[PATCH 0/5] stm32mp1: handle TF-A boot with FIP
Simon Glass
sjg at chromium.org
Sun Jul 11 02:01:03 CEST 2021
Hi Patrick,
On Thu, 8 Jul 2021 at 03:17, Patrick Delaunay
<patrick.delaunay at foss.st.com> wrote:
>
>
> In next TF-A version the stm32mp1 platform will support the Firmware
> Image Package (FIP) [1], a container filled with:
> - the U-Boot binary = u-boot-nodtb.bin
> - the U-Boot device tree = u-boot.dtb
> - the Secure OS (OP-TEE) or the secure monitor (SP_MIN)
That sounds like a job for FIT?
>
> Upstream is in progress on TF-A side.
>
> Each part of the FIP is loaded by TF-A BL2 and U-Boot
> is executed with its device tree address as parameter (nt_fw_dtb = r2
> introduced by commit 4ac345220afa ("board: stm32mp1: use FDT address
> provided by TF-A at boot time")
>
> This FIP container simplifies the OP-TEE management (same number of partition
> with or without OP-TEE, OP-TEE dynamically updates the U-Boot device tree
> to add the required OP-TEE nodes) and allow support of generic TF-A
> features as PKI [2].
>
> This serie allows to generate U-Boot configured for the TF-A BL2 image
> types:
> - STM32IMAGE: stm32mp15_trusted_defconfig (current behavior)
> - FIP: stm32mp15_defconfig (NEW)
>
> The FIP will be the STMicroelectronics recommended image type for
> STM32MP15x and the STM32IMAGE support should be marked deprecated in a
> future TF-A release or even removed.
>
> To prepare this migration, the serie move all the specific code or
> device tree nodes for TF-A load of STM32IMAGE under compilation
> flag CONFIG_STM32MP15x_STM32IMAGE.
>
> [1] 4.11. Firmware Image Package (FIP)
> fiphttps://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html
>
> [2] Authentication Framework & Chain of Trust
> https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.html
>
>
Regards,
Simon
More information about the U-Boot
mailing list