-----Original Message----- From: Linaro-uefi [mailto:linaro-uefi-bounces@lists.linaro.org] On Behalf Of Yehuda Yitschak Sent: Wednesday, November 04, 2015 8:03 PM To: Ard Biesheuvel Cc: Shadi Ammouri; Linaro-uefi@lists.linaro.org Subject: Re: [Linaro-uefi] UEFI switch to EL2
-----Original Message----- From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] Sent: Wednesday, November 04, 2015 15:51 To: Yehuda Yitschak Cc: Linaro-uefi@lists.linaro.org; leif.lindholm@linaro.org; Shadi Ammouri Subject: Re: UEFI switch to EL2
On 4 November 2015 at 14:31, Yehuda Yitschak yehuday@marvell.com wrote:
Hello everyone
I am in the process of porting EDK2 to a Quad core Aarch64 based SOC. The SOC has a built-in BootROM running in EL3. When the BootROM completes loading The image it transfers control to the loaded image in EL3 to allow installing a secure monitor Since we have an on chip primary loader (i.e. BootROM) I used the 2nd stage template as a basis for my port
So in my flow BootROM loads FD image to main memory and jumps to the entry point in EL3 I quickly found out however that EDK2 expects to be executed in EL2 or EL1.
It was a bit surprising actually. I expected EDK2 to also act is a secure monitor and handle the PSCI calls as well.
I guess I am missing something in the functional partition.
To get to the point I would like to ask;
Who handles PSCI in Juno. I noticed the existence of ATFbinaries
such as bl0 and bl3 under Juno. Does it mean Juno works with combination of ATF and EDK2 ?
Indeed. On the Juno reference platform, UEFI is merely an intermediate stage bootloader that gets loaded to DRAM by the secure firmware and executed in EL2
Is there a simple way to switch to EL2 using EDK2packages. I
guess the Sec part is supposed to do that, right ?
Yes. ArmPlatformPkg/Sec/Sec.c should cover everything you need, although I must stress that a) this code is unused and thus untested, and b) it is not the recommended approach.
Thanks, I will use the Sec as an intermediate solution.
What is the suggested approach? using ATF together with EDK2 ? I'm just a bit worried about the flow of generating a boot image. It looks like it would require constantly syncing ATF binaries into EDK2 source. It might not be a real issue if you actually load edk2 from flash but if you compile them together .... im not sure.
Using ATF is recommended, though not mandatory. For e.g. we are booting UEFI in EL3 mode on our ARMv8 SoC without using ATF upfront. We have a custom implementation of platform & run-time security firmware (something similar to ATF) which runs in EL3. Both UEFI and custom FW are placed on NOR flash.
So we don't have the SEC stage, PEI starts up in EL3 and calls the custom FW which runs in EL3 then it transitions the DXE phase to EL2.
Regards, Bhupesh