“TF-A overview”的版本间的差异

来自百问网嵌入式Linux wiki
(创建页面,内容为“== Trusted Firmware-A == File: STM32MPU Embedded Software architecture overview.png|link=STM32MPU Embedded Software architecture overview|thumb|Zoom out to STM32MP…”)
 
 
(未显示同一用户的3个中间版本)
第1行: 第1行:
 
== Trusted Firmware-A ==
 
== Trusted Firmware-A ==
[[File: STM32MPU Embedded Software architecture overview.png|link=STM32MPU Embedded Software architecture overview|thumb|Zoom out to STM32MPU Embedded Software]]
+
[[File: STM32MPU Embedded Software architecture overview.png|link=STM32MPU Embedded Software architecture overview|thumb|缩小到STM32MPU嵌入式软件]]
Trusted Firmware-A is a reference implementation of secure-world software provided by Arm<sup>&reg;</sup>. It was first designed for Armv8-A platforms, and has been adapted to be used on Armv7-A platforms by STMicroelectronics. Arm is transferring the Trusted Firmware project to be managed as an open-source project by Linaro.<ref>https://www.trustedfirmware.org/</ref>
+
Trusted Firmware-A是Arm提供的安全世界软件的参考实现。<sup>&reg;</sup>. 它最初是为Armv8-A平台设计的,并已由意法半导体(STMicroelectronics)改编为用于Armv7-A平台。 Arm正在转让Trusted Firmware项目,该项目将由Linaro作为开源项目进行管理。<ref>https://www.trustedfirmware.org/</ref>
  
It is used as the first-stage boot loader (FSBL) on STM32 MPU platforms when using the [[Boot_chains_overview#STM32MP boot chains|trusted boot chain]].
+
当使用STM32 MPU平台时,它用作STM32 MPU平台上的第一阶段引导加载程序(FSBL)。 [[Boot_chains_overview#STM32MP boot chains|trusted boot chain]].
  
The code is open source, under a BSD-3-Clause licence, and can be found on github
+
该代码在BSD-3-Clause许可下是开源的,可以在github上找到
<ref>https://github.com/ARM-software/arm-trusted-firmware</ref>, including an up-to-date documentation about Trusted Firmware-A implementation <ref name=readme>{{CodeSource | TF-A | readme.rst}}</ref>.
+
<ref>https://github.com/ARM-software/arm-trusted-firmware</ref>, 包括有关Trusted Firmware-A安装的最新文档 <ref name=readme>{{CodeSource | TF-A | readme.rst}}</ref>.
  
Trusted Firmware-A also implements a secure monitor with various Arm interface standards:
+
Trusted Firmware-A还使用各种Arm接口标准实施安全的监视器:
* The power state coordination interface (PSCI) <ref name=psci>http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf</ref>
+
* 电源状态协调接口(PSCI) <ref name=psci>http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf</ref>
* Trusted board boot requirements (TBBR) <ref>Arm DEN0006C-1</ref>
+
* 可信板启动要求(TBBR)<ref>Arm DEN0006C-1</ref>
* SMC calling convention <ref name=smc>http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf </ref>
+
* SMC呼叫约定 <ref name=smc>http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf </ref>
* System control and management interface <ref>http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf </ref>
+
* 系统控制和管理界面<ref>http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf </ref>
  
Trusted Firmware-A is usually shortened to TF-A.
+
Trusted Firmware-A 通常缩写为 TF-A.
  
 
== Architecture ==
 
== Architecture ==
  
The global architecture of TF-A is explained in the Trusted Firmware-A design <ref>{{CodeSource | TF-A | docs/firmware-design.rst}}</ref> document.
+
TF-A的全局体系结构在Trusted Firmware-A设计文档中进行了说明 <ref>{{CodeSource | TF-A | docs/firmware-design.rst}}</ref>
  
TF-A is divided into several binaries, each with a dedicated main role. For 32-bit Arm processors (AArch32), it is divided into four steps (in order of execution):
+
TF-A分为几个二进制文件,每个都有专门的主要角色。 对于32位Arm处理器(AArch32),它分为四个步骤(按执行顺序):
* Boot loader stage 1 (BL1) application processor trusted ROM
+
* 引导加载程序第1阶段(BL1)应用处理器受信任的ROM
* Boot loader stage 2 (BL2) trusted boot firmware
+
* 引导加载程序第2阶段(BL2)受信任的引导固件
* Boot loader stage 3-2 (BL32) runtime software
+
* 引导加载程序阶段3-2(BL32)运行时软件
* Boot loader stage 3-3 (BL33) non-trusted firmware
+
* 引导加载程序阶段3-3(BL33)不可信固件
  
BL1, BL2 and BL32 are parts of TF-A.
+
BL1,BL2和BL32是TF-A的一部分。
  
BL1 is now optional, and can be removed by enabling the compilation flag: BL2_AT_EL3. It is then removed for the STM32MP1, as all BL1 tasks are done by [[:Category:ROM code|ROM code]], or BL2.
+
BL1现在是可选的,并且可以通过启用编译标志BL2_AT_EL3来删除。 然后将其删除以用于STM32MP1,因为所有BL1任务均由 [[:Category:ROM code|ROM code]]或BL2完成。
 +
BL33在TF-A之外。 这是TF-A加载的第一个非安全代码。 在引导过程中,这是二级引导加载程序(SSBL)。 对于STM32 MPU平台,默认情况下,SSBL为[[U-Boot overview|U-Boot]]。
  
BL33 is outside of TF-A. This is the first non-secure code loaded by TF-A. During the boot sequence, this is the secondary stage boot loader (SSBL). For STM32 MPU platforms, the SSBL is [[U-Boot overview|U-Boot]] by default.
+
TF-A可以使用[[STM32MP15_device_tree#Device tree structure for Linux, U-Boot and TF-A|device tree]]管理其配置,因为STM32MP1就是这种情况。它是Linux内核的简化版本,仅在引导过程中使用设备。可以使用[[STM32CubeMX]]进行配置。
  
TF-A can manage its configuration with a [[STM32MP15_device_tree#Device tree structure for Linux, U-Boot and TF-A|device tree]], as this is the case on STM32MP1. It is a reduced version of the Linux kernel one, with only the devices used during boot. It can be configured with [[STM32CubeMX]].
+
在意法半导体(STMicroelectronics)的实现中,将2个二进制文件BL2和BL32以及设备树放到一个二进制文件中,然后通过ROM代码立即将其加载到SYSRAM中。
 
 
In STMicroelectronics' implementation, the 2 binaries, BL2 and BL32, and the device tree are put together in a single binary, to be loaded at once to the SYSRAM by the ROM code.
 
  
 
[[File:Boot_ATF.png|center|link=]]
 
[[File:Boot_ATF.png|center|link=]]
第40行: 第39行:
 
[[File:Boot_ATF_legend.png|center|link=]]
 
[[File:Boot_ATF_legend.png|center|link=]]
  
TF-A loading steps:
+
TF-A加载步骤:
# ROM code loads TF-A binary and calls BL2
+
# ROM代码加载TF-A二进制文件并调用BL2
# BL2 prepares BL32
+
# BL2准备BL32
# BL2 loads BL33
+
# BL2加载BL33
# BL2 calls BL32
+
# BL2呼叫BL32
# BL32 calls BL33
+
# BL32呼叫BL33
  
 
== Boot loader stages ==
 
== Boot loader stages ==
  
 
=== BL1 ===
 
=== BL1 ===
BL1 is the first stage executed, and is designed to act as ROM code; it is loaded and executed in internal RAM.
+
BL1是第一个执行阶段,设计为充当ROM代码;它在内部RAM中加载和执行。
It is not used for the STM32MP1. As the  STM32MP1 has its own proprietary [[:Category:ROM code|ROM code]], this part can be removed and BL2 is then the first TF-A binary to be executed.
+
不适用于STM32MP1。由于STM32MP1具有其专有的 [[:Category:ROM code|ROM code]],因此可以删除此部分,然后BL2是第一个要执行的TF-A二进制文件。
  
 
=== BL2 ===
 
=== BL2 ===
BL2 (trusted boot firmware) is in charge of loading the next-stage images (secure and non secure).
+
BL2(受信任的引导固件)负责加载下一阶段的映像(安全和不安全)。
To achieve this role, BL2 has to initialize all the required peripherals.
+
为了实现此作用,BL2必须初始化所有必需的外围设备。
  
It has to initialize the security components.<br>
+
它必须初始化安全组件。<br>
For the STM32MP15, these security peripherals are:
+
对于STM32MP15,这些安全外围设备为:
* boot and security, and OTP control ([[BSEC internal peripheral]])
+
* 引导和安全性以及OTP控制 ([[BSEC internal peripheral]])
* extended TrustZone protection controller ([[ETZPC internal peripheral]])
+
* 扩展的TrustZone保护控制器([[ETZPC internal peripheral]])
* TrustZone address space controller for DDR ([[TZC internal peripheral]])
+
* DDR的TrustZone地址空间控制器([[TZC internal peripheral]])
  
BL2 is also in charge of initializing the DDR and clock tree.
+
BL2还负责初始化DDR和时钟树。
  
The boot peripheral has to be initialized.<br>
+
引导外围设备必须初始化。<br>
On the STM32MP15, it can be one of the following:
+
在STM32MP15上,它可以是以下之一:
* SD-card via the [[SDMMC internal peripheral]]
+
* 通过[[SDMMC internal peripheral]]的SD卡
* eMMC via the [[SDMMC internal peripheral]]
+
* 通过[[SDMMC internal peripheral]]的eMMC
* NAND via the [[FMC internal peripheral]]
+
* 通过[[FMC internal peripheral]]进行NAND
* NOR via the [[QUADSPI internal peripheral]]
+
* NOR通过[[QUADSPI internal peripheral]]
  
USB ([[OTG internal peripheral]]) or UART([[USART internal peripheral]]) are used when Flashing, see [[STM32CubeProgrammer]] for more details.
+
在使用中闪烁时使用USB ([[OTG internal peripheral]]) UART([[USART internal peripheral]]) , 有关更多详细信息,请参见[[STM32CubeProgrammer]]
  
BL2 also integrates image verification and authentication. Authentication is achieved by calling [[STM32MP15 ROM code overview|BootROM]] verification services.
+
BL2还集成了图像验证和身份验证。通过调用[[STM32MP15 ROM code overview|BootROM]]验证服务来实现身份验证。
  
At the end of its execution, after having loaded BL32 and the next boot stage (BL33), BL2 jumps to BL32.
+
在执行结束时,在加载BL32和下一个引导阶段(BL33)之后,BL2跳至BL32。
  
 
=== BL32 ===
 
=== BL32 ===
BL32 provides runtime secure services. In TF-A, the BL32 default implementation is SP_min solution.
+
BL32提供运行时安全服务。在TF-A中,BL32的默认实现是SP_min解决方案。
It is described in the TF-A functionality list <ref name=readme/> as:
+
在TF-A功能列表 <ref name=readme/> 中将其描述为:
"A minimal AArch32 Secure Payload (SP_MIN) to demonstrate PSCI <ref name=psci/> library integration with AArch32 EL3 Runtime Software."
+
“最小的AArch32安全有效载荷(SP_MIN),用于演示PSCI  <ref name=psci/> 库与AArch32 EL3运行时软件的集成。”
  
This minimal implementation can be replaced with a trusted OS or trusted environment execution (TEE), such as [[OP-TEE overview|OP-TEE]].
+
可以用可信任的OS或可信任的环境执行(TEE)代替此最小实现,例如[[OP-TEE overview|OP-TEE]]
Both solutions (SP_min or OP-TEE) are supported by STMicroelectronics for STM32MP1.
 
  
BL32 acts as a secure monitor and thus provides secure services to non-secure OSs. These services are called by non-secure software with secure monitor calls <ref name=smc/>.
+
STMicroelectronics针对STM32MP1支持两种解决方案(SP_min或OP-TEE)。
  
This code is in charge of standard service calls, like PSCI <ref name=psci/>.<br/>
+
BL32充当安全监视器,从而为非安全OS提供安全服务。 这些服务由具有安全监视器调用的非安全软件调用 <ref name=smc/>.
  
It also provides STMicroelectronics dedicated services, to access secure peripherals. On the  STM32MP1, these services are used to access [[RCC internal peripheral]], [[PWR internal peripheral]], [[RTC internal peripheral]] or [[BSEC internal peripheral]].
+
此代码负责标准服务呼叫,例如PSCI<ref name=psci/>.<br/>
 +
 
 +
它还提供 STMicroelectronics 专用服务, 以访问安全外围设备。 在STM32MP1上,这些服务用于访问 [[RCC internal peripheral]], [[PWR internal peripheral]], [[RTC internal peripheral]] [[BSEC internal peripheral]].
  
 
==References==
 
==References==
 
<references />
 
<references />
 
<noinclude>
 
[[Category:Trusted Firmware-A (TF-A)| 01]]
 
{{PublicationRequestId | 9178 | 2018-10-24 | PhilipS}}
 
</noinclude>
 

2020年11月2日 (一) 10:48的最新版本

Trusted Firmware-A

缩小到STM32MPU嵌入式软件

Trusted Firmware-A是Arm提供的安全世界软件的参考实现。®. 它最初是为Armv8-A平台设计的,并已由意法半导体(STMicroelectronics)改编为用于Armv7-A平台。 Arm正在转让Trusted Firmware项目,该项目将由Linaro作为开源项目进行管理。[1]

当使用STM32 MPU平台时,它用作STM32 MPU平台上的第一阶段引导加载程序(FSBL)。 trusted boot chain.

该代码在BSD-3-Clause许可下是开源的,可以在github上找到 [2], 包括有关Trusted Firmware-A安装的最新文档 [3].

Trusted Firmware-A还使用各种Arm接口标准实施安全的监视器:

  • 电源状态协调接口(PSCI) [4]
  • 可信板启动要求(TBBR)[5]
  • SMC呼叫约定 [6]
  • 系统控制和管理界面[7]

Trusted Firmware-A 通常缩写为 TF-A.

Architecture

TF-A的全局体系结构在Trusted Firmware-A设计文档中进行了说明 [8]

TF-A分为几个二进制文件,每个都有专门的主要角色。 对于32位Arm处理器(AArch32),它分为四个步骤(按执行顺序):

  • 引导加载程序第1阶段(BL1)应用处理器受信任的ROM
  • 引导加载程序第2阶段(BL2)受信任的引导固件
  • 引导加载程序阶段3-2(BL32)运行时软件
  • 引导加载程序阶段3-3(BL33)不可信固件

BL1,BL2和BL32是TF-A的一部分。

BL1现在是可选的,并且可以通过启用编译标志BL2_AT_EL3来删除。 然后将其删除以用于STM32MP1,因为所有BL1任务均由 ROM code或BL2完成。 BL33在TF-A之外。 这是TF-A加载的第一个非安全代码。 在引导过程中,这是二级引导加载程序(SSBL)。 对于STM32 MPU平台,默认情况下,SSBL为U-Boot

TF-A可以使用device tree管理其配置,因为STM32MP1就是这种情况。它是Linux内核的简化版本,仅在引导过程中使用设备。可以使用STM32CubeMX进行配置。

在意法半导体(STMicroelectronics)的实现中,将2个二进制文件BL2和BL32以及设备树放到一个二进制文件中,然后通过ROM代码立即将其加载到SYSRAM中。

Boot ATF.png

TF-A加载步骤:

  1. ROM代码加载TF-A二进制文件并调用BL2
  2. BL2准备BL32
  3. BL2加载BL33
  4. BL2呼叫BL32
  5. BL32呼叫BL33

Boot loader stages

BL1

BL1是第一个执行阶段,设计为充当ROM代码;它在内部RAM中加载和执行。 不适用于STM32MP1。由于STM32MP1具有其专有的 ROM code,因此可以删除此部分,然后BL2是第一个要执行的TF-A二进制文件。

BL2

BL2(受信任的引导固件)负责加载下一阶段的映像(安全和不安全)。 为了实现此作用,BL2必须初始化所有必需的外围设备。

它必须初始化安全组件。
对于STM32MP15,这些安全外围设备为:

BL2还负责初始化DDR和时钟树。

引导外围设备必须初始化。
在STM32MP15上,它可以是以下之一:

在使用中闪烁时使用USB (OTG internal peripheral) 或 UART(USART internal peripheral) , 有关更多详细信息,请参见STM32CubeProgrammer

BL2还集成了图像验证和身份验证。通过调用BootROM验证服务来实现身份验证。

在执行结束时,在加载BL32和下一个引导阶段(BL33)之后,BL2跳至BL32。

BL32

BL32提供运行时安全服务。在TF-A中,BL32的默认实现是SP_min解决方案。 在TF-A功能列表 [3] 中将其描述为: “最小的AArch32安全有效载荷(SP_MIN),用于演示PSCI [4] 库与AArch32 EL3运行时软件的集成。”

可以用可信任的OS或可信任的环境执行(TEE)代替此最小实现,例如OP-TEE

STMicroelectronics针对STM32MP1支持两种解决方案(SP_min或OP-TEE)。

BL32充当安全监视器,从而为非安全OS提供安全服务。 这些服务由具有安全监视器调用的非安全软件调用 [6].

此代码负责标准服务呼叫,例如PSCI[4].

它还提供 STMicroelectronics 专用服务, 以访问安全外围设备。 在STM32MP1上,这些服务用于访问 RCC internal peripheral, PWR internal peripheral, RTC internal peripheralBSEC internal peripheral.