Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / da33921fd7b9850239f71f2a99df5b0a7b543bb4^! / . / docs
commitda33921fd7b9850239f71f2a99df5b0a7b543bb4[log] [tgz]
authorHarrison Mutai <harrison.mutai@arm.com>Thu Apr 11 14:44:13 2024 +0000
committerHarrison Mutai <harrison.mutai@arm.com>Mon Apr 22 08:30:24 2024 +0000
treec4aa2346291d715bc4b893495025cb58b19f50b1
parentda7cf9a6a8a2b44bcf45adf05a9db98a9c82920f [diff]
docs(fconf): add TB_FW config bindings

Document bindings for TB_FW_CONFIG that are common between platforms.
Since the information this device tree type contains pertains to
firmware specific properties, we do not expect that the document will
cover all uses, nor do we promise backward compatiblity.

Change-Id: I0e850c13b77cc62940ab5020a15bf8e503568ed8
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

diff --git a/docs/components/fconf/index.rst b/docs/components/fconf/index.rst
index 029f324..b8b4519 100644
--- a/docs/components/fconf/index.rst
+++ b/docs/components/fconf/index.rst

@@ -147,3 +147,4 @@
   fconf_properties
   amu-bindings
   mpmm-bindings
+  tb_fw_bindings

diff --git a/docs/components/fconf/tb_fw_bindings.rst b/docs/components/fconf/tb_fw_bindings.rst
new file mode 100644
index 0000000..aee3b8d
--- /dev/null
+++ b/docs/components/fconf/tb_fw_bindings.rst

@@ -0,0 +1,159 @@
+Trusted Boot Firmware Configuration bindings
+============================================
+
+This document defines the nodes and properties used to define the Trusted-Boot
+firmware configuration. Platform owners are advised to define shared bindings
+here. If a binding does not generalize, they should be documented
+alongside platform documentation. There is no guarantee of backward
+compatibility with the nodes and properties outlined in this context.
+
+Trusted Boot Firmware Configuration
+-----------------------------------
+
+- compatible [mandatory]
+   - value type: <string>
+   - Should be the string ``"<plat>,tb_fw"``, where ``<plat>`` is the name of the
+     platform (i.e. ``"arm,tb_fw"``).
+
+- disable_auth [mandatory]
+   - value type: <u32>
+   - Flag used to dynamically disable authentication for development purposes.
+     Has two possible values: 0 or 1. Setting the flag to 1 disables
+     authentication.
+
+- mbedtls_heap_addr [mandatory]
+   - value type: <u64>
+   - Base address of the dynamically allocated Mbed TLS heap. This is given as a placeholder.
+
+- mbedtls_heap_size [mandatory]
+   - value type: <u32>
+   - Size of the Mbed TLS heap.
+
+IO FIP Handles
+--------------
+
+- compatible [mandatory]
+   - value type: <string>
+   - Should be the string ``"<plat>,io-fip-handle"``, where ``<plat>`` is the name of the
+     platform (i.e. ``"arm,io-fip-handle"``).
+
+- scp_bl2_uuid [mandatory]
+   - value type: <string>
+   - SCP Firmware SCP_BL2 UUID
+
+- bl31_uuid [mandatory]
+   - value type: <string>
+   - EL3 Runtime Firmware BL31 UUID
+
+- bl32_uuid [mandatory]
+   - value type: <string>
+   - Secure Payload BL32 (Trusted OS) UUID
+
+- bl32_extra1_uuid [mandatory]
+   - value type: <string>
+   - Secure Payload BL32_EXTRA1 (Trusted OS Extra1) UUID
+
+- bl32_extra2_uuid [mandatory]
+   - value type: <string>
+   - Secure Payload BL32_EXTRA2 (Trusted OS Extra2) UUID
+
+- bl33_uuid [mandatory]
+   - value type: <string>
+   - Non-Trusted Firmware BL33 UUID
+
+- hw_cfg_uuid [mandatory]
+   - value type: <string>
+   - HW_CONFIG (e.g. Kernel DT) UUID
+
+- soc_fw_cfg_uuid [mandatory]
+   - value type: <string>
+   - SOC Firmware Configuration SOC_FW_CONFIG UUID
+
+- tos_fw_cfg_uuid [mandatory]
+   - value type: <string>
+   - Trusted OS Firmware Configuration TOS_FW_CONFIG UUID
+
+- nt_fw_cfg_uuid [mandatory]
+   - value type: <string>
+   - Non-Trusted Firmware Configuration NT_FW_CONFIG UUID
+
+- cca_cert_uuid [optional]
+   - value type: <string>
+   - CCA Content Certificate UUID
+
+- core_swd_cert_uuid [optional]
+   - value type: <string>
+   - Core SWD Key Certificate UUID
+
+- plat_cert_uuid [optional]
+   - value type: <string>
+   - Core SWD Key Certificate UUID
+
+- t_key_cert_uuid [optional]
+   - value type: <string>
+   - Trusted Key Certificate UUID
+
+- scp_fw_key_uuid [optional]
+   - value type: <string>
+   - SCP Firmware Key UUID
+
+- soc_fw_key_uuid [optional]
+   - value type: <string>
+   - SOC Firmware Key UUID
+
+- tos_fw_key_cert_uuid [optional]
+   - value type: <string>
+   - TOS Firmware Key UUID
+
+- nt_fw_key_cert_uuid [optional]
+   - value type: <string>
+   - Non-Trusted Firmware Key UUID
+
+- scp_fw_content_cert_uuid [optional]
+   - value type: <string>
+   - SCP Firmware Content Certificate UUID
+
+- soc_fw_content_cert_uuid [optional]
+   - value type: <string>
+   - SOC Firmware Content Certificate UUID
+
+- tos_fw_content_cert_uuid [optional]
+   - value type: <string>
+   - TOS Firmware Content Certificate UUID
+
+- nt_fw_content_cert_uuid [optional]
+   - value type: <string>
+   - Non-Trusted Firmware Content Certificate UUID
+
+- plat_sp_content_cert_uuid [optional]
+   - value type: <string>
+   - Platform Secure Partition Content Certificate UUID
+
+
+Secure Partitions
+-----------------
+
+- compatible [mandatory]
+   - value type: <string>
+   - Should be the string ``"<plat>,sp"``, where ``<plat>`` is the name of the
+     platform (i.e. ``"arm,sp"``).
+
+- uuid [mandatory]
+   - value type: <string>
+   - A string identifying the UUID of the service implemented by this partition.
+     The UUID format is described in RFC 4122.
+
+- load-address [mandatory]
+   - value type: <u32>
+   - Physical base address of the partition in memory. Absence of this field
+     indicates that the partition is position independent and can be loaded at
+     any address chosen at boot time.
+
+- owner [optional]
+   - value type: <string>
+   - A string property representing the name of the owner of the secure
+     partition, which may be the silicon or platform provider.
+
+--------------
+
+*Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.*