I am trying to boot the linux by my bootloader which is running on EL3 level.(switch to EL1 when I jump to the kernel)
The trustzone is not necessay for me, so I don't want to use it.
However, I'm comfused if the arm-trusted-firmware is needed?
Some boards like Juno and Hikey have used the arm-trusted-firmware .
You always really need some secure code.
The CPU will boot to EL3 which is a secure state (ie using TrustZone) so even if all you want to do is jump to NS EL1 you will need some TrustZone code to run first. Also even if you are not using using TrustZone there are still a lot of things that need to be configured from secure code (eg the GIC) and some runtime actions that can only be done by secure code (eg flush the entire cache.)
You don't need to use Arm Trusted Firmware to do the above, you could write your own EL3 init code but that's a lot of work.
Thanks for your replay.
Can u-boot be used as the secure code?
u-boot can be boot to EL3, and some configs has been implemented . Anything else?
Glad to see your relay.
It's help for me to evaluate the design of my code for armv8.
Thank you !
your answer is also helpful for me .
Of course, any software could be secure code. That depends on your implementation.
The point is, ARM TF(Trusted-Firmware) has already implemented many features and some of which are required.
* Secure/Non-secure world switching
* PSCI interface
* Interrupt initialization
* EL3 runtime service
The recommended scenario is:
ARM TF (secure) -> UEFI/UBoot/Hypervisor (non-secure) -> OS (non-secure)
And OS calls PSCI interface for power management events (on/off/suspend/...) through "SMC" which causes a synchronous exception to EL3 at which level ARM TF runtime service (BL3-1) is running. Only secure code can access power controller.
If you don't care about secure/non-secure, and want to leave Linux to SEL1(secure-EL1). Then I think at least you need implement PSCI interface in your own firmware (whatever it's UBoot or bare-metal).
As ARM Trusted-Firmware is a standard/rich-feature/open-source software stack, so I suggest to study/use it. It will give you better compatibility for any new feature of ARM.
View all questions in TrustZone for Armv8-M forum