blob: bb707cb7c4759412d16140e90659148bbb9d1d07 [file] [log] [blame]
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +01001Building Supporting Tools
2=========================
3
4Building and using the FIP tool
5-------------------------------
6
7Firmware Image Package (FIP) is a packaging format used by TF-A to package
8firmware images in a single binary. The number and type of images that should
9be packed in a FIP is platform specific and may include TF-A images and other
10firmware images required by the platform. For example, most platforms require
11a BL33 image which corresponds to the normal world bootloader (e.g. UEFI or
12U-Boot).
13
14The TF-A build system provides the make target ``fip`` to create a FIP file
15for the specified platform using the FIP creation tool included in the TF-A
16project. Examples below show how to build a FIP file for FVP, packaging TF-A
17and BL33 images.
18
19For AArch64:
20
21.. code:: shell
22
23 make PLAT=fvp BL33=<path-to>/bl33.bin fip
24
25For AArch32:
26
27.. code:: shell
28
29 make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path-to>/bl33.bin fip
30
31The resulting FIP may be found in:
32
33::
34
35 build/fvp/<build-type>/fip.bin
36
37For advanced operations on FIP files, it is also possible to independently build
38the tool and create or modify FIPs using this tool. To do this, follow these
39steps:
40
41It is recommended to remove old artifacts before building the tool:
42
43.. code:: shell
44
45 make -C tools/fiptool clean
46
47Build the tool:
48
49.. code:: shell
50
51 make [DEBUG=1] [V=1] fiptool
52
53The tool binary can be located in:
54
55::
56
57 ./tools/fiptool/fiptool
58
59Invoking the tool with ``help`` will print a help message with all available
60options.
61
62Example 1: create a new Firmware package ``fip.bin`` that contains BL2 and BL31:
63
64.. code:: shell
65
66 ./tools/fiptool/fiptool create \
67 --tb-fw build/<platform>/<build-type>/bl2.bin \
68 --soc-fw build/<platform>/<build-type>/bl31.bin \
69 fip.bin
70
71Example 2: view the contents of an existing Firmware package:
72
73.. code:: shell
74
75 ./tools/fiptool/fiptool info <path-to>/fip.bin
76
77Example 3: update the entries of an existing Firmware package:
78
79.. code:: shell
80
81 # Change the BL2 from Debug to Release version
82 ./tools/fiptool/fiptool update \
83 --tb-fw build/<platform>/release/bl2.bin \
84 build/<platform>/debug/fip.bin
85
86Example 4: unpack all entries from an existing Firmware package:
87
88.. code:: shell
89
90 # Images will be unpacked to the working directory
91 ./tools/fiptool/fiptool unpack <path-to>/fip.bin
92
93Example 5: remove an entry from an existing Firmware package:
94
95.. code:: shell
96
97 ./tools/fiptool/fiptool remove \
98 --tb-fw build/<platform>/debug/fip.bin
99
100Note that if the destination FIP file exists, the create, update and
101remove operations will automatically overwrite it.
102
103The unpack operation will fail if the images already exist at the
104destination. In that case, use -f or --force to continue.
105
106More information about FIP can be found in the :ref:`Firmware Design` document.
107
108.. _tools_build_cert_create:
109
110Building the Certificate Generation Tool
111----------------------------------------
112
113The ``cert_create`` tool is built as part of the TF-A build process when the
114``fip`` make target is specified and TBB is enabled (as described in the
115previous section), but it can also be built separately with the following
116command:
117
118.. code:: shell
119
120 make PLAT=<platform> [DEBUG=1] [V=1] certtool
121
122For platforms that require their own IDs in certificate files, the generic
123'cert_create' tool can be built with the following command. Note that the target
124platform must define its IDs within a ``platform_oid.h`` header file for the
125build to succeed.
126
127.. code:: shell
128
129 make PLAT=<platform> USE_TBBR_DEFS=0 [DEBUG=1] [V=1] certtool
130
131``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
132verbose. The following command should be used to obtain help about the tool:
133
134.. code:: shell
135
136 ./tools/cert_create/cert_create -h
137
138--------------
139
140*Copyright (c) 2019, Arm Limited. All rights reserved.*