From b1d27b484f4172542eca074fdac42ffd13736a0f Mon Sep 17 00:00:00 2001 From: Roberto Vargas Date: Mon, 30 Oct 2017 14:43:43 +0000 Subject: bl2-el3: Add BL2_EL3 image This patch enables BL2 to execute at the highest exception level without any dependancy on TF BL1. This enables platforms which already have a non-TF Boot ROM to directly load and execute BL2 and subsequent BL stages without need for BL1. This is not currently possible because BL2 executes at S-EL1 and cannot jump straight to EL3. Change-Id: Ief1efca4598560b1b8c8e61fbe26d1f44e929d69 Signed-off-by: Roberto Vargas --- make_helpers/defaults.mk | 3 +++ 1 file changed, 3 insertions(+) (limited to 'make_helpers') diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index fa0d17dec..643890f6c 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -27,6 +27,9 @@ ARM_GIC_ARCH := 2 # Base commit to perform code check on BASE_COMMIT := origin/master +# Execute BL2 at EL3 +BL2_AT_EL3 := 0 + # By default, consider that the platform may release several CPUs out of reset. # The platform Makefile is free to override this value. COLD_BOOT_SINGLE_CPU := 0 -- cgit v1.2.3 From c9b31ae85fbcce6dad9596f3390ab443e2779f30 Mon Sep 17 00:00:00 2001 From: Roberto Vargas Date: Tue, 2 Jan 2018 11:23:41 +0000 Subject: bl2-el3: Don't include BL2 in fip for BL2 at EL3 It is better to not include BL2 in FIP when using `BL2 at EL3` as platforms using this config would not have the capability to parse the FIP format in Boot ROM and BL2 needs to be loaded independently. This patch does the required changes for the same. Change-Id: Iad285c247b3440e2d827fef97c3dd81f5c09cabc Signed-off-by: Roberto Vargas --- make_helpers/tbbr/tbbr_tools.mk | 2 ++ 1 file changed, 2 insertions(+) (limited to 'make_helpers') diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk index 6e6e27396..cda8d7266 100644 --- a/make_helpers/tbbr/tbbr_tools.mk +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -64,7 +64,9 @@ $(if ${NON_TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${NON_TRUSTED_WORLD $(if ${BL2},$(eval $(call CERT_ADD_CMD_OPT,${BL2},--tb-fw,true)),\ $(eval $(call CERT_ADD_CMD_OPT,$(call IMG_BIN,2),--tb-fw,true))) $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert)) +ifeq (${BL2_AT_EL3}, 0) $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert)) +endif # Add the SCP_BL2 CoT (key cert + img cert + image) ifneq (${SCP_BL2},) -- cgit v1.2.3