1*91f16700SchasingluluSocionext UniPhier 2*91f16700Schasinglulu================== 3*91f16700Schasinglulu 4*91f16700SchasingluluSocionext UniPhier Armv8-A SoCs use Trusted Firmware-A (TF-A) as the secure 5*91f16700Schasingluluworld firmware, supporting BL2 and BL31. 6*91f16700Schasinglulu 7*91f16700SchasingluluUniPhier SoC family implements its internal boot ROM, which loads 64KB [1]_ 8*91f16700Schasingluluimage from a non-volatile storage to the on-chip SRAM, and jumps over to it. 9*91f16700SchasingluluTF-A provides a special mode, BL2-AT-EL3, which enables BL2 to execute at EL3. 10*91f16700SchasingluluIt is useful for platforms with non-TF-A boot ROM, like UniPhier. Here, a 11*91f16700Schasingluluproblem is BL2 does not fit in the 64KB limit if 12*91f16700Schasinglulu:ref:`Trusted Board Boot (TBB) <Trusted Board Boot>` is enabled. 13*91f16700SchasingluluTo solve this issue, Socionext provides a first stage loader called 14*91f16700Schasinglulu`UniPhier BL`_. This loader runs in the on-chip SRAM, initializes the DRAM, 15*91f16700Schasingluluexpands BL2 there, and hands the control over to it. Therefore, all images 16*91f16700Schasingluluof TF-A run in DRAM. 17*91f16700Schasinglulu 18*91f16700SchasingluluThe UniPhier platform works with/without TBB. See below for the build process 19*91f16700Schasingluluof each case. The image authentication for the UniPhier platform fully 20*91f16700Schasinglulucomplies with the Trusted Board Boot Requirements (TBBR) specification. 21*91f16700Schasinglulu 22*91f16700SchasingluluThe UniPhier BL does not implement the authentication functionality, that is, 23*91f16700Schasingluluit can not verify the BL2 image by itself. Instead, the UniPhier BL assures 24*91f16700Schasingluluthe BL2 validity in a different way; BL2 is GZIP-compressed and appended to 25*91f16700Schasingluluthe UniPhier BL. The concatenation of the UniPhier BL and the compressed BL2 26*91f16700Schasinglulufits in the 64KB limit. The concatenated image is loaded by the internal boot 27*91f16700SchasingluluROM (and verified if the chip fuses are blown). 28*91f16700Schasinglulu 29*91f16700Schasinglulu 30*91f16700SchasingluluBoot Flow 31*91f16700Schasinglulu--------- 32*91f16700Schasinglulu 33*91f16700Schasinglulu1. The Boot ROM 34*91f16700Schasinglulu 35*91f16700Schasinglulu This is hard-wired ROM, so never corrupted. It loads the UniPhier BL (with 36*91f16700Schasinglulu compressed-BL2 appended) into the on-chip SRAM. If the SoC fuses are blown, 37*91f16700Schasinglulu the image is verified by the SoC's own method. 38*91f16700Schasinglulu 39*91f16700Schasinglulu2. UniPhier BL 40*91f16700Schasinglulu 41*91f16700Schasinglulu This runs in the on-chip SRAM. After the minimum SoC initialization and DRAM 42*91f16700Schasinglulu setup, it decompresses the appended BL2 image into the DRAM, then jumps to 43*91f16700Schasinglulu the BL2 entry. 44*91f16700Schasinglulu 45*91f16700Schasinglulu3. BL2 (at EL3) 46*91f16700Schasinglulu 47*91f16700Schasinglulu This runs in the DRAM. It extracts more images such as BL31, BL33 (optionally 48*91f16700Schasinglulu SCP_BL2, BL32 as well) from Firmware Image Package (FIP). If TBB is enabled, 49*91f16700Schasinglulu they are all authenticated by the standard mechanism of TF-A. 50*91f16700Schasinglulu After loading all the images, it jumps to the BL31 entry. 51*91f16700Schasinglulu 52*91f16700Schasinglulu4. BL31, BL32, and BL33 53*91f16700Schasinglulu 54*91f16700Schasinglulu They all run in the DRAM. See :ref:`Firmware Design` for details. 55*91f16700Schasinglulu 56*91f16700Schasinglulu 57*91f16700SchasingluluBasic Build 58*91f16700Schasinglulu----------- 59*91f16700Schasinglulu 60*91f16700SchasingluluBL2 must be compressed for the reason above. The UniPhier's platform makefile 61*91f16700Schasingluluprovides a build target ``bl2_gzip`` for this. 62*91f16700Schasinglulu 63*91f16700SchasingluluFor a non-secure boot loader (aka BL33), U-Boot is well supported for UniPhier 64*91f16700SchasingluluSoCs. The U-Boot image (``u-boot.bin``) must be built in advance. For the build 65*91f16700Schasingluluprocedure of U-Boot, refer to the document in the `U-Boot`_ project. 66*91f16700Schasinglulu 67*91f16700SchasingluluTo build minimum functionality for UniPhier (without TBB):: 68*91f16700Schasinglulu 69*91f16700Schasinglulu make CROSS_COMPILE=<gcc-prefix> PLAT=uniphier BL33=<path-to-BL33> bl2_gzip fip 70*91f16700Schasinglulu 71*91f16700SchasingluluOutput images: 72*91f16700Schasinglulu 73*91f16700Schasinglulu- ``bl2.bin.gz`` 74*91f16700Schasinglulu- ``fip.bin`` 75*91f16700Schasinglulu 76*91f16700Schasinglulu 77*91f16700SchasingluluOptional features 78*91f16700Schasinglulu----------------- 79*91f16700Schasinglulu 80*91f16700Schasinglulu- Trusted Board Boot 81*91f16700Schasinglulu 82*91f16700Schasinglulu `mbed TLS`_ is needed as the cryptographic and image parser modules. 83*91f16700Schasinglulu Refer to the :ref:`Prerequisites` document for the appropriate version of 84*91f16700Schasinglulu mbed TLS. 85*91f16700Schasinglulu 86*91f16700Schasinglulu To enable TBB, add the following options to the build command:: 87*91f16700Schasinglulu 88*91f16700Schasinglulu TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=<path-to-mbedtls> 89*91f16700Schasinglulu 90*91f16700Schasinglulu- System Control Processor (SCP) 91*91f16700Schasinglulu 92*91f16700Schasinglulu If desired, FIP can include an SCP BL2 image. If BL2 finds an SCP BL2 image 93*91f16700Schasinglulu in FIP, BL2 loads it into DRAM and kicks the SCP. Most of UniPhier boards 94*91f16700Schasinglulu still work without SCP, but SCP provides better power management support. 95*91f16700Schasinglulu 96*91f16700Schasinglulu To include SCP BL2, add the following option to the build command:: 97*91f16700Schasinglulu 98*91f16700Schasinglulu SCP_BL2=<path-to-SCP> 99*91f16700Schasinglulu 100*91f16700Schasinglulu- BL32 (Secure Payload) 101*91f16700Schasinglulu 102*91f16700Schasinglulu To enable BL32, add the following options to the build command:: 103*91f16700Schasinglulu 104*91f16700Schasinglulu SPD=<spd> BL32=<path-to-BL32> 105*91f16700Schasinglulu 106*91f16700Schasinglulu If you use TSP for BL32, ``BL32=<path-to-BL32>`` is not required. Just add the 107*91f16700Schasinglulu following:: 108*91f16700Schasinglulu 109*91f16700Schasinglulu SPD=tspd 110*91f16700Schasinglulu 111*91f16700Schasinglulu 112*91f16700Schasinglulu.. [1] Some SoCs can load 80KB, but the software implementation must be aligned 113*91f16700Schasinglulu to the lowest common denominator. 114*91f16700Schasinglulu.. _UniPhier BL: https://github.com/uniphier/uniphier-bl 115*91f16700Schasinglulu.. _U-Boot: https://www.denx.de/wiki/U-Boot 116*91f16700Schasinglulu.. _mbed TLS: https://tls.mbed.org/ 117