Trusted Firmware-A

The source code for ConnectCore MP13 TF-A is available at https://github.com/digi-embedded/arm-trusted-firmware/tree/v2.6/stm32mp/maint.

This is forked from the SoC vendor (STMicroelectronics) repo, which is itself a fork of the original repo, hosted by Linaro. This repo contains the SoC customizations by STMicroelectronics as well as Digi customizations for the SOM.

Current supported version is v2.6.

The ROM loader reads the TF-A from the boot media. If security is enabled, the ROM loader is also in charge of authenticating the TF-A image before running it.

When TF-A runs, it configures some basic clocks and the external RAM controller. It also initializes a few peripherals such as the debug UART and the PMIC.

Finally, it is responsible for loading boot stage 3 firmware (BL3):

These two items come packed on a Firmware Image Program (FIP) image file. When security is enabled, TF-A authenticates the FIP image.

Once loaded, it runs BL32 (OP-TEE).

The TF-A can manage its configuration with a device tree. This is a reduced device tree with only the hardware required for the TF-A to work.

The device tree for the ConnectCore MP13 is available at https://github.com/digi-embedded/arm-trusted-firmware/blob/v2.6/stm32mp/maint/fdts/ccmp13-dvk.dts

The recipe that builds the Trusted Firmware-A is called tf-a-stm32mp. The original recipe belongs to meta-st-stm32mp layer. Digi Embedded Yocto appends the recipe in meta-digi-arm/dynamic-layers/stm-st-stm32mp/recipes-bsp/trusted-firmware-a/tf-a-stm32mp_%.bbappend.

To build the TF-A from within a Digi Embedded Yocto project:

You can read more on TF-A implementation for the STM32MP13 at https://wiki.st.com/stm32mpu/wiki/TF-A_overview