Blame - docs/components/realm-management-extension.rst - filogic/atf

blob: 5c580f36d23a9b815560610273b973658eeb14ec [file] [log] [blame]

Zelalem Aweke	1fc0980	2021-08-26 15:29:47 -0500	[diff] [blame^]	1
				2	Realm Management Extension (RME)
				3	====================================
				4
				5	FEAT_RME (or RME for short) is an Armv9-A extension and is one component of the
				6	`Arm Confidential Compute Architecture (Arm CCA)`_. TF-A supports RME starting
				7	from version 2.6. This document provides instructions on how to build and run
				8	TF-A with RME.
				9
				10	Building and running TF-A with RME
				11	------------------------------------
				12
				13	This section describes how you can build and run TF-A with RME enabled.
				14	We assume you have all the :ref:`Prerequisites` to build TF-A.
				15
				16	To enable RME, you need to set the ENABLE_RME build flag when building
				17	TF-A. Currently, this feature is only supported for the FVP platform.
				18
				19	The following instructions show you how to build and run TF-A with RME
				20	for two scenarios: TF-A with TF-A Tests, and four-world execution with
				21	Hafnium and TF-A Tests. The instructions assume you have already obtained
				22	TF-A. You can use the following command to clone TF-A.
				23
				24	.. code:: shell
				25
				26	git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
				27
				28	To run the tests, you need an FVP model. You can download a model that supports
				29	RME from the `Arm Architecture Models website`_. Please select the
				30	Base RevC AEM FVP model. After extracting the downloaded file, you should be able to
				31	find the FVP_Base_RevC-2xAEMvA binary. The instructions below have been tested
				32	with model version 11.15 revision 18.
				33
				34	.. note::
				35
				36	ENABLE_RME build option is currently experimental.
				37
				38	Building TF-A with TF-A Tests
				39	********************************************
				40	Use the following instructions to build TF-A with `TF-A Tests`_ as the
				41	non-secure payload (BL33).
				42
				43	1. Obtain and build TF-A Tests
				44
				45	.. code:: shell
				46
				47	git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git
				48	cd tf-a-tests
				49	make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1
				50
				51	This produces a TF-A Tests binary (tftf.bin) in the build/fvp/debug directory.
				52
				53	2. Build TF-A
				54
				55	.. code:: shell
				56
				57	cd trusted-firmware-a
				58	make CROSS_COMPILE=aarch64-none-elf- \
				59	PLAT=fvp \
				60	ENABLE_RME=1 \
				61	FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
				62	DEBUG=1 \
				63	BL33=<path/to/tftf.bin> \
				64	all fip
				65
				66	This produces bl1.bin and fip.bin binaries in the build/fvp/debug directory.
				67	The above command also builds a Test Realm Payload (TRP), which is a small test
				68	payload that implements Realm Monitor Management (RMM) functionalities and runs
				69	in the realm world (R-EL2). The TRP binary is packaged in fip.bin.
				70
				71	Four-world execution with Hafnium and TF-A Tests
				72	****************************************************
				73	Four-world execution involves software components at each security state: root,
				74	secure, realm and non-secure. This section describes how to build TF-A
				75	with four-world support. We use TF-A as the root firmware, `Hafnium`_ as the
				76	secure component, TRP as the realm-world firmware and TF-A Tests as the
				77	non-secure payload.
				78
				79	Before building TF-A, you first need to build the other software components.
				80	You can find instructions on how to get and build TF-A Tests above.
				81
				82	1. Obtain and build Hafnium
				83
				84	.. code:: shell
				85
				86	git clone --recurse-submodules https://git.trustedfirmware.org/hafnium/hafnium.git
				87	cd hafnium
				88	make PROJECT=reference
				89
				90	The Hafnium binary should be located at
				91	out/reference/secure_aem_v8a_fvp_clang/hafnium.bin
				92
				93	2. Build TF-A
				94
				95	Build TF-A with RME as well as SPM enabled.
				96
				97	.. code:: shell
				98
				99	make CROSS_COMPILE=aarch64-none-elf- \
				100	PLAT=fvp \
				101	ENABLE_RME=1 \
				102	FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
				103	SPD=spmd \
				104	SPMD_SPM_AT_SEL2=1 \
				105	BRANCH_PROTECTION=1 \
				106	CTX_INCLUDE_PAUTH_REGS=1 \
				107	DEBUG=1 \
				108	SP_LAYOUT_FILE=<path/to/tf-a-tests>/build/fvp/debug/sp_layout.json> \
				109	BL32=<path/to/hafnium.bin> \
				110	BL33=<path/to/tftf.bin> \
				111	all fip
				112
				113	Running the tests
				114	*********************
				115	Use the following command to run the tests on FVP. TF-A Tests should boot
				116	and run the default tests including RME tests.
				117
				118	.. code:: shell
				119
				120	FVP_Base_RevC-2xAEMvA \
				121	-C bp.flashloader0.fname=<path/to/fip.bin> \
				122	-C bp.secureflashloader.fname=<path/to/bl1.bin> \
				123	-C bp.refcounter.non_arch_start_at_default=1 \
				124	-C bp.refcounter.use_real_time=0 \
				125	-C bp.ve_sysregs.exit_on_shutdown=1 \
				126	-C cache_state_modelled=1 \
				127	-C cluster0.NUM_CORES=4 \
				128	-C cluster0.PA_SIZE=48 \
				129	-C cluster0.ecv_support_level=2 \
				130	-C cluster0.gicv3.cpuintf-mmap-access-level=2 \
				131	-C cluster0.gicv3.without-DS-support=1 \
				132	-C cluster0.gicv4.mask-virtual-interrupt=1 \
				133	-C cluster0.has_arm_v8-6=1 \
				134	-C cluster0.has_branch_target_exception=1 \
				135	-C cluster0.has_rme=1 \
				136	-C cluster0.has_rndr=1 \
				137	-C cluster0.has_amu=1 \
				138	-C cluster0.has_v8_7_pmu_extension=2 \
				139	-C cluster0.max_32bit_el=-1 \
				140	-C cluster0.restriction_on_speculative_execution=2 \
				141	-C cluster0.restriction_on_speculative_execution_aarch32=2 \
				142	-C cluster1.NUM_CORES=4 \
				143	-C cluster1.PA_SIZE=48 \
				144	-C cluster1.ecv_support_level=2 \
				145	-C cluster1.gicv3.cpuintf-mmap-access-level=2 \
				146	-C cluster1.gicv3.without-DS-support=1 \
				147	-C cluster1.gicv4.mask-virtual-interrupt=1 \
				148	-C cluster1.has_arm_v8-6=1 \
				149	-C cluster1.has_branch_target_exception=1 \
				150	-C cluster1.has_rme=1 \
				151	-C cluster1.has_rndr=1 \
				152	-C cluster1.has_amu=1 \
				153	-C cluster1.has_v8_7_pmu_extension=2 \
				154	-C cluster1.max_32bit_el=-1 \
				155	-C cluster1.restriction_on_speculative_execution=2 \
				156	-C cluster1.restriction_on_speculative_execution_aarch32=2 \
				157	-C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \
				158	-C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \
				159	-C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \
				160	-C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \
				161	-C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \
				162	-C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \
				163	-C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \
				164	-C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 \
				165	-C bp.pl011_uart0.out_file=uart0.log \
				166	-C bp.pl011_uart1.out_file=uart1.log \
				167	-C bp.pl011_uart2.out_file=uart2.log \
				168	-C pctl.startup=0.0.0.0 \
				169	-Q 1000 \
				170	"$@"
				171
				172	The bottom of the output from uart0 should look something like the following.
				173
				174	.. code-block:: shell
				175
				176	...
				177
				178	> Test suite 'FF-A Interrupt'
				179	Passed
				180	> Test suite 'SMMUv3 tests'
				181	Passed
				182	> Test suite 'PMU Leakage'
				183	Passed
				184	> Test suite 'DebugFS'
				185	Passed
				186	> Test suite 'Realm payload tests'
				187	Passed
				188	...
				189
				190
				191	.. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture
				192	.. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
				193	.. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest
				194	.. _Hafnium: https://www.trustedfirmware.org/projects/hafnium