Mistake on this page? Email us

atf-${MACHINE}.bb

This section describes the atf-${MACHINE}.bb, atf.inc and optee-os.bb entities in the UML diagram Figure 4.0.

The discussion is applicable to all targets.

meta-[soc-vendor]-mbl ATF recipes

In Figure 4.0, the meta-[soc-vendor]-mbl machine configuration file ${MACHINE}.conf orchestrates ATF creation by specifying PREFERRED_PROVIDER_virtual/atf = "atf-${MACHINE}". atf-${MACHINE}.bb includes atf.inc to create dependencies on U-Boot and the kernel recipes.

ATF depends on U-Boot and the Linux kernel because:

  • ATF packages U-Boot into the FIP image with other ATF build artifacts.
  • ATF packages the U-Boot device tree including the FIT verification key into the FIP image.
  • ATF may need to coordinate the location of shared memory buffers used for OP-TEE-Linux kernel intercommunication using overlays. ATF packages OP-TEE in the FIP image, whereas mbl-fitimage packages the kernel into the FIT image.

The atf.inc dependency on the virtual/bootloader and virtual/kernel providers is created with a line in atf.inc:

do_compile[depends] += " virtual/kernel:do_deploy virtual/bootloader:do_deploy optee-os:do_deploy"

This means the virtual/bootloader and virtual/kernel artifacts should be deployed before the atf.inc do_compile() method runs, so they are available for the ATF recipe to use.

Note: atf.inc expects the virtual/bootloader, virtual/kernel and optee* artifacts on which it depends to be deployed to the DEPLOY_DIR_IMAGE-${DEPLOY_DIR}/images/${MACHINE}/ directory. For the imx7s-warp-mbl target, this directory is: <workspace_root>/build-mbl/tmp-mbl-glibc/deploy/images/imx7s-warp-mbl.

If required, ATF generates an ROT key pair used for signing artifacts. The ROT private key is also stored in the above directory. For more details about ATF ROT key generation and signing, see the Mbed Linux OS Basic Signing Flow.

Details of the meta-[soc-vendor]-mbl ATF atf-${MACHINE}.bb recipe

Platform name ATF platform guide
NXP Warp7 warp7.rst
NXP IMX8 Mini imx8.rst
Raspberry Pi 3 rpi3.rst
Technexion Pico Pi Not available

Table 8.2: The table shows the available ATF target documents available.

The main sources of information for assisting in the porting ATF to a new platform are the ATF porting guide and the associated ATF documents available in the repository. Table 8.2 shows the ATF repository platform documents available.

As an example, the ATF IMX platform support is available in the repository:

./drivers/imx
./plat/imx
./plat/imx/imx7
./plat/imx/imx8m
./plat/imx/common
./plat/imx/imx8qx
./plat/imx/imx8qm

One file of particular interest is plat/imx/imx7/warp7/warp7_io_storage.c, which defines the plat_io_policy descriptor for imx7s-warp-mbl:

    static const struct plat_io_policy policies[] = {
    #ifndef WARP7_FIP_MMAP
        [FIP_IMAGE_ID] = {
            &mmc_dev_handle,
            (uintptr_t)&mmc_fip_spec,
            open_mmc
        },
    #else
        [FIP_IMAGE_ID] = {
            &memmap_dev_handle,
            (uintptr_t)&fip_block_spec,
            open_memmap
        },
    #endif
        [BL32_IMAGE_ID] = {
            &fip_dev_handle,
            (uintptr_t)&bl32_uuid_spec,
            open_fip
        },
        [BL32_EXTRA1_IMAGE_ID] = {
            &fip_dev_handle,
            (uintptr_t)&bl32_extra1_uuid_spec,
            open_fip
        },
        [BL32_EXTRA2_IMAGE_ID] = {
            &fip_dev_handle,
            (uintptr_t)&bl32_extra2_uuid_spec,
            open_fip
        },
        [BL33_IMAGE_ID] = {
            &fip_dev_handle,
            (uintptr_t)&bl33_uuid_spec,
            open_fip
        },
    #if TRUSTED_BOARD_BOOT
        [TRUSTED_BOOT_FW_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&tb_fw_cert_uuid_spec,
            open_fip
        },
        [TRUSTED_KEY_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&trusted_key_cert_uuid_spec,
            open_fip
        },
        [TRUSTED_OS_FW_KEY_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&tos_fw_key_cert_uuid_spec,
            open_fip
        },
        [NON_TRUSTED_FW_KEY_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&nt_fw_key_cert_uuid_spec,
            open_fip
        },
        [TRUSTED_OS_FW_CONTENT_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&tos_fw_cert_uuid_spec,
            open_fip
        },
        [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
            &fip_dev_handle,
            (uintptr_t)&nt_fw_cert_uuid_spec,
            open_fip
        },
    #endif /* TRUSTED_BOARD_BOOT */
    };

This is the starting point for porting ATF to a new platform.

Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.