diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/porting-guide.rst | 50 | ||||
| -rw-r--r-- | docs/user-guide.rst | 6 |
2 files changed, 31 insertions, 25 deletions
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst index 3ea86b04f..6244a6387 100644 --- a/docs/porting-guide.rst +++ b/docs/porting-guide.rst @@ -841,6 +841,33 @@ utilize the C runtime environment. For further details about how TF-A represents the power domain topology and how this relates to the linear CPU index, please refer `Power Domain Topology Design`_. +Function : plat_get_mbedtls_heap() [when TRUSTED_BOARD_BOOT == 1] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Arguments : void **heap_addr, size_t *heap_size + Return : int + +This function is invoked during Mbed TLS library initialisation to get a heap, +by means of a starting address and a size. This heap will then be used +internally by the Mbed TLS library. Hence, each BL stage that utilises Mbed TLS +must be able to provide a heap to it. + +A helper function can be found in `drivers/auth/mbedtls/mbedtls_common.c` in +which a heap is statically reserved during compile time inside every image +(i.e. every BL stage) that utilises Mbed TLS. In this default implementation, +the function simply returns the address and size of this "pre-allocated" heap. +For a platform to use this default implementation, only a call to the helper +from inside plat_get_mbedtls_heap() body is enough and nothing else is needed. + +However, by writting their own implementation, platforms have the potential to +optimise memory usage. For example, on some Arm platforms, the Mbed TLS heap is +shared between BL1 and BL2 stages and, thus, the necessary space is not reserved +twice. + +On success the function should return 0 and a negative error code otherwise. + Common optional modifications ----------------------------- @@ -1054,29 +1081,6 @@ can override the common implementation to define a different prefix string for the log output. The implementation should be robust to future changes that increase the number of log levels. -Function : plat_get_mbedtls_heap() -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - Arguments : void **heap_addr, size_t *heap_size - Return : int - -This function is invoked during Mbed TLS library initialisation to get -a heap, by means of a starting address and a size. This heap will then be used -internally by the Mbed TLS library. The heap is requested from the current BL -stage, i.e. the current BL image inside which Mbed TLS is used. - -In the default implementation a heap is statically allocated inside every image -(i.e. every BL stage) that utilises Mbed TLS. So, in this case, the function -simply returns the address and size of this "pre-allocated" heap. However, by -overriding the default implementation, platforms have the potential to optimise -memory usage. For example, on some Arm platforms, the Mbed TLS heap is shared -between BL1 and BL2 stages and, thus, the necessary space is not reserved -twice. - -On success the function should return 0 and a negative error code otherwise. - Modifications specific to a Boot Loader stage --------------------------------------------- diff --git a/docs/user-guide.rst b/docs/user-guide.rst index fe8ce5ff9..b9f08716a 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -1219,11 +1219,13 @@ command: make PLAT=<platform> [DEBUG=1] [V=1] certtool For platforms that require their own IDs in certificate files, the generic -'cert_create' tool can be built with the following command: +'cert_create' tool can be built with the following command. Note that the target +platform must define its IDs within a ``platform_oid.h`` header file for the +build to succeed. :: - make USE_TBBR_DEFS=0 [DEBUG=1] [V=1] certtool + make PLAT=<platform> USE_TBBR_DEFS=0 [DEBUG=1] [V=1] certtool ``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more verbose. The following command should be used to obtain help about the tool: |