diff mbox series

[v1] ref-manual: uboot-sign: Add how to enable ATF and TEE for U-Boot FIT image

Message ID 20241118062113.269253-1-jamin_lin@aspeedtech.com
State Rejected
Headers show
Series [v1] ref-manual: uboot-sign: Add how to enable ATF and TEE for U-Boot FIT image | expand

Commit Message

Jamin Lin Nov. 18, 2024, 6:21 a.m. UTC 
Add how to enable ATF and TEE for U-Boot FIT image
and Image Tree Source generation.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
---
 documentation/ref-manual/classes.rst   |  7 +++++
 documentation/ref-manual/variables.rst | 37 ++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)

Comments

Antonin Godard Nov. 27, 2024, 8:30 a.m. UTC | #1 
Hi Jamin,

Thank you for taking the time to document your patches. I took note of them and
will make sure to review these patches once your patches make it into master in
oecore.


Antonin
Antonin Godard March 3, 2025, 1:26 p.m. UTC | #2 
Hi Jamin,

On Mon Nov 18, 2024 at 7:21 AM CET, Jamin Lin via lists.yoctoproject.org wrote:
> Add how to enable ATF and TEE for U-Boot FIT image
> and Image Tree Source generation.

Could you tell me if this patch still up-to-date with regards to the merged
patches on OE-Core?

Thanks!
Antonin
Jamin Lin March 4, 2025, 8:44 a.m. UTC | #3 
Hi Antonin,

> From: Antonin Godard <antonin.godard@bootlin.com>
> Sent: Monday, March 3, 2025 9:27 PM
> To: Jamin Lin <jamin_lin@aspeedtech.com>; docs@lists.yoctoproject.org
> Cc: Troy Lee <troy_lee@aspeedtech.com>
> Subject: Re: [docs] [PATCH v1] ref-manual: uboot-sign: Add how to enable ATF
> and TEE for U-Boot FIT image
> 
> Hi Jamin,
> 
> On Mon Nov 18, 2024 at 7:21 AM CET, Jamin Lin via lists.yoctoproject.org
> wrote:
> > Add how to enable ATF and TEE for U-Boot FIT image and Image Tree
> > Source generation.
> 
> Could you tell me if this patch still up-to-date with regards to the merged
> patches on OE-Core?
> 
I have sent the v2 patch here, https://patchwork.yoctoproject.org/project/docs/patch/20250304083842.2828763-1-jamin_lin@aspeedtech.com/ 
Thanks-Jamin

> Thanks!
> Antonin
> 
> --
> Antonin Godard, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
diff mbox series

Patch

diff --git a/documentation/ref-manual/classes.rst b/documentation/ref-manual/classes.rst
index b92f4e4f2..82adab90f 100644
--- a/documentation/ref-manual/classes.rst
+++ b/documentation/ref-manual/classes.rst
@@ -3336,6 +3336,13 @@  The variables used by this class are:
 -  :term:`UBOOT_FITIMAGE_ENABLE`: enable the generation of a U-Boot FIT image.
 -  :term:`UBOOT_MKIMAGE_DTCOPTS`: DTC options for U-Boot ``mkimage`` when
    rebuilding the FIT image containing the kernel.
+-  :term:`UBOOT_FIT_ARM_TRUSTED_FIRMWARE`: enable ARM Trusted Firmware(ATF) image.
+-  :term:`UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE`: path of the ATF image.
+-  :term:`UBOOT_FIT_TEE`: enable Trusted Execution Environment(TEE) image.
+-  :term:`UBOOT_FIT_TEE_IMAGE`: path of the TEE image.
+-  :term:`UBOOT_FIT_USER_IMAGE`: enable users specific image.
+-  :term:`UBOOT_FIT_CONF_USER_LOADABLES`: add user specific image in the loadable
+   property of configuration node. It is a comma-separated list of strings.
 
 See U-Boot's documentation for details about `verified boot
 <https://source.denx.de/u-boot/u-boot/-/blob/master/doc/uImage.FIT/verified-boot.txt>`__
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst
index 43f4d7966..c28a03da1 100644
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -9736,6 +9736,43 @@  system and gives an overview of their function and contents.
 
       See the :ref:`ref-classes-uboot-sign` class for details.
 
+   :term:`UBOOT_FIT_ARM_TRUSTED_FIRMWARE`
+      ARM Trusted Firmware(ATF) is a reference implementation of secure world
+      software for Arm A-Profile architectures, (Armv8-A and Armv7-A), including
+      an Exception Level 3 (EL3) Secure Monitor. The variable allows to generate
+      a U-Boot FIT image with ATF image.
+
+      Its default value is "0", so set it to "1" to enable this functionality::
+
+         UBOOT_FIT_ARM_TRUSTED_FIRMWARE = "1"
+
+   :term:`UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE`
+      The path of ATF image.
+
+   :term:`UBOOT_FIT_TEE`
+      A Trusted Execution Environment(TEE) is an environment for executing code,
+      in which those executing the code can have high levels of trust in the asset
+      management of that surrounding environment. The variable allows to generate
+      a U-Boot FIT image with TEE image.
+   
+      Its default value is "0", so set it to "1" to enable this functionality::
+
+         UBOOT_FIT_TEE = "1"
+
+   :term:`UBOOT_FIT_TEE_IMAGE`
+      The path of TEE image.
+
+   :term:`UBOOT_FIT_USER_IMAGE`
+      The variable allows to generate a U-Boot FIT image with user specific image.
+
+   :term:`UBOOT_FIT_CONF_USER_LOADABLES`
+      Add user specific image in the loadable property of configuration node. It is
+      a comma-separated list of strings.
+   
+      Ex::
+      
+         UBOOT_FIT_CONF_USER_LOADABLES = '\"userA\", \"userB\"'
+
    :term:`UBOOT_LOADADDRESS`
       Specifies the load address for the U-Boot image. During U-Boot image
       creation, the :term:`UBOOT_LOADADDRESS` variable is passed as a