Etusivu Tutki Apua
Kirjaudu sisään
OWEALs
/
arm-trusted-firmware
peilaus alkaen https://github.com/ARM-software/arm-trusted-firmware
2
0
Fork 0
Tiedostot Ongelmat 1 Wiki
Haara: master
Haarat Tagit
arm-trusted-fir...
/
docs
/
plat
/
arm
/
arm-build-options.rst

arm-build-options.rst 8.6 KB
Pysyvä linkki Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168 
  1. Arm Development Platform Build Options
    2. 

  2. ======================================
    3. 

  3. 

  4. Arm Platform Build Options
    5. 

  5. --------------------------
    6. 

  6. 

  7. -  ``ARM_BL31_IN_DRAM``: Boolean option to select loading of BL31 in TZC secured
    8. 

  8.    DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
    9. 

  9.    BL31 in TZC secured DRAM. If TSP is present, then setting this option also
    10. 

  10.    sets the TSP location to DRAM and ignores the ``ARM_TSP_RAM_LOCATION`` build
    11. 

  11.    flag.
    12. 

  12. 

  13. -  ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
    14. 

  14.    frame registers by setting the ``CNTCTLBase.CNTACR<N>`` register bits. The
    15. 

  15.    frame number ``<N>`` is defined by ``PLAT_ARM_NSTIMER_FRAME_ID``, which
    16. 

  16.    should match the frame used by the Non-Secure image (normally the Linux
    17. 

  17.    kernel). Default is true (access to the frame is allowed).
    18. 

  18. 

  19. -  ``ARM_FW_CONFIG_LOAD_ENABLE``: Boolean option to enable the loading of
    20. 

  20.    FW_CONFIG device trees from the Firmware Image Package (FIP). When enabled,
    21. 

  21.    BL2 calls the platform specific function `arm_bl2_el3_plat_config_load`.
    22. 

  22.    This function is responsible for loading, parsing, and validating the
    23. 

  23.    FW_CONFIG device trees from the FIP. The option depends on RESET_TO_BL2.
    24. 

  24. 

  25. -  ``ARM_DISABLE_TRUSTED_WDOG``: boolean option to disable the Trusted Watchdog.
    26. 

  26.    By default, Arm platforms use a watchdog to trigger a system reset in case
    27. 

  27.    an error is encountered during the boot process (for example, when an image
    28. 

  28.    could not be loaded or authenticated). The watchdog is enabled in the early
    29. 

  29.    platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
    30. 

  30.    Trusted Watchdog may be disabled at build time for testing or development
    31. 

  31.    purposes.
    32. 

  32. 

  33. -  ``ARM_LINUX_KERNEL_AS_BL33``: The Linux kernel expects registers x0-x3 to
    34. 

  34.    have specific values at boot. This boolean option allows the Trusted Firmware
    35. 

  35.    to have a Linux kernel image as BL33 by preparing the registers to these
    36. 

  36.    values before jumping to BL33. This option defaults to 0 (disabled). For
    37. 

  37.    AArch64 ``RESET_TO_BL31`` and for AArch32 ``RESET_TO_SP_MIN`` must be 1 when
    38. 

  38.    using it. If this option is set to 1, ``ARM_PRELOADED_DTB_BASE`` must be set
    39. 

  39.    to the location of a device tree blob (DTB) already loaded in memory. The
    40. 

  40.    Linux Image address must be specified using the ``PRELOADED_BL33_BASE``
    41. 

  41.    option.
    42. 

  42. 

  43. -  ``ARM_PLAT_MT``: This flag determines whether the Arm platform layer has to
    44. 

  44.    cater for the multi-threading ``MT`` bit when accessing MPIDR. When this flag
    45. 

  45.    is set, the functions which deal with MPIDR assume that the ``MT`` bit in
    46. 

  46.    MPIDR is set and access the bit-fields in MPIDR accordingly. Default value of
    47. 

  47.    this flag is 0. Note that this option is not used on FVP platforms.
    48. 

  48. 

  49. -  ``ARM_RECOM_STATE_ID_ENC``: The PSCI1.0 specification recommends an encoding
    50. 

  50.    for the construction of composite state-ID in the power-state parameter.
    51. 

  51.    The existing PSCI clients currently do not support this encoding of
    52. 

  52.    State-ID yet. Hence this flag is used to configure whether to use the
    53. 

  53.    recommended State-ID encoding or not. The default value of this flag is 0,
    54. 

  54.    in which case the platform is configured to expect NULL in the State-ID
    55. 

  55.    field of power-state parameter.
    56. 

  56. 

  57. -  ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
    58. 

  58.    location of the ROTPK returned by the function ``plat_get_rotpk_info()``
    59. 

  59.    for Arm platforms. Depending on the selected option, the proper private key
    60. 

  60.    must be specified using the ``ROT_KEY`` option when building the Trusted
    61. 

  61.    Firmware. This private key will be used by the certificate generation tool
    62. 

  62.    to sign the BL2 and Trusted Key certificates. Available options for
    63. 

  63.    ``ARM_ROTPK_LOCATION`` are:
    64. 

  64. 

  65.    -  ``regs`` : return the ROTPK hash stored in the Trusted root-key storage
    66. 

  66.       registers.
    67. 

  67.    -  ``devel_rsa`` : return a development public key hash embedded in the BL1
    68. 

  68.       and BL2 binaries. This hash has been obtained from the RSA public key
    69. 

  69.       ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
    70. 

  70.       this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY``
    71. 

  71.       when creating the certificates.
    72. 

  72.    -  ``devel_ecdsa`` : return a development public key hash embedded in the BL1
    73. 

  73.       and BL2 binaries. This hash has been obtained from the ECDSA public key
    74. 

  74.       ``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To
    75. 

  75.       use this option, ``arm_rotprivk_ecdsa.pem`` must be specified as
    76. 

  76.       ``ROT_KEY`` when creating the certificates.
    77. 

  77.    -  ``devel_full_dev_rsa_key`` : returns a development public key embedded in
    78. 

  78.       the BL1 and BL2 binaries. This key has been obtained from the RSA public
    79. 

  79.       key ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``.
    80. 

  80. 

  81. -  ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``, excluding
    82. 

  82.    ``devel_full_dev_rsa_key``. Specifies the location of the ROTPK hash. Not
    83. 

  83.    expected to be a build option. This defaults to
    84. 

  84.    ``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified
    85. 

  85.    algorithm. Providing ``ROT_KEY`` enforces generation of the hash from the
    86. 

  86.    ``ROT_KEY`` and overwrites the default hash file.
    87. 

  87. 

  88. -  ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
    89. 

  89. 

  90.    -  ``tsram`` : Trusted SRAM (default option when TBB is not enabled)
    91. 

  91.    -  ``tdram`` : Trusted DRAM (if available)
    92. 

  92.    -  ``dram`` : Secure region in DRAM (default option when TBB is enabled,
    93. 

  93.       configured by the TrustZone controller)
    94. 

  94. 

  95. -  ``ARM_XLAT_TABLES_LIB_V1``: boolean option to compile TF-A with version 1
    96. 

  96.    of the translation tables library instead of version 2. It is set to 0 by
    97. 

  97.    default, which selects version 2.
    98. 

  98. 

  99. -  ``ARM_GPT_SUPPORT``: Enable GPT parser to get the entry address and length of
    100. 

  100.    the various partitions present in the GPT image. This support is available
    101. 

  101.    only for the BL2 component, and it is disabled by default.
    102. 

  102.    The following diagram shows the view of the FIP partition inside the GPT
    103. 

  103.    image:
    104. 

  104. 

  105.    |FIP in a GPT image|
    106. 

  106. 

  107. For a better understanding of these options, the Arm development platform memory
    108. 

  108. map is explained in the :ref:`Firmware Design`.
    109. 

  109. 

  110. .. _build_options_arm_css_platform:
    111. 

  111. 

  112. Arm CSS Platform-Specific Build Options
    113. 

  113. ---------------------------------------
    114. 

  114. 

  115. -  ``CSS_DETECT_PRE_1_7_0_SCP``: Boolean flag to detect SCP version
    116. 

  116.    incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
    117. 

  117.    compatible change to the MTL protocol, used for AP/SCP communication.
    118. 

  118.    TF-A no longer supports earlier SCP versions. If this option is set to 1
    119. 

  119.    then TF-A will detect if an earlier version is in use. Default is 1.
    120. 

  120. 

  121. -  ``CSS_LOAD_SCP_IMAGES``: Boolean flag, which when set, adds SCP_BL2 and
    122. 

  122.    SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
    123. 

  123.    during boot. Default is 1.
    124. 

  124. 

  125. -  ``CSS_USE_SCMI_SDS_DRIVER``: Boolean flag which selects SCMI/SDS drivers
    126. 

  126.    instead of SCPI/BOM driver for communicating with the SCP during power
    127. 

  127.    management operations and for SCP RAM Firmware transfer. If this option
    128. 

  128.    is set to 1, then SCMI/SDS drivers will be used. Default is 0.
    129. 

  129. 

  130. - ``CSS_SYSTEM_GRACEFUL_RESET``: Build option to enable graceful powerdown of
    131. 

  131.    CPU core on reset. This build option can be used on CSS platforms that
    132. 

  132.    require all the CPUs to execute the CPU specific power down sequence to
    133. 

  133.    complete a warm reboot sequence in which only the CPUs are power cycled.
    134. 

  134. 

  135. Arm FVP Build Options
    136. 

  136. ---------------------
    137. 

  137. 

  138. - ``FVP_TRUSTED_SRAM_SIZE``: Size (in kilobytes) of the Trusted SRAM region to
    139. 

  139.   utilize when building for the FVP platform. This option defaults to 256.
    140. 

  140. 

  141. Arm Juno Build Options
    142. 

  142. ----------------------
    143. 

  143. 

  144. -  ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
    145. 

  145.    runtime software in AArch32 mode, which is required to run AArch32 on Juno.
    146. 

  146.    By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
    147. 

  147.    AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
    148. 

  148.    images.
    149. 

  149. 

  150. Arm Neoverse RD Platform Build Options
    151. 

  151. --------------------------------------
    152. 

  152. 

  153.  - ``NRD_CHIP_COUNT``: Configures the number of chips on a Neoverse RD platform
    154. 

  154.    which supports multi-chip operation. If ``NRD_CHIP_COUNT`` is set to any
    155. 

  155.    valid value greater than 1, the platform code performs required configuration
    156. 

  156.    to support multi-chip operation.
    157. 

  157. 

  158. - ``NRD_PLATFORM_VARIANT``: Selects the variant of a Neoverse RD platform. A
    159. 

  159.   particular Neoverse RD platform may have multiple variants which may differ in
    160. 

  160.   core count, cluster count or other peripherals. This build option is used to
    161. 

  161.   select the appropriate platform variant for the build. The range of valid
    162. 

  162.   values is platform specific.
    163. 

  163. 

  164. --------------
    165. 

  165. 

  166. .. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
    167. 

  167. 

  168. *Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
    169.