Re: [edk2-devel] [PATCH edk2-platforms v2 3/4] SbsaQemu: add standalone MM build instruction

Mon, 01 Mar 2021 09:23:43 -0800 

On Mon, Mar 01, 2021 at 14:19:51 +0900, Masahisa Kojima wrote:
> This commit adds the standalone MM build instruction
> to enable UEFI secure boot.
> 
> Signed-off-by: Masahisa Kojima <masahisa.koj...@linaro.org>
> ---
>  Platform/Qemu/SbsaQemu/Readme.md | 35 ++++++++++++++++++++++++++++++++
>  1 file changed, 35 insertions(+)
> 
> diff --git a/Platform/Qemu/SbsaQemu/Readme.md 
> b/Platform/Qemu/SbsaQemu/Readme.md
> index 63786d9d0fd3..cdee8b41507e 100644
> --- a/Platform/Qemu/SbsaQemu/Readme.md
> +++ b/Platform/Qemu/SbsaQemu/Readme.md
> @@ -104,6 +104,41 @@ Create a directory $WORKSPACE that would hold source 
> code of the components.
>    truncate -s 256M SBSA_FLASH[01].fd
>    ```
>  
> +## Build UEFI with standalone MM based UEFI secure boot
> +
> +1. Compile standalone MM image
> +
> +  ```
> +  cd $WORKSPACE
> +  build -b RELEASE -a AARCH64 -t GCC5 -p 
> edk2-platforms/Platform/Qemu/SbsaQemu/SbsaQemuStandaloneMM.dsc
> +  ```
> +
> +2. Compile TF-A with BL32(Secure Payload)
> +
> +  Detailed build instructions can be found on the following link:
> +  
> https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/docs/plat/qemu-sbsa.rst
> +
> +  Then copy `bl1.bin` and `fip.bin` to the the edk2-non-osi directory:
> +
> +3. Compile UEFI with UEFI secure boot enabled

Suggest replacing the first UEFI on line above with "EDK2".

/
    Leif

> +
> +  ```
> +  cd $WORKSPACE
> +  build -b RELEASE -a AARCH64 -t GCC5 -p 
> edk2-platforms/Platform/Qemu/SbsaQemu/SbsaQemu.dsc -DSECURE_BOOT_ENABLE=TRUE
> +  ```
> +
> +  Copy SBSA_FLASH0.fd and SBSA_FLASH1.fd to top $WORKSPACE directory.
> +  Then extend the file size to match the machine flash size.
> +  ```
> +  cp Build/SbsaQemu/RELEASE_GCC5/FV/SBSA_FLASH[01].fd .
> +  truncate -s 256M SBSA_FLASH[01].fd
> +  ```
> +
> +  To keep the UEFI variable storage after the succeeding build, use `dd` 
> instead of `cp`.
> +  ```
> +  dd if=./Build/SbsaQemu/RELEASE_GCC5/FV/SBSA_FLASH0.fd of=./SBSA_FLASH0.fd 
> conv=notrunc bs=2M count=8
> +  ```
> +
>  # Running
>  
>    The resulting SBSA_FLASH0.fd file will contain Secure flash0 image (TF-A 
> code).
> -- 
> 2.17.1
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72295): https://edk2.groups.io/g/devel/message/72295
Mute This Topic: https://groups.io/mt/80990867/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to