binman: add atf-bl1 to etypes

Some SoCs require a Trusted Firmware-A (TF-A) AP Trusted ROM (BL1) to
initialize the SoC before U-Boot can run properly. Add an atf-bl1 etype
so we can properly package BL1 into a final binary

Signed-off-by: Bryan Brattlof <bb@ti.com>
Acked-by: Simon Glass <sjg@chromium.org>

Makefile

@@ -1423,6 +1423,7 @@ cmd_binman = $(srctree)/tools/binman/binman $(if $(BINMAN_DEBUG),-D) \
 		-I . -I $(srctree) -I $(srctree)/board/$(BOARDDIR) \
 		$(foreach f,$(of_list_dirs),-I $(f)) -a of-list=$(of_list) \
 		$(foreach f,$(BINMAN_INDIRS),-I $(f)) \
+		-a atf-bl1-path=${BL1} \
 		-a atf-bl31-path=${BL31} \
 		-a tee-os-path=${TEE} \
 		-a ti-dm-path=${TI_DM} \

tools/binman/entries.rst

@@ -53,6 +53,22 @@ respecting the `bootph-xxx` tags in the devicetree.
 
 
 
+.. _etype_atf_bl1:
+
+Entry: atf-bl1: AP Trusted ROM (TF-A) BL1 blob
+-----------------------------------------------------
+
+Properties / Entry arguments:
+    - atf-bl1-path: Filename of file to read into entry. This is typically
+      called bl1.bin
+
+This entry holds the AP Trusted ROM firmware typically used by an SoC to
+help initialize the SoC before the SPL or U-Boot is started. See
+https://github.com/TrustedFirmware-A/trusted-firmware-a for more information
+about Boot Loader stage 1 (BL1) or about Trusted Firmware (TF-A)
+
+
+
 .. _etype_atf_bl31:
 
 Entry: atf-bl31: ARM Trusted Firmware (ATF) BL31 blob

tools/binman/etype/atf_bl1.py

@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: GPL-2.0+
+# Copyright 2025 Texas Instruments Incorporated
+#
+# Entry-type module for Application Processor Trusted ROM (BL1)
+#
+
+from binman.etype.blob_named_by_arg import Entry_blob_named_by_arg
+
+class Entry_atf_bl1(Entry_blob_named_by_arg):
+    """Application Processor (AP) Trusted ROM BL1 blob
+
+    Properties / Entry arguments:
+        - atf-bl1-path: Filename of file to read into entry. This is typically
+            called bl1.bin or bl1.elf
+
+    This entry holds the boot code initialization like exception vectors and
+    processor and platform initialization.
+
+    See https://github.com/TrustedFirmware-A/trusted-firmware-a for more information.
+    """
+    def __init__(self, section, etype, node):
+        super().__init__(section, etype, node, 'atf-bl1')
+        self.external = True

tools/binman/ftest.py

@@ -88,6 +88,7 @@ REFCODE_DATA          = b'refcode'
 FSP_M_DATA            = b'fsp_m'
 FSP_S_DATA            = b'fsp_s'
 FSP_T_DATA            = b'fsp_t'
+ATF_BL1_DATA         = b'bl1'
 ATF_BL31_DATA         = b'bl31'
 TEE_OS_DATA           = b'this is some tee OS data'
 TI_DM_DATA            = b'tidmtidm'
@@ -226,6 +227,7 @@ class TestFunctional(unittest.TestCase):
 
         TestFunctional._MakeInputFile('compress', COMPRESS_DATA)
         TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG)
+        TestFunctional._MakeInputFile('bl1.bin', ATF_BL1_DATA)
         TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA)
         TestFunctional._MakeInputFile('tee-pager.bin', TEE_OS_DATA)
         TestFunctional._MakeInputFile('dm.bin', TI_DM_DATA)
@@ -5575,6 +5577,11 @@ fdt         fdtmap                Extract the devicetree blob from the fdtmap
         data = self._DoReadFile('225_ti_dm.dts')
         self.assertEqual(TI_DM_DATA, data[:len(TI_DM_DATA)])
 
+    def testPackBl1(self):
+        """test if an image with a bl1 binary can be created"""
+        data = self._DoReadFile('347_bl1.dts')
+        self.assertEqual(ATF_BL1_DATA, data[:len(ATF_BL1_DATA)])
+
     def testFitFdtOper(self):
         """Check handling of a specified FIT operation"""
         entry_args = {

tools/binman/test/347_bl1.dts

@@ -0,0 +1,13 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/dts-v1/;
+
+/ {
+	#address-cells = <1>;
+	#size-cells = <1>;
+	binman {
+		atf-bl1 {
+			filename = "bl1.bin";
+		};
+	};
+};