From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08714C07E95 for ; Sun, 11 Jul 2021 00:02:09 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 83E6E610CA for ; Sun, 11 Jul 2021 00:02:08 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 83E6E610CA Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6EFAC832FD; Sun, 11 Jul 2021 02:01:33 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="MD9FBsLm"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2591782C26; Sun, 11 Jul 2021 02:01:20 +0200 (CEST) Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A389D81668 for ; Sun, 11 Jul 2021 02:01:16 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sjg@google.com Received: by mail-wr1-x431.google.com with SMTP id k4so12056865wrc.8 for ; Sat, 10 Jul 2021 17:01:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=m09omELpcuMoFpsnR6YRR1oHXvTLdcjPkrjjkQ+jYtI=; b=MD9FBsLmSBFb0xv7xpJvzWTjOzAJrbqW0ID36Y3VwdIe6eFbtnkylsjpLJtLSMTSMV 7F8uOJLOtGzgzm7e9Z8Rzdn8DmskiwxrOWhb7fsT8YXKut9oqg8eUlwEg5qC88DJJRYC et1nX0UcFhgvpKBwj+LsWJmKkgUoiNiHkr+Y4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=m09omELpcuMoFpsnR6YRR1oHXvTLdcjPkrjjkQ+jYtI=; b=Gp/KnMLm7JsGKE1WzzouZpxK0DtSHImmcWC0SbQrgrqqiDnukdIgY5M8YTCOZoS8H9 H3pzo+zL8RFbEzgfj1hDvzJD4IbRbwE5A6XaJYZiC/uENox0iwovv2VfxULq4rcmhMC3 zB+VDnguB9WYplhN7iLZqW0uxhfxaC2yud28DfSccrEjAl+wkBDhX24Qw0GTZSuddmDE sAS9qf7gqDJjmr1m37Y68LKuV+uP1F+pAb+O2IO/ZTwUyID9IawkNYPxiu4koX3x29Vl ZIu3jP6roD3MZ5ZpLFo2HUla7zDWu6V5MYENtBs9kZWCHwqTtnGgq2BwzaFrIB+EMxzd ITCA== X-Gm-Message-State: AOAM532coDdBB7koeF+jU5GrIB95tSbPyCvd3Jt5RWkJ2siMSAUlu6MG IcCUh4Obw6plCt1lupYOjzmR45fzTO6fVjvfmhuqXw== X-Google-Smtp-Source: ABdhPJyuTr83ymS15Q4nRKV73sJiu6Uo9yEF+OcTchj05D5HF0xGXNzcytA+09bgN3D+ml3aoeT3WwKAV1phmkEcTGY= X-Received: by 2002:adf:8069:: with SMTP id 96mr6188795wrk.56.1625961675937; Sat, 10 Jul 2021 17:01:15 -0700 (PDT) MIME-Version: 1.0 References: <20210708091747.317500-1-patrick.delaunay@foss.st.com> In-Reply-To: <20210708091747.317500-1-patrick.delaunay@foss.st.com> From: Simon Glass Date: Sat, 10 Jul 2021 18:01:03 -0600 Message-ID: Subject: Re: [PATCH 0/5] stm32mp1: handle TF-A boot with FIP To: Patrick Delaunay Cc: U-Boot Mailing List , Yann GAUTIER , Bin Meng , Patrice Chotard , Tom Rini , U-Boot STM32 Content-Type: text/plain; charset="UTF-8" X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Hi Patrick, On Thu, 8 Jul 2021 at 03:17, Patrick Delaunay wrote: > > > In next TF-A version the stm32mp1 platform will support the Firmware > Image Package (FIP) [1], a container filled with: > - the U-Boot binary = u-boot-nodtb.bin > - the U-Boot device tree = u-boot.dtb > - the Secure OS (OP-TEE) or the secure monitor (SP_MIN) That sounds like a job for FIT? > > Upstream is in progress on TF-A side. > > Each part of the FIP is loaded by TF-A BL2 and U-Boot > is executed with its device tree address as parameter (nt_fw_dtb = r2 > introduced by commit 4ac345220afa ("board: stm32mp1: use FDT address > provided by TF-A at boot time") > > This FIP container simplifies the OP-TEE management (same number of partition > with or without OP-TEE, OP-TEE dynamically updates the U-Boot device tree > to add the required OP-TEE nodes) and allow support of generic TF-A > features as PKI [2]. > > This serie allows to generate U-Boot configured for the TF-A BL2 image > types: > - STM32IMAGE: stm32mp15_trusted_defconfig (current behavior) > - FIP: stm32mp15_defconfig (NEW) > > The FIP will be the STMicroelectronics recommended image type for > STM32MP15x and the STM32IMAGE support should be marked deprecated in a > future TF-A release or even removed. > > To prepare this migration, the serie move all the specific code or > device tree nodes for TF-A load of STM32IMAGE under compilation > flag CONFIG_STM32MP15x_STM32IMAGE. > > [1] 4.11. Firmware Image Package (FIP) > fiphttps://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html > > [2] Authentication Framework & Chain of Trust > https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.html > > Regards, Simon