We need to rebuild FVMAIN_SEC.fv after enlarging FVMAIN_COMPACT,
because the fv size and trustfirmware located base address changed.
Signed-off-by: Chenhui Sun <sunchenhui(a)huawei.com>
---
Platforms/Hisilicon/Binary/D02/Sec/FVMAIN_SEC.Fv | Bin 262144 -> 262144 bytes
1 file changed, 0 insertions(+), 0 deletions(-)
diff --git a/Platforms/Hisilicon/Binary/D02/Sec/FVMAIN_SEC.Fv b/Platforms/Hisilicon/Binary/D02/Sec/FVMAIN_SEC.Fv
index bac8767..49b61aa 100644
Binary files a/Platforms/Hisilicon/Binary/D02/Sec/FVMAIN_SEC.Fv and b/Platforms/Hisilicon/Binary/D02/Sec/FVMAIN_SEC.Fv differ
--
1.9.1
I am new to UEFI and trying to boot Linux with LinuxLoader app. But I
cannot find detail information for below questions. Could anyone point
out where I can find related information or example code? Thanks for
your time!
1. How to feed command line to this app so that ProcessAppCommandLine() can
process it?
2. And how should I generate device path string for raw blockIO
device with specified offset/size? UEFI 2.6 spec does not provide much
information in 9.4.5 Media Device Path Rules.
Thank you!
Jun
Linux for arm64 v4.10 and later will complain if the ECAM config space is
not reserved in the ACPI namespace:
acpi PNP0A08:00: [Firmware Bug]: ECAM area [mem 0x3f000000-0x3fffffff] not reserved in ACPI namespace
The rationale is that OSes that don't consume the MCFG table should still
be able to infer that the PCI config space MMIO region is occupied.
So update the ACPI tables to add this reservation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org>
---
Platforms/AMD/Styx/AcpiTables/Dsdt.asl | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/Platforms/AMD/Styx/AcpiTables/Dsdt.asl b/Platforms/AMD/Styx/AcpiTables/Dsdt.asl
index 7edec3d1ec28..3bfa26acea07 100644
--- a/Platforms/AMD/Styx/AcpiTables/Dsdt.asl
+++ b/Platforms/AMD/Styx/AcpiTables/Dsdt.asl
@@ -646,6 +646,14 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "AMDINC", "SEATTLE ", 3)
Return (RBUF) /* \_SB_.PCI0._CRS.RBUF */
} // Method(_CRS)
+ Device (RES0)
+ {
+ Name (_HID, "PNP0C02")
+ Name (_CRS, ResourceTemplate ()
+ {
+ Memory32Fixed (ReadWrite, 0xF0000000, 0x8000000)
+ })
+ }
Name (SUPP, 0x00)
Name (CTRL, 0x00)
Method (_OSC, 4, NotSerialized) // _OSC: Operating System Capabilities
--
2.7.4
Changes to support building MM images in secure and normal worlds on FVP-
AEMv8-AEMv8.
Management Mode (MM) provides a secure execution environment on Server
and Clamshell platforms. It is specified in the Volume 4. PI
specification. An implementation exists in the EDK2-Staging code base.
In order to support MM on ARM, changes are required to both EDK2 and ARM
Trusted Firmware.
MM provides a management service rather than a security service. Hence
it has to be isolated from any software stack e.g. Trusted OS that
provides security services.
The MM Image executes in S-EL0 on ARM platforms in a sandboxed environment.
In future, there might be other sandboxed environments that co-exist with it.
Each sandbox implements a Secure Firmware Service.
The corresponding image is called
a SFS_PAYLOAD.
This change adds an optional parameter ATF_SFS_PAYLOAD.
ATF_SFS_PAYLOAD will be the path to management service in fd format
(EDK2 Firmware Device).
Signed-off-by: Supreeth Venkatesh <supreeth.venkatesh(a)arm.com>
---
Changes in v4:
- Cosmetic Name Changes. fvp_normal_mm -> fvp_mm_normal and
fvp_secure_mm to fvp_mm_standalone.
Changes in v3:
- Add ARM_STANDALONE_MM_ENABLE=TRUE for normal MM Image
in platforms.config.
Changes in v2:
- Updated Commit Message to indicate concept of Secure Firmware Services
is still in flux.
- Changed internal variable in atf_build.sh file to SFS_OPTION
from SFS_PAYLOAD.
- Drop FIRMWARE_VER parameter for fvp_normal_mm platform.
---
atf-build.sh | 14 ++++++++++++--
platforms.config | 22 ++++++++++++++++++++++
2 files changed, 34 insertions(+), 2 deletions(-)
diff --git a/atf-build.sh b/atf-build.sh
index 0c4c09c..4d6afa0 100755
--- a/atf-build.sh
+++ b/atf-build.sh
@@ -60,12 +60,14 @@ function build_platform
PLATFORM_ARCH="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o arch`"
PLATFORM_IMAGE_DIR="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o uefi_image_dir`"
PLATFORM_BUILDFLAGS="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o atf_buildflags`"
+ PLATFORM_SFS_PAYLOAD="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o atf_sfs_payload`"
if [ $VERBOSE -eq 1 ]; then
echo "PLATFORM_NAME=$PLATFORM_NAME"
echo "PLATFORM_ARCH=$PLATFORM_ARCH"
echo "PLATFORM_IMAGE_DIR=$PLATFORM_IMAGE_DIR"
echo "PLATFORM_BUILDFLAGS=$PLATFORM_BUILDFLAGS"
+ echo "PLATFORM_SFS_PAYLOAD=$PLATFORM_SFS_PAYLOAD"
fi
unset BL30 BL31 BL32 BL33
@@ -118,6 +120,14 @@ function build_platform
fi
fi
+ if [ X"$PLATFORM_SFS_PAYLOAD" != X"" ]; then
+ #
+ # Since SFS cannot be exported or undefined,
+ # we parametrise it here
+ #
+ SFS_OPTION="SFS_PAYLOAD=$EDK2_DIR/$PLATFORM_SFS_PAYLOAD"
+ fi
+
#
# Debug extraction handling
#
@@ -157,9 +167,9 @@ function build_platform
#
if [ $VERBOSE -eq 1 ]; then
echo "Calling ARM Trusted Firmware build:"
- echo "CROSS_COMPILE="$CROSS_COMPILE" make -j$NUM_THREADS PLAT="$ATF_PLATFORM" $SPD_OPTION DEBUG=$DEBUG ${PLATFORM_BUILDFLAGS} all fip"
+ echo "CROSS_COMPILE="$CROSS_COMPILE" make -j$NUM_THREADS PLAT="$ATF_PLATFORM" $SPD_OPTION $SFS_OPTION DEBUG=$DEBUG ${PLATFORM_BUILDFLAGS} all fip"
fi
- CROSS_COMPILE="$CROSS_COMPILE" make -j$NUM_THREADS PLAT="$ATF_PLATFORM" $SPD_OPTION DEBUG=$DEBUG ${PLATFORM_BUILDFLAGS} all fip
+ CROSS_COMPILE="$CROSS_COMPILE" make -j$NUM_THREADS PLAT="$ATF_PLATFORM" $SPD_OPTION $SFS_OPTION DEBUG=$DEBUG ${PLATFORM_BUILDFLAGS} all fip
if [ $? -eq 0 ]; then
#
# Copy resulting images to UEFI image dir
diff --git a/platforms.config b/platforms.config
index ebf81df..dc1ee21 100644
--- a/platforms.config
+++ b/platforms.config
@@ -51,6 +51,8 @@
# - BUILDFLAGS Any special flags you want to pass to the build command.
# - ATF_BUILDFLAGS Any special flags you want to pass to the ARM Trusted
# Firmware build command.
+# - ATF_SFS_PAYLOAD Any special secure firmware service payload you want
+# to pass to the ARM trusted Firmware build command.
# - TOS_BUILDFLAGS Any special flags you want to pass to the Trusted OS
# build command.
# - EXTRA_FILES Any additional files to be copied to output dir.
@@ -90,6 +92,26 @@ BUILD_ATF=yes
UEFI_BIN=FVP_AARCH64_EFI.fd
UEFI_IMAGE_DIR=ArmVExpress-FVP-AArch64
+# ARM FVP BASE AEMv8-A model
+[fvp_mm_standalone]
+LONGNAME=FVP Base for MM Standalone image in secure world
+DSC=StandaloneSmmPkg/StandaloneSmmPkg.dsc
+ARCH=AARCH64
+UEFI_BIN=FVP_AARCH64_EFI_MM_STANDALONE.fd
+UEFI_IMAGE_DIR=ArmVExpress-FVP-AArch64-MM-Standalone
+
+[fvp_mm_normal]
+LONGNAME=FVP Base for UEFI image with MM support in normal world"
+DSC=OpenPlatformPkg/Platforms/ARM/VExpress/ArmVExpress-FVP-AArch64.dsc
+BUILDFLAGS=-D EDK2_OUT_DIR=Build/ArmVExpress-FVP-AArch64-MM-Normal -D EDK2_ENABLE_SMSC_91X=1 -D ARM_STANDALONE_MM_ENABLE=TRUE
+ARCH=AARCH64
+BUILD_ATF=debug
+UEFI_BIN=FVP_AARCH64_EFI.fd
+UEFI_IMAGE_DIR=ArmVExpress-FVP-AArch64-MM-Normal
+ATF_PLATFORM=fvp
+ATF_SFS_PAYLOAD=Build/StandaloneSmmPkg/DEBUG_GCC49/FV/STANDALONESMM.fd
+ATF_BUILDFLAGS=ARM_TSP_RAM_LOCATION=dram SFSD=mmd
+
[tc2]
LONGNAME=Versatile Express TC2
BUILDFLAGS=-D ARM_BIGLITTLE_TC2=1
--
2.7.4