Differences
This shows you the differences between two versions of the page.
|
ass:labs-2025:05:tasks:01 [2025/08/07 22:15] florin.stancu created |
ass:labs-2025:05:tasks:01 [2025/08/08 10:12] (current) florin.stancu |
||
|---|---|---|---|
| Line 13: | Line 13: | ||
| We will need to calculate the addresses and supply them as configuration parameters when compiling the software. | We will need to calculate the addresses and supply them as configuration parameters when compiling the software. | ||
| - | In order to get the actual physical addresses, one needs to check out the official [[https://www.nxp.com/webapp/Download?colCode=IMX8MDQLQRM|NXP iMX8MQ Reference Manual]], Chapter 2.1.2 (Cortex-A53 Memory Map, pg. 20). | + | In order to get the actual physical addresses, one needs to check out the official NXP iMX93 Reference Manual's Memory Map. |
| - | We note that the first DRAM (DDR1) is mapped at ''0x40000000'' (exactly **1GB** from the beginning the address space) and ends at ''0xFFFFFFFF'' (the difference of the two addresses totals to ''3072MB == 3 * 1024MB == 3GB''). | + | We note that the first DRAM (DDR1) is mapped at ''0x80000000'' (exactly **1GB** from the beginning the address space) and ends at ''0xFFFFFFFF'' (the difference of the two addresses totals ''2GB''). |
| - | + | ||
| - | But, since our boards only come with **2GB** of LPDDR chips installed, we need to recalculate the end of our DRAM memory region: | + | |
| - | ''DRAM_END = 0x40000000 + 2*1024^3 == 0xC0000000 (in hex)''). | + | |
| Next, you must do the math to find out the beginning of the TrustZone space: subtract ''32 + 4 = 36 MB = 36 * 1024^2'' from the end of the RAM! | Next, you must do the math to find out the beginning of the TrustZone space: subtract ''32 + 4 = 36 MB = 36 * 1024^2'' from the end of the RAM! | ||
| Line 26: | Line 23: | ||
| <code bash> | <code bash> | ||
| - | TEE_TZDRAM_START = 0xbdc00000 | + | TEE_TZDRAM_START = 0xfdc00000 |
| TEE_TZDRAM_SIZE = <32MB as number of bytes, hex is accepted!> | TEE_TZDRAM_SIZE = <32MB as number of bytes, hex is accepted!> | ||
| TEE_SHMEM_START = <calc TEE_TZDRAM_START + 32MB, resulting value as hex please> | TEE_SHMEM_START = <calc TEE_TZDRAM_START + 32MB, resulting value as hex please> | ||
| Line 41: | Line 38: | ||
| Now we're ready to run some compilation commands! | Now we're ready to run some compilation commands! | ||
| - | Clone the official [[https://github.com/OP-TEE/optee_os/|OP-TEE OS repository]] inside your working directory's root (where you have all other projects like U-Boot, ATF/TF-A, Linux kernel etc.). Suggested directory name: ''optee_os'' (well... git automatically implies it, since it's also the name of the project). | + | Clone the NXP fork [[https://github.com/nxp-imx/imx-optee-os/|imx-optee-os repository]] inside your working directory's root (where you have all other projects like U-Boot, ATF/TF-A, Linux kernel etc.). |
| Now ''cd'' into OP-TEE's freshly downloaded source dir and compile it using GNU Make! | Now ''cd'' into OP-TEE's freshly downloaded source dir and compile it using GNU Make! | ||
| Line 49: | Line 46: | ||
| * set the ''CROSS_COMPILE'' as in the labs before! | * set the ''CROSS_COMPILE'' as in the labs before! | ||
| * use the ''DEBUG'', ''CFG_TEE_BENCHMARK'' and ''CFG_TEE_CORE_LOG_LEVEL'' values from the official example; set the ''O=...'' (output directory) to wherever you like; | * use the ''DEBUG'', ''CFG_TEE_BENCHMARK'' and ''CFG_TEE_CORE_LOG_LEVEL'' values from the official example; set the ''O=...'' (output directory) to wherever you like; | ||
| - | * the ''PLATFORM'' is ''imx-mx8mqevk''; well, not really, but it's the closest one available, we start from here and override some of its configuration defaults, see next vars ;) | + | * the ''PLATFORM'' can be found exclusively inside [[https://github.com/nxp-imx/imx-optee-os/blob/lf-6.12.20_2.0.0/core/arch/arm/plat-imx/conf.mk#L515|the fork's source code]]! but there's a catch: the platform prefix must be ''imx-'', continued by model name without the leading ''i'' (check [[https://optee.readthedocs.io/en/latest/general/platforms.html|some examples here]]). |
| * set the ''CFG_TZDRAM_START'', ''CFG_TZDRAM_SIZE'', ''CFG_TEE_SHMEM_START'', ''CFG_TEE_SHMEM_SIZE'' configuration flags to the values calculated above (reminder: you can reference another Makefile variable using ''$(VARIABLE_NAME)'' syntax); | * set the ''CFG_TZDRAM_START'', ''CFG_TZDRAM_SIZE'', ''CFG_TEE_SHMEM_START'', ''CFG_TEE_SHMEM_SIZE'' configuration flags to the values calculated above (reminder: you can reference another Makefile variable using ''$(VARIABLE_NAME)'' syntax); | ||
| * finally, you will also need to pass ''CFG_DDR_SIZE=0x80000000'' (yep, that's 2GB, our board's actual installed memory). | * finally, you will also need to pass ''CFG_DDR_SIZE=0x80000000'' (yep, that's 2GB, our board's actual installed memory). | ||
| + | |||
| + | <note warning> | ||
| + | There is currently a bug inside OP-TEE that makes it unable to boot: it uses the NXP EdgeLock Enclave for TRNG generation, whose firmware does not start (and we weren't able to figure it out since its documentation is "secret" / available using NDA-only). | ||
| + | |||
| + | As workaround, we can disable the ELE RNG driver and enable a software one using the following additional make configuration options: ''CFG_WITH_SOFTWARE_PRNG=y CFG_IMX_ELE=n''. So make sure to also set them! | ||
| + | </note> | ||
| After a successful build, check the output (''O'') directory's ''core'' subdirectory for the ''tee.bin'', ''tee-raw.bin'' and many other files! | After a successful build, check the output (''O'') directory's ''core'' subdirectory for the ''tee.bin'', ''tee-raw.bin'' and many other files! | ||
| Line 70: | Line 73: | ||
| * ''SPD=opteed'' -- this is the [[https://trustedfirmware-a.readthedocs.io/en/latest/components/spd/index.html|Secure Payload Dispatcher]] module, aka: who does ATF's Secure Monitor need to talk with? Our OP-TEE, of course! | * ''SPD=opteed'' -- this is the [[https://trustedfirmware-a.readthedocs.io/en/latest/components/spd/index.html|Secure Payload Dispatcher]] module, aka: who does ATF's Secure Monitor need to talk with? Our OP-TEE, of course! | ||
| * ATF also has to know the memory region where we've put OP-TEE (set the ''BL32_BASE'' variable to lower limit, in hexadecimal); we also need to specify its total size: ''BL32_SIZE'' (remember: we allocated ''36MB'', but give it in bytes, either in base 10 or 16 using C integer notation); | * ATF also has to know the memory region where we've put OP-TEE (set the ''BL32_BASE'' variable to lower limit, in hexadecimal); we also need to specify its total size: ''BL32_SIZE'' (remember: we allocated ''36MB'', but give it in bytes, either in base 10 or 16 using C integer notation); | ||
| - | * We want ATF to print some debug messages over the first serial peripheral so, finally, set the ''LOG_LEVEL=40'' and ''IMX_BOOT_UART_BASE=0x30860000'' (if you look in iMX8MQ's Memory Map (the Reference Manual), this is the physical address of our Universal Asynchronous Transmitter/Receiver - i.e. our serial communication module!). | + | * We want ATF to print some debug messages over the first serial peripheral so, finally, set the ''LOG_LEVEL=40'' and ''%%IMX_BOOT_UART_BASE=0x44380000%%'' (if you look in iMX93's Memory Map (the Reference Manual), this is the physical address of our LPUART1 - i.e. our serial communication module!). |
| == Step 4. Rebuild the firmware image package == | == Step 4. Rebuild the firmware image package == | ||
| Line 76: | Line 79: | ||
| Before we can take a look at the fruits of our effort so far, we need to re-build the firmware package with these last two components. | Before we can take a look at the fruits of our effort so far, we need to re-build the firmware package with these last two components. | ||
| - | This is easy if you saved your mkimage script (in your Makefile). You will need JUST one additional file copied: ''tee-raw.bin'' from ''optee_os'' build output directory, ''core'' subdirectory (as mentioned in the subtask above!) inside ''mkimage'''s build directory, but rename it as ''tee.bin''. | + | This is easy if you saved your mkimage script (in your Makefile). You will need JUST one additional file copied: ''tee-raw.bin'' from ''optee'' build output directory, ''core'' subdirectory (as mentioned in the subtask above!) inside ''mkimage'''s build directory, but rename it as ''tee.bin''. |
| - | The bundled scripts will [[https://github.com/nxp-imx/imx-mkimage/blob/lf-5.15.32_2.0.0/iMX8M/mkimage_fit_atf.sh#L32|see that this file exists]] and add it to the image automatically! | + | The bundled scripts will [[https://github.com/nxp-imx/imx-mkimage/blob/lf-6.12.20_2.0.0/iMX93/soc.mak#L43|see that this file exists]] and add it to the image automatically! |
| <note warning> | <note warning> | ||
| Line 88: | Line 91: | ||
| Proceed to load this image over the serial boot protocol using the IMX ''uuu'' utility. | Proceed to load this image over the serial boot protocol using the IMX ''uuu'' utility. | ||
| - | Check the serial console (the one provided by the board's Micro USB port) for confirmation! | + | Check the serial console (the one provided by the board's DEBUG USB port) for confirmation! |
| <spoiler Example UART output> | <spoiler Example UART output> | ||
| Line 110: | Line 113: | ||
| ... | ... | ||
| # BL33 (Normal U-Boot loads afterwards, as expected) | # BL33 (Normal U-Boot loads afterwards, as expected) | ||
| - | U-Boot 2022.04-g1f940d6213 (Jul 14 2023 - 22:22:25 +0300) | + | U-Boot SPL 2024.04-dirty (Aug 06 2025 - 16:19:37 +0300) |
| - | + | SOC: 0xa1009300 | |
| - | CPU: i.MX8MQ rev2.1 1300 MHz (running at 800 MHz) | + | LC: 0x2040010 |
| - | CPU: Industrial temperature grade (-40C to 105C) at 52C | + | |
| ... | ... | ||
| </code> | </code> | ||
| </spoiler> | </spoiler> | ||
| + | |||
| + | |||
