diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c index f47564054..d74d4267a 100644 --- a/bl2/bl2_main.c +++ b/bl2/bl2_main.c @@ -41,45 +41,52 @@ #include #include "bl2_private.h" +/* + * Check for platforms that use obsolete image terminology + */ +#ifdef BL30_BASE +# error "BL30_BASE platform define no longer used - please use SCP_BL2_BASE" +#endif + /******************************************************************************* - * Load the BL3-0 image if there's one. - * If a platform does not want to attempt to load BL3-0 image it must leave - * BL30_BASE undefined. - * Return 0 on success or if there's no BL3-0 image to load, a negative error + * Load the SCP_BL2 image if there's one. + * If a platform does not want to attempt to load SCP_BL2 image it must leave + * SCP_BL2_BASE undefined. + * Return 0 on success or if there's no SCP_BL2 image to load, a negative error * code otherwise. ******************************************************************************/ -static int load_bl30(void) +static int load_scp_bl2(void) { int e = 0; -#ifdef BL30_BASE - meminfo_t bl30_mem_info; - image_info_t bl30_image_info; +#ifdef SCP_BL2_BASE + meminfo_t scp_bl2_mem_info; + image_info_t scp_bl2_image_info; /* - * It is up to the platform to specify where BL3-0 should be loaded if + * It is up to the platform to specify where SCP_BL2 should be loaded if * it exists. It could create space in the secure sram or point to a * completely different memory. * * The entry point information is not relevant in this case as the AP - * won't execute the BL3-0 image. + * won't execute the SCP_BL2 image. */ - INFO("BL2: Loading BL3-0\n"); - bl2_plat_get_bl30_meminfo(&bl30_mem_info); - bl30_image_info.h.version = VERSION_1; - e = load_auth_image(&bl30_mem_info, - BL30_IMAGE_ID, - BL30_BASE, - &bl30_image_info, + INFO("BL2: Loading SCP_BL2\n"); + bl2_plat_get_scp_bl2_meminfo(&scp_bl2_mem_info); + scp_bl2_image_info.h.version = VERSION_1; + e = load_auth_image(&scp_bl2_mem_info, + SCP_BL2_IMAGE_ID, + SCP_BL2_BASE, + &scp_bl2_image_info, NULL); if (e == 0) { - /* The subsequent handling of BL3-0 is platform specific */ - e = bl2_plat_handle_bl30(&bl30_image_info); + /* The subsequent handling of SCP_BL2 is platform specific */ + e = bl2_plat_handle_scp_bl2(&scp_bl2_image_info); if (e) { - ERROR("Failure in platform-specific handling of BL3-0 image.\n"); + ERROR("Failure in platform-specific handling of SCP_BL2 image.\n"); } } -#endif /* BL30_BASE */ +#endif /* SCP_BL2_BASE */ return e; } @@ -219,13 +226,13 @@ void bl2_main(void) /* * Load the subsequent bootloader images */ - e = load_bl30(); + e = load_scp_bl2(); if (e) { - ERROR("Failed to load BL3-0 (%i)\n", e); + ERROR("Failed to load SCP_BL2 (%i)\n", e); plat_error_handler(e); } - /* Perform platform setup in BL2 after loading BL3-0 */ + /* Perform platform setup in BL2 after loading SCP_BL2 */ bl2_platform_setup(); /* diff --git a/docs/auth-framework.md b/docs/auth-framework.md index b910eaebf..f6455b9ed 100644 --- a/docs/auth-framework.md +++ b/docs/auth-framework.md @@ -211,8 +211,9 @@ It is responsible for: 3. Tracking which images have been verified. In case an image is a part of multiple CoTs then it should be verified only once e.g. the Trusted World Key Certificate in the TBBR-Client spec. contains information to verify - BL3-0, BL3-1, BL3-2 each of which have a separate CoT. (This responsibility - has not been described in this document but should be trivial to implement). + SCP_BL2, BL3-1, BL3-2 each of which have a separate CoT. (This + responsibility has not been described in this document but should be + trivial to implement). 4. Reusing memory meant for a data image to verify authentication images e.g. in the CoT described in Diagram 2, each certificate can be loaded and @@ -632,7 +633,7 @@ is, however, a minimum set of images that are mandatory in the Trusted Firmware and thus all CoTs must present: * `BL2` -* `BL3-0` (platform specific) +* `SCP_BL2` (platform specific) * `BL3-1` * `BL3-2` (optional) * `BL3-3` diff --git a/docs/firmware-design.md b/docs/firmware-design.md index 41fb7c0d8..51084f45f 100644 --- a/docs/firmware-design.md +++ b/docs/firmware-design.md @@ -248,16 +248,16 @@ BL2 also initializes a UART (PL011 console), which enables access to the access to controlled components. The storage abstraction layer is initialized which is used to load further bootloader images. -#### BL3-0 (System Control Processor Firmware) image load +#### SCP_BL2 (System Control Processor Firmware) image load Some systems have a separate System Control Processor (SCP) for power, clock, -reset and system control. BL2 loads the optional BL3-0 image from platform +reset and system control. BL2 loads the optional SCP_BL2 image from platform storage into a platform-specific region of secure memory. The subsequent -handling of BL3-0 is platform specific. For example, on the Juno ARM development -platform port the image is transferred into SCP's internal memory using the Boot -Over MHU (BOM) protocol after being loaded in the trusted SRAM memory. The SCP -executes BL3-0 and signals to the Application Processor (AP) for BL2 execution -to continue. +handling of SCP_BL2 is platform specific. For example, on the Juno ARM +development platform port the image is transferred into SCP's internal memory +using the Boot Over MHU (BOM) protocol after being loaded in the trusted SRAM +memory. The SCP executes SCP_BL2 and signals to the Application Processor (AP) +for BL2 execution to continue. #### BL3-1 (EL3 Runtime Firmware) image load @@ -1249,7 +1249,7 @@ The following list describes the memory layout on the ARM development platforms: * BL2 is loaded below BL3-1. -* On Juno, BL3-0 is loaded temporarily into the BL3-1 memory region and +* On Juno, SCP_BL2 is loaded temporarily into the BL3-1 memory region and transfered to the SCP before being overwritten by BL3-1. * BL3-2 can be loaded in one of the following locations: @@ -1356,12 +1356,12 @@ layout of the other images in Trusted SRAM. 0x0BEC0000 |----------| : : 0x08000000 +----------+ BL3-1 is loaded - after BL3-0 has + after SCP_BL2 has Trusted SRAM been sent to SCP 0x04040000 +----------+ loaded by BL2 ------------------ | BL1 (rw) | <<<<<<<<<<<<< | BL3-1 NOBITS | |----------| <<<<<<<<<<<<< |----------------| - | BL3-0 | <<<<<<<<<<<<< | BL3-1 PROGBITS | + | SCP_BL2 | <<<<<<<<<<<<< | BL3-1 PROGBITS | |----------| ------------------ | BL2 | <<<<<<<<<<<<< | BL3-2 NOBITS | |----------| <<<<<<<<<<<<< |----------------| @@ -1390,12 +1390,12 @@ layout of the other images in Trusted SRAM. 0x0BEC0000 |----------| : : 0x08000000 +----------+ BL3-1 is loaded - after BL3-0 has + after SCP_BL2 has Trusted SRAM been sent to SCP 0x04040000 +----------+ loaded by BL2 ------------------ | BL1 (rw) | <<<<<<<<<<<<< | BL3-1 NOBITS | |----------| <<<<<<<<<<<<< |----------------| - | BL3-0 | <<<<<<<<<<<<< | BL3-1 PROGBITS | + | SCP_BL2 | <<<<<<<<<<<<< | BL3-1 PROGBITS | |----------| ------------------ | BL2 | |----------| diff --git a/docs/porting-guide.md b/docs/porting-guide.md index b77377f18..5e80a7ff6 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -277,23 +277,23 @@ also be defined: BL3-3 content certificate identifier, used by BL2 to load the BL3-3 content certificate. -If a BL3-0 image is supported by the platform, the following constants must +If a SCP_BL2 image is supported by the platform, the following constants must also be defined: -* **#define : BL30_IMAGE_ID** +* **#define : SCP_BL2_IMAGE_ID** - BL3-0 image identifier, used by BL2 to load BL3-0 into secure memory from - platform storage before being transfered to the SCP. + SCP_BL2 image identifier, used by BL2 to load SCP_BL2 into secure memory + from platform storage before being transfered to the SCP. * **#define : SCP_FW_KEY_CERT_ID** - BL3-0 key certificate identifier, used by BL2 to load the BL3-0 key + SCP_BL2 key certificate identifier, used by BL2 to load the SCP_BL2 key certificate (mandatory when Trusted Board Boot is enabled). * **#define : SCP_FW_CONTENT_CERT_ID** - BL3-0 content certificate identifier, used by BL2 to load the BL3-0 content - certificate (mandatory when Trusted Board Boot is enabled). + SCP_BL2 content certificate identifier, used by BL2 to load the SCP_BL2 + content certificate (mandatory when Trusted Board Boot is enabled). If a BL3-2 image is supported by the platform, the following constants must also be defined: @@ -838,15 +838,15 @@ The BL2 stage is executed only by the primary CPU, which is determined in BL1 using the `platform_is_primary_cpu()` function. BL1 passed control to BL2 at `BL2_BASE`. BL2 executes in Secure EL1 and is responsible for: -1. (Optional) Loading the BL3-0 binary image (if present) from platform - provided non-volatile storage. To load the BL3-0 image, BL2 makes use of - the `meminfo` returned by the `bl2_plat_get_bl30_meminfo()` function. - The platform also defines the address in memory where BL3-0 is loaded - through the optional constant `BL30_BASE`. BL2 uses this information - to determine if there is enough memory to load the BL3-0 image. - Subsequent handling of the BL3-0 image is platform-specific and is - implemented in the `bl2_plat_handle_bl30()` function. - If `BL30_BASE` is not defined then this step is not performed. +1. (Optional) Loading the SCP_BL2 binary image (if present) from platform + provided non-volatile storage. To load the SCP_BL2 image, BL2 makes use of + the `meminfo` returned by the `bl2_plat_get_scp_bl2_meminfo()` function. + The platform also defines the address in memory where SCP_BL2 is loaded + through the optional constant `SCP_BL2_BASE`. BL2 uses this information + to determine if there is enough memory to load the SCP_BL2 image. + Subsequent handling of the SCP_BL2 image is platform-specific and is + implemented in the `bl2_plat_handle_scp_bl2()` function. + If `SCP_BL2_BASE` is not defined then this step is not performed. 2. Loading the BL3-1 binary image into secure RAM from non-volatile storage. To load the BL3-1 image, BL2 makes use of the `meminfo` structure passed to it @@ -897,8 +897,8 @@ copied structure is made available to all BL2 code through the In ARM standard platforms, this function also initializes the storage abstraction layer used to load further bootloader images. It is necessary to do -this early on platforms with a BL3-0 image, since the later `bl2_platform_setup` -must be done after BL3-0 is loaded. +this early on platforms with a SCP_BL2 image, since the later +`bl2_platform_setup` must be done after SCP_BL2 is loaded. ### Function : bl2_plat_arch_setup() [mandatory] @@ -945,24 +945,24 @@ populated with the extents of secure RAM available for BL2 to use. See `bl2_early_platform_setup()` above. -### Function : bl2_plat_get_bl30_meminfo() [mandatory] +### Function : bl2_plat_get_scp_bl2_meminfo() [mandatory] Argument : meminfo * Return : void This function is used to get the memory limits where BL2 can load the -BL3-0 image. The meminfo provided by this is used by load_image() to -validate whether the BL3-0 image can be loaded within the given +SCP_BL2 image. The meminfo provided by this is used by load_image() to +validate whether the SCP_BL2 image can be loaded within the given memory from the given base. -### Function : bl2_plat_handle_bl30() [mandatory] +### Function : bl2_plat_handle_scp_bl2() [mandatory] Argument : image_info * Return : int -This function is called after loading BL3-0 image and it is used to perform any -platform-specific actions required to handle the SCP firmware. Typically it +This function is called after loading SCP_BL2 image and it is used to perform +any platform-specific actions required to handle the SCP firmware. Typically it transfers the image into SCP memory using a platform-specific protocol and waits until SCP executes it and signals to the Application Processor (AP) for BL2 execution to continue. diff --git a/docs/trusted-board-boot.md b/docs/trusted-board-boot.md index 1cfa843d6..cd999e5c3 100644 --- a/docs/trusted-board-boot.md +++ b/docs/trusted-board-boot.md @@ -66,7 +66,7 @@ The keys used to establish the CoT are: * **Trusted world key** The private part is used to sign the key certificates corresponding to the - secure world images (BL3-0, BL3-1 and BL3-2). The public part is stored in + secure world images (SCP_BL2, BL3-1 and BL3-2). The public part is stored in one of the extension fields in the trusted world certificate. * **Non-trusted world key** @@ -77,15 +77,15 @@ The keys used to establish the CoT are: * **BL3-X keys** - For each of BL3-0, BL3-1, BL3-2 and BL3-3, the private part is used to sign - the content certificate for the BL3-X image. The public part is stored in - one of the extension fields in the corresponding key certificate. + For each of SCP_BL2, BL3-1, BL3-2 and BL3-3, the private part is used to + sign the content certificate for the BL3-X image. The public part is stored + in one of the extension fields in the corresponding key certificate. The following images are included in the CoT: * BL1 * BL2 -* BL3-0 (optional) +* SCP_BL2 (optional) * BL3-1 * BL3-3 * BL3-2 (optional) @@ -103,14 +103,15 @@ The following certificates are used to authenticate the images. public part of the trusted world key and the public part of the non-trusted world key. -* **BL3-0 key certificate** +* **SCP_BL2 key certificate** It is self-signed with the trusted world key. It contains the public part of - the BL3-0 key. + the SCP_BL2 key. -* **BL3-0 content certificate** +* **SCP_BL2 content certificate** - It is self-signed with the BL3-0 key. It contains a hash of the BL3-0 image. + It is self-signed with the SCP_BL2 key. It contains a hash of the SCP_BL2 + image. * **BL3-1 key certificate** @@ -139,8 +140,8 @@ The following certificates are used to authenticate the images. It is self-signed with the BL3-3 key. It contains a hash of the BL3-3 image. -The BL3-0 and BL3-2 certificates are optional, but they must be present if the -corresponding BL3-0 or BL3-2 images are present. +The SCP_BL2 and BL3-2 certificates are optional, but they must be present if the +corresponding SCP_BL2 or BL3-2 images are present. 3. Trusted Board Boot Sequence @@ -167,9 +168,9 @@ if any of the steps fail. registers. If the comparison succeeds, BL2 reads and saves the trusted and non-trusted world public keys from the verified certificate. -The next two steps are executed for each of the BL3-0, BL3-1 & BL3-2 images. The -steps for the optional BL3-0 and BL3-2 images are skipped if these images are -not present. +The next two steps are executed for each of the SCP_BL2, BL3-1 & BL3-2 images. +The steps for the optional SCP_BL2 and BL3-2 images are skipped if these images +are not present. * BL2 loads and verifies the BL3-x key certificate. The certificate signature is verified using the trusted world public key. If the signature diff --git a/docs/user-guide.md b/docs/user-guide.md index f921f87ab..b4ef37c2f 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -139,11 +139,11 @@ Trusted Firmware source tree and follow these steps: For more information on FIPs, see the "Firmware Image Package" section in the [Firmware Design]. -2. (Optional) Some platforms may require a BL3-0 image to boot. This image can +2. (Optional) Some platforms may require a SCP_BL2 image to boot. This image can be included in the FIP when building the Trusted Firmware by specifying the - `BL30` build option: + `SCP_BL2` build option: - BL30=/ + SCP_BL2=/ 3. Output binary files `bl1.bin` and `fip.bin` are both required to boot the system. How these files are used is platform specific. Refer to the @@ -180,8 +180,8 @@ performed. #### Common build options -* `BL30`: Path to BL3-0 image in the host file system. This image is optional. - If a BL3-0 image is present then this option must be passed for the `fip` +* `SCP_BL2`: Path to SCP_BL2 image in the host file system. This image is optional. + If a SCP_BL2 image is present then this option must be passed for the `fip` target. * `BL33`: Path to BL3-3 image in the host file system. This is mandatory for @@ -327,8 +327,8 @@ performed. specifies the file that contains the Non-Trusted World private key in PEM format. If `SAVE_KEYS=1`, this file name will be used to save the key. -* `BL30_KEY`: This option is used when `GENERATE_COT=1`. It specifies the - file that contains the BL3-0 private key in PEM format. If `SAVE_KEYS=1`, +* `SCP_BL2_KEY`: This option is used when `GENERATE_COT=1`. It specifies the + file that contains the SCP_BL2 private key in PEM format. If `SAVE_KEYS=1`, this file name will be used to save the key. * `BL31_KEY`: This option is used when `GENERATE_COT=1`. It specifies the @@ -767,7 +767,7 @@ complexity of developing EL3 baremetal code by: * putting the system into a known architectural state; * taking care of platform secure world initialization; -* loading the BL30 image if required by the platform. +* loading the SCP_BL2 image if required by the platform. When booting an EL3 payload on ARM standard platforms, the configuration of the TrustZone controller is simplified such that only region 0 is enabled and is @@ -1187,14 +1187,15 @@ deliverables on Juno][Juno Instructions]. ### Preparing Trusted Firmware images -The Juno platform requires a BL0 and a BL30 image to boot up. The BL0 image -contains the ROM firmware that runs on the SCP (System Control Processor), -whereas the BL30 image contains the SCP Runtime firmware. Both images are -embedded within the Juno board recovery image, these are the files `bl0.bin` -and `bl30.bin`. +The Juno platform requires a SCP_BL1 and a SCP_BL2 image to boot up. The +SCP_BL1 image contains the ROM firmware that runs on the SCP (System Control +Processor), whereas the SCP_BL2 image contains the SCP Runtime firmware. Both +images are embedded within the Juno board recovery image, these are the files +`bl0.bin` and `bl30.bin`, respectively. Please note that these filenames still +use the old terminology. -The BL30 file must be part of the FIP image. Therefore, its path must be -supplied using the `BL30` variable on the command line when building the +The SCP_BL2 file must be part of the FIP image. Therefore, its path must be +supplied using the `SCP_BL2` variable on the command line when building the FIP. Please refer to the section "Building the Trusted Firmware". After building Trusted Firmware, the files `bl1.bin` and `fip.bin` need copying diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index ab0243dac..6023c7849 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -230,8 +230,8 @@ static const auth_img_desc_t cot_desc[] = { } } }, - [BL30_IMAGE_ID] = { - .img_id = BL30_IMAGE_ID, + [SCP_BL2_IMAGE_ID] = { + .img_id = SCP_BL2_IMAGE_ID, .img_type = IMG_RAW, .parent = &cot_desc[SCP_FW_CONTENT_CERT_ID], .img_auth_methods = { diff --git a/include/common/firmware_image_package.h b/include/common/firmware_image_package.h index 30c550255..b97239577 100644 --- a/include/common/firmware_image_package.h +++ b/include/common/firmware_image_package.h @@ -49,7 +49,7 @@ {0xb28a4071, 0xd618, 0x4c87, 0x8b, 0x2e, {0xc6, 0xdc, 0xcd, 0x50, 0xf0, 0x96} } #define UUID_TRUSTED_BOOT_FIRMWARE_BL2 \ {0x0becf95f, 0x224d, 0x4d3e, 0xa5, 0x44, {0xc3, 0x9d, 0x81, 0xc7, 0x3f, 0x0a} } -#define UUID_SCP_FIRMWARE_BL30 \ +#define UUID_SCP_FIRMWARE_SCP_BL2 \ {0x3dfd6697, 0xbe89, 0x49e8, 0xae, 0x5d, {0x78, 0xa1, 0x40, 0x60, 0x82, 0x13} } #define UUID_EL3_RUNTIME_FIRMWARE_BL31 \ {0x6d08d447, 0xfe4c, 0x4698, 0x9b, 0x95, {0x29, 0x50, 0xcb, 0xbd, 0x5a, 0x00} } diff --git a/include/common/tbbr/tbbr_img_def.h b/include/common/tbbr/tbbr_img_def.h index 8b16639a9..ad10e2e50 100644 --- a/include/common/tbbr/tbbr_img_def.h +++ b/include/common/tbbr/tbbr_img_def.h @@ -37,8 +37,8 @@ /* Trusted Boot Firmware BL2 */ #define BL2_IMAGE_ID 1 -/* SCP Firmware BL3-0 */ -#define BL30_IMAGE_ID 2 +/* SCP Firmware SCP_BL2 */ +#define SCP_BL2_IMAGE_ID 2 /* EL3 Runtime Firmware BL31 */ #define BL31_IMAGE_ID 3 diff --git a/include/plat/arm/board/common/board_arm_oid.h b/include/plat/arm/board/common/board_arm_oid.h index bf26a48ba..cbf229006 100644 --- a/include/plat/arm/board/common/board_arm_oid.h +++ b/include/plat/arm/board/common/board_arm_oid.h @@ -127,9 +127,9 @@ * SCP Firmware Content Certificate */ -/* SCPFirmwareHash - BL30 */ +/* SCPFirmwareHash - SCP_BL2 */ #define SCP_FW_HASH_OID "1.3.6.1.4.1.4128.2100.801" -/* SCPRomPatchHash - BL0_PATCH */ +/* SCPRomPatchHash - SCP_BL1_PATCH */ #define SCP_ROM_PATCH_HASH_OID "1.3.6.1.4.1.4128.2100.802" diff --git a/include/plat/arm/css/common/css_def.h b/include/plat/arm/css/common/css_def.h index 3fa4c153d..dcc7790e2 100644 --- a/include/plat/arm/css/common/css_def.h +++ b/include/plat/arm/css/common/css_def.h @@ -82,7 +82,7 @@ * primary, according to the shift and mask definitions below. * * Note that the value stored at this address is only valid at boot time, before - * the BL3-0 image is transferred to SCP. + * the SCP_BL2 image is transferred to SCP. */ #define SCP_BOOT_CFG_ADDR (ARM_TRUSTED_SRAM_BASE + 0x80) #define PRIMARY_CPU_SHIFT 8 @@ -110,11 +110,11 @@ ************************************************************************/ /* - * Load address of BL3-0 in CSS platform ports - * BL3-0 is loaded to the same place as BL3-1. Once BL3-0 is transferred to the + * Load address of SCP_BL2 in CSS platform ports + * SCP_BL2 is loaded to the same place as BL3-1. Once SCP_BL2 is transferred to the * SCP, it is discarded and BL3-1 is loaded over the top. */ -#define BL30_BASE BL31_BASE +#define SCP_BL2_BASE BL31_BASE #define SCP_BL2U_BASE BL31_BASE diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index b3213b8f3..b6a037f28 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -166,17 +166,17 @@ void bl2_plat_set_bl33_ep_info(struct image_info *image, void bl2_plat_get_bl33_meminfo(struct meminfo *mem_info); /******************************************************************************* - * Conditionally mandatory BL2 functions: must be implemented if BL3-0 image + * Conditionally mandatory BL2 functions: must be implemented if SCP_BL2 image * is supported ******************************************************************************/ -/* Gets the memory layout for BL3-0 */ -void bl2_plat_get_bl30_meminfo(struct meminfo *mem_info); +/* Gets the memory layout for SCP_BL2 */ +void bl2_plat_get_scp_bl2_meminfo(struct meminfo *mem_info); /* - * This function is called after loading BL3-0 image and it is used to perform + * This function is called after loading SCP_BL2 image and it is used to perform * any platform-specific actions required to handle the SCP firmware. */ -int bl2_plat_handle_bl30(struct image_info *bl30_image_info); +int bl2_plat_handle_scp_bl2(struct image_info *scp_bl2_image_info); /******************************************************************************* * Conditionally mandatory BL2 functions: must be implemented if BL3-2 image diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk index 08cb4b120..00fb92c90 100644 --- a/make_helpers/build_macros.mk +++ b/make_helpers/build_macros.mk @@ -110,8 +110,8 @@ endef # FIP_ADD_IMG allows the platform to specify an image to be packed in the FIP # using a build option. It also adds a dependency on the image file, aborting # the build if the file does not exist. -# $(1) = build option to specify the image filename (BL30, BL33, etc) -# $(2) = command line option for the fip_create tool (bl30, bl33, etc) +# $(1) = build option to specify the image filename (SCP_BL2, BL33, etc) +# $(2) = command line option for the fip_create tool (scp_bl2, bl33, etc) # Example: # $(eval $(call FIP_ADD_IMG,BL33,--bl33)) define FIP_ADD_IMG diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk index eed3808ae..9b47886b7 100644 --- a/make_helpers/tbbr/tbbr_tools.mk +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -37,7 +37,7 @@ # BUILD_PLAT: output directory # NEED_BL32: indicates whether BL3-2 is needed by the platform # BL2: image filename (optional). Default is IMG_BIN(2) (see macro IMG_BIN) -# BL30: image filename (optional). Default is IMG_BIN(30) +# SCP_BL2: image filename (optional). Default is IMG_BIN(30) # BL31: image filename (optional). Default is IMG_BIN(31) # BL32: image filename (optional). Default is IMG_BIN(32) # BL33: image filename (optional). Default is IMG_BIN(33) @@ -48,7 +48,7 @@ # ROT_KEY # TRUSTED_WORLD_KEY # NON_TRUSTED_WORLD_KEY -# BL30_KEY +# SCP_BL2_KEY # BL31_KEY # BL32_KEY # BL33_KEY @@ -81,10 +81,10 @@ $(if ${BL2},$(eval $(call CERT_ADD_CMD_OPT,${BL2},--tb-fw,true)),\ $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert)) $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert)) -# Add the BL30 CoT (key cert + img cert + image) -ifneq (${BL30},) - $(eval $(call CERT_ADD_CMD_OPT,${BL30},--scp-fw,true)) - $(if ${BL30_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL30_KEY},--scp-fw-key))) +# Add the SCP_BL2 CoT (key cert + img cert + image) +ifneq (${SCP_BL2},) + $(eval $(call CERT_ADD_CMD_OPT,${SCP_BL2},--scp-fw,true)) + $(if ${SCP_BL2_KEY},$(eval $(call CERT_ADD_CMD_OPT,${SCP_BL2_KEY},--scp-fw-key))) $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/scp_fw_content.crt,--scp-fw-cert)) $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/scp_fw_key.crt,--scp-fw-key-cert)) $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/scp_fw_content.crt,--scp-fw-cert)) diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c index a44ec1d9d..0ee1b0de6 100644 --- a/plat/arm/common/arm_bl2_setup.c +++ b/plat/arm/common/arm_bl2_setup.c @@ -90,7 +90,7 @@ static bl2_to_bl31_params_mem_t bl31_params_mem; #pragma weak bl2_plat_get_bl31_ep_info #pragma weak bl2_plat_flush_bl31_params #pragma weak bl2_plat_set_bl31_ep_info -#pragma weak bl2_plat_get_bl30_meminfo +#pragma weak bl2_plat_get_scp_bl2_meminfo #pragma weak bl2_plat_get_bl32_meminfo #pragma weak bl2_plat_set_bl32_ep_info #pragma weak bl2_plat_get_bl33_meminfo @@ -235,12 +235,12 @@ void bl2_plat_arch_setup(void) } /******************************************************************************* - * Populate the extents of memory available for loading BL3-0 (if used), + * Populate the extents of memory available for loading SCP_BL2 (if used), * i.e. anywhere in trusted RAM as long as it doesn't overwrite BL2. ******************************************************************************/ -void bl2_plat_get_bl30_meminfo(meminfo_t *bl30_meminfo) +void bl2_plat_get_scp_bl2_meminfo(meminfo_t *scp_bl2_meminfo) { - *bl30_meminfo = bl2_tzram_layout; + *scp_bl2_meminfo = bl2_tzram_layout; } /******************************************************************************* diff --git a/plat/arm/common/arm_io_storage.c b/plat/arm/common/arm_io_storage.c index 56d711c0d..8c5845ce7 100644 --- a/plat/arm/common/arm_io_storage.c +++ b/plat/arm/common/arm_io_storage.c @@ -53,8 +53,8 @@ static const io_uuid_spec_t bl2_uuid_spec = { .uuid = UUID_TRUSTED_BOOT_FIRMWARE_BL2, }; -static const io_uuid_spec_t bl30_uuid_spec = { - .uuid = UUID_SCP_FIRMWARE_BL30, +static const io_uuid_spec_t scp_bl2_uuid_spec = { + .uuid = UUID_SCP_FIRMWARE_SCP_BL2, }; static const io_uuid_spec_t bl31_uuid_spec = { @@ -133,9 +133,9 @@ static const struct plat_io_policy policies[] = { (uintptr_t)&bl2_uuid_spec, open_fip }, - [BL30_IMAGE_ID] = { + [SCP_BL2_IMAGE_ID] = { &fip_dev_handle, - (uintptr_t)&bl30_uuid_spec, + (uintptr_t)&scp_bl2_uuid_spec, open_fip }, [BL31_IMAGE_ID] = { diff --git a/plat/arm/css/common/css_bl2_setup.c b/plat/arm/css/common/css_bl2_setup.c index 6054f7a56..15db8d1c2 100644 --- a/plat/arm/css/common/css_bl2_setup.c +++ b/plat/arm/css/common/css_bl2_setup.c @@ -37,25 +37,25 @@ #include "css_scp_bootloader.h" /* Weak definition may be overridden in specific CSS based platform */ -#pragma weak bl2_plat_handle_bl30 +#pragma weak bl2_plat_handle_scp_bl2 /******************************************************************************* - * Transfer BL3-0 from Trusted RAM using the SCP Download protocol. + * Transfer SCP_BL2 from Trusted RAM using the SCP Download protocol. * Return 0 on success, -1 otherwise. ******************************************************************************/ -int bl2_plat_handle_bl30(image_info_t *bl30_image_info) +int bl2_plat_handle_scp_bl2(image_info_t *scp_bl2_image_info) { int ret; - INFO("BL2: Initiating BL3-0 transfer to SCP\n"); + INFO("BL2: Initiating SCP_BL2 transfer to SCP\n"); - ret = scp_bootloader_transfer((void *)bl30_image_info->image_base, - bl30_image_info->image_size); + ret = scp_bootloader_transfer((void *)scp_bl2_image_info->image_base, + scp_bl2_image_info->image_size); if (ret == 0) - INFO("BL2: BL3-0 transferred to SCP\n"); + INFO("BL2: SCP_BL2 transferred to SCP\n"); else - ERROR("BL2: BL3-0 transfer failure\n"); + ERROR("BL2: SCP_BL2 transfer failure\n"); return ret; } @@ -72,7 +72,7 @@ void bl2_early_platform_setup(meminfo_t *mem_layout) { arm_bl2_early_platform_setup(mem_layout); - /* Save SCP Boot config before it gets overwritten by BL30 loading */ + /* Save SCP Boot config before it gets overwritten by SCP_BL2 loading */ scp_boot_config = mmio_read_32(SCP_BOOT_CFG_ADDR); VERBOSE("BL2: Saved SCP Boot config = 0x%x\n", scp_boot_config); } diff --git a/plat/arm/css/common/css_common.mk b/plat/arm/css/common/css_common.mk index 49fedc3a0..8fcfbe503 100644 --- a/plat/arm/css/common/css_common.mk +++ b/plat/arm/css/common/css_common.mk @@ -60,8 +60,8 @@ ifneq (${RESET_TO_BL31},0) Please set RESET_TO_BL31 to 0.") endif -# Subsystems require a BL30 image -$(eval $(call FIP_ADD_IMG,BL30,--bl30)) +# Subsystems require a SCP_BL2 image +$(eval $(call FIP_ADD_IMG,SCP_BL2,--scp_bl2)) # Enable option to detect whether the SCP ROM firmware in use predates version # 1.7.0 and therefore, is incompatible. diff --git a/plat/arm/css/common/css_scp_bootloader.c b/plat/arm/css/common/css_scp_bootloader.c index acc7351ce..c01f42fbd 100644 --- a/plat/arm/css/common/css_scp_bootloader.c +++ b/plat/arm/css/common/css_scp_bootloader.c @@ -118,10 +118,10 @@ int scp_bootloader_transfer(void *image, unsigned int image_size) cmd_info_payload_t *cmd_info_payload; cmd_data_payload_t *cmd_data_payload; - assert((uintptr_t) image == BL30_BASE); + assert((uintptr_t) image == SCP_BL2_BASE); if ((image_size == 0) || (image_size % 4 != 0)) { - ERROR("Invalid size for the BL3-0 image. Must be a multiple of " + ERROR("Invalid size for the SCP_BL2 image. Must be a multiple of " "4 bytes and not zero (current size = 0x%x)\n", image_size); return -1; @@ -134,7 +134,7 @@ int scp_bootloader_transfer(void *image, unsigned int image_size) mhu_secure_init(); - VERBOSE("Send info about the BL3-0 image to be transferred to SCP\n"); + VERBOSE("Send info about the SCP_BL2 image to be transferred to SCP\n"); /* * Send information about the SCP firmware image about to be transferred @@ -174,9 +174,9 @@ int scp_bootloader_transfer(void *image, unsigned int image_size) return -1; } - VERBOSE("Transferring BL3-0 image to SCP\n"); + VERBOSE("Transferring SCP_BL2 image to SCP\n"); - /* Transfer BL3-0 image to SCP */ + /* Transfer SCP_BL2 image to SCP */ scp_boot_message_start(); BOM_CMD_HEADER->id = BOOT_CMD_DATA; diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index 6d11a2773..3e4f8c57e 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -86,7 +86,7 @@ enum { /* Image file names (inputs) */ BL2_ID = 0, - BL30_ID, + SCP_BL2_ID, BL31_ID, BL32_ID, BL33_ID, @@ -105,7 +105,7 @@ enum { ROT_KEY_ID, TRUSTED_WORLD_KEY_ID, NON_TRUSTED_WORLD_KEY_ID, - BL30_KEY_ID, + SCP_BL2_KEY_ID, BL31_KEY_ID, BL32_KEY_ID, BL33_KEY_ID, diff --git a/tools/fip_create/fip_create.c b/tools/fip_create/fip_create.c index ef533c7eb..5bb716ef7 100644 --- a/tools/fip_create/fip_create.c +++ b/tools/fip_create/fip_create.c @@ -65,8 +65,8 @@ static entry_lookup_list_t toc_entry_lookup_list[] = { "fwu-cert", NULL, FLAG_FILENAME}, { "Trusted Boot Firmware BL2", UUID_TRUSTED_BOOT_FIRMWARE_BL2, "bl2", NULL, FLAG_FILENAME }, - { "SCP Firmware BL3-0", UUID_SCP_FIRMWARE_BL30, - "bl30", NULL, FLAG_FILENAME}, + { "SCP Firmware SCP_BL2", UUID_SCP_FIRMWARE_SCP_BL2, + "scp_bl2", NULL, FLAG_FILENAME}, { "EL3 Runtime Firmware BL3-1", UUID_EL3_RUNTIME_FIRMWARE_BL31, "bl31", NULL, FLAG_FILENAME}, { "Secure Payload BL3-2 (Trusted OS)", UUID_SECURE_PAYLOAD_BL32,