+ +-------------------------+------------+-------+
| |Trusted Firmware-A (TF-A)| U-Boot | Linux |
+-------------+-------------------------+------------+-------+
- | TrustZone |TF-A secure monitor |
+ | TrustZone |secure monitor |
+-------------+-------------------------+------------+-------+
TF-A performs a full initialization of Secure peripherals and installs a
-secure monitor (BL32=SPMin).
+secure monitor, BL32:
-U-Boot is running in normal world and uses TF-A monitor to access
-to secure resources.
-
-The **Trusted** boot chain with **OP-TEE**
-``````````````````````````````````````````
-
-defconfig_file : stm32mp15_optee_defconfig
-
- +-------------+-------------------------+------------+-------+
- | ROM code | FSBL | SSBL | OS |
- + +-------------------------+------------+-------+
- | |Trusted Firmware-A (TF-A)| U-Boot | Linux |
- +-------------+-------------------------+------------+-------+
- | TrustZone |OP-TEE |
- +-------------+-------------------------+------------+-------+
+ * SPMin provided by TF-A or
+ * OP-TEE from specific partitions (teeh, teed, teex).
-TF-A performs a full initialization of Secure peripherals and installs OP-TEE
-from specific partitions (teeh, teed, teex).
-
-U-Boot is running in normal world and uses OP-TEE monitor to access
+U-Boot is running in normal world and uses the secure monitor to access
to secure resources.
The **Basic** boot chain
for example: use one output directory for each configuration::
# export KBUILD_OUTPUT=stm32mp15_trusted
- # export KBUILD_OUTPUT=stm32mp15_optee
# export KBUILD_OUTPUT=stm32mp15_basic
you can build outside of code directory::
with <defconfig_file>:
- For **trusted** boot mode : **stm32mp15_trusted_defconfig**
- - For **trusted** with OP-TEE boot mode : **stm32mp15_optee_defconfig**
- For basic boot mode: stm32mp15_basic_defconfig
5. Configure the device-tree and build the U-Boot image::
b) trusted with OP-TEE boot on dk2::
- # export KBUILD_OUTPUT=stm32mp15_optee
- # make stm32mp15_optee_defconfig
+ # export KBUILD_OUTPUT=stm32mp15_trusted
+ # make stm32mp15_trusted_defconfig
# make DEVICE_TREE=stm32mp157c-dk2 all
c) basic boot on ev1::
dev: RAM alt: 0 name: uImage layout: RAM_ADDR
dev: RAM alt: 1 name: devicetree.dtb layout: RAM_ADDR
dev: RAM alt: 2 name: uramdisk.image.gz layout: RAM_ADDR
- dev: eMMC alt: 3 name: sdcard_fsbl1 layout: RAW_ADDR
- dev: eMMC alt: 4 name: sdcard_fsbl2 layout: RAW_ADDR
- dev: eMMC alt: 5 name: sdcard_ssbl layout: RAW_ADDR
- dev: eMMC alt: 6 name: sdcard_bootfs layout: RAW_ADDR
- dev: eMMC alt: 7 name: sdcard_vendorfs layout: RAW_ADDR
- dev: eMMC alt: 8 name: sdcard_rootfs layout: RAW_ADDR
- dev: eMMC alt: 9 name: sdcard_userfs layout: RAW_ADDR
- dev: eMMC alt: 10 name: emmc_fsbl1 layout: RAW_ADDR
- dev: eMMC alt: 11 name: emmc_fsbl2 layout: RAW_ADDR
- dev: eMMC alt: 12 name: emmc_ssbl layout: RAW_ADDR
- dev: eMMC alt: 13 name: emmc_bootfs layout: RAW_ADDR
- dev: eMMC alt: 14 name: emmc_vendorfs layout: RAW_ADDR
- dev: eMMC alt: 15 name: emmc_rootfs layout: RAW_ADDR
- dev: eMMC alt: 16 name: emmc_userfs layout: RAW_ADDR
- dev: MTD alt: 17 name: nor_fsbl1 layout: RAW_ADDR
- dev: MTD alt: 18 name: nor_fsbl2 layout: RAW_ADDR
- dev: MTD alt: 19 name: nor_ssbl layout: RAW_ADDR
- dev: MTD alt: 20 name: nor_env layout: RAW_ADDR
- dev: MTD alt: 21 name: nand_fsbl layout: RAW_ADDR
- dev: MTD alt: 22 name: nand_ssbl1 layout: RAW_ADDR
- dev: MTD alt: 23 name: nand_ssbl2 layout: RAW_ADDR
- dev: MTD alt: 24 name: nand_UBI layout: RAW_ADDR
- dev: VIRT alt: 25 name: OTP layout: RAW_ADDR
- dev: VIRT alt: 26 name: PMIC layout: RAW_ADDR
+ dev: eMMC alt: 3 name: mmc0_fsbl1 layout: RAW_ADDR
+ dev: eMMC alt: 4 name: mmc0_fsbl2 layout: RAW_ADDR
+ dev: eMMC alt: 5 name: mmc0_ssbl layout: RAW_ADDR
+ dev: eMMC alt: 6 name: mmc0_bootfs layout: RAW_ADDR
+ dev: eMMC alt: 7 name: mmc0_vendorfs layout: RAW_ADDR
+ dev: eMMC alt: 8 name: mmc0_rootfs layout: RAW_ADDR
+ dev: eMMC alt: 9 name: mmc0_userfs layout: RAW_ADDR
+ dev: eMMC alt: 10 name: mmc1_boot1 layout: RAW_ADDR
+ dev: eMMC alt: 11 name: mmc1_boot2 layout: RAW_ADDR
+ dev: eMMC alt: 12 name: mmc1_ssbl layout: RAW_ADDR
+ dev: eMMC alt: 13 name: mmc1_bootfs layout: RAW_ADDR
+ dev: eMMC alt: 14 name: mmc1_vendorfs layout: RAW_ADDR
+ dev: eMMC alt: 15 name: mmc1_rootfs layout: RAW_ADDR
+ dev: eMMC alt: 16 name: mmc1_userfs layout: RAW_ADDR
+ dev: MTD alt: 17 name: nor0 layout: RAW_ADDR
+ dev: MTD alt: 18 name: nand0 layout: RAW_ADDR
+ dev: VIRT alt: 19 name: OTP layout: RAW_ADDR
+ dev: VIRT alt: 20 name: PMIC layout: RAW_ADDR
All the supported device are exported for dfu-util tool::
$> dfu-util -l
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=26, name="PMIC", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=25, name="OTP", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=24, name="nand_UBI", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=23, name="nand_ssbl2", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=22, name="nand_ssbl1", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=21, name="nand_fsbl", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=20, name="nor_env", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=19, name="nor_ssbl", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=18, name="nor_fsbl2", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=17, name="nor_fsbl1", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=16, name="emmc_userfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=15, name="emmc_rootfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=14, name="emmc_vendorfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=13, name="emmc_bootfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=12, name="emmc_ssbl", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=11, name="emmc_fsbl2", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=10, name="emmc_fsbl1", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=9, name="sdcard_userfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=8, name="sdcard_rootfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=7, name="sdcard_vendorfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=6, name="sdcard_bootfs", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=5, name="sdcard_ssbl", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=4, name="sdcard_fsbl2", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=3, name="sdcard_fsbl1", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=2, name="uramdisk.image.gz", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=1, name="devicetree.dtb", serial="002700333338511934383330"
- Found DFU: [0483:5720] ver=9999, devnum=99, cfg=1, intf=0, alt=0, name="uImage", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=20, name="PMIC", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=19, name="OTP", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=18, name="nand0", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=17, name="nor0", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=16, name="mmc1_userfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=15, name="mmc1_rootfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=14, name="mmc1_vendorfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=13, name="mmc1_bootfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=12, name="mmc1_ssbl", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=11, name="mmc1_boot2", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=10, name="mmc1_boot1", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=9, name="mmc0_userfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=8, name="mmc0_rootfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=7, name="mmc0_vendorfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=6, name="mmc0_bootfs", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=5, name="mmc0_ssbl", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=4, name="mmc0_fsbl2", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=3, name="mmc0_fsbl1", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=2, name="uramdisk.image.gz", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=1, name="devicetree.dtb", serial="002700333338511934383330"
+ Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=0, name="uImage", serial="002700333338511934383330"
You can update the boot device:
$> dfu-util -d 0483:5720 -a 15 -D st-image-weston-openstlinux-weston-stm32mp1.ext4
$> dfu-util -d 0483:5720 -a 16 -D st-image-userfs-openstlinux-weston-stm32mp1.ext4
-- NOR::
+- you can also dump the OTP and the PMIC NVM with::
+
+ $> dfu-util -d 0483:5720 -a 19 -U otp.bin
+ $> dfu-util -d 0483:5720 -a 20 -U pmic.bin
+
- $> dfu-util -d 0483:5720 -a 17 -D tf-a-stm32mp157c-ev1-trusted.stm32
- $> dfu-util -d 0483:5720 -a 18 -D tf-a-stm32mp157c-ev1-trusted.stm32
- $> dfu-util -d 0483:5720 -a 19 -D u-boot-stm32mp157c-ev1-trusted.img
+When the board is booting for nor0 or nand0,
+only the MTD partition on the boot devices are available, for example:
-- NAND (UBI partition used for NAND only boot or NOR + NAND boot)::
+- NOR (nor0 = alt 20) & NAND (nand0 = alt 26) ::
$> dfu-util -d 0483:5720 -a 21 -D tf-a-stm32mp157c-ev1-trusted.stm32
- $> dfu-util -d 0483:5720 -a 22 -D u-boot-stm32mp157c-ev1-trusted.img
+ $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1-trusted.stm32
$> dfu-util -d 0483:5720 -a 23 -D u-boot-stm32mp157c-ev1-trusted.img
- $> dfu-util -d 0483:5720 -a 24 -D st-image-weston-openstlinux-weston-stm32mp1_nand_4_256_multivolume.ubi
+ $> dfu-util -d 0483:5720 -a 27 -D st-image-weston-openstlinux-weston-stm32mp1_nand_4_256_multivolume.ubi
-- you can also dump the OTP and the PMIC NVM with::
+- NAND (nand0 = alt 21)::
- $> dfu-util -d 0483:5720 -a 25 -U otp.bin
- $> dfu-util -d 0483:5720 -a 26 -U pmic.bin
+ $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1-trusted.stm32
+ $> dfu-util -d 0483:5720 -a 23 -D u-boot-stm32mp157c-ev1-trusted.img
+ $> dfu-util -d 0483:5720 -a 24 -D u-boot-stm32mp157c-ev1-trusted.img
+ $> dfu-util -d 0483:5720 -a 25 -D st-image-weston-openstlinux-weston-stm32mp1_nand_4_256_multivolume.ubi
projects / oweals / u-boot.git / blobdiff