You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
248 lines
8.0 KiB
248 lines
8.0 KiB
PSA FF-A manifest binding to device tree
|
|
========================================
|
|
|
|
This document defines the nodes and properties used to define a partition,
|
|
according to the PSA FF-A specification.
|
|
|
|
Version 1.0
|
|
-----------
|
|
|
|
Partition Properties
|
|
^^^^^^^^^^^^^^^^^^^^
|
|
|
|
- compatible [mandatory]
|
|
- value type: <string>
|
|
- Must be the string "arm,ffa-manifest-X.Y" which specifies the major and
|
|
minor versions of the device tree binding for the FFA manifest represented
|
|
by this node. The minor number is incremented if the binding changes in a
|
|
backwards compatible manner.
|
|
|
|
- X is an integer representing the major version number of this document.
|
|
- Y is an integer representing the minor version number of this document.
|
|
|
|
- ffa-version [mandatory]
|
|
- value type: <u32>
|
|
- Must be two 16 bits values (X, Y), concatenated as 31:16 -> X,
|
|
15:0 -> Y, where:
|
|
|
|
- X is the major version of PSA-FF-A expected by the partition at the FFA
|
|
instance it will execute.
|
|
- Y is the minor version of PSA-FF-A expected by the partition at the FFA
|
|
instance it will execute.
|
|
|
|
- uuid [mandatory]
|
|
- value type: <prop-encoded-array>
|
|
- An array consisting of 4 <u32> values, identifying the UUID of the service
|
|
implemented by this partition. The UUID format is described in RFC 4122.
|
|
|
|
- id
|
|
- value type: <u32>
|
|
- Pre-allocated partition ID.
|
|
|
|
- auxiliary-id
|
|
- value type: <u32>
|
|
- Pre-allocated ID that could be used in memory management transactions.
|
|
|
|
- description
|
|
- value type: <string>
|
|
- Name of the partition e.g. for debugging purposes.
|
|
|
|
- execution-ctx-count [mandatory]
|
|
- value type: <u32>
|
|
- Number of vCPUs that a VM or SP wants to instantiate.
|
|
|
|
- In the absence of virtualization, this is the number of execution
|
|
contexts that a partition implements.
|
|
- If value of this field = 1 and number of PEs > 1 then the partition is
|
|
treated as UP & migrate capable.
|
|
- If the value of this field > 1 then the partition is treated as a MP
|
|
capable partition irrespective of the number of PEs.
|
|
|
|
- exception-level [mandatory]
|
|
- value type: <u32>
|
|
- The target exception level for the partition:
|
|
|
|
- 0x0: EL1
|
|
- 0x1: S_EL0
|
|
- 0x2: S_EL1
|
|
|
|
- execution-state [mandatory]
|
|
- value type: <u32>
|
|
- The target execution state of the partition:
|
|
|
|
- 0: AArch64
|
|
- 1: AArch32
|
|
|
|
- load-address
|
|
- value type: <u64>
|
|
- Physical base address of the partition in memory. Absence of this field
|
|
indicates that the partition is position independent and can be loaded at
|
|
any address chosen at boot time.
|
|
|
|
- entrypoint-offset
|
|
- value type: <u64>
|
|
- Offset from the base of the partition's binary image to the entry point of
|
|
the partition. Absence of this field indicates that the entry point is at
|
|
offset 0x0 from the base of the partition's binary.
|
|
|
|
- xlat-granule [mandatory]
|
|
- value type: <u32>
|
|
- Translation granule used with the partition:
|
|
|
|
- 0x0: 4k
|
|
- 0x1: 16k
|
|
- 0x2: 64k
|
|
|
|
- boot-order
|
|
- value type: <u32>
|
|
- A unique number amongst all partitions that specifies if this partition
|
|
must be booted before others. The partition with the smaller number will be
|
|
booted first.
|
|
|
|
- rx-tx-buffer
|
|
- value type: "memory-regions" node
|
|
- Specific "memory-regions" nodes that describe the RX/TX buffers expected
|
|
by the partition.
|
|
The "compatible" must be the string "arm,ffa-manifest-rx_tx-buffer".
|
|
|
|
- messaging-method [mandatory]
|
|
- value type: <u32>
|
|
- Specifies which messaging methods are supported by the partition:
|
|
|
|
- 0x0: direct messaging method
|
|
- 0x1: indirect messaging method
|
|
- 0x2: both direct and indirect messaging methods
|
|
|
|
- has-primary-scheduler
|
|
- value type: <empty>
|
|
- Presence of this field indicates that the partition implements the primary
|
|
scheduler. If so, run-time EL must be EL1.
|
|
|
|
- run-time-model
|
|
- value type: <u32>
|
|
- Run time model that the SPM must enforce for this SP:
|
|
|
|
- 0x0: Run to completion
|
|
- 0x1: Preemptible
|
|
|
|
- time-slice-mem
|
|
- value type: <empty>
|
|
- Presence of this field indicates that the partition doesn't expect the
|
|
partition manager to time slice long running memory management functions.
|
|
|
|
- gp-register-num
|
|
- value type: <u32>
|
|
- Presence of this field indicates that the partition expects the
|
|
ffa_init_info structure to be passed in via the specified general purpose
|
|
register.
|
|
The field specifies the general purpose register number but not its width.
|
|
The width is derived from the partition's execution state, as specified in
|
|
the partition properties. For example, if the number value is 1 then the
|
|
general-purpose register used will be x1 in AArch64 state and w1 in AArch32
|
|
state.
|
|
|
|
- stream-endpoint-ids
|
|
- value type: <prop-encoded-array>
|
|
- List of <u32> tuples, identifying the IDs this partition is acting as
|
|
proxy for.
|
|
|
|
Memory Regions
|
|
--------------
|
|
|
|
- compatible [mandatory]
|
|
- value type: <string>
|
|
- Must be the string "arm,ffa-manifest-memory-regions".
|
|
|
|
- description
|
|
- value type: <string>
|
|
- Name of the memory region e.g. for debugging purposes.
|
|
|
|
- pages-count [mandatory]
|
|
- value type: <u32>
|
|
- Count of pages of memory region as a multiple of the translation granule
|
|
size
|
|
|
|
- attributes [mandatory]
|
|
- value type: <u32>
|
|
- Mapping modes: ORed to get required permission
|
|
|
|
- 0x1: Read
|
|
- 0x2: Write
|
|
- 0x4: Execute
|
|
|
|
- base-address
|
|
- value type: <u64>
|
|
- Base address of the region. The address must be aligned to the translation
|
|
granule size.
|
|
The address given may be a Physical Address (PA), Virtual Address (VA), or
|
|
Intermediate Physical Address (IPA). Refer to the FFA specification for
|
|
more information on the restrictions around the address type.
|
|
If the base address is omitted then the partition manager must map a memory
|
|
region of the specified size into the partition's translation regime and
|
|
then communicate the region properties (including the base address chosen
|
|
by the partition manager) to the partition.
|
|
|
|
Device Regions
|
|
--------------
|
|
|
|
- compatible [mandatory]
|
|
- value type: <string>
|
|
- Must be the string "arm,ffa-manifest-device-regions".
|
|
|
|
- description
|
|
- value type: <string>
|
|
- Name of the device region e.g. for debugging purposes.
|
|
|
|
- reg [mandatory]
|
|
- value type: <prop-encoded-array>
|
|
- A (address, num-pages) pair describing the device, where:
|
|
|
|
- address: The physical base address <u64> value of the device MMIO
|
|
region.
|
|
- num-pages: The <u32> number of pages of the region. The total size of
|
|
the region is this value multiplied by the translation granule size.
|
|
|
|
- attributes [mandatory]
|
|
- value type: <u32>
|
|
- Mapping modes: ORed to get required permission
|
|
|
|
- 0x1: Read
|
|
- 0x2: Write
|
|
- 0x4: Execute
|
|
|
|
- smmu-id
|
|
- value type: <u32>
|
|
- On systems with multiple System Memory Management Units (SMMUs) this
|
|
identifier is used to inform the partition manager which SMMU the device is
|
|
upstream of. If the field is omitted then it is assumed that the device is
|
|
not upstream of any SMMU.
|
|
|
|
- stream-ids
|
|
- value type: <prop-encoded-array>
|
|
- A list of (id, mem-manage) pair, where:
|
|
|
|
- id: A unique <u32> value amongst all devices assigned to the partition.
|
|
|
|
- interrupts [mandatory]
|
|
- value type: <prop-encoded-array>
|
|
- A list of (id, attributes) pair describing the device interrupts, where:
|
|
|
|
- id: The <u32> interrupt IDs.
|
|
- attributes: A <u32> value,
|
|
containing the attributes for each interrupt ID:
|
|
|
|
- Interrupt type: SPI, PPI, SGI
|
|
- Interrupt configuration: Edge triggered, Level triggered
|
|
- Interrupt security state: Secure, Non-secure
|
|
- Interrupt priority value
|
|
- Target execution context/vCPU for each SPI
|
|
|
|
- exclusive-access
|
|
- value type: <empty>
|
|
- Presence of this field implies that this endpoint must be granted exclusive
|
|
access and ownership of this device's MMIO region.
|
|
|
|
--------------
|
|
|
|
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|