Why does the ATF to Linux Direct boot flow fail with "ASSERT: common/desc_image_load.c:175" when ATF is built with DEBUG=1?

Description

Due to a problem during the upstreaming process of the Altera® Arm Trusted Firmware code, the ATF source code from release 24.3.1 (socfpga_v2.11.1) and later fails to launch BL31 in the ATF to Linux direct boot flow when the ATF is built in debug mode using the DEBUG=1 build switch, showing the following error triggered by an assertion:

 

ASSERT: common/desc_image_load.c:175

BACKTRACE: START: assert

0: EL3: 0xffe00b2c

1: EL3: 0xffe07a50

2: EL3: 0xffe010b4

3: EL3: 0xffe00990

4: EL3: 0xffe00a68

5: EL3: 0xffe000fc

BACKTRACE: END: assert

 

The problem resides in the NON_EXECUTABLE attribute assigned to the Linux device tree (with ID NT_FW_CONFIG_ID) in plat/intel/soc/common/bl2_plat_mem_params_desc.c file.  

The BL31, the Linux* kernel and the Linux* device tree are part of the FIP file created and the attributes of each one of the components of this file are evaluated as part of BL2 through an assertion and it is expected to be configured as EXECUTABLE.

Initially, the Altera® source code's device tree was configured as EXECUTABLE to prevent seeing the assertion, but during the upstream process, the community reviewers rejected this assignment and requested that the configuration be changed to NON_EXECUTABLE.

 

Resolution

To work around this problem, manually update the attributes of the device tree to classify this as EXECUTABLE. This is done by updating the plat/intel/soc/common/bl2_plat_mem_params_desc.c file as follows:

      .image_id = NT_FW_CONFIG_ID,

            SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,

                  VERSION_2, entry_point_info_t,

                  NON_SECURE | NON_EXECUTABLE),    ß Replace this line

                  NON_SECURE | EXECUTABLE),        ß with this line