Lines Matching refs:image
59 - Retrieve the image specification (offset and length) of updated images
61 - Set these image specification in the corresponding I/O policies of the
69 and also if the system successfully booted the Normal-world image then
78 .. image:: ../resources/diagrams/PSA-FWU.png
110 :ref:`Trusted Board Boot` design document, which describes the image
137 - FWU image authentication
154 TF-A uses abbreviated image terminology for FWU images like for other TF-A
167 Each FWU image and certificate is identified by a unique ID, defined by the
168 platform, which BL1 uses to fetch an image descriptor (``image_desc_t``) via a
173 The image descriptor includes the following information:
175 - Executable or non-executable image. This indicates whether the normal world
176 is permitted to request execution of a secure world FWU image (after
179 - Secure or non-secure image. This indicates whether the image is
183 - FWU image state.
185 BL1 uses the FWU image descriptors to:
189 - Initialize the execution state of the next FWU image.
194 BL1 maintains state for each FWU image during FWU execution. FWU images at lower
196 BL1 to update its FWU image state. The BL1 image states and valid state
204 - RESET: This is the initial state of every image at the start of FWU.
206 image may yield to this state if it has completed execution.
209 - COPYING: This is the state of a secure image while BL1 is copying it
212 - COPIED: This is the state of a secure image when BL1 has completed
215 - AUTHENTICATED: This is the state of an image when BL1 has successfully
218 - EXECUTED: This is the state of a secure, executable image when BL1 has
221 - INTERRUPTED: This is the state of a secure, executable image after it has
284 This SMC passes execution control to an EL3 image described by the provided
307 if (image_id is non-secure image) return -EPERM
311 if (image destination address + image_size overflows) return -ENOMEM
315 if (image overlaps another image) return -EPERM
317 This SMC copies the secure image indicated by ``image_id`` from non-secure memory
318 to secure memory for later authentication. The image may be copied in a single
319 block or multiple blocks. In either case, the total size of the image must be
321 image; it is ignored in subsequent calls (if any) for the same image.
327 image then the former is truncated to the latter. The copy operation is then
360 if (image_id is secure image)
362 else // image_id is non-secure image
367 This SMC authenticates the image specified by ``image_id``. If the image is in the
368 RESET state, BL1 authenticates the image in place using the provided
369 ``image_addr`` and ``image_size``. If the image is a secure image in the COPIED
370 state, BL1 authenticates the image from the secure memory that BL1 previously
371 copied the image into.
374 sets the image state to AUTHENTICATED. If authentication fails then BL1 returns
375 the -EAUTH error and sets the image state back to RESET.
393 if (image_id is non-secure image) return -EPERM
394 if (image_id is non-executable image) return -EPERM
397 This SMC initiates execution of a previously authenticated image specified by
400 secure world image.
402 BL1 saves the normal world caller's context, sets the secure image state to
403 EXECUTED, and returns from exception to the secure image.
419 if (normal world caller and no INTERRUPTED secure image) return -EPERM
422 image in the EXECUTED/INTERRUPTED state.
424 For normal world callers, BL1 sets the previously interrupted secure image state
426 image state to INTERRUPTED. In either case, BL1 saves the calling world's
447 This SMC indicates completion of a previously executing secure image.
449 BL1 sets the previously executing secure image state to the RESET state,
484 if (image in EXECUTED) return -EPERM
486 This SMC sets the state of an image to RESET and zeroes the memory used by it.
488 This is only allowed if the image is not being executed.
495 .. |Flow Diagram| image:: ../resources/diagrams/fwu_flow.png
496 .. |FWU state machine| image:: ../resources/diagrams/fwu_states.png