Add Trusted Boot Firmware Configuration entry #77
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Defines a new Transfer Entry type (0x109) for passing the Trusted Boot Firmware Configuration (TB_FW_CONFIG) DT blob within the Transfer List. Includes layout table, usage description, and references the official bindings documentation. Signed-off-by: Harrison Mutai <[email protected]>
Signed-off-by: Harrison Mutai <[email protected]>
sjg20
requested changes
Sep 19, 2025
| * - tb_fw_config | ||
| - data_size | ||
| - hdr_size | ||
| - Holds a Trusted Boot Firmware Configuration file in DT format. |
Contributor
There was a problem hiding this comment.
Thanks for the link to the binding:
I think this needs to be brought into this spec, since it doesn't follow the Linux devicetree schema.
Some comments on the schema:
- As mentioned previously, the properties should have hyphens instead of underscores.
- UUIDs should be in binary format, not string, right?
- This is presumably ARM-specific so I think this should be clearly mentioned in the entry type (i.e. it would not be valid to use this on other archs)
- Should load-address be 64-bit? You should really have #address-cells etc. to indicate this
- It isn't obvious which node this properties are in. I suppose it doesn't matter, since there is a compatible string, so long as it isn't the root node
- The compatible string should be <vendor,device> so better to use than , which might be confusing
- The binding should indicate what these things are for. For example 'Platform Secure Partition Content Certificate UUID' does not impart much information. What is the certificate for and how do you create it or use it?
- For 'owner', could you enumerate value values? Is this just for logging or does it affect operation.
- The beinding refers to a 'Chain of Trust Bindings' document. It isn't clear how we decide if this needed, but if it is needed, it should be described in this spec too.
As a general comment, rather than UUIDs, perhaps strings would be more helpful for humans?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Defines a TE type for passing the Trusted Boot Firmware Configuration (TB_FW_CONFIG) DT blob. Includes layout table, usage description, and references the TF-A bindings. Note, this DT format is platform specific, unstable and only used by TF-A BL1/BL2. It's content is not expected to make it's way to subsequent firmware stages. A binding document is provided as reference for what contents might be included by a platform.