From: Roger Quadros <rogerq@kernel.org>
To: Simon Glass <sjg@chromium.org>
Cc: Nishanth Menon <nm@ti.com>, Vignesh R <vigneshr@ti.com>,
U-Boot Mailing List <u-boot@lists.denx.de>
Subject: Re: [u-boot][PATCH] binman: Add support for TEE BL32
Date: Sat, 5 Feb 2022 14:29:04 +0200 [thread overview]
Message-ID: <f3b2c3a7-809b-8a5b-0ae7-c0983c5b0163@kernel.org> (raw)
In-Reply-To: <CAPnjgZ3pXLSS0xq3eHmScPwQA2G3nsJ=_dvEJdbSHAcSv2rhXA@mail.gmail.com>
Hi Simon,
On 04/02/2022 19:17, Simon Glass wrote:
> Hi Roger,
>
> On Fri, 4 Feb 2022 at 06:00, Roger Quadros <rogerq@kernel.org> wrote:
>>
>> Add an entry for OP-TEE Trusted OS 'BL32' payload.
>> This is required by platforms using Cortex-A cores with TrustZone
>> technology.
>>
>> Signed-off-by: Roger Quadros <rogerq@kernel.org>
>> ---
>> Makefile | 1 +
>> tools/binman/entries.rst | 13 +++++++++++++
>> tools/binman/etype/atf_bl32.py | 22 ++++++++++++++++++++++
>> tools/binman/ftest.py | 7 +++++++
>> tools/binman/test/170_atf_bl32.dts | 16 ++++++++++++++++
>> 5 files changed, 59 insertions(+)
>> create mode 100644 tools/binman/etype/atf_bl32.py
>> create mode 100644 tools/binman/test/170_atf_bl32.dts
>
> Funnily enough I have been fiddling with some patches to replace the
> rockchip SPL_FIT_GENERATOR script and have added an op-tee entry type
> in that. I did not think of op-tee as part of ATF, so didn't call it
> bl32, etc. That is perhaps just because I didn't know that.
>
> So is op-tee always added as part of ATF and with a BL32 name?
In fact at build time the filename is tee-pager_v2.bin.
I just picked the name BL32 but now when I look back it doesn't seem right.
I think tee.bin is a better name.
>
>>
>> diff --git a/Makefile b/Makefile
>> index 184223ec63..5e2f89d742 100644
>> --- a/Makefile
>> +++ b/Makefile
>> @@ -1326,6 +1326,7 @@ cmd_binman = $(srctree)/tools/binman/binman $(if $(BINMAN_DEBUG),-D) \
>> -I arch/$(ARCH)/dts -a of-list=$(CONFIG_OF_LIST) \
>> $(foreach f,$(BINMAN_INDIRS),-I $(f)) \
>> -a atf-bl31-path=${BL31} \
>> + -a atf-bl32-path=${BL32} \
>
> Some boards use $(TEE), but I suppose it is fine to use this code word.
Let's use $(TEE) then. It seems more appropriate.
>
>> -a opensbi-path=${OPENSBI} \
>> -a default-dt=$(default_dt) \
>> -a scp-path=$(SCP) \
>> diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst
>> index c47f7df098..5215df7734 100644
>> --- a/tools/binman/entries.rst
>> +++ b/tools/binman/entries.rst
>> @@ -25,6 +25,19 @@ about ATF.
>>
>>
>>
>> +Entry: atf-bl32: Entry containing an OP-TEE Trusted OS (TEE) BL32 blob
>
> So is bl32 always OP-TEE or could it be something else?
>
>> +-------------------------------------------------------------------------
>> +
>> +Properties / Entry arguments:
>> + - atf-bl32-path: Filename of file to read into entry. This is typically
>> + called bl32.bin or bl32.elf
>> +
>> +This entry holds the run-time firmware, typically started by U-Boot SPL.
>> +See the U-Boot README for your architecture or board for how to use it. See
>> +https://github.com/OP-TEE/optee_os for more information about OP-TEE.
>> +
>> +
>> +
>> Entry: atf-fip: ARM Trusted Firmware's Firmware Image Package (FIP)
>> -------------------------------------------------------------------
>>
>> diff --git a/tools/binman/etype/atf_bl32.py b/tools/binman/etype/atf_bl32.py
>> new file mode 100644
>> index 0000000000..e74b4e4428
>> --- /dev/null
>> +++ b/tools/binman/etype/atf_bl32.py
>> @@ -0,0 +1,22 @@
>> +# SPDX-License-Identifier: GPL-2.0+
>> +# Copyright (C) 2022 Texas Instruments Incorporated - https://www.ti.com/
>> +#
>> +# Entry-type module for OP-TEE Trusted OS firmware blob
>> +#
>> +
>> +from binman.etype.blob_named_by_arg import Entry_blob_named_by_arg
>> +
>> +class Entry_atf_bl32(Entry_blob_named_by_arg):
>> + """Entry containing an OP-TEE Trusted OS (TEE) BL32 blob
>> +
>> + Properties / Entry arguments:
>> + - atf-bl32-path: Filename of file to read into entry. This is typically
>> + called bl32.bin or bl32.elf
>> +
>> + This entry holds the run-time firmware, typically started by U-Boot SPL.
>> + See the U-Boot README for your architecture or board for how to use it. See
>> + https://github.com/OP-TEE/optee_os for more information about OP-TEE.
>> + """
>> + def __init__(self, section, etype, node):
>> + super().__init__(section, etype, node, 'atf-bl32')
>> + self.external = True
>> diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
>> index 5400f76c67..9366581bee 100644
>> --- a/tools/binman/ftest.py
>> +++ b/tools/binman/ftest.py
>> @@ -81,6 +81,7 @@ FSP_M_DATA = b'fsp_m'
>> FSP_S_DATA = b'fsp_s'
>> FSP_T_DATA = b'fsp_t'
>> ATF_BL31_DATA = b'bl31'
>> +ATF_BL32_DATA = b'bl32'
>> ATF_BL2U_DATA = b'bl2u'
>> OPENSBI_DATA = b'opensbi'
>> SCP_DATA = b'scp'
>> @@ -185,6 +186,7 @@ class TestFunctional(unittest.TestCase):
>> TestFunctional._MakeInputFile('compress', COMPRESS_DATA)
>> TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG)
>> TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA)
>> + TestFunctional._MakeInputFile('bl32.bin', ATF_BL32_DATA)
>> TestFunctional._MakeInputFile('bl2u.bin', ATF_BL2U_DATA)
>> TestFunctional._MakeInputFile('fw_dynamic.bin', OPENSBI_DATA)
>> TestFunctional._MakeInputFile('scp.bin', SCP_DATA)
>> @@ -3877,6 +3879,11 @@ class TestFunctional(unittest.TestCase):
>> data = self._DoReadFile('169_atf_bl31.dts')
>> self.assertEqual(ATF_BL31_DATA, data[:len(ATF_BL31_DATA)])
>>
>> + def testPackBl32(self):
>> + """Test that an image with an ATF BL32 binary can be created"""
>> + data = self._DoReadFile('170_atf_bl32.dts')
>> + self.assertEqual(ATF_BL32_DATA, data[:len(ATF_BL32_DATA)])
>> +
>> def testPackScp(self):
>> """Test that an image with an SCP binary can be created"""
>> data = self._DoReadFile('172_scp.dts')
>> diff --git a/tools/binman/test/170_atf_bl32.dts b/tools/binman/test/170_atf_bl32.dts
>> new file mode 100644
>> index 0000000000..8c15c79c86
>> --- /dev/null
>> +++ b/tools/binman/test/170_atf_bl32.dts
>
> Please use the next available number. We are up to 220 I think now.
OK.
>
>> @@ -0,0 +1,16 @@
>> +// SPDX-License-Identifier: GPL-2.0+
>> +
>> +/dts-v1/;
>> +
>> +/ {
>> + #address-cells = <1>;
>> + #size-cells = <1>;
>> +
>> + binman {
>> + size = <16>;
>
> Do you need that? Without it you could simplify your assert above
Not required. I will remove it.
>
>> +
>> + atf-bl32 {
>> + filename = "bl32.bin";
>> + };
>> + };
>> +};
>> --
>> 2.17.1
>>
>
> Regards,
> Simon
--
cheers,
-roger
next prev parent reply other threads:[~2022-02-05 12:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-04 13:00 [u-boot][PATCH] binman: Add support for TEE BL32 Roger Quadros
2022-02-04 17:17 ` Simon Glass
2022-02-05 12:29 ` Roger Quadros [this message]
2022-02-19 15:24 ` Simon Glass
2022-02-19 18:18 ` Roger Quadros
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f3b2c3a7-809b-8a5b-0ae7-c0983c5b0163@kernel.org \
--to=rogerq@kernel.org \
--cc=nm@ti.com \
--cc=sjg@chromium.org \
--cc=u-boot@lists.denx.de \
--cc=vigneshr@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox