Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Trusted Firmware-A (TF-A) is an open-source project initiated by ARM to provide a reference implementation of secure world firmware for ARMv7-A and ARMv8-A architectures. Specifically, TF-A is designed to execute at the highest Exception Level (EL-3EL3) on ARM processors, serving as the Trusted Execution Environment (TEE) firmware in systems.

Contents

Table of Contents

Boot process of Trusted Firmware-A

Under the ARMv8-A architecture, the implementation of the TF-A boot process can be divided into 5 stages, in the order of their execution:

  • Boot Loader stage (BL1): Executed by AP Boot ROM.

  • Execution stage 2 (BL2): Trusted Boot Firmware.

  • Execution stage 3-1 (BL31): EL3 Runtime Firmware.

  • Execution stage 3-2 (BL32): Secure-EL1 Payload.

  • Execution stage 3-3 (BL33): Non-trusted Firmware.

Boot process of SP7350

In SP7350 software architecture, BL1 is the i-boot. BL2 is the x-boot. BL31 is the TF-A (secure monitor). BL32 is the OP-TEE. BL33 is the U-Boot.

...

BL31 is a specific stage or component within Trusted Firmware-A (TF-A). When we talk about image of FT-A, it we means BL31 image because only BL31 code of TF-A is used.

The image files of BL31 (TF-A) and BL32 (OP-TEE) and BL33 (U-Boot) are loaded by x-boot (BL2). Subsequently, x-boot (BL2) transfers control to BL31 (TF-A), and BL31 operates with EL3 privileges under the AArch64 architecture.

BL31 (TF-A)

BL31 plays a crucial role in establishing a secure execution environment for the subsequent stages of the boot process. The functionalities implemented by BL31 include:

  • Architectural initialization

  • Platform initialization

  • Runtime services initialization

  • AArch64 BL32 (Secure EL-1 EL1 Payload, OP-TEE) image initialization

  • BL33 (Non-trusted Firmware, U-Boot) execution

...

The primary responsibilities of BL31 include:

  • Secure Environment Setup: BL31 initializes the secure world, setting up the Trusted Execution Environment before handing control to the next stage in the boot process.

  • Secure Exception Handling: It provides secure exception handling services and manages secure interrupts.

  • Secure Context Management: BL31 manages secure contexts, ensuring the secure world's isolation from the non-secure world.

  • Secure Resource Management: It handles secure resource allocation and management.

  • Trusted Services: BL31 may provide trusted services to other firmware components or the operating system running in the secure world.

x-boot loads BL31 and transfers control to EL-3. BL31 performs the following architectural initialization:

  1. Initializes the system registers it focuses on.

  2. Initializes the data structures for each CPU, providing cache access for improved speed. This initialization is performed concurrently on multiple CPUs.

Additionally, BL31 executes the following platform initialization:

  1. Initializes the console terminal.

  2. Initializes the Memory Management Unit (MMU).

  3. Initializes the Generic Interrupt Controller.

Besides as a secure monitor which is runs at EL-3. BL31 is also responsible for running OP-TEE (BL32) and U-Boot (BL33). After BL31 completes initialization, including invoking OP-TEE, it jumps to execute U-Boot.

Core 0 is responsible for all the processes while other non-boot core (1, 2, and 3) enters wait-for-event state after they completes initialization.

...

Platform-related source files

The source files for TF-A are located in the "boot/trusted-firmware-a/" directory under the project's top folder. Some platform-related source files are added or modified for operation. Table below lists platform-related files or folders:

Files or folders

Descriptions

bl31/

Contains BL21 codes.

build/

Contains output files.

common/

Contains codes.

include/

Contains header files.

lib/psci/

Contains power state coordination interface (psci) files.

plat/sp/

Contains SP7350 platform-related files.

sp7350.mk

Make file of sp7350 platform.