Giters

PranabNandy / Arm-Architecture

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

From Linux Driver to ATF/ TZ

PranabNandy opened this issue · comments

commented

[ Board ] ~~~~~~~~~~~~~~~~~~~~~~~~~ [ SD Card ]
ROM BL

  • It has SD driver ~~~~~~~~~~~~~~~~~ atf.elf, kernel.uz, Rpi.dtb
  • Other relevant driver initialization ~~~~~
  • Very Minimal Initialization ~~~~~~~~~~~
    ---> } Here also cpu is in EL3 i.e highest exception level
    } CPU0 will execute (Based on the entry point address of the elf file)

atf.elf :

  • First start function will execute
  • set up Vector Table
  • Then start executing the "main" function
    Screenshot from 2024-01-08 20-55-57

From ATF

  • we hardcoded the dtb file name & location ( plat/monaco_plat_def.h)

  • we send kernel (dtb, MMU ON/OFF, ELx,--)

Then kernel has dtb module that knows how to purse the DTB file

  • From dtb file , it abstract the hardcoded information

  • Like cpu-Idle driver collects the information store it in Global DT

ATF is nothing but bootloader (uses during booting) + Firmware (used to provide services during runtime)

Uboot is also like ATF

UEFI is also like ATF

Kernel --- SMC (fun1, , , ,)
=============================
ATF ---- smc_handler --> psci_handler --> core LPM || Now cluster LPM --> SCMI (CPUCP host)
=============================
CPUCP --> CPUCP target turns of Cluster as a response of SCMI

BE(Backend Sequencer) sends Hardware INT when entire system is waking up from the LPM mode

SysTick:

  • Every time when timer count becomes 0, it will generate sysTick interrupt
  • Scheduler (Not a HW but a function) will get INT, will lookup the cpu core health status and Assign some task

ROM BL can never be changed

  • ---> This one is hard coded
  • Qualcomm also has same
    • PBL
    • XBL
    • TMU (for Secure Image Checking)
    • CPCUP Image
    • HW Random No Generator IP
    • AOP Image

BE (Backend Sequencer)

  • a HW IP
    • with LPM sequence we prorgam
    • In Auto, we did in ATF
    • This HW IP only, sends signal to other sub-sys components to Manage LPM
    • It can cut off the bridge to make entire sub-symtem down

Device Driver

  • cpu-idle.c ( psci_cpu_suspend())
  • cpu-idle-psci.c
  • driver/firmware/psci.c
    { invoke_psci_fn(fn, state, 0,0) }
    This is just a function pointer
    sometime point to (1) or (2)
    (1) invoke_psci_fn_smc
    (2) invoke_psci_fn_hvc

Arm stadard

  • oh it is an exception, we need to handle it
  • Check the offset first
  • Oh, handle_sync_exception { smc_32 ~~~~ & ~~~~ smc_64 }
    ______________________atf/lib/psci/main.c & ~~~~~psci_handle

SMC

  • maintaining a Table of Handlers,
    Handler--> Based on fid, it will trigger the same SMC handler

When ATF is doing something for User Program

  • It uses its user stack (EL3_t )
    EL3_t ------------> EL0_h
    EL3_h -------------> Here it will not store the unnecessary user information

  • When Kernel is calling the smc function, ------> Then function parameter is coming
    via (X0, X1, X2,.....) registers.

SMC

  • It is nothing but an instr
  • This instr represents an Exceptions

Device Driver

  • Creating a Data Structure of Functions
  • This function mostly { static / init } function
  • { static } --> It means we can not access from outside
  • __psci_xyz as an example

They can change the printk log level via Macro

  • They don't want to print unnecessary log
  • You can change the system log level via terminal

During booting

  • We don't have any Exception/ INT
  • So, we don't need to worry about that

Debugger

  • It sets the HW breakpoint that hits only for TZ i.e Secure Side
  • Using some Trace32/ JTAG Script, we are initializing the RVBAR address of the CPU_0
  • Rest of the secondary core RVBAR address is set in ATF
  • Also where ATF, Linux, dtb will be be, is decided by t32 script {some times it is hard coded}
  • T32 debugger only loading the Image from hu-blr to DDR memory
  • Normally boot loader loads the Firmware, kernel & dtb to the respective location

RVBAR

  • Points to warm boot Entrypoints
  • Secondary core needs it
  • All cores coming from Deeper State (C4) needs it

CPU core in LPM first

Screenshot from 2024-01-08 23-53-06

Linux Kernel Internals

  • 1 Scheduler
  • n no of Governors
    All the code related to HW management goes to Dirver

If you understand one driver, dts, sysfs

  • same for cpu-idle, cpu-freq

Bootloader

  • PBL, XBL
  • TZ is a firmware

Fringer Print

  • From User take the Finger Print in a buffer, send the kernel space
  • Then encrypt it, & send to the TZ
  • It will send to SEL1(QTEE) ---> SEL0 ( Secure APPS)

If interrupts came

  • Kernel has GIC to service it for NS INT
  • TZ has secure GIC for Secure INT in ATF

a/b ==~ 1/0

  • If trap came then
  • Hardfault Handler
  • MemManage Handler
  • Bus Fault Handler
  • Usage fault Handler
  • Secure Fault Handler } All present in Vector Table