASE; + (TSP_SEC_MEM_BASE + TSP_SEC_MEM_SIZE) - BL32_BASE; bl2_to_bl31_args->bl32_meminfo.attr = BOT_LOAD; bl2_to_bl31_args->bl32_meminfo.next = 0; diff --git a/plat/fvp/platform.h b/plat/fvp/platform.h index 3281905..1daac5c 100644 --- a/plat/fvp/platform.h +++ b/plat/fvp/platform.h @@ -233,17 +233,35 @@ /******************************************************************************* * BL2 specific defines. ******************************************************************************/ -#define BL2_BASE 0x0402D000 +#define BL2_BASE (TZRAM_BASE + TZRAM_SIZE - 0xc000) /******************************************************************************* * BL31 specific defines. ******************************************************************************/ -#define BL31_BASE 0x0400C000 +#define BL31_BASE (TZRAM_BASE + 0x6000) /******************************************************************************* * BL32 specific defines. ******************************************************************************/ -#define BL32_BASE (TZDRAM_BASE + 0x2000) +/* + * On FVP, the TSP can execute either from Trusted SRAM or Trusted DRAM. + */ +#define TSP_IN_TZRAM 0 +#define TSP_IN_TZDRAM 1 + +#if TSP_RAM_LOCATION_ID == TSP_IN_TZRAM +# define TSP_SEC_MEM_BASE TZRAM_BASE +# define TSP_SEC_MEM_SIZE TZRAM_SIZE +# define BL32_BASE (TZRAM_BASE + TZRAM_SIZE - 0x1c000) +# define BL32_LIMIT BL2_BASE +#elif TSP_RAM_LOCATION_ID == TSP_IN_TZDRAM +# define TSP_SEC_MEM_BASE TZDRAM_BASE +# define TSP_SEC_MEM_SIZE TZDRAM_SIZE +# define BL32_BASE (TZDRAM_BASE + 0x2000) +# define BL32_LIMIT (TZDRAM_BASE + (1 << 21)) +#else +# error "Unsupported TSP_RAM_LOCATION_ID value" +#endif /******************************************************************************* * Platform specific page table and MMU setup constants diff --git a/plat/fvp/platform.mk b/plat/fvp/platform.mk index a8054bf..0501652 100644 --- a/plat/fvp/platform.mk +++ b/plat/fvp/platform.mk @@ -28,6 +28,23 @@ # POSSIBILITY OF SUCH DAMAGE. # + +# On FVP, the TSP can execute either from Trusted SRAM or Trusted DRAM. +# Trusted SRAM is the default. +TSP_RAM_LOCATION := tsram + +ifeq (${TSP_RAM_LOCATION}, tsram) + TSP_RAM_LOCATION_ID := TSP_IN_TZRAM +else ifeq (${TSP_RAM_LOCATION}, tdram) + TSP_RAM_LOCATION_ID := TSP_IN_TZDRAM +else + $(error "Unsupported TSP_RAM_LOCATION value") +endif + +# Process TSP_RAM_LOCATION_ID flag +$(eval $(call add_define,TSP_RAM_LOCATION_ID)) + + PLAT_INCLUDES := -Iplat/fvp/include/ PLAT_BL_COMMON_SOURCES := drivers/arm/pl011/pl011.c \