blob: e0b924208cabba5cff31e004ab24858bede9161f [file] [log] [blame]
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +01001Arm Development Platform Build Options
2======================================
3
4Arm Platform Build Options
5--------------------------
6
7- ``ARM_BL31_IN_DRAM``: Boolean option to select loading of BL31 in TZC secured
8 DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
9 BL31 in TZC secured DRAM. If TSP is present, then setting this option also
10 sets the TSP location to DRAM and ignores the ``ARM_TSP_RAM_LOCATION`` build
11 flag.
12
13- ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
14 frame registers by setting the ``CNTCTLBase.CNTACR<N>`` register bits. The
15 frame number ``<N>`` is defined by ``PLAT_ARM_NSTIMER_FRAME_ID``, which
16 should match the frame used by the Non-Secure image (normally the Linux
17 kernel). Default is true (access to the frame is allowed).
18
19- ``ARM_DISABLE_TRUSTED_WDOG``: boolean option to disable the Trusted Watchdog.
20 By default, Arm platforms use a watchdog to trigger a system reset in case
21 an error is encountered during the boot process (for example, when an image
22 could not be loaded or authenticated). The watchdog is enabled in the early
23 platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
24 Trusted Watchdog may be disabled at build time for testing or development
25 purposes.
26
27- ``ARM_LINUX_KERNEL_AS_BL33``: The Linux kernel expects registers x0-x3 to
28 have specific values at boot. This boolean option allows the Trusted Firmware
29 to have a Linux kernel image as BL33 by preparing the registers to these
30 values before jumping to BL33. This option defaults to 0 (disabled). For
31 AArch64 ``RESET_TO_BL31`` and for AArch32 ``RESET_TO_SP_MIN`` must be 1 when
32 using it. If this option is set to 1, ``ARM_PRELOADED_DTB_BASE`` must be set
33 to the location of a device tree blob (DTB) already loaded in memory. The
34 Linux Image address must be specified using the ``PRELOADED_BL33_BASE``
35 option.
36
37- ``ARM_PLAT_MT``: This flag determines whether the Arm platform layer has to
38 cater for the multi-threading ``MT`` bit when accessing MPIDR. When this flag
39 is set, the functions which deal with MPIDR assume that the ``MT`` bit in
40 MPIDR is set and access the bit-fields in MPIDR accordingly. Default value of
41 this flag is 0. Note that this option is not used on FVP platforms.
42
43- ``ARM_RECOM_STATE_ID_ENC``: The PSCI1.0 specification recommends an encoding
44 for the construction of composite state-ID in the power-state parameter.
45 The existing PSCI clients currently do not support this encoding of
46 State-ID yet. Hence this flag is used to configure whether to use the
47 recommended State-ID encoding or not. The default value of this flag is 0,
48 in which case the platform is configured to expect NULL in the State-ID
49 field of power-state parameter.
50
51- ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
laurenw-arm97d9c322022-12-01 16:54:50 -060052 location of the ROTPK returned by the function ``plat_get_rotpk_info()``
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +010053 for Arm platforms. Depending on the selected option, the proper private key
54 must be specified using the ``ROT_KEY`` option when building the Trusted
55 Firmware. This private key will be used by the certificate generation tool
56 to sign the BL2 and Trusted Key certificates. Available options for
57 ``ARM_ROTPK_LOCATION`` are:
58
59 - ``regs`` : return the ROTPK hash stored in the Trusted root-key storage
Max Shvetsov06dba292019-12-06 11:50:12 +000060 registers.
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +010061 - ``devel_rsa`` : return a development public key hash embedded in the BL1
62 and BL2 binaries. This hash has been obtained from the RSA public key
63 ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
64 this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY``
65 when creating the certificates.
66 - ``devel_ecdsa`` : return a development public key hash embedded in the BL1
67 and BL2 binaries. This hash has been obtained from the ECDSA public key
68 ``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To
69 use this option, ``arm_rotprivk_ecdsa.pem`` must be specified as
70 ``ROT_KEY`` when creating the certificates.
laurenw-arm97d9c322022-12-01 16:54:50 -060071 - ``devel_full_dev_rsa_key`` : returns a development public key embedded in
72 the BL1 and BL2 binaries. This key has been obtained from the RSA public
73 key ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``.
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +010074
laurenw-arm97d9c322022-12-01 16:54:50 -060075- ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``, excluding
76 ``devel_full_dev_rsa_key``. Specifies the location of the ROTPK hash. Not
77 expected to be a build option. This defaults to
78 ``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified
79 algorithm. Providing ``ROT_KEY`` enforces generation of the hash from the
80 ``ROT_KEY`` and overwrites the default hash file.
Max Shvetsov06dba292019-12-06 11:50:12 +000081
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +010082- ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
83
84 - ``tsram`` : Trusted SRAM (default option when TBB is not enabled)
85 - ``tdram`` : Trusted DRAM (if available)
86 - ``dram`` : Secure region in DRAM (default option when TBB is enabled,
87 configured by the TrustZone controller)
88
89- ``ARM_XLAT_TABLES_LIB_V1``: boolean option to compile TF-A with version 1
90 of the translation tables library instead of version 2. It is set to 0 by
91 default, which selects version 2.
92
93- ``ARM_CRYPTOCELL_INTEG`` : bool option to enable TF-A to invoke Arm®
94 TrustZone® CryptoCell functionality for Trusted Board Boot on capable Arm
95 platforms. If this option is specified, then the path to the CryptoCell
96 SBROM library must be specified via ``CCSBROM_LIB_PATH`` flag.
97
Mikael Olsson7da66192021-02-12 17:30:22 +010098- ``ARM_ETHOSN_NPU_DRIVER``: boolean option to enable a SiP service that can
Mikael Olsson3288b462022-08-15 17:12:58 +020099 configure an Arm® Ethos™-N NPU. To use this service the target platform's
Mikael Olsson7da66192021-02-12 17:30:22 +0100100 ``HW_CONFIG`` must include the device tree nodes for the NPU. Currently, only
101 the Arm Juno platform has this included in its ``HW_CONFIG`` and the platform
102 only loads the ``HW_CONFIG`` in AArch64 builds. Default is 0.
103
Bjorn Engstrom74c5f872022-08-26 09:45:45 +0200104- ``ARM_ETHOSN_NPU_TZMP1``: boolean option to enable TZMP1 support for the
Rob Hughes9a2177a2023-01-17 16:10:26 +0000105 Arm® Ethos™-N NPU. Requires ``ARM_ETHOSN_NPU_DRIVER`` and
106 ``TRUSTED_BOARD_BOOT`` to be enabled.
107
Rob Hughes7a354bd2023-02-20 12:03:52 +0000108- ``ARM_ETHOSN_NPU_FW``: location of the NPU firmware binary
109 (```ethosn.bin```). This firmware image will be included in the FIP and
110 loaded at runtime.
Bjorn Engstrom74c5f872022-08-26 09:45:45 +0200111
Olivier Deprezbcaa0682020-04-01 21:28:26 +0200112- ``ARM_SPMC_MANIFEST_DTS`` : path to an alternate manifest file used as the
113 SPMC Core manifest. Valid when ``SPD=spmd`` is selected.
114
Balint Dobszay9f689762021-03-26 15:19:11 +0100115- ``ARM_BL2_SP_LIST_DTS``: Path to DTS file snippet to override the hardcoded
116 SP nodes in tb_fw_config.
117
Arunachalam Ganapathy47d514d2020-12-08 16:35:18 +0000118- ``OPTEE_SP_FW_CONFIG``: DTC build flag to include OP-TEE as SP in tb_fw_config
119 device tree. This flag is defined only when ``ARM_SPMC_MANIFEST_DTS`` manifest
120 file name contains pattern optee_sp.
121
Davidson K9a949142021-03-10 12:07:15 +0530122- ``TS_SP_FW_CONFIG``: DTC build flag to include Trusted Services (Crypto and
Davidson Kea84e432021-08-10 19:25:57 +0530123 internal-trusted-storage) as SP in tb_fw_config device tree.
Davidson K9a949142021-03-10 12:07:15 +0530124
Manish V Badarkhe19ae29b2021-03-10 18:33:36 +0000125- ``ARM_GPT_SUPPORT``: Enable GPT parser to get the entry address and length of
126 the various partitions present in the GPT image. This support is available
127 only for the BL2 component, and it is disabled by default.
128 The following diagram shows the view of the FIP partition inside the GPT
129 image:
130
131 |FIP in a GPT image|
132
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +0100133For a better understanding of these options, the Arm development platform memory
134map is explained in the :ref:`Firmware Design`.
135
136.. _build_options_arm_css_platform:
137
138Arm CSS Platform-Specific Build Options
139---------------------------------------
140
141- ``CSS_DETECT_PRE_1_7_0_SCP``: Boolean flag to detect SCP version
142 incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
143 compatible change to the MTL protocol, used for AP/SCP communication.
144 TF-A no longer supports earlier SCP versions. If this option is set to 1
145 then TF-A will detect if an earlier version is in use. Default is 1.
146
147- ``CSS_LOAD_SCP_IMAGES``: Boolean flag, which when set, adds SCP_BL2 and
148 SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
149 during boot. Default is 1.
150
151- ``CSS_USE_SCMI_SDS_DRIVER``: Boolean flag which selects SCMI/SDS drivers
152 instead of SCPI/BOM driver for communicating with the SCP during power
153 management operations and for SCP RAM Firmware transfer. If this option
154 is set to 1, then SCMI/SDS drivers will be used. Default is 0.
155
Vijayenthiran Subramaniambc489912019-12-26 17:45:58 +0530156 - ``CSS_SGI_CHIP_COUNT``: Configures the number of chips on a SGI/RD platform
157 which supports multi-chip operation. If ``CSS_SGI_CHIP_COUNT`` is set to any
158 valid value greater than 1, the platform code performs required configuration
159 to support multi-chip operation.
160
Aditya Angadi06402222021-03-20 12:06:15 +0530161- ``CSS_SGI_PLATFORM_VARIANT``: Selects the variant of a SGI/RD platform. A
162 particular SGI/RD platform may have multiple variants which may differ in
163 core count, cluster count or other peripherals. This build option is used
164 to select the appropriate platform variant for the build. The range of
165 valid values is platform specific.
166
Pranav Madhue3173282022-07-27 12:49:24 +0530167- ``CSS_SYSTEM_GRACEFUL_RESET``: Build option to enable graceful powerdown of
168 CPU core on reset. This build option can be used on CSS platforms that
169 require all the CPUs to execute the CPU specific power down sequence to
170 complete a warm reboot sequence in which only the CPUs are power cycled.
171
Chris Kay91dd2532023-06-05 17:22:54 +0100172Arm FVP Build Options
173---------------------
174
175- ``FVP_TRUSTED_SRAM_SIZE``: Size (in kilobytes) of the Trusted SRAM region to
176 utilize when building for the FVP platform. This option defaults to 256.
177
Manish V Badarkhec894c602023-06-22 09:55:00 +0100178Arm Juno Build Options
179----------------------
180
181- ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
182 runtime software in AArch32 mode, which is required to run AArch32 on Juno.
183 By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
184 AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
185 images.
186
Paul Beesleyd2fcc4e2019-05-29 13:59:40 +0100187--------------
188
Manish V Badarkhe19ae29b2021-03-10 18:33:36 +0000189.. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
190
Bjorn Engstrom74c5f872022-08-26 09:45:45 +0200191*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*