1Diphda Platform 2========================== 3 4Some of the features of the Diphda platform referenced in TF-A include: 5 6- Cortex-A35 application processor (64-bit mode) 7- Secure Enclave 8- GIC-400 9- Trusted Board Boot 10 11Boot Sequence 12------------- 13 14The board boot relies on CoT (chain of trust). The trusted-firmware-a 15BL2 is extracted from the FIP and verified by the Secure Enclave 16processor. BL2 verification relies on the signature area at the 17beginning of the BL2 image. This area is needed by the SecureEnclave 18bootloader. 19 20Then, the application processor is released from reset and starts by 21executing BL2. 22 23BL2 performs the actions described in the trusted-firmware-a TBB design 24document. 25 26Build Procedure (TF-A only) 27~~~~~~~~~~~~~~~~~~~~~~~~~~~ 28 29- Obtain AArch64 ELF bare-metal target `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_. 30 Set the CROSS_COMPILE environment variable to point to the toolchain folder. 31 32- Build TF-A: 33 34 .. code:: shell 35 36 make LD=aarch64-none-elf-ld \ 37 CC=aarch64-none-elf-gcc \ 38 V=1 \ 39 BUILD_BASE=<path to the build folder> \ 40 PLAT=diphda \ 41 SPD=spmd \ 42 SPMD_SPM_AT_SEL2=0 \ 43 DEBUG=1 \ 44 MBEDTLS_DIR=mbedtls \ 45 OPENSSL_DIR=<path to openssl usr folder> \ 46 RUNTIME_SYSROOT=<path to the sysroot> \ 47 ARCH=aarch64 \ 48 TARGET_PLATFORM=<fpga or fvp> \ 49 ENABLE_PIE=1 \ 50 BL2_AT_EL3=1 \ 51 CREATE_KEYS=1 \ 52 GENERATE_COT=1 \ 53 TRUSTED_BOARD_BOOT=1 \ 54 COT=tbbr \ 55 ARM_ROTPK_LOCATION=devel_rsa \ 56 ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \ 57 BL32=<path to optee binary> \ 58 BL33=<path to u-boot binary> \ 59 bl2 60 61*Copyright (c) 2021, Arm Limited. All rights reserved.* 62