From 99d9ce8a688b32bc2136e1efe0e5d2544d8027a3 Mon Sep 17 00:00:00 2001 From: Shruti Gupta Date: Wed, 2 Nov 2022 11:33:38 +0000 Subject: [PATCH] docs(rme): add instruction to build rmm Add documentation to build and run TF-A with RMM, Linux kernel and TFTF Realm Payload. Signed-off-by: Shruti Gupta Change-Id: I951b41a144aabe0fec16eb933d7f005a65f06fb2 --- .../components/realm-management-extension.rst | 324 ++++++++++++------ 1 file changed, 220 insertions(+), 104 deletions(-) diff --git a/docs/components/realm-management-extension.rst b/docs/components/realm-management-extension.rst index ea921fcc8..6fc0c2e25 100644 --- a/docs/components/realm-management-extension.rst +++ b/docs/components/realm-management-extension.rst @@ -95,66 +95,218 @@ Building and running TF-A with RME This section describes how you can build and run TF-A with RME enabled. We assume you have all the :ref:`Prerequisites` to build TF-A. -To enable RME, you need to set the ENABLE_RME build flag when building -TF-A. Currently, this feature is only supported for the FVP platform. - The following instructions show you how to build and run TF-A with RME -for two scenarios: TF-A with TF-A Tests, and four-world execution with -Hafnium and TF-A Tests. The instructions assume you have already obtained -TF-A. You can use the following command to clone TF-A. +for two scenarios: -.. code:: shell +- Three-world execution: TF-A with TF-A Tests or Linux. - git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git + - NS (TF-A Test or Linux), + - Root (TF-A) + - Realm (RMM or TRP) + +- Four-world execution: TF-A, Hafnium and TF-A Tests or Linux. + + - NS (TF-A Test or Linux), + - Root (TF-A) + - Realm (RMM or TRP) + - SPM (Hafnium) To run the tests, you need an FVP model. Please use the :ref:`latest version ` of *FVP_Base_RevC-2xAEMvA* model. -.. note:: +Three World Testing with TF-A Tests +************************************* - ENABLE_RME build option is currently experimental. +**1. Obtain and build TF-A Tests with Realm Payload** + +The full set of instructions to setup build host and build options for +TF-A-Tests can be found in the `TFTF Getting Started`_. -Building TF-A with TF-A Tests -******************************************** Use the following instructions to build TF-A with `TF-A Tests`_ as the non-secure payload (BL33). -**1. Obtain and build TF-A Tests** - .. code:: shell git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git cd tf-a-tests - make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 + make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 all pack_realm -This produces a TF-A Tests binary (*tftf.bin*) in the *build/fvp/debug* directory. +This produces a TF-A Tests binary (**tftf.bin**) with Realm payload packaged +and **sp_layout.json** in the **build/fvp/debug** directory. -**2. Build TF-A** +**2. Obtain and build RMM Image** + +Please refer to the `RMM Getting Started`_ on how to setup +Host Environment and build RMM. + +The below command shows how to build RMM using the default build options for FVP. .. code:: shell + git clone --recursive https://git.trustedfirmware.org/TF-RMM/tf-rmm.git + cd tf-rmm + cmake -DRMM_CONFIG=fvp_defcfg -S . -B build + cmake --build build + +This will generate **rmm.img** in **build** folder. + +**3. Build TF-A** + +The `TF-A Getting Started`_ has the necessary instructions to setup Host +machine and build TF-A. + +To build for RME, set ``ENABLE_RME`` build option to 1 and provide the path to +the RMM binary using the ``RMM`` build option. +Currently, this feature is only supported for the FVP platform. + +.. note:: + + ENABLE_RME build option is currently experimental. + +If the ``RMM`` option is not used, then the Test Realm Payload (TRP) in TF-A +will be built and used as the RMM. + +.. code:: shell + + git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git cd trusted-firmware-a make CROSS_COMPILE=aarch64-none-elf- \ PLAT=fvp \ ENABLE_RME=1 \ + RMM= \ FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ DEBUG=1 \ BL33= \ all fip -This produces *bl1.bin* and *fip.bin* binaries in the *build/fvp/debug* directory. -The above command also builds TRP. The TRP binary is packaged in *fip.bin*. +This produces **bl1.bin** and **fip.bin** binaries in the **build/fvp/debug** directory. + +Running the tests for a 3 world FVP setup +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Use the following command to run the tests on FVP. TF-A Tests should boot +and run the default tests including Realm world tests. + +.. code:: shell + + FVP_Base_RevC-2xAEMvA \ + -C bp.refcounter.non_arch_start_at_default=1 \ + -C bp.secureflashloader.fname= \ + -C bp.flashloader0.fname= \ + -C bp.refcounter.use_real_time=0 \ + -C bp.ve_sysregs.exit_on_shutdown=1 \ + -C cache_state_modelled=1 \ + -C bp.dram_size=2 \ + -C bp.secure_memory=1 \ + -C pci.pci_smmuv3.mmu.SMMU_ROOT_IDR0=3 \ + -C pci.pci_smmuv3.mmu.SMMU_ROOT_IIDR=0x43B \ + -C pci.pci_smmuv3.mmu.root_register_page_offset=0x20000 \ + -C cluster0.NUM_CORES=4 \ + -C cluster0.PA_SIZE=48 \ + -C cluster0.ecv_support_level=2 \ + -C cluster0.gicv3.cpuintf-mmap-access-level=2 \ + -C cluster0.gicv3.without-DS-support=1 \ + -C cluster0.gicv4.mask-virtual-interrupt=1 \ + -C cluster0.has_arm_v8-6=1 \ + -C cluster0.has_amu=1 \ + -C cluster0.has_branch_target_exception=1 \ + -C cluster0.rme_support_level=2 \ + -C cluster0.has_rndr=1 \ + -C cluster0.has_v8_7_pmu_extension=2 \ + -C cluster0.max_32bit_el=-1 \ + -C cluster0.stage12_tlb_size=1024 \ + -C cluster0.check_memory_attributes=0 \ + -C cluster0.ish_is_osh=1 \ + -C cluster0.restriction_on_speculative_execution=2 \ + -C cluster0.restriction_on_speculative_execution_aarch32=2 \ + -C cluster1.NUM_CORES=4 \ + -C cluster1.PA_SIZE=48 \ + -C cluster1.ecv_support_level=2 \ + -C cluster1.gicv3.cpuintf-mmap-access-level=2 \ + -C cluster1.gicv3.without-DS-support=1 \ + -C cluster1.gicv4.mask-virtual-interrupt=1 \ + -C cluster1.has_arm_v8-6=1 \ + -C cluster1.has_amu=1 \ + -C cluster1.has_branch_target_exception=1 \ + -C cluster1.rme_support_level=2 \ + -C cluster1.has_rndr=1 \ + -C cluster1.has_v8_7_pmu_extension=2 \ + -C cluster1.max_32bit_el=-1 \ + -C cluster1.stage12_tlb_size=1024 \ + -C cluster1.check_memory_attributes=0 \ + -C cluster1.ish_is_osh=1 \ + -C cluster1.restriction_on_speculative_execution=2 \ + -C cluster1.restriction_on_speculative_execution_aarch32=2 \ + -C pctl.startup=0.0.0.0 \ + -C bp.smsc_91c111.enabled=1 \ + -C bp.hostbridge.userNetworking=1 + +The bottom of the output from *uart0* should look something like the following. + +.. code-block:: shell + + ... + + > Test suite 'FF-A Interrupt' + Passed + > Test suite 'SMMUv3 tests' + Passed + > Test suite 'PMU Leakage' + Passed + > Test suite 'DebugFS' + Passed + > Test suite 'RMI and SPM tests' + Passed + > Test suite 'Realm payload at EL1' + Passed + > Test suite 'Invalid memory access' + Passed + ... + +Building TF-A with RME enabled Linux Kernel +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If an RME enabled Linux kernel and filesystem is available for testing, +and a suitable NS boot loader is not available, then this option can be used to +launch kernel directly after BL31: + +.. code-block:: shell + + cd trusted-firmware-a + make CROSS_COMPILE=aarch64-none-elf- \ + PLAT=fvp \ + ENABLE_RME=1 \ + RMM= \ + FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ + DEBUG=1 \ + ARM_LINUX_KERNEL_AS_BL33=1 \ + PRELOADED_BL33_BASE=0x84000000 \ + all fip + +Boot and run the RME enabled Linux Kernel +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Use the following additional arguments to boot the kernel on FVP. + +.. code-block:: shell + + --data cluster0.cpu0=@0x84000000 \ + -C bp.virtioblockdevice.image_path= + +.. tip:: + + Set the FVP option `cache_state_modelled=0` to run Linux based tests much faster. Four-world execution with Hafnium and TF-A Tests -**************************************************** -Four-world execution involves software components at each security state: root, +************************************************* + +Four-world execution involves software components in each security state: root, secure, realm and non-secure. This section describes how to build TF-A -with four-world support. We use TF-A as the root firmware, `Hafnium`_ as the -secure component, TRP as the realm-world firmware and TF-A Tests as the -non-secure payload. +with four-world support. -Before building TF-A, you first need to build the other software components. -You can find instructions on how to get and build TF-A Tests above. +We use TF-A as the root firmware, `Hafnium SPM`_ is the reference Secure world component +and the software components for the other 2 worlds (Realm and Non-Secure) +are as described in the previous section. **1. Obtain and build Hafnium** @@ -164,6 +316,27 @@ You can find instructions on how to get and build TF-A Tests above. cd hafnium # Use the default prebuilt LLVM/clang toolchain PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH + +Feature MTE needs to be disabled in Hafnium build, apply following patch to +project/reference submodule + +.. code:: diff + + diff --git a/BUILD.gn b/BUILD.gn + index cc6a78f..234b20a 100644 + --- a/BUILD.gn + +++ b/BUILD.gn + @@ -83,7 +83,6 @@ aarch64_toolchains("secure_aem_v8a_fvp") { + pl011_base_address = "0x1c090000" + smmu_base_address = "0x2b400000" + smmu_memory_size = "0x100000" + - enable_mte = "1" + plat_log_level = "LOG_LEVEL_INFO" + } + } + +.. code:: shell + make PROJECT=reference The Hafnium binary should be located at @@ -173,6 +346,8 @@ The Hafnium binary should be located at Build TF-A with RME as well as SPM enabled. +Use sp_layout.json previously generated in tf-a-test build. + .. code:: shell make CROSS_COMPILE=aarch64-none-elf- \ @@ -184,92 +359,33 @@ Build TF-A with RME as well as SPM enabled. BRANCH_PROTECTION=1 \ CTX_INCLUDE_PAUTH_REGS=1 \ DEBUG=1 \ - SP_LAYOUT_FILE=/build/fvp/debug/sp_layout.json> \ + SP_LAYOUT_FILE= \ BL32= \ BL33= \ + RMM= \ all fip -Running the tests -********************* -Use the following command to run the tests on FVP. TF-A Tests should boot -and run the default tests including RME tests. +Running the tests for a 4 world FVP setup +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -.. code:: shell - - FVP_Base_RevC-2xAEMvA \ - -C bp.flashloader0.fname= \ - -C bp.secureflashloader.fname= \ - -C bp.refcounter.non_arch_start_at_default=1 \ - -C bp.refcounter.use_real_time=0 \ - -C bp.ve_sysregs.exit_on_shutdown=1 \ - -C cache_state_modelled=1 \ - -C cluster0.NUM_CORES=4 \ - -C cluster0.PA_SIZE=48 \ - -C cluster0.ecv_support_level=2 \ - -C cluster0.gicv3.cpuintf-mmap-access-level=2 \ - -C cluster0.gicv3.without-DS-support=1 \ - -C cluster0.gicv4.mask-virtual-interrupt=1 \ - -C cluster0.has_arm_v8-6=1 \ - -C cluster0.has_branch_target_exception=1 \ - -C cluster0.has_rme=1 \ - -C cluster0.has_rndr=1 \ - -C cluster0.has_amu=1 \ - -C cluster0.has_v8_7_pmu_extension=2 \ - -C cluster0.max_32bit_el=-1 \ - -C cluster0.restriction_on_speculative_execution=2 \ - -C cluster0.restriction_on_speculative_execution_aarch32=2 \ - -C cluster1.NUM_CORES=4 \ - -C cluster1.PA_SIZE=48 \ - -C cluster1.ecv_support_level=2 \ - -C cluster1.gicv3.cpuintf-mmap-access-level=2 \ - -C cluster1.gicv3.without-DS-support=1 \ - -C cluster1.gicv4.mask-virtual-interrupt=1 \ - -C cluster1.has_arm_v8-6=1 \ - -C cluster1.has_branch_target_exception=1 \ - -C cluster1.has_rme=1 \ - -C cluster1.has_rndr=1 \ - -C cluster1.has_amu=1 \ - -C cluster1.has_v8_7_pmu_extension=2 \ - -C cluster1.max_32bit_el=-1 \ - -C cluster1.restriction_on_speculative_execution=2 \ - -C cluster1.restriction_on_speculative_execution_aarch32=2 \ - -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \ - -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 \ - -C bp.pl011_uart0.out_file=uart0.log \ - -C bp.pl011_uart1.out_file=uart1.log \ - -C bp.pl011_uart2.out_file=uart2.log \ - -C pctl.startup=0.0.0.0 \ - -Q 1000 \ - "$@" +Use the following arguments in addition to +`Running the tests for a 3 world FVP setup`_ to run tests for 4 world setup. -The bottom of the output from *uart0* should look something like the following. - -.. code-block:: shell - - ... - - > Test suite 'FF-A Interrupt' - Passed - > Test suite 'SMMUv3 tests' - Passed - > Test suite 'PMU Leakage' - Passed - > Test suite 'DebugFS' - Passed - > Test suite 'Realm payload tests' - Passed - > Test suite 'Invalid memory access' - Passed - ... +.. code:: shell + -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \ + -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 .. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture .. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models +.. _TF-A Getting Started: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/index.html .. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest -.. _Hafnium: https://www.trustedfirmware.org/projects/hafnium +.. _TFTF Getting Started: https://trustedfirmware-a-tests.readthedocs.io/en/latest/getting_started/index.html +.. _Hafnium SPM: https://www.trustedfirmware.org/projects/hafnium +.. _RMM Getting Started: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git/tree/docs/getting_started/index.rst -- 2.39.5