3.9. ARM Trusted Firmware-A

Overview

Trusted Firmware-A (TF-A) provides a reference implementation of secure world software for Armv7-A and Armv8-A, including a Secure Monitor executing at Exception Level 3 (EL3).

TF-A is the initial code on ARMv8-A cores for all K3 platforms. After setting up the initial core state and applying any needed errata fixes it sets up itself as the EL3 monitor handler. Following that, it installs the secure world open source Trusted Execution Environment (OP-TEE) software and passes execution on to either the Linux kernel or U-Boot in the non-secure world.


Getting the TF-A Source Code

The pre-built TF-A binary is in the TI Processor SDK: <path-to-processor-sdk>/board-support/prebuilt-images/<optional-build-machine-name>/bl31.bin. Use this binary since it is tested with TI Processor SDK.

If it is not possible to use a pre-built binary, use the following:

$ git clone https://review.trustedfirmware.org/TF-A/trusted-firmware-a.git
$ git checkout <hash>

Where <hash> is the commit shown in Build Information.


Setting up the toolchain paths

Before compiling any of the sources referenced in this document, set the cross compiler paths to the toolchains packaged in the Processor SDK [Recommended] as shown below. Refer to Yocto-built SDK Toolchains section for more details on usage.

host# export CROSS_COMPILE_64="${SDK_INSTALL_DIR}/linux-devkit/sysroots/x86_64-arago-linux/usr/bin/aarch64-oe-linux/aarch64-oe-linux-"
host# export SYSROOT_64="${SDK_INSTALL_DIR}/linux-devkit/sysroots/aarch64-oe-linux"
host# export CC_64="${CROSS_COMPILE_64}gcc --sysroot=${SYSROOT_64}"
host# export CROSS_COMPILE_32="${SDK_INSTALL_DIR}/k3r5-devkit/sysroots/x86_64-arago-linux/usr/bin/arm-oe-eabi/arm-oe-eabi-"

If the Processor SDK is not installed, the Arm GNU toolchains can be downloaded and setup. Refer to ARM toolchains section for more details on usage.

Building TF-A

$ make CROSS_COMPILE="$CROSS_COMPILE_64" PLAT=k3 TARGET_BOARD=generic SPD=opteed

Default load locations

+---------------------------+------------+
| TF-A image                | 0x70000000 |
+---------------------------+------------+
| OP-TEE image              | 0x9e800000 |
+---------------------------+------------+
| U-Boot/Linux kernel image | 0x80080000 |
+---------------------------+------------+
| DTB                       | 0x82000000 |
+---------------------------+------------+