openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sources/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/boot-wrapper-aarch64_%.bbappend Normal file
View File

@@ -0,0 +1 @@
COMPATIBLE_MACHINE:fvp-base = "fvp-base"

57
sources/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb Normal file
View File

@@ -0,0 +1,57 @@
SUMMARY = "External system Cortex-M3 Firmware"
DESCRIPTION = "Firmware to be loaded and run in External System Harness in\
support to the main application CPU."
HOMEPAGE = "https://git.linaro.org/landing-teams/working/arm/external-system.git"
DEPENDS = "gcc-arm-none-eabi-native"
INHIBIT_DEFAULT_DEPS="1"
LICENSE = "BSD-3-Clause & Apache-2.0"
LIC_FILES_CHKSUM = "file://license.md;md5=e44b2531cd6ffe9dece394dbe988d9a0 \
file://cmsis/LICENSE.txt;md5=e3fc50a88d0a364313df4b21ef20c29e"
SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master \
file://0001-tools-gen_module_code-atomically-rewrite-the-generat.patch"
SRCREV = "8c9dca74b104ff6c9722fb0738ba93dd3719c080"
PV .= "+git"
COMPATIBLE_MACHINE = "(corstone1000)"
PACKAGE_ARCH = "${MACHINE_ARCH}"
# PRODUCT is passed to the Makefile to specify the platform to be used.
PRODUCT = "corstone-1000"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build"
# remove once arm-none-eabi-gcc updates to 13 or newer like poky
DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map"
LDFLAGS[unexport] = "1"
do_compile() {
oe_runmake -C ${S} V=y \
BUILD_PATH=${B} \
PRODUCT=${PRODUCT} \
CROSS_COMPILE=arm-none-eabi- \
all
}
do_compile[cleandirs] = "${B}"
do_install() {
install -D -p -m 0644 ${B}/product/${PRODUCT}/firmware/release/bin/firmware.bin ${D}${nonarch_base_libdir}/firmware/es_flashfw.bin
install -D -p -m 0644 ${B}/product/${PRODUCT}/firmware/release/bin/firmware.elf ${D}${nonarch_base_libdir}/firmware/es_flashfw.elf
}
FILES:${PN} = "${nonarch_base_libdir}/firmware/es_flashfw.bin"
FILES:${PN}-elf = "${nonarch_base_libdir}/firmware/es_flashfw.elf"
PACKAGES += "${PN}-elf"
INSANE_SKIP:${PN}-elf += "arch"
SYSROOT_DIRS += "${nonarch_base_libdir}/firmware"
inherit deploy
do_deploy() {
cp -rf ${D}${nonarch_base_libdir}/firmware/* ${DEPLOYDIR}/
}
addtask deploy after do_install

67
sources/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/0001-tools-gen_module_code-atomically-rewrite-the-generat.patch Normal file
View File

@@ -0,0 +1,67 @@
From fa5ed6204f9188134a87ac9dd569e1496759a7f6 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Tue, 8 Sep 2020 11:49:08 +0100
Subject: [PATCH] tools/gen_module_code: atomically rewrite the generated files
Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1]
Signed-off-by: Ross Burton <ross.burton@arm.com>
The gen_module rule in rules.mk is marked as .PHONY, so make will
execute it whenever it is mentioned. This results in gen_module_code
being executed 64 times for a Juno build.
However in heavily parallel builds there's a good chance that
gen_module_code is writing a file whilst the compiler is reading it
because make also doesn't know what files are generated by
gen_module_code.
The correct fix is to adjust the Makefiles so that the dependencies are
correct but this isn't trivial, so band-aid the problem by atomically
writing the generated files.
Change-Id: I82d44f9ea6537a91002e1f80de8861d208571630
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
tools/gen_module_code.py | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/tools/gen_module_code.py b/tools/gen_module_code.py
index 6bf50e0..92623a7 100755
--- a/tools/gen_module_code.py
+++ b/tools/gen_module_code.py
@@ -17,6 +17,7 @@
import argparse
import os
import sys
+import tempfile
DEFAULT_PATH = 'build/'
@@ -55,13 +56,21 @@ TEMPLATE_C = "/* This file was auto generated using {} */\n" \
def generate_file(path, filename, content):
full_filename = os.path.join(path, filename)
- with open(full_filename, 'a+') as f:
- f.seek(0)
- if f.read() != content:
+
+ try:
+ with open(full_filename) as f:
+ rewrite = f.read() != content
+ except FileNotFoundError:
+ rewrite = True
+
+ if rewrite:
+ with tempfile.NamedTemporaryFile(prefix="gen-module-code",
+ dir=path,
+ delete=False,
+ mode="wt") as f:
print("[GEN] {}...".format(full_filename))
- f.seek(0)
- f.truncate()
f.write(content)
+ os.replace(f.name, full_filename)
def generate_header(path, modules):

6
sources/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium_%.bbappend Normal file
View File

@@ -0,0 +1,6 @@
# Machine specific configurations
MACHINE_HAFNIUM_REQUIRE ?= ""
MACHINE_HAFNIUM_REQUIRE:tc = "hafnium-tc.inc"
require ${MACHINE_HAFNIUM_REQUIRE}

25
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-esp-image.bb Normal file
View File

@@ -0,0 +1,25 @@
SUMMARY = "Corstone1000 platform esp Image"
DESCRIPTION = "This builds a simple image file that only contains an esp \
partition for use when running the SystemReady IR ACS tests."
LICENSE = "MIT"
COMPATIBLE_MACHINE = "corstone1000"
# IMAGE_FSTYPES must be set before 'inherit image'
# https://docs.yoctoproject.org/ref-manual/variables.html#term-IMAGE_FSTYPES
IMAGE_FSTYPES = "wic"
inherit image
IMAGE_FEATURES = ""
IMAGE_LINGUAS = ""
PACKAGE_INSTALL = ""
# This builds a very specific image so we can ignore any customization
WKS_FILE = "efi-disk-esp-only.wks.in"
WKS_FILE:firmware = "efi-disk-esp-only.wks.in"
EXTRA_IMAGEDEPENDS = ""
# Don't write an fvp configuration file for this image as it can't run
IMAGE_POSTPROCESS_COMMAND:remove = "do_write_fvpboot_conf;"

11
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-firmware-deploy-image.inc Normal file
View File

@@ -0,0 +1,11 @@
COMPATIBLE_MACHINE = "corstone1000"
FIRMWARE_BINARIES = "corstone1000-flash-firmware-image-${MACHINE}.wic \
bl1.bin \
es_flashfw.bin \
${CAPSULE_NAME}.${CAPSULE_EXTENSION} \
corstone1000_capsule_cert.crt \
corstone1000_capsule_key.key \
"
do_deploy[mcdepends] = "mc::firmware:corstone1000-flash-firmware-image:do_image_complete"

96
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-flash-firmware-image.bb Normal file
View File

@@ -0,0 +1,96 @@
SUMMARY = "Corstone1000 platform Image"
DESCRIPTION = "This is the main image which is the container of all the binaries \
generated for the Corstone1000 platform."
LICENSE = "MIT"
COMPATIBLE_MACHINE = "corstone1000"
# IMAGE_FSTYPES must be set before 'inherit image'
# https://docs.yoctoproject.org/ref-manual/variables.html#term-IMAGE_FSTYPES
IMAGE_FSTYPES = "wic uefi_capsule"
inherit image
inherit tfm_sign_image
inherit uefi_capsule
inherit deploy
DEPENDS += "external-system \
trusted-firmware-a \
trusted-firmware-m \
u-boot \
"
IMAGE_FEATURES = ""
IMAGE_LINGUAS = ""
PACKAGE_INSTALL = ""
# The generated ${MACHINE}_image.nopt is used instead of the default wic image
# for the capsule generation. The uefi.capsule image type doesn't have to
# depend on the wic because of this.
#
# The corstone1000_capsule_cert.crt and corstone1000_capsule_key.key are installed
# by the U-Boot recipe so this recipe has to depend on that.
CAPSULE_IMGTYPE = ""
CAPSULE_CERTIFICATE_PATH = "${DEPLOY_DIR_IMAGE}/corstone1000_capsule_cert.crt"
CAPSULE_GUID:corstone1000-fvp ?= "989f3a4e-46e0-4cd0-9877-a25c70c01329"
CAPSULE_GUID:corstone1000-mps3 ?= "df1865d1-90fb-4d59-9c38-c9f2c1bba8cc"
CAPSULE_IMGLOCATION = "${DEPLOY_DIR_IMAGE}"
CAPSULE_INDEX = "1"
CAPSULE_MONOTONIC_COUNT = "1"
CAPSULE_PRIVATE_KEY_PATH = "${DEPLOY_DIR_IMAGE}/corstone1000_capsule_key.key"
UEFI_FIRMWARE_BINARY = "${B}/${MACHINE}_image.nopt"
# TF-A settings for signing host images
TFA_BL2_BINARY = "bl2-corstone1000.bin"
TFA_FIP_BINARY = "fip-corstone1000.bin"
TFA_BL2_RE_IMAGE_LOAD_ADDRESS = "0x62353000"
TFA_BL2_RE_SIGN_BIN_SIZE = "0x2d000"
TFA_FIP_RE_IMAGE_LOAD_ADDRESS = "0x68130000"
TFA_FIP_RE_SIGN_BIN_SIZE = "0x00200000"
RE_LAYOUT_WRAPPER_VERSION = "0.0.7"
TFM_SIGN_PRIVATE_KEY = "${libdir}/tfm-scripts/root-RSA-3072_1.pem"
RE_IMAGE_OFFSET = "0x1000"
# Offsets for the .nopt image generation
TFM_OFFSET = "102400"
FIP_OFFSET = "479232"
KERNEL_OFFSET = "2576384"
do_sign_images() {
# Sign TF-A BL2
sign_host_image ${RECIPE_SYSROOT}/firmware/${TFA_BL2_BINARY} \
${TFA_BL2_RE_IMAGE_LOAD_ADDRESS} ${TFA_BL2_RE_SIGN_BIN_SIZE}
# Update BL2 in the FIP image
cp ${RECIPE_SYSROOT}/firmware/${TFA_FIP_BINARY} .
fiptool update --tb-fw \
${TFM_IMAGE_SIGN_DEPLOY_DIR}/signed_${TFA_BL2_BINARY} \
${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY}
# Sign the FIP image
sign_host_image ${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY} \
${TFA_FIP_RE_IMAGE_LOAD_ADDRESS} ${TFA_FIP_RE_SIGN_BIN_SIZE}
}
do_sign_images[depends] = "\
fiptool-native:do_populate_sysroot \
"
# This .nopt image is not the same as the one which is generated by meta-arm/meta-arm/classes/wic_nopt.bbclass.
# The meta-arm/meta-arm/classes/wic_nopt.bbclass removes the partition table from the wic image, but keeps the
# second bank. This function creates a no-partition image with only the first bank.
create_nopt_image() {
dd conv=notrunc bs=1 if=${DEPLOY_DIR_IMAGE}/bl2_signed.bin of=${B}/${MACHINE}_image.nopt
dd conv=notrunc bs=1 if=${DEPLOY_DIR_IMAGE}/tfm_s_signed.bin of=${B}/${MACHINE}_image.nopt seek=${TFM_OFFSET}
dd conv=notrunc bs=1 if=${DEPLOY_DIR_IMAGE}/signed_fip-corstone1000.bin of=${B}/${MACHINE}_image.nopt seek=${FIP_OFFSET}
dd conv=notrunc bs=1 if=${DEPLOY_DIR_IMAGE}/Image.gz-initramfs-${MACHINE}.bin of=${B}/${MACHINE}_image.nopt seek=${KERNEL_OFFSET}
}
do_image_uefi_capsule[depends] += " linux-yocto:do_deploy"
do_image_uefi_capsule[mcdepends] += " ${@bb.utils.contains('BBMULTICONFIG', 'firmware', 'mc::firmware:linux-yocto:do_deploy', '', d)}"
do_image_uefi_capsule[prefuncs] += "create_nopt_image"
do_deploy() {
install -m 0755 ${B}/${MACHINE}_image.nopt ${DEPLOYDIR}
}
addtask deploy after do_image_uefi_capsule

7
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-recovery-image.bb Normal file
View File

@@ -0,0 +1,7 @@
require recipes-core/images/core-image-minimal.bb
# The core-image-minimal is used for the initramfs bundle for the
# Corstone1000 but the testimage task caused hanging errors. This is
# why the core-image-minimal is forked here so the testimage task can
# be disabled as it is not relevant for the Corstone1000.
IMAGE_CLASSES:remove = "testimage"

4
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-deploy-image.bbappend Normal file
View File

@@ -0,0 +1,4 @@
MACHINE_DEPLOY_FIRMWARE_REQUIRE ?= ""
MACHINE_DEPLOY_FIRMWARE_REQUIRE:corstone1000 = "corstone1000-firmware-deploy-image.inc"
require ${MACHINE_DEPLOY_FIRMWARE_REQUIRE}

79
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb Normal file
View File

@@ -0,0 +1,79 @@
DESCRIPTION = "Firmware Image for Juno to be copied to the Configuration \
microSD card"
LICENSE = "BSD-3-Clause"
SECTION = "firmware"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9"
INHIBIT_DEFAULT_DEPS = "1"
DEPENDS = "trusted-firmware-a virtual/kernel virtual/control-processor-firmware"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "juno"
LINARO_RELEASE = "19.06"
SRC_URI = "http://releases.linaro.org/members/arm/platforms/${LINARO_RELEASE}/juno-latest-oe-uboot.zip;subdir=${UNPACK_DIR} \
file://images-r0.txt \
file://images-r1.txt \
file://images-r2.txt \
file://uEnv.txt \
"
SRC_URI[md5sum] = "01b662b81fa409d55ff298238ad24003"
SRC_URI[sha256sum] = "b8a3909bb3bc4350a8771b863193a3e33b358e2a727624a77c9ecf13516cec82"
UNPACK_DIR = "juno-firmware-${LINARO_RELEASE}"
inherit deploy nopackages
do_configure[noexec] = "1"
do_compile[noexec] = "1"
# The ${D} is used as a temporary directory and we don't generate any
# packages for this recipe.
do_install() {
cp -a ${WORKDIR}/${UNPACK_DIR} ${D}
cp -f ${RECIPE_SYSROOT}/firmware/bl1-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/bl1.bin
cp -f ${RECIPE_SYSROOT}/firmware/fip-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/fip.bin
cp -f ${RECIPE_SYSROOT}/firmware/scp_romfw_bypass.bin \
${D}/${UNPACK_DIR}/SOFTWARE/scp_bl1.bin
# u-boot environment file
cp -f ${WORKDIR}/uEnv.txt ${D}/${UNPACK_DIR}/SOFTWARE/
# Juno images list file
cp -f ${WORKDIR}/images-r0.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262B/images.txt
cp -f ${WORKDIR}/images-r1.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262C/images.txt
cp -f ${WORKDIR}/images-r2.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262D/images.txt
}
do_deploy() {
# To avoid dependency loop between firmware-image-juno:do_install
# and virtual/kernel:do_deploy when INITRAMFS_IMAGE_BUNDLE = "1",
# we need to handle the kernel binaries copying in the do_deploy
# task.
for f in ${KERNEL_DEVICETREE}; do
install -m 755 -c ${DEPLOY_DIR_IMAGE}/$(basename $f) \
${D}/${UNPACK_DIR}/SOFTWARE/.
done
if [ "${INITRAMFS_IMAGE_BUNDLE}" -eq 1 ]; then
cp -L -f ${DEPLOY_DIR_IMAGE}/Image.gz-initramfs-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/Image
else
cp -L -f ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE} ${D}/${UNPACK_DIR}/SOFTWARE/
fi
# Compress the files
tar -C ${D}/${UNPACK_DIR} -zcvf ${WORKDIR}/${PN}.tar.gz ./
# Deploy the compressed archive to the deploy folder
install -D -p -m0644 ${WORKDIR}/${PN}.tar.gz ${DEPLOYDIR}/${PN}.tar.gz
}
do_deploy[depends] += "virtual/kernel:do_deploy"
addtask deploy after do_install

71
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r0.txt Normal file
View File

@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point

71
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r1.txt Normal file
View File

@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r1.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point

71
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r2.txt Normal file
View File

@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r2.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point

11
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/uEnv.txt Normal file
View File

@@ -0,0 +1,11 @@
uenvcmd=run mybootcmd
mybootcmd=echo Loading custom boot command; \
echo Loading kernel; \
afs load ${kernel_name} ${kernel_addr_r} ; \
if test $? -eq 1; then echo Loading ${kernel_alt_name} instead of ${kernel_name}; afs load ${kernel_alt_name} ${kernel_addr_r}; fi; \
echo Loading device tree; \
afs load ${fdtfile} ${fdt_addr_r}; \
if test $? -eq 1; then echo Loading ${fdt_alt_name} instead of ${fdtfile}; \
afs load ${fdt_alt_name} ${fdt_addr_r}; fi; fdt addr ${fdt_addr_r}; fdt resize; \
booti ${kernel_addr_r} - ${fdt_addr_r};

37
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb Normal file
View File

@@ -0,0 +1,37 @@
SUMMARY = "Board Firmware binaries for N1SDP"
SECTION = "firmware"
LICENSE = "STM-SLA0044-Rev5"
LIC_FILES_CHKSUM = "file://LICENSES/MB/STM.TXT;md5=1b74d8c842307d03c116f2d71cbf868a"
inherit deploy
INHIBIT_DEFAULT_DEPS = "1"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "n1sdp"
SRC_URI = "git://git.gitlab.arm.com/arm-reference-solutions/board-firmware.git;protocol=https;branch=n1sdp"
SRCREV = "70ba494265eee76747faff38264860c19e214540"
PV .= "+git"
S = "${WORKDIR}/git"
INSTALL_DIR = "/n1sdp-board-firmware_source"
do_install() {
rm -rf ${S}/SOFTWARE
install -d ${D}${INSTALL_DIR}
cp -Rp --no-preserve=ownership ${S}/* ${D}${INSTALL_DIR}
}
FILES:${PN}-staticdev += " ${INSTALL_DIR}/LIB/sensor.a"
FILES:${PN} = "${INSTALL_DIR}"
SYSROOT_DIRS += "${INSTALL_DIR}"
do_deploy() {
install -d ${DEPLOYDIR}${INSTALL_DIR}
cp -Rp --no-preserve=ownership ${S}/* ${DEPLOYDIR}${INSTALL_DIR}
}
addtask deploy after do_install before do_build

85
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/sdcard-image-n1sdp_0.1.bb Normal file
View File

@@ -0,0 +1,85 @@
SUMMARY = "Firmware image recipe for generating SD-Card artifacts."
inherit deploy nopackages
DEPENDS = "trusted-firmware-a \
virtual/control-processor-firmware \
n1sdp-board-firmware"
LICENSE = "MIT"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "n1sdp"
RM_WORK_EXCLUDE += "${PN}"
do_configure[noexec] = "1"
do_compile[noexec] = "1"
do_install[noexec] = "1"
FIRMWARE_DIR = "n1sdp-board-firmware_source"
PRIMARY_DIR = "${WORKDIR}/n1sdp-board-firmware_primary"
SECONDARY_DIR = "${WORKDIR}/n1sdp-board-firmware_secondary"
SOC_BINARIES = "mcp_fw.bin scp_fw.bin mcp_rom.bin scp_rom.bin"
prepare_package() {
cd ${WORKDIR}
# Master/Primary
cp -av ${RECIPE_SYSROOT}/${FIRMWARE_DIR}/* ${PRIMARY_DIR}
mkdir -p ${PRIMARY_DIR}/SOFTWARE/
# Copy FIP binary
cp -v ${RECIPE_SYSROOT}/firmware/fip.bin ${PRIMARY_DIR}/SOFTWARE/
# Copy SOC binaries
for f in ${SOC_BINARIES}; do
cp -v ${RECIPE_SYSROOT}/firmware/${f} ${PRIMARY_DIR}/SOFTWARE/
done
sed -i -e 's|^C2C_ENABLE.*|C2C_ENABLE: TRUE ;C2C enable TRUE/FALSE|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|^C2C_SIDE.*|C2C_SIDE: MASTER ;C2C side SLAVE/MASTER|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|.*SOCCON: 0x1170.*PLATFORM_CTRL.*|SOCCON: 0x1170 0x00000100 ;SoC SCC PLATFORM_CTRL|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
# Update load address for trusted boot
sed -i -e '/^IMAGE4ADDRESS:/ s|0x60200000|0x64200000|' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
sed -i -e '/^IMAGE4UPDATE:/ s|FORCE |SCP_AUTO|' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
sed -i -e '/^IMAGE4FILE: \\SOFTWARE\\/s|uefi.bin|fip.bin |' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
# Slave/Secondary
cp -av ${RECIPE_SYSROOT}/${FIRMWARE_DIR}/* ${SECONDARY_DIR}
mkdir -p ${SECONDARY_DIR}/SOFTWARE/
# Copy SOC binaries
for f in ${SOC_BINARIES}; do
cp -v ${RECIPE_SYSROOT}/firmware/${f} ${SECONDARY_DIR}/SOFTWARE/
done
sed -i -e 's|^C2C_ENABLE.*|C2C_ENABLE: TRUE ;C2C enable TRUE/FALSE|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|^C2C_SIDE.*|C2C_SIDE: SLAVE ;C2C side SLAVE/MASTER|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|.*SOCCON: 0x1170.*PLATFORM_CTRL.*|SOCCON: 0x1170 0x00000101 ;SoC SCC PLATFORM_CTRL|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e '/^TOTALIMAGES:/ s|5|4|' ${SECONDARY_DIR}/MB/HBI0316A/images.txt
sed -i -e 's|^IMAGE4|;&|' ${SECONDARY_DIR}/MB/HBI0316A/images.txt
}
do_deploy() {
# prepare Master & Slave packages
prepare_package
for dir in ${PRIMARY_DIR} ${SECONDARY_DIR}; do
dir_name=$(basename ${dir})
mkdir -p ${D}/${dir_name}
cp -av ${dir} ${D}
# Compress the files
tar -C ${D}/${dir_name} -zcvf ${DEPLOYDIR}/${dir_name}.tar.gz ./
done
}
do_deploy[dirs] += "${PRIMARY_DIR} ${SECONDARY_DIR}"
do_deploy[cleandirs] += "${PRIMARY_DIR} ${SECONDARY_DIR}"
do_deploy[umask] = "022"
addtask deploy after do_prepare_recipe_sysroot

14
sources/meta-arm/meta-arm-bsp/recipes-bsp/images/tc-artifacts-image.bb Normal file
View File

@@ -0,0 +1,14 @@
# SPDX-License-Identifier: Apache-2.0
#
# Copyright (c) 2020 Arm Limited
#
SUMMARY = "Total Compute Images"
DESCRIPTION = "Build all the images required for Total Compute platform"
LICENSE = "Apache-2.0"
COMPATIBLE_MACHINE = "(tc?)"
inherit nopackages
# The last image to be built is trusted-firmware-a
DEPENDS += " trusted-firmware-a"

15
sources/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-juno.inc Normal file
View File

@@ -0,0 +1,15 @@
# juno specific SCP configuration
COMPATIBLE_MACHINE = "juno"
FW_TARGETS = "scp"
FW_INSTALL:append = " romfw_bypass"
do_install:append() {
for TYPE in ${FW_INSTALL}; do
if [ "$TYPE" = "romfw_bypass" ]; then
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.bin" "${D}/firmware/${FW}_${TYPE}.bin"
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.elf" "${D}/firmware/${FW}_${TYPE}.elf"
fi
done
}

35
sources/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc Normal file
View File

@@ -0,0 +1,35 @@
# N1SDP specific SCP configurations and build instructions
COMPATIBLE_MACHINE:n1sdp = "n1sdp"
SCP_LOG_LEVEL = "INFO"
DEPENDS += "fiptool-native"
DEPENDS += "trusted-firmware-a"
DEPENDS += "n1sdp-board-firmware"
# The n1sdp sensor library is needed for building SCP N1SDP Platform
# https://github.com/ARM-software/SCP-firmware/tree/master/product/n1sdp
EXTRA_OECMAKE:append = " \
-DSCP_N1SDP_SENSOR_LIB_PATH=${RECIPE_SYSROOT}/n1sdp-board-firmware_source/LIB/sensor.a \
"
do_install:append() {
fiptool \
create \
--scp-fw "${D}/firmware/scp_ramfw.bin" \
--blob uuid=cfacc2c4-15e8-4668-82be-430a38fad705,file="${RECIPE_SYSROOT}/firmware/bl1.bin" \
"scp_fw.bin"
# This UUID is FIP_UUID_MCP_BL2 in SCP-Firmware.
fiptool \
create \
--blob uuid=54464222-a4cf-4bf8-b1b6-cee7dade539e,file="${D}/firmware/mcp_ramfw.bin" \
"mcp_fw.bin"
install "scp_fw.bin" "${D}/firmware/scp_fw.bin"
install "mcp_fw.bin" "${D}/firmware/mcp_fw.bin"
ln -sf "scp_romfw.bin" "${D}/firmware/scp_rom.bin"
ln -sf "mcp_romfw.bin" "${D}/firmware/mcp_rom.bin"
}

6
sources/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-sgi575.inc Normal file
View File

@@ -0,0 +1,6 @@
# SGI575 specific SCP configurations and build instructions
COMPATIBLE_MACHINE:sgi575 = "sgi575"
SCP_PRODUCT_GROUP = "neoverse-rd"
SCP_LOG_LEVEL = "INFO"

10
sources/meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware_%.bbappend Normal file
View File

@@ -0,0 +1,10 @@
# Include machine specific SCP configurations
MACHINE_SCP_REQUIRE ?= ""
MACHINE_SCP_REQUIRE:juno = "scp-firmware-juno.inc"
MACHINE_SCP_REQUIRE:n1sdp = "scp-firmware-n1sdp.inc"
MACHINE_SCP_REQUIRE:sgi575 = "scp-firmware-sgi575.inc"
MACHINE_SCP_REQUIRE:tc = "scp-firmware-tc.inc"
require ${MACHINE_SCP_REQUIRE}

29
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch Normal file
View File

@@ -0,0 +1,29 @@
From adaa22bc2f529bb34e9d4fe89ff5c65f0c83ca0c Mon Sep 17 00:00:00 2001
From: emeara01 <emekcan.aras@arm.com>
Date: Wed, 11 May 2022 14:37:06 +0100
Subject: [PATCH] Fix FF-A version in SPMC manifest
OPTEE does not support FF-A version 1.1 in SPMC at the moment.
This commit corrects the FF-A version in corstone1000_spmc_manifest.dts.
This patch will not be upstreamed and will be dropped once
OPTEE version is updated for Corstone1000.
Upstream-Status: Inappropriate
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
---
.../corstone1000/common/fdts/corstone1000_spmc_manifest.dts | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
index 8e49ab83f76a..5baa1b115b2e 100644
--- a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
+++ b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
@@ -20,7 +20,7 @@
attribute {
spmc_id = <0x8000>;
maj_ver = <0x1>;
- min_ver = <0x1>;
+ min_ver = <0x0>;
exec_state = <0x0>;
load_address = <0x0 0x2002000>;
entrypoint = <0x0 0x2002000>;

32
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-fix-corstone1000-pass-spsr-value-explicitly.patch Normal file
View File

@@ -0,0 +1,32 @@
From d70a07562d3b0a7b4441922fd3ce136565927d04 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 21 Feb 2024 07:57:36 +0000
Subject: [PATCH] fix(corstone1000): pass spsr value explicitly
Passes spsr value for BL32 (OPTEE) explicitly between different boot
stages.
Upstream-Status: Pending
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
---
.../corstone1000/common/corstone1000_bl2_mem_params_desc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c b/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
index fe521a9fa..2cc096f38 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
@@ -72,7 +72,8 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
VERSION_2, entry_point_info_t, NON_SECURE | EXECUTABLE),
.ep_info.pc = BL33_BASE,
-
+ .ep_info.spsr = SPSR_64(MODE_EL2, MODE_SP_ELX,
+ DISABLE_ALL_EXCEPTIONS),
SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
VERSION_2, image_info_t, 0),
.image_info.image_base = BL33_BASE,
--
2.25.1

54
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0003-fix-spmd-remove-EL3-interrupt-registration.patch Normal file
View File

@@ -0,0 +1,54 @@
From 684b8f88238f522b52eb102485762e02e6b1671a Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Fri, 23 Feb 2024 13:17:59 +0000
Subject: [PATCH] fix(spmd): remove EL3 interrupt registration
This configuration should not be done for corstone1000 and similar
platforms. GICv2 systems only support EL3 interrupts and can have SEL1 component
as SPMC.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Inappropriate [Discussions of fixing this in a better way is ongoing in upstream]
---
services/std_svc/spmd/spmd_main.c | 24 ------------------------
1 file changed, 24 deletions(-)
diff --git a/services/std_svc/spmd/spmd_main.c b/services/std_svc/spmd/spmd_main.c
index 066571e9b..313f05bf3 100644
--- a/services/std_svc/spmd/spmd_main.c
+++ b/services/std_svc/spmd/spmd_main.c
@@ -580,30 +580,6 @@ static int spmd_spmc_init(void *pm_addr)
panic();
}
- /*
- * Permit configurations where the SPM resides at S-EL1/2 and upon a
- * Group0 interrupt triggering while the normal world runs, the
- * interrupt is routed either through the EHF or directly to the SPMD:
- *
- * EL3_EXCEPTION_HANDLING=0: the Group0 interrupt is routed to the SPMD
- * for handling by spmd_group0_interrupt_handler_nwd.
- *
- * EL3_EXCEPTION_HANDLING=1: the Group0 interrupt is routed to the EHF.
- *
- */
-#if (EL3_EXCEPTION_HANDLING == 0)
- /*
- * Register an interrupt handler routing Group0 interrupts to SPMD
- * while the NWd is running.
- */
- rc = register_interrupt_type_handler(INTR_TYPE_EL3,
- spmd_group0_interrupt_handler_nwd,
- flags);
- if (rc != 0) {
- panic();
- }
-#endif
-
return 0;
}
--
2.25.1

92
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0004-fix-corstone1000-remove-unused-NS_SHARED_RAM-region.patch Normal file
View File

@@ -0,0 +1,92 @@
From 19600e6718e1a5b2ac8ec27d471acdafce0e433e Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Thu, 25 Apr 2024 11:30:58 +0100
Subject: [PATCH] fix(corstone1000): remove unused NS_SHARED_RAM region
After enabling additional features in Trusted Services, the size of BL32 image
(OP-TEE + Trusted Services SPs) is larger now. To create more space in secure RAM
for BL32 image, this patch removes NS_SHARED_RAM region which is not currently used by
corstone1000 platform.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending
---
.../corstone1000/common/corstone1000_plat.c | 1 -
.../common/include/platform_def.h | 19 +------------------
2 files changed, 1 insertion(+), 19 deletions(-)
diff --git a/plat/arm/board/corstone1000/common/corstone1000_plat.c b/plat/arm/board/corstone1000/common/corstone1000_plat.c
index ed3801caa..a9475859a 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_plat.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_plat.c
@@ -23,7 +23,6 @@
const mmap_region_t plat_arm_mmap[] = {
ARM_MAP_SHARED_RAM,
- ARM_MAP_NS_SHARED_RAM,
ARM_MAP_NS_DRAM1,
CORSTONE1000_MAP_DEVICE,
CORSTONE1000_EXTERNAL_FLASH,
diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
index 442d187f0..18fce4486 100644
--- a/plat/arm/board/corstone1000/common/include/platform_def.h
+++ b/plat/arm/board/corstone1000/common/include/platform_def.h
@@ -90,9 +90,6 @@
* partition size: 176 KB
* content: BL2
*
- * <ARM_NS_SHARED_RAM_BASE> = <ARM_TRUSTED_SRAM_BASE> + 1 MB
- * partition size: 512 KB
- * content: BL33 (u-boot)
*/
/* DDR memory */
@@ -117,11 +114,7 @@
/* The remaining Trusted SRAM is used to load the BL images */
#define TOTAL_SRAM_SIZE (SZ_4M) /* 4 MB */
-/* Last 512KB of CVM is allocated for shared RAM as an example openAMP */
-#define ARM_NS_SHARED_RAM_SIZE (512 * SZ_1K)
-
#define PLAT_ARM_TRUSTED_SRAM_SIZE (TOTAL_SRAM_SIZE - \
- ARM_NS_SHARED_RAM_SIZE - \
ARM_SHARED_RAM_SIZE)
#define PLAT_ARM_MAX_BL2_SIZE (180 * SZ_1K) /* 180 KB */
@@ -160,11 +153,6 @@
/* NS memory */
-/* The last 512KB of the SRAM is allocated as shared memory */
-#define ARM_NS_SHARED_RAM_BASE (ARM_TRUSTED_SRAM_BASE + TOTAL_SRAM_SIZE - \
- (PLAT_ARM_MAX_BL31_SIZE + \
- PLAT_ARM_MAX_BL32_SIZE))
-
#define BL33_BASE ARM_DRAM1_BASE
#define PLAT_ARM_MAX_BL33_SIZE (12 * SZ_1M) /* 12 MB*/
#define BL33_LIMIT (ARM_DRAM1_BASE + PLAT_ARM_MAX_BL33_SIZE)
@@ -266,7 +254,7 @@
#define PLAT_ARM_TRUSTED_MAILBOX_BASE ARM_TRUSTED_SRAM_BASE
#define PLAT_ARM_NSTIMER_FRAME_ID U(1)
-#define PLAT_ARM_NS_IMAGE_BASE (ARM_NS_SHARED_RAM_BASE)
+#define PLAT_ARM_NS_IMAGE_BASE (BL33_BASE)
#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
@@ -295,11 +283,6 @@
ARM_SHARED_RAM_SIZE, \
MT_MEMORY | MT_RW | MT_SECURE)
-#define ARM_MAP_NS_SHARED_RAM MAP_REGION_FLAT( \
- ARM_NS_SHARED_RAM_BASE, \
- ARM_NS_SHARED_RAM_SIZE, \
- MT_MEMORY | MT_RW | MT_NS)
-
#define ARM_MAP_NS_DRAM1 MAP_REGION_FLAT( \
ARM_NS_DRAM1_BASE, \
ARM_NS_DRAM1_SIZE, \
--
2.25.1

46
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0005-fix-corstone1000-clean-the-cache-and-disable-interru.patch Normal file
View File

@@ -0,0 +1,46 @@
From 37f92eeb4361626072e690adb3b0bb20db7c2fca Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 15 May 2024 13:54:51 +0100
Subject: [PATCH] fix(corstone1000): clean the cache and disable interrupt
before system reset
Corstone1000 does not properly clean the cache and disable gic interrupts
before the reset. This causes a race condition especially in FVP after reset.
This adds proper sequence before resetting the platform.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending
---
plat/arm/board/corstone1000/common/corstone1000_pm.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/plat/arm/board/corstone1000/common/corstone1000_pm.c b/plat/arm/board/corstone1000/common/corstone1000_pm.c
index 4b0a791e7..a52e945bf 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_pm.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_pm.c
@@ -7,6 +7,7 @@
#include <lib/psci/psci.h>
#include <plat/arm/common/plat_arm.h>
#include <platform_def.h>
+#include <drivers/arm/gicv2.h>
/*******************************************************************************
* Export the platform handlers via plat_arm_psci_pm_ops. The ARM Standard
* platform layer will take care of registering the handlers with PSCI.
@@ -18,6 +19,14 @@ static void __dead2 corstone1000_system_reset(void)
uint32_t volatile * const watchdog_ctrl_reg = (uint32_t *) SECURE_WATCHDOG_ADDR_CTRL_REG;
uint32_t volatile * const watchdog_val_reg = (uint32_t *) SECURE_WATCHDOG_ADDR_VAL_REG;
+ /* Flush and invalidate data cache */
+ dcsw_op_all(DCCISW);
+ /*
+ * Disable GIC CPU interface to prevent pending interrupt
+ * from waking up the AP from WFI.
+ */
+ gicv2_cpuif_disable();
+
*(watchdog_val_reg) = SECURE_WATCHDOG_COUNTDOWN_VAL;
*watchdog_ctrl_reg = SECURE_WATCHDOG_MASK_ENABLE;
while (1) {
--
2.25.1

64
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/fvp-base/0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch Normal file
View File

@@ -0,0 +1,64 @@
From b79d3cf319cc5698311ef83247110c93d3c2de2c Mon Sep 17 00:00:00 2001
Message-Id: <b79d3cf319cc5698311ef83247110c93d3c2de2c.1695834344.git.diego.sueiro@arm.com>
From: Diego Sueiro <diego.sueiro@arm.com>
Date: Wed, 27 Sep 2023 18:05:26 +0100
Subject: [PATCH] fdts/fvp-base: Add stdout-path and virtio net and rng nodes
Upstream-Status: Pending
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
---
fdts/fvp-base-psci-common.dtsi | 8 ++++++--
fdts/rtsm_ve-motherboard.dtsi | 12 ++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/fdts/fvp-base-psci-common.dtsi b/fdts/fvp-base-psci-common.dtsi
index 79cf37d3b0..b1ba5ce703 100644
--- a/fdts/fvp-base-psci-common.dtsi
+++ b/fdts/fvp-base-psci-common.dtsi
@@ -30,7 +30,9 @@
#if (ENABLE_RME == 1)
chosen { bootargs = "console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda ip=on";};
#else
- chosen {};
+ chosen {
+ stdout-path = &v2m_serial0;
+ };
#endif
aliases {
@@ -243,6 +245,8 @@
<0 0 39 &gic 0 GIC_SPI 39 IRQ_TYPE_LEVEL_HIGH>,
<0 0 40 &gic 0 GIC_SPI 40 IRQ_TYPE_LEVEL_HIGH>,
<0 0 41 &gic 0 GIC_SPI 41 IRQ_TYPE_LEVEL_HIGH>,
- <0 0 42 &gic 0 GIC_SPI 42 IRQ_TYPE_LEVEL_HIGH>;
+ <0 0 42 &gic 0 GIC_SPI 42 IRQ_TYPE_LEVEL_HIGH>,
+ <0 0 44 &gic 0 GIC_SPI 44 IRQ_TYPE_LEVEL_HIGH>,
+ <0 0 46 &gic 0 GIC_SPI 46 IRQ_TYPE_LEVEL_HIGH>;
};
};
diff --git a/fdts/rtsm_ve-motherboard.dtsi b/fdts/rtsm_ve-motherboard.dtsi
index 0a824b349a..21a083a51a 100644
--- a/fdts/rtsm_ve-motherboard.dtsi
+++ b/fdts/rtsm_ve-motherboard.dtsi
@@ -230,6 +230,18 @@
interrupts = <42>;
};
+ virtio@150000 {
+ compatible = "virtio,mmio";
+ reg = <0x150000 0x200>;
+ interrupts = <44>;
+ };
+
+ virtio@200000 {
+ compatible = "virtio,mmio";
+ reg = <0x200000 0x200>;
+ interrupts = <46>;
+ };
+
rtc@170000 {
compatible = "arm,pl031", "arm,primecell";
reg = <0x170000 0x1000>;
--
2.39.1

116
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/fvp-base/optee_spmc_maifest.dts Normal file
View File

@@ -0,0 +1,116 @@
/* SPDX-License-Identifier: BSD-3-Clause */
/*
* Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*/
/*
* The content of the SPMC manifest may depend on integration settings like the
* set of deployed SP. This information lives in the integration system and
* hence this file should be store in meta-arm. This avoids indirect
* dependencies between integration systems using the same file which would
* enforce some from of cooperation.
*/
/dts-v1/;
/ {
compatible = "arm,ffa-core-manifest-1.0";
#address-cells = <2>;
#size-cells = <1>;
attribute {
spmc_id = <0x8000>;
maj_ver = <0x1>;
min_ver = <0x0>;
exec_state = <0x0>;
load_address = <0x0 0x6000000>;
entrypoint = <0x0 0x6000000>;
binary_size = <0x80000>;
};
/*
* This file will be preprocessed by TF-A's build system. If Measured Boot is
* enabled in TF-A's config, the build system will add the MEASURED_BOOT=1 macro
* to the preprocessor arguments.
*/
#if MEASURED_BOOT
tpm_event_log {
compatible = "arm,tpm_event_log";
tpm_event_log_addr = <0x0 0x0>;
tpm_event_log_size = <0x0>;
tpm_event_log_max_size = <0x0>;
};
#endif
/* If the ARM_BL2_SP_LIST_DTS is defined, SPs should be loaded from FIP */
#ifdef ARM_BL2_SP_LIST_DTS
sp_packages {
compatible = "arm,sp_pkg";
#if !SPMC_TESTS
block_storage {
uuid = <0x806e6463 0x2f4652eb 0xdf8c4fac 0x9c518739>;
load-address = <0x0 0x7a00000>;
};
internal_trusted_storage {
uuid = <0x48ef1edc 0xcf4c7ab1 0xcfdf8bac 0x141b71f7>;
load-address = <0x0 0x7a80000>;
};
protected_storage_sp {
uuid = <0x01f81b75 0x6847de3d 0x100f14a5 0x9017edae>;
load-address = <0x0 0x7b00000>;
};
crypto_sp {
uuid = <0xd552dfd9 0xb24ba216 0x6dd2a49a 0xc0e8843b>;
load-address = <0x0 0x7b80000>;
};
#if MEASURED_BOOT
initial_attestation_sp {
uuid = <0x55f1baa1 0x95467688 0x95547c8f 0x74b98d5e>;
load-address = <0x0 0x7c80000>;
};
#endif
#if TS_SMM_GATEWAY
smm_gateway {
uuid = <0x33d532ed 0x0942e699 0x722dc09c 0xa798d9cd>;
load-address = <0x0 0x7d00000>;
};
#endif /* TS_SMM_GATEWAY */
#if TS_FW_UPDATE
fwu {
uuid = <0x38a82368 0x0e47061b 0xce0c7497 0xfd53fb8b>;
load-address = <0x0 0x7d80000>;
};
#endif /* TS_FW_UPDATE */
#else /* SPMC_TESTS */
test_sp1 {
uuid = <0xc3db9e5c 0x67433a7b 0x197c839f 0x376ae81a>;
load-address = <0x0 0x7a00000>;
};
test_sp2 {
uuid = <0x4c161778 0x1a4d0cc4 0xb29b7a86 0x1af48c27>;
load-address = <0x0 0x7a20000>;
};
test_sp3 {
uuid = <0x0001eb23 0x97442ae3 0x112f5290 0xa6af84e5>;
load-address = <0x0 0x7a40000>;
};
test_sp4 {
/* SP binary UUID */
uuid = <0xed623742 0x6f407277 0x270cd899 0xf8bb0ada>;
load-address = <0x0 0x7a80000>;
};
#endif /* SPMC_TESTS */
};
#endif /* ARM_BL2_SP_LIST_DTS */
};

42
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch Normal file
View File

@@ -0,0 +1,42 @@
From 2d305094f8f500362079e9e7637d46129bf980e4 Mon Sep 17 00:00:00 2001
From: Adam Johnston <adam.johnston@arm.com>
Date: Tue, 25 Jul 2023 16:05:51 +0000
Subject: [PATCH] n1sdp: Reserve OP-TEE memory from NWd
The physical memory which is used to run OP-TEE on the N1SDP is known
to the secure world via TOS_FW_CONFIG, but it may not be known to the
normal world.
As a precaution, explicitly reserve this memory via NT_FW_CONFIG to
prevent the normal world from using it. This is not required on most
platforms as the Trusted OS is run from secure RAM.
Upstream-Status: Pending (not yet submitted to upstream)
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
---
plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
index da5e04ddb6..b7e2d4e86f 100644
--- a/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
+++ b/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts
@@ -20,4 +20,16 @@
local-ddr-size = <0x0>;
remote-ddr-size = <0x0>;
};
+
+ reserved-memory {
+ #address-cells = <2>;
+ #size-cells = <2>;
+ ranges;
+
+ optee@0xDE000000 {
+ compatible = "removed-dma-pool";
+ reg = <0x0 0xDE000000 0x0 0x02000000>;
+ no-map;
+ };
+ };
};
\ No newline at end of file

46
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-n1sdp-tftf-tests-to-skip.patch Normal file
View File

@@ -0,0 +1,46 @@
From cc0153b56d634aa80b740be5afed15bedb94a2c9 Mon Sep 17 00:00:00 2001
From: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Date: Tue, 23 Jan 2024 14:19:39 +0000
Subject: [PATCH] n1sdp patch tests to skip
Upstream-Status: Pending
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
---
plat/arm/n1sdp/tests_to_skip.txt | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/plat/arm/n1sdp/tests_to_skip.txt b/plat/arm/n1sdp/tests_to_skip.txt
index b6e87bf..1848408 100644
--- a/plat/arm/n1sdp/tests_to_skip.txt
+++ b/plat/arm/n1sdp/tests_to_skip.txt
@@ -11,7 +11,7 @@ SMMUv3 tests
PSCI CPU Suspend in OSI mode
# PSCI is enabled but not tested
-PSCI STAT/Stats test cases after system suspend
+PSCI STAT
PSCI System Suspend Validation
# Disable FF-A Interrupt tests as TWDOG is not supported by TC platform
@@ -25,9 +25,14 @@ FF-A Interrupt
# files in TFTF, since the port was done purely to test the spectre workaround
# performance impact. Once that was done no further work was done on the port.
-Timer framework Validation/Target timer to a power down cpu
-Timer framework Validation/Test scenario where multiple CPUs call same timeout
-Timer framework Validation/Stress test the timer framework
+Timer framework Validation
PSCI Affinity Info/Affinity info level0 powerdown
PSCI CPU Suspend
-PSCI STAT/for valid composite state CPU suspend
+Framework Validation/NVM serialisation
+Framework Validation/Events API
+Boot requirement tests
+CPU Hotplug
+ARM_ARCH_SVC/SMCCC_ARCH_WORKAROUND_1 test
+ARM_ARCH_SVC/SMCCC_ARCH_WORKAROUND_2 test
+ARM_ARCH_SVC/SMCCC_ARCH_WORKAROUND_3 test
+FF-A Power management
--
2.34.1

30
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0002-Modify-BL32-Location-to-DDR4.patch Normal file
View File

@@ -0,0 +1,30 @@
From 15dab90c3cb8e7677c4f953c2269e8ee1afa01b0 Mon Oct 2 13:45:43 2023
From: Mariam Elshakfy <mariam.elshakfy@arm.com>
Date: Mon, 2 Oct 2023 13:45:43 +0000
Subject: [PATCH] Modify BL32 Location to DDR4
Since OP-TEE start address is changed to run
from DDR4, this patch changes BL32 entrypoint
to the correct one.
Upstream-Status: Pending (not yet submitted to upstream)
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
---
plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts b/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts
index ed870803c..797dfe3a4 100644
--- a/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts
+++ b/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts
@@ -22,8 +22,8 @@
maj_ver = <0x1>;
min_ver = <0x0>;
exec_state = <0x0>;
- load_address = <0x0 0x08000000>;
- entrypoint = <0x0 0x08000000>;
+ load_address = <0x0 0xDE000000>;
+ entrypoint = <0x0 0xDE000000>;
binary_size = <0x2000000>;
};

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0003-Modify-SPMC-Base-to-DDR4.patch Normal file
View File

@@ -0,0 +1,28 @@
From 9a1d11b9fbadf740c73aee6dca4fd0370b38e4a8 Tue Oct 3 13:49:13 2023
From: Mariam Elshakfy <mariam.elshakfy@arm.com>
Date: Tue, 3 Oct 2023 13:49:13 +0000
Subject: [PATCH] Modify SPMC Base to DDR4
Since OP-TEE start address is changed to run
from DDR4, this patch changes SPMC base to
the correct one.
Upstream-Status: Pending (not yet submitted to upstream)
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
---
plat/arm/board/n1sdp/include/platform_def.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plat/arm/board/n1sdp/include/platform_def.h b/plat/arm/board/n1sdp/include/platform_def.h
index b3799a7b2..b12c61b61 100644
--- a/plat/arm/board/n1sdp/include/platform_def.h
+++ b/plat/arm/board/n1sdp/include/platform_def.h
@@ -118,7 +118,7 @@
#define PLAT_ARM_MAX_BL31_SIZE UL(0x40000)
-#define PLAT_ARM_SPMC_BASE U(0x08000000)
+#define PLAT_ARM_SPMC_BASE U(0xDE000000)
#define PLAT_ARM_SPMC_SIZE UL(0x02000000) /* 32 MB */

45
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/rwx-segments.patch Normal file
View File

@@ -0,0 +1,45 @@
From 051c723a6463a579b05dcaa81f204516737a3645 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Wed, 9 Aug 2023 15:56:03 -0400
Subject: [PATCH] Binutils 2.39 now warns when a segment has RXW
permissions[1]:
aarch64-none-elf-ld.bfd: warning: bl31.elf has a LOAD segment with RWX
permissions
However, TF-A passes --fatal-warnings to LD, so this is a build failure.
There is a ticket filed upstream[2], so until that is resolved just
remove --fatal-warnings.
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
[2] https://developer.trustedfirmware.org/T996
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index 1ddb7b84417d..9eae30c923ec 100644
--- a/Makefile
+++ b/Makefile
@@ -425,7 +425,7 @@ TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
# LD = gcc (used when GCC LTO is enabled)
else ifneq ($(findstring gcc,$(notdir $(LD))),)
# Pass ld options with Wl or Xlinker switches
-TF_LDFLAGS += -Wl,--fatal-warnings -O1
+TF_LDFLAGS += -O1
TF_LDFLAGS += -Wl,--gc-sections
ifeq ($(ENABLE_LTO),1)
ifeq (${ARCH},aarch64)
@@ -442,7 +442,7 @@ TF_LDFLAGS += $(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
# LD = gcc-ld (ld) or llvm-ld (ld.lld) or other
else
-TF_LDFLAGS += --fatal-warnings -O1
+TF_LDFLAGS += -O1
TF_LDFLAGS += --gc-sections
# ld.lld doesn't recognize the errata flags,
# therefore don't add those in that case

63
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tc/generate_metadata.py Normal file
View File

@@ -0,0 +1,63 @@
#!/usr/bin/env python3
# Copyright (c) 2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
import argparse
import uuid
import zlib
def main(metadata_file, img_type_uuids, location_uuids, img_uuids):
def add_field_to_metadata(value):
# Write the integer values to file in little endian representation
with open(metadata_file, "ab") as fp:
fp.write(value.to_bytes(4, byteorder='little'))
def add_uuid_to_metadata(uuid_str):
# Validate UUID string and write to file in little endian representation
uuid_val = uuid.UUID(uuid_str)
with open(metadata_file, "ab") as fp:
fp.write(uuid_val.bytes_le)
# Fill metadata preamble
add_field_to_metadata(1) #version=1
add_field_to_metadata(0) #active_index=0
add_field_to_metadata(0) #previous_active_index=0
for img_type_uuid, location_uuid in zip(img_type_uuids, location_uuids):
# Fill metadata image entry
add_uuid_to_metadata(img_type_uuid) # img_type_uuid
add_uuid_to_metadata(location_uuid) # location_uuid
for img_uuid in img_uuids:
# Fill metadata bank image info
add_uuid_to_metadata(img_uuid) # image unique bank_uuid
add_field_to_metadata(1) # accepted=1
add_field_to_metadata(0) # reserved (MBZ)
# Prepend CRC32
with open(metadata_file, 'rb+') as fp:
content = fp.read()
crc = zlib.crc32(content)
fp.seek(0)
fp.write(crc.to_bytes(4, byteorder='little') + content)
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument('--metadata_file', required=True,
help='Output binary file to store the metadata')
parser.add_argument('--img_type_uuids', type=str, nargs='+', required=True,
help='A list of UUIDs identifying the image types')
parser.add_argument('--location_uuids', type=str, nargs='+', required=True,
help='A list of UUIDs of the storage volumes where the images are located. '
'Must have the same length as img_type_uuids.')
parser.add_argument('--img_uuids', type=str, nargs='+', required=True,
help='A list UUIDs of the images in a firmware bank')
args = parser.parse_args()
if len(args.img_type_uuids) != len(args.location_uuids):
parser.print_help()
raise argparse.ArgumentError(None, 'Arguments img_type_uuids and location_uuids must have the same length.')
main(args.metadata_file, args.img_type_uuids, args.location_uuids, args.img_uuids)

33
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tf-a-tests-no-warn-rwx-segments.patch Normal file
View File

@@ -0,0 +1,33 @@
From 6635341615a5bcb36ce71479ee30dae1599081e2 Mon Sep 17 00:00:00 2001
From: Anton Antonov <anrton.antonov@arm.com>
Date: Wed, 9 Aug 2023 15:56:03 -0400
Subject: [PATCH] Binutils 2.39 now warns when a segment has RXW
permissions[1]:
aarch64-poky-linux-musl-ld: tftf.elf has a LOAD segment with RWX permissions
There is a ticket filed upstream[2], so until that is resolved just
disable the warning
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
[2] https://developer.trustedfirmware.org/T996
Upstream-Status: Inappropriate
Signed-off-by: Anton Antonov <anrton.antonov@arm.com>
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 286a47c7d454..3481187b62cf 100644
--- a/Makefile
+++ b/Makefile
@@ -246,7 +246,7 @@ TFTF_SOURCES := ${FRAMEWORK_SOURCES} ${TESTS_SOURCES} ${PLAT_SOURCES} ${LIBC_SR
TFTF_INCLUDES += ${PLAT_INCLUDES}
TFTF_CFLAGS += ${COMMON_CFLAGS}
TFTF_ASFLAGS += ${COMMON_ASFLAGS}
-TFTF_LDFLAGS += ${COMMON_LDFLAGS}
+TFTF_LDFLAGS += ${COMMON_LDFLAGS} --no-warn-rwx-segments
TFTF_EXTRA_OBJS :=
ifneq (${BP_OPTION},none)

33
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/fiptool-native_2.8.6.bb Normal file
View File

@@ -0,0 +1,33 @@
# Firmware Image Package (FIP)
# It is a packaging format used by TF-A to package the
# firmware images in a single binary.
DESCRIPTION = "fiptool - Trusted Firmware tool for packaging"
LICENSE = "BSD-3-Clause"
SRC_URI_TRUSTED_FIRMWARE_A ?= "git://git.trustedfirmware.org/TF-A/trusted-firmware-a.git;protocol=https"
SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_A};destsuffix=fiptool-${PV};branch=${SRCBRANCH}"
LIC_FILES_CHKSUM = "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
# Use fiptool from TF-A v2.8.6
SRCREV = "ff0bd5f9bb2ba2f31fb9cec96df917747af9e92d"
SRCBRANCH = "lts-v2.8"
DEPENDS += "openssl-native"
inherit native
EXTRA_OEMAKE = "V=1 HOSTCC='${BUILD_CC}' OPENSSL_DIR=${STAGING_DIR_NATIVE}/${prefix_native}"
do_compile () {
# This is still needed to have the native fiptool executing properly by
# setting the RPATH
sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
sed -i '/^INCLUDE_PATHS/ s,$, \$\{BUILD_CFLAGS},' ${S}/tools/fiptool/Makefile
oe_runmake fiptool
}
do_install () {
install -D -p -m 0755 tools/fiptool/fiptool ${D}${bindir}/fiptool
}

16
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend Normal file
View File

@@ -0,0 +1,16 @@
# Machine specific TFAs
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
EXTRA_OEMAKE:append:corstone1000 = " DEBUG=0"
EXTRA_OEMAKE:append:corstone1000 = " LOG_LEVEL=30"
TFTF_MODE:corstone1000 = "release"
COMPATIBLE_MACHINE:n1sdp = "n1sdp"
EXTRA_OEMAKE:append:n1sdp = " DEBUG=1"
EXTRA_OEMAKE:append:n1sdp = " LOG_LEVEL=50"
TFTF_MODE:n1sdp = "debug"
SRC_URI:append:n1sdp = " \
file://0001-n1sdp-tftf-tests-to-skip.patch \
"

57
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bb Normal file
View File

@@ -0,0 +1,57 @@
DESCRIPTION = "Trusted Firmware-A tests(aka TFTF)"
LICENSE = "BSD-3-Clause & NCSA"
LIC_FILES_CHKSUM += "file://docs/license.rst;md5=6175cc0aa2e63b6d21a32aa0ee7d1b4a"
inherit deploy
COMPATIBLE_MACHINE ?= "invalid"
SRC_URI_TRUSTED_FIRMWARE_A_TESTS ?= "git://git.trustedfirmware.org/TF-A/tf-a-tests.git;protocol=https"
SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_A_TESTS};branch=${SRCBRANCH} \
file://tf-a-tests-no-warn-rwx-segments.patch"
SRCBRANCH = "lts-v2.8"
SRCREV = "85442d2943440718c2c2c9c5c690202b4b4f5725"
DEPENDS += "optee-os"
EXTRA_OEMAKE += "USE_NVM=0"
EXTRA_OEMAKE += "SHELL_COLOR=1"
EXTRA_OEMAKE += "DEBUG=1"
# Modify mode based on debug or release mode
TFTF_MODE ?= "debug"
# Platform must be set for each machine
TFA_PLATFORM ?= "invalid"
EXTRA_OEMAKE += "ARCH=aarch64"
EXTRA_OEMAKE += "LOG_LEVEL=50"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build"
# Add platform parameter
EXTRA_OEMAKE += "BUILD_BASE=${B} PLAT=${TFA_PLATFORM}"
# Requires CROSS_COMPILE set by hand as there is no configure script
export CROSS_COMPILE="${TARGET_PREFIX}"
do_compile() {
oe_runmake -C ${S} tftf
}
do_compile[cleandirs] = "${B}"
FILES:${PN} = "/firmware/tftf.bin"
SYSROOT_DIRS += "/firmware"
do_install() {
install -d -m 755 ${D}/firmware
install -m 0644 ${B}/${TFA_PLATFORM}/${TFTF_MODE}/tftf.bin ${D}/firmware/tftf.bin
}
do_deploy() {
cp -rf ${D}/firmware/* ${DEPLOYDIR}/
}
addtask deploy after do_install

56
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc Normal file
View File

@@ -0,0 +1,56 @@
# Corstone1000 64-bit machines specific TFA support
COMPATIBLE_MACHINE = "(corstone1000)"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/corstone1000:"
SRC_URI:append = " \
file://0001-Fix-FF-A-version-in-SPMC-manifest.patch \
file://0002-fix-corstone1000-pass-spsr-value-explicitly.patch \
file://0003-fix-spmd-remove-EL3-interrupt-registration.patch \
file://0004-fix-corstone1000-remove-unused-NS_SHARED_RAM-region.patch \
file://0005-fix-corstone1000-clean-the-cache-and-disable-interru.patch \
"
TFA_DEBUG = "1"
TFA_UBOOT ?= "1"
TFA_MBEDTLS = "1"
TFA_BUILD_TARGET = "bl2 bl31 fip"
# Enabling Secure-EL1 Payload Dispatcher (SPD)
TFA_SPD = "spmd"
# Cortex-A35 supports Armv8.0-A (no S-EL2 execution state).
# So, the SPD SPMC component should run at the S-EL1 execution state
TFA_SPMD_SPM_AT_SEL2 = "0"
# BL2 loads BL32 (optee). So, optee needs to be built first:
DEPENDS += "optee-os"
# Note: Regarding the build option: LOG_LEVEL.
# There seems to be an issue when setting it
# to 50 (LOG_LEVEL_VERBOSE), where the kernel
# tee driver sends yielding requests to OP-TEE
# at a faster pace than OP-TEE processes them,
# as the processing time is consumed by logging
# in TF-A. When this issue occurs, booting halts
# as soon as optee driver starts initialization.
# Therefore, it's not currently recommended to
# set LOG_LEVEL to 50 at all.
EXTRA_OEMAKE:append = " \
ARCH=aarch64 \
TARGET_PLATFORM=${TFA_TARGET_PLATFORM} \
ENABLE_STACK_PROTECTOR=strong \
ENABLE_PIE=1 \
RESET_TO_BL2=1 \
CREATE_KEYS=1 \
GENERATE_COT=1 \
TRUSTED_BOARD_BOOT=1 \
ARM_GPT_SUPPORT=1 \
PSA_FWU_SUPPORT=1 \
NR_OF_IMAGES_IN_FW_BANK=4 \
COT=tbbr \
ARM_ROTPK_LOCATION=devel_rsa \
ERRATA_A35_855472=1 \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
BL32=${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin \
FVP_USE_GIC_DRIVER=FVP_GICV2 \
"

65
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp-base.inc Normal file
View File

@@ -0,0 +1,65 @@
# FVP specific TFA parameters
#
# Armv8-A Base Platform FVP
#
FILESEXTRAPATHS:prepend := "${THISDIR}/files/:${THISDIR}/files/fvp-base"
SRC_URI:append = " \
file://0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch \
file://optee_spmc_maifest.dts;subdir=git/plat/arm/board/fvp/fdts \
"
# OP-TEE SPMC related configuration
SPMC_IS_OPTEE = "${@bb.utils.contains('MACHINE_FEATURES', 'arm-ffa', '0' \
if d.getVar('SEL2_SPMC') == '1' else '1', '0', d)}"
# Configure the SPMC manifest file.
TFA_ARM_SPMC_MANIFEST_DTS = "${@oe.utils.conditional('SPMC_IS_OPTEE', '1', \
'${S}/plat/arm/board/fvp/fdts/optee_spmc_maifest.dts', '', d)}"
EXTRA_OEMAKE += "${@bb.utils.contains('MACHINE_FEATURES','arm-ffa', \
'ARM_SPMC_MANIFEST_DTS=${TFA_ARM_SPMC_MANIFEST_DTS}' \
if d.getVar('TFA_ARM_SPMC_MANIFEST_DTS') else '', '', d)}"
# Set OP-TEE SPMC specific TF-A config settings
TFA_SPMD_SPM_AT_SEL2 := '0'
TFA_SPD := "${@oe.utils.conditional('SPMC_IS_OPTEE', '1', 'spmd', \
d.getVar('TFA_SPD'), d)}"
DEPENDS += " ${@oe.utils.conditional('SPMC_IS_OPTEE', '1', 'optee-os', '', d)}"
# Configure measured boot if the attestation SP is deployed.
TFA_MB_FLAGS += " \
ARM_ROTPK_LOCATION=devel_rsa \
EVENT_LOG_LEVEL=20 \
GENERATE_COT=1 \
MBOOT_EL_HASH_ALG=sha256 \
MEASURED_BOOT=1 \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
TRUSTED_BOARD_BOOT=1 \
"
EXTRA_OEMAKE += "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation',\
'${TFA_MB_FLAGS}','', d)}"
# Add OP-TEE as BL32.
BL32 = "${@oe.utils.conditional('SPMC_IS_OPTEE', '1',\
'${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin',\
'', d)}"
EXTRA_OEMAKE += "${@oe.utils.conditional('SPMC_IS_OPTEE', '1', \
' BL32=${BL32}', '', d)}"
# Generic configuration
COMPATIBLE_MACHINE = "fvp-base"
TFA_PLATFORM = "fvp"
# Disable debug build if measured boot is enabled.
TFA_DEBUG := "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', '0',\
d.getVar('TFA_DEBUG'), d)}"
# Add mbedtls if measured boot is enabled
TFA_MBEDTLS := "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation',\
'1', d.getVar('TFA_MBEDTLS'), d)}"
TFA_UBOOT ?= "1"
TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip"
EXTRA_OEMAKE += "FVP_DT_PREFIX=fvp-base-gicv3-psci-1t FVP_USE_GIC_DRIVER=FVP_GICV3"
# Our fvp-base machine explicitly has v8.4 cores
EXTRA_OEMAKE += "ARM_ARCH_MAJOR=8 ARM_ARCH_MINOR=4"

13
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-juno.inc Normal file
View File

@@ -0,0 +1,13 @@
# Juno specific TFA support
COMPATIBLE_MACHINE = "juno"
TFA_PLATFORM = "juno"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT ?= "1"
TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip"
# Juno needs the System Control Processor Firmware
DEPENDS += "virtual/control-processor-firmware"
EXTRA_OEMAKE:append = " SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"

41
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc Normal file
View File

@@ -0,0 +1,41 @@
# N1SDP specific TFA support
# Align with N1SDP-2023.06.22 Manifest
SRCREV_tfa = "31f60a968347497562b0129134928d7ac4767710"
PV .= "+git"
COMPATIBLE_MACHINE = "n1sdp"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 bl2 bl31 n1sdp-multi-chip n1sdp-single-chip n1sdp_fw_config n1sdp_tb_fw_config fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI ?= "1"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/n1sdp:"
SRC_URI:append = " \
file://0001-Reserve-OP-TEE-memory-from-nwd.patch \
file://0002-Modify-BL32-Location-to-DDR4.patch \
file://0003-Modify-SPMC-Base-to-DDR4.patch \
"
TFA_ROT_KEY= "plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# Enabling Secure-EL1 Payload Dispatcher (SPD)
TFA_SPD = "spmd"
# Cortex-A35 supports Armv8.0-A (no S-EL2 execution state).
# So, the SPD SPMC component should run at the S-EL1 execution state
TFA_SPMD_SPM_AT_SEL2 = "0"
# BL2 loads BL32 (optee). So, optee needs to be built first:
DEPENDS += "optee-os"
EXTRA_OEMAKE:append = "\
TRUSTED_BOARD_BOOT=1 \
GENERATE_COT=1 \
CREATE_KEYS=1 \
ARM_ROTPK_LOCATION="devel_rsa" \
ROT_KEY="${TFA_ROT_KEY}" \
BL32=${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin \
"

6
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-sbsa-ref.inc Normal file
View File

@@ -0,0 +1,6 @@
# sbsa-ref specific TF-A support
COMPATIBLE_MACHINE = "sbsa-ref"
TFA_PLATFORM = "qemu_sbsa"
TFA_INSTALL_TARGET = "bl1 fip"

13
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-sgi575.inc Normal file
View File

@@ -0,0 +1,13 @@
# SGI575 specific TFA support
COMPATIBLE_MACHINE = "sgi575"
TFA_PLATFORM = "sgi575"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"

14
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend Normal file
View File

@@ -0,0 +1,14 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files/:"
# Machine specific TFAs
MACHINE_TFA_REQUIRE ?= ""
MACHINE_TFA_REQUIRE:corstone1000 = "trusted-firmware-a-corstone1000.inc"
MACHINE_TFA_REQUIRE:fvp-base = "trusted-firmware-a-fvp-base.inc"
MACHINE_TFA_REQUIRE:juno = "trusted-firmware-a-juno.inc"
MACHINE_TFA_REQUIRE:n1sdp = "trusted-firmware-a-n1sdp.inc"
MACHINE_TFA_REQUIRE:sbsa-ref = "trusted-firmware-a-sbsa-ref.inc"
MACHINE_TFA_REQUIRE:sgi575 = "trusted-firmware-a-sgi575.inc"
MACHINE_TFA_REQUIRE:tc = "trusted-firmware-a-tc.inc"
require ${MACHINE_TFA_REQUIRE}

26
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/0001-arm-trusted-firmware-m-disable-address-warnings-into.patch Normal file
View File

@@ -0,0 +1,26 @@
From 961d2e3718e9e6d652cadf5b4d3597cfe822dd04 Mon Sep 17 00:00:00 2001
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
Date: Wed, 24 Jan 2024 16:10:08 +0000
Subject: [PATCH] arm/trusted-firmware-m: disable address warnings into an
error
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Upstream-Status: Inappropriate
---
toolchain_GNUARM.cmake | 1 +
1 file changed, 1 insertion(+)
diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake
index b6ae50ec3..4c2f5b3d7 100644
--- a/toolchain_GNUARM.cmake
+++ b/toolchain_GNUARM.cmake
@@ -111,6 +111,7 @@ add_compile_options(
-Wno-format
-Wno-return-type
-Wno-unused-but-set-variable
+ -Wno-error=address
-c
-fdata-sections
-ffunction-sections

274
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch Normal file
View File

@@ -0,0 +1,274 @@
From eb096e4c03b80f9f31e5d15ca06e5a38e4112664 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Tue, 7 Nov 2023 20:25:49 +0100
Subject: [PATCH 1/2] platform: corstone1000: Update MPU configuration
In Armv6-M the MPU requires the regions to be aligned with
region sizes.
The commit aligns the different code/data sections using the
alignment macros. The code/data sections can be covered by
multiple MPU regions in order to save memory.
Small adjustments had to be made in the memory layout in order to
not overflow the flash:
- Decreased TFM_PARTITION_SIZE
- Increased S_UNPRIV_DATA_SIZE
Added checks to the MPU configuration function for checking the
MPU constraints:
- Base address has to be aligned to the size
- The minimum MPU region size is 0x100
- The MPU can have 8 regions at most
Change-Id: I059468e8aba0822bb354fd1cd4987ac2bb1f34d1
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25393]
---
.../target/arm/corstone1000/CMakeLists.txt | 19 +++++
.../arm/corstone1000/create-flash-image.sh | 8 +-
.../arm/corstone1000/partition/flash_layout.h | 2 +-
.../arm/corstone1000/partition/region_defs.h | 6 +-
.../arm/corstone1000/tfm_hal_isolation.c | 83 +++++++++++++++----
5 files changed, 93 insertions(+), 25 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index e6cf15b11..8817f514c 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -22,6 +22,25 @@ target_compile_definitions(platform_region_defs
INTERFACE
$<$<BOOL:${TFM_S_REG_TEST}>:TFM_S_REG_TEST>
)
+
+# The Armv6-M MPU requires that the MPU regions be aligned to the region sizes.
+# The minimal region size is 0x100 bytes.
+#
+# The alignments have to be a power of two and ideally bigger than the section size (which
+# can be checked in the map file).
+# In some cases the alignment value is smaller than the actual section
+# size to save memory. In that case, multiple MPU region has to be configured to cover it.
+#
+# To save memory, the attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for
+# the SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE don't have to
+# be aligned. The higher-priority regions will overwrite these attributes if needed.
+# The RAM is also located in the SRAM so it has to be configured to overwrite these default
+# attributes.
+target_compile_definitions(platform_region_defs
+ INTERFACE
+ TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
+ TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
+)
#========================= Platform common defs ===============================#
# Specify the location of platform specific build dependencies.
diff --git a/platform/ext/target/arm/corstone1000/create-flash-image.sh b/platform/ext/target/arm/corstone1000/create-flash-image.sh
index 2522d3674..a6be61384 100755
--- a/platform/ext/target/arm/corstone1000/create-flash-image.sh
+++ b/platform/ext/target/arm/corstone1000/create-flash-image.sh
@@ -8,7 +8,7 @@
######################################################################
# This script is to create a flash gpt image for corstone platform
-#
+#
# Flash image layout:
# |------------------------------|
# | Protective MBR |
@@ -82,15 +82,15 @@ sgdisk --mbrtogpt \
--new=4:56:+4K --typecode=4:$PRIVATE_METADATA_TYPE_UUID --partition-guid=4:$(uuidgen) --change-name=4:'private_metadata_replica_1' \
--new=5:64:+4k --typecode=5:$PRIVATE_METADATA_TYPE_UUID --partition-guid=5:$(uuidgen) --change-name=5:'private_metadata_replica_2' \
--new=6:72:+100k --typecode=6:$SE_BL2_TYPE_UUID --partition-guid=6:$(uuidgen) --change-name=6:'bl2_primary' \
- --new=7:272:+376K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
+ --new=7:272:+368K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
--new=8:32784:+100k --typecode=8:$SE_BL2_TYPE_UUID --partition-guid=8:$(uuidgen) --change-name=8:'bl2_secondary' \
- --new=9:32984:+376K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
+ --new=9:32984:+368K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
--new=10:65496:65501 --partition-guid=10:$(uuidgen) --change-name=10:'reserved_2' \
$IMAGE
[ $? -ne 0 ] && echo "Error occurs while writing the GPT layout" && exit 1
-# Write partitions
+# Write partitions
# conv=notrunc avoids truncation to keep the geometry of the image.
dd if=$BIN_DIR/bl2_signed.bin of=${IMAGE} seek=72 conv=notrunc
dd if=$BIN_DIR/tfm_s_signed.bin of=${IMAGE} seek=272 conv=notrunc
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
index 568c8de28..7fffd94c6 100644
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
@@ -134,7 +134,7 @@
/* Bank configurations */
#define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */
-#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */
+#define TFM_PARTITION_SIZE (0x5C000) /* 368 KB */
/************************************************************/
/* Bank : Images flash offsets are with respect to the bank */
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
index 99e822f51..64ab786e5 100644
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
@@ -1,8 +1,10 @@
/*
- * Copyright (c) 2017-2022 Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2023 Arm Limited. All rights reserved.
* Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company)
* or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
*
+ * SPDX-License-Identifier: Apache-2.0
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@ -53,7 +55,7 @@
#define S_DATA_START (SRAM_BASE + TFM_PARTITION_SIZE)
#define S_DATA_SIZE (SRAM_SIZE - TFM_PARTITION_SIZE)
-#define S_UNPRIV_DATA_SIZE (0x2160)
+#define S_UNPRIV_DATA_SIZE (0x4000)
#define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1)
#define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE)
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 01f7687bc..98e795dde 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
* company) or an affiliate of Cypress Semiconductor Corporation. All rights
* reserved.
@@ -14,9 +14,11 @@
#include "tfm_hal_isolation.h"
#include "mpu_config.h"
#include "mmio_defs.h"
+#include "flash_layout.h"
#define PROT_BOUNDARY_VAL \
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
+#define MPU_REGION_MIN_SIZE (0x100)
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
@@ -31,20 +33,38 @@ REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif /* CONFIG_TFM_PARTITION_META */
-static void configure_mpu(uint32_t rnr, uint32_t base, uint32_t limit,
- uint32_t is_xn_exec, uint32_t ap_permissions)
+static enum tfm_hal_status_t configure_mpu(uint32_t rnr, uint32_t base,
+ uint32_t limit, uint32_t is_xn_exec, uint32_t ap_permissions)
{
- uint32_t size; /* region size */
+ uint32_t rbar_size_field; /* region size as it is used in the RBAR */
uint32_t rasr; /* region attribute and size register */
uint32_t rbar; /* region base address register */
- size = get_rbar_size_field(limit - base);
+ rbar_size_field = get_rbar_size_field(limit - base);
+
+ /* The MPU region's base address has to be aligned to the region
+ * size for a valid MPU configuration */
+ if ((base % (1 << (rbar_size_field + 1))) != 0) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
+
+ /* The MPU supports only 8 memory regions */
+ if (rnr > 7) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
+
+ /* The minimum size for a region is 0x100 bytes */
+ if((limit - base) < MPU_REGION_MIN_SIZE) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
rasr = ARM_MPU_RASR(is_xn_exec, ap_permissions, TEX, NOT_SHAREABLE,
- NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, size);
+ NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, rbar_size_field);
rbar = base & MPU_RBAR_ADDR_Msk;
ARM_MPU_SetRegionEx(rnr, rbar, rasr);
+
+ return TFM_HAL_SUCCESS;
}
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -56,33 +76,60 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
uint32_t rnr = TFM_ISOLATION_REGION_START_NUMBER; /* current region number */
uint32_t base; /* start address */
uint32_t limit; /* end address */
+ enum tfm_hal_status_t ret;
ARM_MPU_Disable();
- /* TFM Core unprivileged code region */
- base = (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base);
- limit = (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit);
-
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
-
- /* RO region */
- base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_CODE_START, $$Base);
- limit = (uint32_t)&REGION_NAME(Image$$, TFM_APP_CODE_END, $$Base);
+ /* Armv6-M MPU allows region overlapping. The region with the higher RNR
+ * will decide the attributes.
+ *
+ * The default attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for the
+ * whole SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE
+ * don't have to be aligned and memory space can be saved.
+ * This region has the lowest RNR so the next regions can overwrite these
+ * attributes if it's needed.
+ */
+ base = SRAM_BASE;
+ limit = SRAM_BASE + SRAM_SIZE;
+
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
/* RW, ZI and stack as one region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
limit = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base);
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ /* The section size can be bigger than the alignment size, else the code would
+ * not fit into the memory. Because of this, the sections can use multiple MPU
+ * regions. */
+ do {
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+ base += TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT;
+ } while (base < limit);
+
#ifdef CONFIG_TFM_PARTITION_META
/* TFM partition metadata pointer region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
limit = (uint32_t)&REGION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ do {
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_SP_META_PTR_ALIGNMENT,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+ base += TFM_LINKER_SP_META_PTR_ALIGNMENT;
+ } while (base < limit);
+
#endif
arm_mpu_enable();

76
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch Normal file
View File

@@ -0,0 +1,76 @@
From ca7696bca357cfd71a34582c65a7c7c08828b6dc Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Mon, 18 Dec 2023 14:00:14 +0100
Subject: [PATCH 2/2] platform: corstone1000: Cover S_DATA with MPU
The S_DATA has to be covered with MPU regions to override the
other MPU regions with smaller RNR values.
Change-Id: I45fec65f51241939314941e25d287e6fdc82777c
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25583]
---
.../target/arm/corstone1000/CMakeLists.txt | 8 +++++++
.../arm/corstone1000/tfm_hal_isolation.c | 22 +++++++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index 8817f514c..541504368 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -40,6 +40,14 @@ target_compile_definitions(platform_region_defs
INTERFACE
TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
+
+ # The RAM MPU Region block sizes are calculated manually. The RAM has to be covered
+ # with the MPU regions. These regions also have to be the power of 2 and
+ # the start addresses have to be aligned to these sizes. The sizes can be calculated
+ # from the S_DATA_START and S_DATA_SIZE defines.
+ RAM_MPU_REGION_BLOCK_1_SIZE=0x4000
+ RAM_MPU_REGION_BLOCK_2_SIZE=0x20000
+
)
#========================= Platform common defs ===============================#
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 98e795dde..39b19c535 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -15,6 +15,7 @@
#include "mpu_config.h"
#include "mmio_defs.h"
#include "flash_layout.h"
+#include "region_defs.h"
#define PROT_BOUNDARY_VAL \
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
@@ -132,6 +133,27 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
#endif
+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
+ * SRAM and it has to be overridden.
+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
+ * and added to the platform_region_defs compile definitions.
+ */
+ base = S_DATA_START;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
arm_mpu_enable();
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */

78
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-align-capsule-update-structs.patch Normal file
View File

@@ -0,0 +1,78 @@
From 6807d4b30f7d4ed32d3c54dfcaf3ace63eaa4f02 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Thu, 26 Oct 2023 11:46:04 +0100
Subject: [PATCH] platform: corstone1000: align capsule update structs
U-boot mkefitool creates capsule image without packed and byte-aligned
structs. This patch aligns the capsule-update structures and avoids
crashes in case of unaligned pointer access.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending
---
.../fw_update_agent/uefi_capsule_parser.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
index c706c040ac..9f8d12ad4e 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
@@ -34,14 +34,14 @@ typedef struct {
uint32_t header_size;
uint32_t flags;
uint32_t capsule_image_size;
-} efi_capsule_header_t;
+} efi_capsule_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t version;
uint16_t embedded_driver_count;
uint16_t payload_item_count;
uint64_t item_offset_list[];
-} efi_firmware_management_capsule_header_t;
+} efi_firmware_management_capsule_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t version;
@@ -52,14 +52,14 @@ typedef struct {
uint32_t update_vendorcode_size;
uint64_t update_hardware_instance; //introduced in v2
uint64_t image_capsule_support; //introduced in v3
-} efi_firmware_management_capsule_image_header_t;
+} efi_firmware_management_capsule_image_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t signature;
uint32_t header_size;
uint32_t fw_version;
uint32_t lowest_supported_version;
-} fmp_payload_header_t;
+} fmp_payload_header_t __attribute__((packed, aligned(1)));
#define ANYSIZE_ARRAY 0
@@ -68,18 +68,18 @@ typedef struct {
uint16_t wRevision;
uint16_t wCertificateType;
uint8_t bCertificate[ANYSIZE_ARRAY];
-} WIN_CERTIFICATE;
+} WIN_CERTIFICATE __attribute__((packed, aligned(1)));
typedef struct {
WIN_CERTIFICATE hdr;
struct efi_guid cert_type;
uint8_t cert_data[ANYSIZE_ARRAY];
-} win_certificate_uefi_guid_t;
+} win_certificate_uefi_guid_t __attribute__((packed, aligned(1)));
typedef struct {
uint64_t monotonic_count;
win_certificate_uefi_guid_t auth_info;
-} efi_firmware_image_authentication_t;
+} efi_firmware_image_authentication_t __attribute__((packed, aligned(1)));
enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
--
2.25.1

33
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-skip-the-first-nv-counter.patch Normal file
View File

@@ -0,0 +1,33 @@
From 001e5bea183bc78352ac3ba6283d9d7912bb6ea5 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 21 Feb 2024 07:44:25 +0000
Subject: [PATCH] Platform: Corstone1000: skip the first nv counter
It skips doing a sanity check the BL2 nv counter after the capsule
update since the tfm bl1 does not sync metadata and nv counters in OTP during
the boot anymore.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending
---
.../ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index 2e6de255b..2e6cf8047 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -1125,7 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters(
FWU_LOG_MSG("%s: enter\n\r", __func__);
- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
switch (i) {
case FWU_BL2_NV_COUNTER:
--
2.25.1

41
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-add-unique-guid-for-mps3.patch Normal file
View File

@@ -0,0 +1,41 @@
From 3d35eb08fe0cea5c4b882c448f44530bb45c05f0 Mon Sep 17 00:00:00 2001
From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
Date: Tue, 2 Apr 2024 13:04:56 +0000
Subject: [PATCH] platform: corstone1000: add unique guid for mps3
This patch sets unique GUID for Corstone1000 FVP and MPS3
Upstream-Status: Inappropriate [Redesign of Capsule update interface is required]
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
---
.../target/arm/corstone1000/fw_update_agent/fwu_agent.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index 2e6cf80470..be04e0e5df 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -113,13 +113,19 @@ enum fwu_agent_state_t {
};
struct efi_guid full_capsule_image_guid = {
+#if PLATFORM_IS_FVP
.time_low = 0x989f3a4e,
.time_mid = 0x46e0,
.time_hi_and_version = 0x4cd0,
.clock_seq_and_node = {0x98, 0x77, 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29}
+#else
+ .time_low = 0xdf1865d1,
+ .time_mid = 0x90fb,
+ .time_hi_and_version = 0x4d59,
+ .clock_seq_and_node = {0x9c, 0x38, 0xc9, 0xf2, 0xc1, 0xbb, 0xa8, 0xcc}
+#endif
};
-
#define IMAGE_ACCEPTED (1)
#define IMAGE_NOT_ACCEPTED (0)
#define BANK_0 (0)
--
2.38.1

177
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch Normal file
View File

@@ -0,0 +1,177 @@
From 1410dc5504d60219279581b1cf6442f81551cfe7 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 3 Apr 2024 13:37:40 +0100
Subject: [PATCH] Platform: Corstone1000: Enable host firewall in FVP
Enables host firewall and mpu setup for FVP. It also fixes secure-ram
configuration and disable access rights to secure ram from both normal world
for both mps3 and fvp.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
.../Device/Include/platform_base_address.h | 2 +-
.../arm/corstone1000/bl1/boot_hal_bl1_1.c | 42 ++++---------------
.../arm/corstone1000/bl2/flash_map_bl2.c | 2 +-
3 files changed, 11 insertions(+), 35 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
index 416f0ebcd..101cad9e7 100644
--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
+++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
@@ -67,7 +67,7 @@
* required by the SE are defined here */
#define CORSTONE1000_HOST_ADDRESS_SPACE_BASE (0x60000000U) /* Host Address Space */
#define CORSTONE1000_HOST_BIR_BASE (0x60000000U) /* Boot Instruction Register */
-#define CORSTONE1000_HOST_SHARED_RAM_BASE (0x62000000U) /* Shared RAM */
+#define CORSTONE1000_HOST_TRUSTED_RAM_BASE (0x62000000U) /* Secure RAM */
#define CORSTONE1000_HOST_XNVM_BASE (0x68000000U) /* XNVM */
#define CORSTONE1000_HOST_BASE_SYSTEM_CONTROL_BASE (0x7A010000U) /* Host SCB */
#define CORSTONE1000_EXT_SYS_RESET_REG (0x7A010310U) /* external system (cortex-M3) */
diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
index a5fee66af..7988c2392 100644
--- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
@@ -35,7 +35,7 @@ REGION_DECLARE(Image$$, ER_DATA, $$Base)[];
REGION_DECLARE(Image$$, ARM_LIB_HEAP, $$ZI$$Limit)[];
#define HOST_ADDRESS_SPACE_BASE 0x00000000
-#define HOST_SHARED_RAM_BASE 0x02000000
+#define HOST_TRUSTED_RAM_BASE 0x02000000
#define HOST_XNVM_BASE 0x08000000
#define HOST_BASE_SYSTEM_CONTROL_BASE 0x1A010000
#define HOST_FIREWALL_BASE 0x1A800000
@@ -347,7 +347,7 @@ static void setup_host_firewall(void)
fc_pe_enable();
- /* CVM - Shared RAM */
+ /* CVM - Secure RAM */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_CVM);
fc_disable_bypass();
fc_pe_disable();
@@ -355,15 +355,12 @@ static void setup_host_firewall(void)
fc_select_region(1);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
- fc_prog_rgn(RGN_SIZE_4MB, HOST_SHARED_RAM_BASE);
+ fc_prog_rgn(RGN_SIZE_4MB, HOST_TRUSTED_RAM_BASE);
fc_init_mpl(RGN_MPE0);
mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK |
RGN_MPL_SECURE_WRITE_MASK |
- RGN_MPL_SECURE_EXECUTE_MASK |
- RGN_MPL_NONSECURE_READ_MASK |
- RGN_MPL_NONSECURE_WRITE_MASK |
- RGN_MPL_NONSECURE_EXECUTE_MASK);
+ RGN_MPL_SECURE_EXECUTE_MASK);
fc_enable_mpl(RGN_MPE0, mpl_rights);
fc_disable_mpl(RGN_MPE0, ~mpl_rights);
@@ -398,7 +395,9 @@ static void setup_host_firewall(void)
fc_pe_enable();
- /* Host Expansion Master 0 */
+#if !(PLATFORM_IS_FVP)
+ /* Host Expansion Master 0 (Due to the difference in the models only
+ * programming this for MPS3) */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST0);
fc_disable_bypass();
fc_pe_disable();
@@ -433,7 +432,6 @@ static void setup_host_firewall(void)
fc_enable_regions();
fc_rgn_lock();
-#if !(PLATFORM_IS_FVP)
fc_select_region(3);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
@@ -461,16 +459,14 @@ static void setup_host_firewall(void)
fc_enable_mpe(RGN_MPE0);
fc_enable_regions();
fc_rgn_lock();
-#endif
fc_pe_enable();
- /* Host Expansion Master 0 */
+ /* Host Expansion Master 1*/
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST1);
fc_disable_bypass();
fc_pe_disable();
-#if !(PLATFORM_IS_FVP)
fc_select_region(1);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
@@ -484,22 +480,6 @@ static void setup_host_firewall(void)
fc_enable_mpe(RGN_MPE0);
fc_enable_regions();
fc_rgn_lock();
-#else
- fc_select_region(1);
- fc_disable_regions();
- fc_disable_mpe(RGN_MPE0);
- fc_prog_rgn(RGN_SIZE_8MB, HOST_SE_SECURE_FLASH_BASE_FVP);
- fc_init_mpl(RGN_MPE0);
-
- mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK |
- RGN_MPL_SECURE_WRITE_MASK);
-
- fc_enable_mpl(RGN_MPE0, mpl_rights);
- fc_enable_mpe(RGN_MPE0);
- fc_enable_regions();
- fc_rgn_lock();
-#endif
-
fc_pe_enable();
/* Always ON Host Peripherals */
@@ -527,7 +507,6 @@ static void setup_host_firewall(void)
}
fc_pe_enable();
-
/* Host System Peripherals */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_SYSPERIPH);
fc_disable_bypass();
@@ -553,6 +532,7 @@ static void setup_host_firewall(void)
}
fc_pe_enable();
+#endif
/* Host System Peripherals */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_DBGPERIPH);
@@ -592,13 +572,9 @@ int32_t boot_platform_init(void)
if (result != ARM_DRIVER_OK) {
return 1;
}
-#if !(PLATFORM_IS_FVP)
setup_mpu();
-#endif
setup_se_firewall();
-#if !(PLATFORM_IS_FVP)
setup_host_firewall();
-#endif
#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
stdio_init();
diff --git a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
index 2b1cdfa19..06cc3f0f5 100644
--- a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
+++ b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
@@ -70,7 +70,7 @@ int boot_get_image_exec_ram_info(uint32_t image_id,
rc = 0;
}
else if (image_id == 1 || image_id == 2) {
- (*exec_ram_start) = CORSTONE1000_HOST_SHARED_RAM_BASE;
+ (*exec_ram_start) = CORSTONE1000_HOST_TRUSTED_RAM_BASE;
(*exec_ram_size) = 0x20000000U;
rc = 0;
}
--
2.25.1

27
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-Increase-ITS-max-asset-size.patch Normal file
View File

@@ -0,0 +1,27 @@
From 2edf197735bd0efb1428c1710443dddcb376d930 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Wed, 17 Apr 2024 11:34:45 +0000
Subject: [PATCH] platform: corstone1000: Increase ITS max asset size
Increases the max asset size for ITS to enable parsec services & tests
Upstream-Status: Pending
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
---
platform/ext/target/arm/corstone1000/config_tfm_target.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
index 2c7341afd4..2eb0924770 100644
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
@@ -20,4 +20,8 @@
/* The maximum number of assets to be stored in the Protected Storage area. */
#define PS_NUM_ASSETS 20
+/* The maximum size of asset to be stored in the Internal Trusted Storage area. */
+#undef ITS_MAX_ASSET_SIZE
+#define ITS_MAX_ASSET_SIZE 2048
+
#endif /* __CONFIG_TFM_TARGET_H__ */

3620
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch Normal file
View File

File diff suppressed because it is too large Load Diff

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch Normal file
View File

@@ -0,0 +1,28 @@
From 21b0c9f028b6b04fa2f027510ec90969735f4dd1 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Wed, 17 Apr 2024 19:31:03 +0200
Subject: [PATCH] platform: corstone1000: Increase RSE_COMMS buffer size
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Pending
---
platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
index 6d79dd3bf..f079f6504 100644
--- a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
@@ -16,7 +16,7 @@ extern "C" {
#endif
/* size suits to fit the largest message too (EFI variables) */
-#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x2100)
+#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x43C0)
/*
* Allocated for each client request.
--
2.25.1

31
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch Normal file
View File

@@ -0,0 +1,31 @@
From a8aeaafd6c26d6bc3066164d12aabc5cb754fe1c Mon Sep 17 00:00:00 2001
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
Date: Wed, 15 May 2024 12:12:15 +0000
Subject: [PATCH] CC312: alignment of cc312 differences between fvp and mps3
corstone1000 platforms
Configures CC312 mps3 model same as predefined cc312 FVP
configuration while keeping debug ports closed.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Upstream-Status: Inappropriate [Requires an aligment cc3xx with mps3 hw and fvp sw models]
---
lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
index 31e4332be..4d7e6fa61 100644
--- a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
+++ b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
@@ -207,6 +207,9 @@ CClibRetCode_t CC_LibInit(CCRndContext_t *rndContext_ptr, CCRndWorkBuff_t *rndW
goto InitErr2;
}
+ /* configuring secure debug to align cc312 with corstone 1000 */
+ CC_HAL_WRITE_REGISTER(CC_REG_OFFSET(HOST_RGF,HOST_DCU_EN0), 0xffffe7fc);
+
/* turn off the DFA since Cerberus doen't support it */
reg = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, HOST_AO_LOCK_BITS));
CC_REG_FLD_SET(0, HOST_AO_LOCK_BITS, HOST_FORCE_DFA_ENABLE, reg, 0x0);

45
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch Normal file
View File

@@ -0,0 +1,45 @@
From d7725e629c9ba93523589cc9d8af3186db19d4e8 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Wed, 15 May 2024 22:37:51 +0200
Subject: [PATCH] Platform: corstone1000: Increase buffers for EFI vars
The UEFI variables are stored in the Protected Storage. The size of
the variables metadata have been increased so the related buffer sizes
have to be increased.
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Pending
---
.../ext/target/arm/corstone1000/config_tfm_target.h | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
index 2eb0924770..6ee823a7dc 100644
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -24,4 +24,15 @@
#undef ITS_MAX_ASSET_SIZE
#define ITS_MAX_ASSET_SIZE 2048
+/* The maximum asset size to be stored in the Protected Storage */
+#undef PS_MAX_ASSET_SIZE
+#define PS_MAX_ASSET_SIZE 2592
+
+/* This is needed to be able to process the EFI variables during PS writes. */
+#undef CRYPTO_ENGINE_BUF_SIZE
+#define CRYPTO_ENGINE_BUF_SIZE 0x5000
+
+/* This is also has to be increased to fit the EFI variables into the iovecs. */
+#undef CRYPTO_IOVEC_BUFFER_SIZE
+#define CRYPTO_IOVEC_BUFFER_SIZE 6000
#endif /* __CONFIG_TFM_TARGET_H__ */
--
2.25.1

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-corstone1000-Remove-reset-after-capsule-update.patch Normal file
View File

@@ -0,0 +1,28 @@
From 78db43f80676f8038b35edd6674d22fb5ff85c12 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Mon, 27 May 2024 17:11:31 +0200
Subject: [PATCH] corstone1000: Remove reset after capsule update
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/29065]
---
.../target/arm/corstone1000/services/src/tfm_platform_system.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
index 41305ed966..1e837ce3b5 100644
--- a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
+++ b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
@@ -28,9 +28,6 @@ enum tfm_platform_err_t tfm_platform_hal_ioctl(tfm_platform_ioctl_req_t request,
case IOCTL_CORSTONE1000_FWU_FLASH_IMAGES:
result = corstone1000_fwu_flash_image();
- if (!result) {
- NVIC_SystemReset();
- }
break;
case IOCTL_CORSTONE1000_FWU_HOST_ACK:
--
2.25.1

88
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch Normal file
View File

@@ -0,0 +1,88 @@
From 4d3ebb03b89b122af490824ca73287954a35bd07 Mon Sep 17 00:00:00 2001
From: Jamie Fox <jamie.fox@arm.com>
Date: Thu, 22 Aug 2024 16:54:45 +0100
Subject: [PATCH] Platform: corstone1000: Fix isolation L2 memory protection
The whole of the SRAM was configured unprivileged on this platform, so
the memory protection required for isolation level 2 was not present.
This patch changes the S_DATA_START to S_DATA_LIMIT MPU region to be
configured for privileged access only. It also reorders the MPU regions
so that the App RoT sub-region overlapping S_DATA has a higher region
number and so takes priority in the operation of the Armv6-M MPU.
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/30951]
---
.../arm/corstone1000/tfm_hal_isolation.c | 43 +++++++++----------
1 file changed, 21 insertions(+), 22 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 39b19c535..498f14ed2 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
* company) or an affiliate of Cypress Semiconductor Corporation. All rights
* reserved.
@@ -99,6 +99,26 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
return ret;
}
+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
+ * SRAM and it has to be overridden.
+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
+ * and added to the platform_region_defs compile definitions.
+ */
+ base = S_DATA_START;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
/* RW, ZI and stack as one region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
@@ -133,27 +153,6 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
#endif
- /* Set the RAM attributes. It is needed because the first region overlaps the whole
- * SRAM and it has to be overridden.
- * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
- * and added to the platform_region_defs compile definitions.
- */
- base = S_DATA_START;
- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
- ret = configure_mpu(rnr++, base, limit,
- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
- if (ret != TFM_HAL_SUCCESS) {
- return ret;
- }
-
- base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
- ret = configure_mpu(rnr++, base, limit,
- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
- if (ret != TFM_HAL_SUCCESS) {
- return ret;
- }
-
arm_mpu_enable();
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
--
2.25.1

56
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc Normal file
View File

@@ -0,0 +1,56 @@
# Corstone1000 machines specific TFM support
COMPATIBLE_MACHINE = "(corstone1000)"
TFM_PLATFORM = "arm/corstone1000"
TFM_DEBUG = "1"
## Default is the MPS3 board
TFM_PLATFORM_IS_FVP ?= "FALSE"
EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}"
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=OFF"
SRC_URI += " \
file://0001-arm-trusted-firmware-m-disable-address-warnings-into.patch \
"
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
SRC_URI:append:corstone1000 = " \
file://0001-platform-corstone1000-Update-MPU-configuration.patch \
file://0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch \
file://0003-platform-corstone1000-align-capsule-update-structs.patch \
file://0004-Platform-Corstone1000-skip-the-first-nv-counter.patch \
file://0005-platform-corstone1000-add-unique-guid-for-mps3.patch \
file://0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch \
file://0007-platform-corstone1000-Increase-ITS-max-asset-size.patch \
file://0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch \
file://0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch \
file://0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch \
file://0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch \
file://0012-corstone1000-Remove-reset-after-capsule-update.patch \
file://0013-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch \
"
# TF-M ships patches for external dependencies that needs to be applied
apply_tfm_patches() {
find ${S}/lib/ext/qcbor -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../qcbor/ -i
find ${S}/lib/ext/mbedcrypto -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mbedtls/ -i
find ${S}/lib/ext/mcuboot -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mcuboot/ -i
find ${S}/lib/ext/tf-m-tests -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../tf-m-tests/ -i
}
do_patch[postfuncs] += "apply_tfm_patches"
do_install() {
install -D -p -m 0644 ${B}/bin/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
install -D -p -m 0644 ${B}/bin/bl2_signed.bin ${D}/firmware/bl2_signed.bin
install -D -p -m 0644 ${B}/bin/bl1_1.bin ${D}/firmware/bl1_1.bin
install -D -p -m 0644 ${B}/bin/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin
}
create_bl1_image(){
dd conv=notrunc bs=1 if=${D}/firmware/bl1_1.bin of=${D}/firmware/bl1.bin seek=0
dd conv=notrunc bs=1 if=${D}/firmware/bl1_provisioning_bundle.bin of=${D}/firmware/bl1.bin seek=40960
}
do_install[postfuncs] += "create_bl1_image"

6
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend Normal file
View File

@@ -0,0 +1,6 @@
# Machine specific configurations
MACHINE_TFM_REQUIRE ?= ""
MACHINE_TFM_REQUIRE:corstone1000 = "trusted-firmware-m-corstone1000.inc"
require ${MACHINE_TFM_REQUIRE}

86
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc Normal file
View File

@@ -0,0 +1,86 @@
# Corstone1000 specific U-boot support
DEPENDS:append = " openssl-native efitools-native"
CORSTONE1000_DEVICE_TREE:corstone1000-mps3 = "corstone1000-mps3"
CORSTONE1000_DEVICE_TREE:corstone1000-fvp = "corstone1000-fvp"
EXTRA_OEMAKE:append = ' DEVICE_TREE=${CORSTONE1000_DEVICE_TREE}'
UBOOT_CONFIG ??= "EFI"
UBOOT_CONFIG[EFI] = "corstone1000_defconfig"
UBOOT_ENTRYPOINT = "0x80000000"
UBOOT_LOADADDRESS = "0x80000000"
UBOOT_BOOTARGS = "${LINUX_KERNEL_ARGS} loglevel=9"
UBOOT_ARCH = "arm"
UBOOT_EXTLINUX = "0"
SYSROOT_DIRS:append = " /boot"
SRC_URI:append = " \
file://0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch \
file://0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch \
file://0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch \
file://0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch \
file://0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch \
file://0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch \
file://0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch \
file://0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch \
file://0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch \
file://0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch \
file://0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch \
file://0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch \
file://0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch \
file://0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch \
file://0015-efi_firmware-add-get_image_info-for-corstone1000.patch \
file://0016-efi_loader-fix-null-pointer-exception-with-get_image.patch \
file://0017-arm-corstone1000-add-mmc-for-fvp.patch \
file://0018-corstone1000-add-compressed-kernel-support.patch \
file://0019-arm-corstone1000-esrt-support.patch \
file://0020-corstone1000-enable-distro-booting-command.patch \
file://0021-corstone1000-add-fwu-metadata-store-info.patch \
file://0022-fwu_metadata-make-sure-structures-are-packed.patch \
file://0023-corstone1000-add-boot-index.patch \
file://0024-corstone1000-adjust-boot-bank-and-kernel-location.patch \
file://0025-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch \
file://0026-nvmxip-move-header-to-include.patch \
file://0027-corstone1000-set-kernel_addr-based-on-boot_idx.patch \
file://0028-corstone1000-boot-index-from-active.patch \
file://0029-corstone1000-enable-PSCI-reset.patch \
file://0030-Enable-EFI-set-get-time-services.patch \
file://0031-corstone1000-detect-inflated-kernel-size.patch \
file://0032-corstone1000-ESRT-add-unique-firmware-GUID.patch \
file://0033-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch \
file://0034-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch \
file://0035-corstone1000-purge-U-Boot-specific-DT-nodes.patch \
file://0036-corstone1000-add-signature-device-tree-overlay.patch \
file://0037-corstone1000-enable-authenticated-capsule-config.patch \
file://0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch \
file://0039-enables-ondisk-capsule-update-feature.patch \
file://0040-fix-runtime-capsule-update-flags-checks.patch \
file://0041-scatter-gather-flag-workaround.patch \
file://0042-corstone1000-enable-virtio-net-support.patch \
file://0043-firmware-psci-Fix-bind_smccc_features-psci-check.patch \
file://0044-corstone1000-set-unique-GUID-for-fvp-and-mps3.patch \
file://0045-efi-corstone1000-fwu-update-RPC-ABI.patch \
file://0046-Corstone1000-Change-MMCOMM-buffer-location.patch \
file://0047-corstone1000-dts-add-external-system-node.patch \
file://0048-corstone1000-Enable-UEFI-Secure-boot.patch \
${@bb.utils.contains('MACHINE_FEATURES', 'corstone1000-extsys', \
'', 'file://0049-corstone1000-purge-remoteproc-dts-node.patch' , d)} \
"
do_configure:append() {
openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=CRT/ -keyout ${B}/CRT.key -out ${B}/CRT.crt -nodes -days 365
cert-to-efi-sig-list ${B}/CRT.crt ${B}/corstone1000_defconfig/CRT.esl
}
FILES:${PN} += "/corstone1000_capsule_*"
do_install:append() {
install -D -p -m 0644 ${B}/CRT.crt ${D}/corstone1000_capsule_cert.crt
install -D -p -m 0644 ${B}/CRT.key ${D}/corstone1000_capsule_key.key
}
do_deploy:append(){
cp -Rf ${D}/corstone1000_capsule* ${DEPLOYDIR}/
}
addtask deploy after do_install

8
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc Normal file
View File

@@ -0,0 +1,8 @@
# FVP base specific U-boot support
SRC_URI:append = " \
file://0001-vexpress64-Set-the-DM_RNG-property.patch \
file://0002-vexpress64-Select-PSCI-RESET-by-default.patch \
file://0003-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch \
file://tick.patch \
"

3
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-juno.inc Normal file
View File

@@ -0,0 +1,3 @@
# Juno specific U-boot support
SRC_URI:append = " file://0001-configs-vexpress-modify-to-boot-compressed-initramfs.patch"

198
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch Normal file
View File

@@ -0,0 +1,198 @@
From cc651db9a1370e697fd2525ce58b81ff7e112474 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Fri, 29 Jul 2022 13:06:19 +0100
Subject: [PATCH] FF-A v15: arm64: smccc: add support for SMCCCv1.2 x0-x17
registers
add support for x0-x17 registers used by the SMC calls
In SMCCC v1.2 [1] arguments are passed in registers x1-x17.
Results are returned in x0-x17.
This work is inspired from the following kernel commit:
arm64: smccc: Add support for SMCCCv1.2 extended input/output registers
[1]: https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token=
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
arch/arm/cpu/armv8/smccc-call.S | 57 ++++++++++++++++++++++++++++++++-
arch/arm/lib/asm-offsets.c | 16 +++++++++
include/linux/arm-smccc.h | 45 ++++++++++++++++++++++++++
3 files changed, 117 insertions(+), 1 deletion(-)
diff --git a/arch/arm/cpu/armv8/smccc-call.S b/arch/arm/cpu/armv8/smccc-call.S
index dc92b28777..93f66d3366 100644
--- a/arch/arm/cpu/armv8/smccc-call.S
+++ b/arch/arm/cpu/armv8/smccc-call.S
@@ -1,7 +1,11 @@
/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (c) 2015, Linaro Limited
- */
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+*/
#include <linux/linkage.h>
#include <linux/arm-smccc.h>
#include <generated/asm-offsets.h>
@@ -45,3 +49,54 @@ ENDPROC(__arm_smccc_smc)
ENTRY(__arm_smccc_hvc)
SMCCC hvc
ENDPROC(__arm_smccc_hvc)
+
+#ifdef CONFIG_ARM64
+
+ .macro SMCCC_1_2 instr
+ /* Save `res` and free a GPR that won't be clobbered */
+ stp x1, x19, [sp, #-16]!
+
+ /* Ensure `args` won't be clobbered while loading regs in next step */
+ mov x19, x0
+
+ /* Load the registers x0 - x17 from the struct arm_smccc_1_2_regs */
+ ldp x0, x1, [x19, #ARM_SMCCC_1_2_REGS_X0_OFFS]
+ ldp x2, x3, [x19, #ARM_SMCCC_1_2_REGS_X2_OFFS]
+ ldp x4, x5, [x19, #ARM_SMCCC_1_2_REGS_X4_OFFS]
+ ldp x6, x7, [x19, #ARM_SMCCC_1_2_REGS_X6_OFFS]
+ ldp x8, x9, [x19, #ARM_SMCCC_1_2_REGS_X8_OFFS]
+ ldp x10, x11, [x19, #ARM_SMCCC_1_2_REGS_X10_OFFS]
+ ldp x12, x13, [x19, #ARM_SMCCC_1_2_REGS_X12_OFFS]
+ ldp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS]
+ ldp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS]
+
+ \instr #0
+
+ /* Load the `res` from the stack */
+ ldr x19, [sp]
+
+ /* Store the registers x0 - x17 into the result structure */
+ stp x0, x1, [x19, #ARM_SMCCC_1_2_REGS_X0_OFFS]
+ stp x2, x3, [x19, #ARM_SMCCC_1_2_REGS_X2_OFFS]
+ stp x4, x5, [x19, #ARM_SMCCC_1_2_REGS_X4_OFFS]
+ stp x6, x7, [x19, #ARM_SMCCC_1_2_REGS_X6_OFFS]
+ stp x8, x9, [x19, #ARM_SMCCC_1_2_REGS_X8_OFFS]
+ stp x10, x11, [x19, #ARM_SMCCC_1_2_REGS_X10_OFFS]
+ stp x12, x13, [x19, #ARM_SMCCC_1_2_REGS_X12_OFFS]
+ stp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS]
+ stp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS]
+
+ /* Restore original x19 */
+ ldp xzr, x19, [sp], #16
+ ret
+ .endm
+
+/*
+ * void arm_smccc_1_2_smc(const struct arm_smccc_1_2_regs *args,
+ * struct arm_smccc_1_2_regs *res);
+ */
+ENTRY(arm_smccc_1_2_smc)
+ SMCCC_1_2 smc
+ENDPROC(arm_smccc_1_2_smc)
+
+#endif
diff --git a/arch/arm/lib/asm-offsets.c b/arch/arm/lib/asm-offsets.c
index 6de0ce9152..181a8ac4c2 100644
--- a/arch/arm/lib/asm-offsets.c
+++ b/arch/arm/lib/asm-offsets.c
@@ -9,6 +9,11 @@
* generate asm statements containing #defines,
* compile this file to assembler, and then extract the
* #defines from the assembly-language output.
+ *
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
@@ -90,6 +95,17 @@ int main(void)
DEFINE(ARM_SMCCC_RES_X2_OFFS, offsetof(struct arm_smccc_res, a2));
DEFINE(ARM_SMCCC_QUIRK_ID_OFFS, offsetof(struct arm_smccc_quirk, id));
DEFINE(ARM_SMCCC_QUIRK_STATE_OFFS, offsetof(struct arm_smccc_quirk, state));
+#ifdef CONFIG_ARM64
+ DEFINE(ARM_SMCCC_1_2_REGS_X0_OFFS, offsetof(struct arm_smccc_1_2_regs, a0));
+ DEFINE(ARM_SMCCC_1_2_REGS_X2_OFFS, offsetof(struct arm_smccc_1_2_regs, a2));
+ DEFINE(ARM_SMCCC_1_2_REGS_X4_OFFS, offsetof(struct arm_smccc_1_2_regs, a4));
+ DEFINE(ARM_SMCCC_1_2_REGS_X6_OFFS, offsetof(struct arm_smccc_1_2_regs, a6));
+ DEFINE(ARM_SMCCC_1_2_REGS_X8_OFFS, offsetof(struct arm_smccc_1_2_regs, a8));
+ DEFINE(ARM_SMCCC_1_2_REGS_X10_OFFS, offsetof(struct arm_smccc_1_2_regs, a10));
+ DEFINE(ARM_SMCCC_1_2_REGS_X12_OFFS, offsetof(struct arm_smccc_1_2_regs, a12));
+ DEFINE(ARM_SMCCC_1_2_REGS_X14_OFFS, offsetof(struct arm_smccc_1_2_regs, a14));
+ DEFINE(ARM_SMCCC_1_2_REGS_X16_OFFS, offsetof(struct arm_smccc_1_2_regs, a16));
+#endif
#endif
return 0;
diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
index e1d09884a1..f44e9e8f93 100644
--- a/include/linux/arm-smccc.h
+++ b/include/linux/arm-smccc.h
@@ -1,6 +1,10 @@
/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (c) 2015, Linaro Limited
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef __LINUX_ARM_SMCCC_H
#define __LINUX_ARM_SMCCC_H
@@ -70,6 +74,47 @@ struct arm_smccc_res {
unsigned long a3;
};
+#ifdef CONFIG_ARM64
+/**
+ * struct arm_smccc_1_2_regs - Arguments for or Results from SMC call
+ * @a0-a17 argument values from registers 0 to 17
+ */
+struct arm_smccc_1_2_regs {
+ unsigned long a0;
+ unsigned long a1;
+ unsigned long a2;
+ unsigned long a3;
+ unsigned long a4;
+ unsigned long a5;
+ unsigned long a6;
+ unsigned long a7;
+ unsigned long a8;
+ unsigned long a9;
+ unsigned long a10;
+ unsigned long a11;
+ unsigned long a12;
+ unsigned long a13;
+ unsigned long a14;
+ unsigned long a15;
+ unsigned long a16;
+ unsigned long a17;
+};
+
+/**
+ * arm_smccc_1_2_smc() - make SMC calls
+ * @args: arguments passed via struct arm_smccc_1_2_regs
+ * @res: result values via struct arm_smccc_1_2_regs
+ *
+ * This function is used to make SMC calls following SMC Calling Convention
+ * v1.2 or above. The content of the supplied param are copied from the
+ * structure to registers prior to the SMC instruction. The return values
+ * are updated with the content from registers on return from the SMC
+ * instruction.
+ */
+asmlinkage void arm_smccc_1_2_smc(const struct arm_smccc_1_2_regs *args,
+ struct arm_smccc_1_2_regs *res);
+#endif
+
/**
* struct arm_smccc_quirk - Contains quirk information
* @id: quirk identification

115
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch Normal file
View File

@@ -0,0 +1,115 @@
From 4c1eaa36a882f9f921c3bc3b1352bbb04a939c4f Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Thu, 4 Aug 2022 16:46:47 +0100
Subject: [PATCH] FF-A v15: lib: uuid: introduce uuid_str_to_le_bin function
convert UUID string to little endian binary data
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
include/uuid.h | 15 +++++++++++++++
lib/uuid.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 63 insertions(+)
diff --git a/include/uuid.h b/include/uuid.h
index 4a4883d3b5..89b93e642b 100644
--- a/include/uuid.h
+++ b/include/uuid.h
@@ -2,6 +2,10 @@
/*
* Copyright (C) 2014 Samsung Electronics
* Przemyslaw Marczak <p.marczak@samsung.com>
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef __UUID_H__
#define __UUID_H__
@@ -44,4 +48,15 @@ int uuid_guid_get_bin(const char *guid_str, unsigned char *guid_bin);
const char *uuid_guid_get_str(const unsigned char *guid_bin);
void gen_rand_uuid(unsigned char *uuid_bin);
void gen_rand_uuid_str(char *uuid_str, int str_format);
+
+/**
+ * uuid_str_to_le_bin() - Convert string UUID to little endian binary data.
+ * @uuid_str: pointer to UUID string
+ * @uuid_bin: pointer to allocated array for little endian output [16B]
+ * Return:
+ * uuid_bin filled with little endian UUID data
+ * On success 0 is returned. Otherwise, failure code.
+ */
+int uuid_str_to_le_bin(const char *uuid_str, unsigned char *uuid_bin);
+
#endif
diff --git a/lib/uuid.c b/lib/uuid.c
index 96e1af3c8b..45f325d964 100644
--- a/lib/uuid.c
+++ b/lib/uuid.c
@@ -1,6 +1,10 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2011 Calxeda, Inc.
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
@@ -354,6 +358,50 @@ int uuid_str_to_bin(const char *uuid_str, unsigned char *uuid_bin,
return 0;
}
+/**
+ * uuid_str_to_le_bin() - Convert string UUID to little endian binary data.
+ * @uuid_str: pointer to UUID string
+ * @uuid_bin: pointer to allocated array for little endian output [16B]
+ *
+ * UUID string is 36 characters (36 bytes):
+ *
+ * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+ *
+ * where x is a hexadecimal character. Fields are separated by '-'s.
+ * When converting to a little endian binary UUID, the string fields are reversed.
+ *
+ * Return:
+ *
+ * uuid_bin filled with little endian UUID data
+ * On success 0 is returned. Otherwise, failure code.
+ */
+int uuid_str_to_le_bin(const char *uuid_str, unsigned char *uuid_bin)
+{
+ u16 tmp16;
+ u32 tmp32;
+ u64 tmp64;
+
+ if (!uuid_str_valid(uuid_str) || !uuid_bin)
+ return -EINVAL;
+
+ tmp32 = cpu_to_le32(hextoul(uuid_str, NULL));
+ memcpy(uuid_bin, &tmp32, 4);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 9, NULL));
+ memcpy(uuid_bin + 4, &tmp16, 2);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 14, NULL));
+ memcpy(uuid_bin + 6, &tmp16, 2);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 19, NULL));
+ memcpy(uuid_bin + 8, &tmp16, 2);
+
+ tmp64 = cpu_to_le64(simple_strtoull(uuid_str + 24, NULL, 16));
+ memcpy(uuid_bin + 10, &tmp64, 6);
+
+ return 0;
+}
+
/*
* uuid_bin_to_str() - convert big endian binary data to string UUID or GUID.
*

91
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch Normal file
View File

@@ -0,0 +1,91 @@
From fe51e27e4f0033e9737a1099d0dd06f976a60705 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 27 Mar 2023 16:24:29 +0100
Subject: [PATCH] FF-A v15: lib: uuid: introduce testcase for
uuid_str_to_le_bin
provide a test case
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
MAINTAINERS | 5 +++++
test/lib/Makefile | 1 +
test/lib/uuid.c | 41 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 47 insertions(+)
create mode 100644 test/lib/uuid.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 3bf60c4643..a1122afb01 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1632,3 +1632,8 @@ S: Maintained
F: arch/arm/dts/ls1021a-twr-u-boot.dtsi
F: drivers/crypto/fsl/
F: include/fsl_sec.h
+
+UUID testing
+M: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+S: Maintained
+F: test/lib/uuid.c
diff --git a/test/lib/Makefile b/test/lib/Makefile
index e0bd9e04e8..e75a263e6a 100644
--- a/test/lib/Makefile
+++ b/test/lib/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_AES) += test_aes.o
obj-$(CONFIG_GETOPT) += getopt.o
obj-$(CONFIG_CRC8) += test_crc8.o
obj-$(CONFIG_UT_LIB_CRYPT) += test_crypt.o
+obj-$(CONFIG_LIB_UUID) += uuid.o
else
obj-$(CONFIG_SANDBOX) += kconfig_spl.o
endif
diff --git a/test/lib/uuid.c b/test/lib/uuid.c
new file mode 100644
index 0000000000..e24331a136
--- /dev/null
+++ b/test/lib/uuid.c
@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Functional tests for UCLASS_FFA class
+ *
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <common.h>
+#include <uuid.h>
+#include <test/lib.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+/* test UUID */
+#define TEST_SVC_UUID "ed32d533-4209-99e6-2d72-cdd998a79cc0"
+
+#define UUID_SIZE 16
+
+/* The UUID binary data (little-endian format) */
+static const u8 ref_uuid_bin[UUID_SIZE] = {
+ 0x33, 0xd5, 0x32, 0xed,
+ 0x09, 0x42, 0xe6, 0x99,
+ 0x72, 0x2d, 0xc0, 0x9c,
+ 0xa7, 0x98, 0xd9, 0xcd
+};
+
+static int lib_test_uuid_to_le(struct unit_test_state *uts)
+{
+ const char *uuid_str = TEST_SVC_UUID;
+ u8 ret_uuid_bin[UUID_SIZE] = {0};
+
+ ut_assertok(uuid_str_to_le_bin(uuid_str, ret_uuid_bin));
+ ut_asserteq_mem(ref_uuid_bin, ret_uuid_bin, UUID_SIZE);
+
+ return 0;
+}
+
+LIB_TEST(lib_test_uuid_to_le, 0);

2129
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch Normal file
View File

File diff suppressed because it is too large Load Diff

433
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch Normal file
View File

@@ -0,0 +1,433 @@
From 57e4d6e9c5fc174a96366268150bc85de75baa79 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Wed, 10 May 2023 17:27:01 +0100
Subject: [PATCH] FF-A v15: arm_ffa: introduce armffa command
Provide armffa command showcasing the use of the U-Boot FF-A support
armffa is a command showcasing how to invoke FF-A operations.
This provides a guidance to the client developers on how to
call the FF-A bus interfaces. The command also allows to gather secure
partitions information and ping these partitions. The command is also
helpful in testing the communication with secure partitions.
For more details please refer to the command documentation [1].
[1]: doc/usage/cmd/armffa.rst
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
MAINTAINERS | 2 +
cmd/Kconfig | 10 ++
cmd/Makefile | 1 +
cmd/armffa.c | 202 +++++++++++++++++++++++++++++++
doc/arch/arm64.ffa.rst | 7 ++
doc/usage/cmd/armffa.rst | 93 ++++++++++++++
doc/usage/index.rst | 1 +
drivers/firmware/arm-ffa/Kconfig | 1 +
8 files changed, 317 insertions(+)
create mode 100644 cmd/armffa.c
create mode 100644 doc/usage/cmd/armffa.rst
diff --git a/MAINTAINERS b/MAINTAINERS
index 9c5ebf312c..4ae82229fc 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -269,7 +269,9 @@ F: configs/cortina_presidio-asic-pnand_defconfig
ARM FF-A
M: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
S: Maintained
+F: cmd/armffa.c
F: doc/arch/arm64.ffa.rst
+F: doc/usage/cmd/armffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
F: include/sandbox_arm_ffa.h
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 02e54f1e50..79b4f8367a 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -935,6 +935,16 @@ endmenu
menu "Device access commands"
+config CMD_ARMFFA
+ bool "Arm FF-A test command"
+ depends on ARM_FFA_TRANSPORT
+ help
+ Provides a test command for the FF-A support
+ supported options:
+ - Listing the partition(s) info
+ - Sending a data pattern to the specified partition
+ - Displaying the arm_ffa device info
+
config CMD_ARMFLASH
#depends on FLASH_CFI_DRIVER
bool "armflash"
diff --git a/cmd/Makefile b/cmd/Makefile
index 6c37521b4e..7d20a85a46 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -12,6 +12,7 @@ obj-y += panic.o
obj-y += version.o
# command
+obj-$(CONFIG_CMD_ARMFFA) += armffa.o
obj-$(CONFIG_CMD_2048) += 2048.o
obj-$(CONFIG_CMD_ACPI) += acpi.o
obj-$(CONFIG_CMD_ADDRMAP) += addrmap.o
diff --git a/cmd/armffa.c b/cmd/armffa.c
new file mode 100644
index 0000000000..7e6eafc03a
--- /dev/null
+++ b/cmd/armffa.c
@@ -0,0 +1,202 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+#include <common.h>
+#include <arm_ffa.h>
+#include <command.h>
+#include <dm.h>
+#include <mapmem.h>
+#include <stdlib.h>
+#include <asm/io.h>
+
+/* Select the right physical address formatting according to the platform */
+#ifdef CONFIG_PHYS_64BIT
+#define PhysAddrLength "ll"
+#else
+#define PhysAddrLength ""
+#endif
+#define PHYS_ADDR_LN "%" PhysAddrLength "x"
+
+/**
+ * ffa_get_dev() - Return the FF-A device
+ * @devp: pointer to the FF-A device
+ *
+ * Search for the FF-A device.
+ *
+ * Return:
+ * 0 on success. Otherwise, failure
+ */
+static int ffa_get_dev(struct udevice **devp)
+{
+ int ret;
+
+ ret = uclass_first_device_err(UCLASS_FFA, devp);
+ if (ret) {
+ log_err("Cannot find FF-A bus device\n");
+ return ret;
+ }
+
+ return 0;
+}
+
+/**
+ * do_ffa_getpart() - implementation of the getpart subcommand
+ * @cmdtp: Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * Query a secure partition information. The secure partition UUID is provided
+ * as an argument. The function uses the arm_ffa driver
+ * partition_info_get operation which implements FFA_PARTITION_INFO_GET
+ * ABI to retrieve the data. The input UUID string is expected to be in big
+ * endian format.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+static int do_ffa_getpart(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ u32 count = 0;
+ int ret;
+ struct ffa_partition_desc *descs;
+ u32 i;
+ struct udevice *dev;
+
+ if (argc != 2) {
+ log_err("Missing argument\n");
+ return CMD_RET_USAGE;
+ }
+
+ ret = ffa_get_dev(&dev);
+ if (ret)
+ return CMD_RET_FAILURE;
+
+ /* Ask the driver to fill the buffer with the SPs info */
+
+ ret = ffa_partition_info_get(dev, argv[1], &count, &descs);
+ if (ret) {
+ log_err("Failure in querying partition(s) info (error code: %d)\n", ret);
+ return CMD_RET_FAILURE;
+ }
+
+ /* SPs found , show the partition information */
+ for (i = 0; i < count ; i++) {
+ log_info("Partition: id = %x , exec_ctxt %x , properties %x\n",
+ descs[i].info.id,
+ descs[i].info.exec_ctxt,
+ descs[i].info.properties);
+ }
+
+ return CMD_RET_SUCCESS;
+}
+
+/**
+ * do_ffa_ping() - implementation of the ping subcommand
+ * @cmdtp: Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * Send data to a secure partition. The secure partition UUID is provided
+ * as an argument. Use the arm_ffa driver sync_send_receive operation
+ * which implements FFA_MSG_SEND_DIRECT_{REQ,RESP} ABIs to send/receive data.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+static int do_ffa_ping(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct ffa_send_direct_data msg = {
+ .data0 = 0xaaaaaaaa,
+ .data1 = 0xbbbbbbbb,
+ .data2 = 0xcccccccc,
+ .data3 = 0xdddddddd,
+ .data4 = 0xeeeeeeee,
+ };
+ u16 part_id;
+ int ret;
+ struct udevice *dev;
+
+ if (argc != 2) {
+ log_err("Missing argument\n");
+ return CMD_RET_USAGE;
+ }
+
+ part_id = strtoul(argv[1], NULL, 16);
+ if (!part_id) {
+ log_err("Partition ID can not be 0\n");
+ return CMD_RET_USAGE;
+ }
+
+ ret = ffa_get_dev(&dev);
+ if (ret)
+ return CMD_RET_FAILURE;
+
+ ret = ffa_sync_send_receive(dev, part_id, &msg, 1);
+ if (!ret) {
+ u8 cnt;
+
+ log_info("SP response:\n[LSB]\n");
+ for (cnt = 0;
+ cnt < sizeof(struct ffa_send_direct_data) / sizeof(u64);
+ cnt++)
+ log_info("%llx\n", ((u64 *)&msg)[cnt]);
+ return CMD_RET_SUCCESS;
+ }
+
+ log_err("Sending direct request error (%d)\n", ret);
+ return CMD_RET_FAILURE;
+}
+
+/**
+ *do_ffa_devlist() - implementation of the devlist subcommand
+ * @cmdtp: [in] Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * Query the device belonging to the UCLASS_FFA
+ * class.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+static int do_ffa_devlist(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct udevice *dev;
+ int ret;
+
+ ret = ffa_get_dev(&dev);
+ if (ret)
+ return CMD_RET_FAILURE;
+
+ log_info("device %s, addr " PHYS_ADDR_LN ", driver %s, ops " PHYS_ADDR_LN "\n",
+ dev->name,
+ map_to_sysmem(dev),
+ dev->driver->name,
+ map_to_sysmem(dev->driver->ops));
+
+ return CMD_RET_SUCCESS;
+}
+
+static char armffa_help_text[] =
+ "getpart <partition UUID>\n"
+ " - lists the partition(s) info\n"
+ "ping <partition ID>\n"
+ " - sends a data pattern to the specified partition\n"
+ "devlist\n"
+ " - displays information about the FF-A device/driver\n";
+
+U_BOOT_CMD_WITH_SUBCMDS(armffa, "Arm FF-A test command", armffa_help_text,
+ U_BOOT_SUBCMD_MKENT(getpart, 2, 1, do_ffa_getpart),
+ U_BOOT_SUBCMD_MKENT(ping, 2, 1, do_ffa_ping),
+ U_BOOT_SUBCMD_MKENT(devlist, 1, 1, do_ffa_devlist));
diff --git a/doc/arch/arm64.ffa.rst b/doc/arch/arm64.ffa.rst
index 4f817f053c..aefd527447 100644
--- a/doc/arch/arm64.ffa.rst
+++ b/doc/arch/arm64.ffa.rst
@@ -205,6 +205,13 @@ The following features are provided:
- FF-A bus can be compiled and used without EFI
+The armffa command
+-----------------------------------
+
+armffa is a command showcasing how to use the FF-A bus and how to invoke the driver operations.
+
+Please refer the command documentation at :doc:`../usage/cmd/armffa`
+
Example of boot logs with FF-A enabled
--------------------------------------
diff --git a/doc/usage/cmd/armffa.rst b/doc/usage/cmd/armffa.rst
new file mode 100644
index 0000000000..3d422686c1
--- /dev/null
+++ b/doc/usage/cmd/armffa.rst
@@ -0,0 +1,93 @@
+.. SPDX-License-Identifier: GPL-2.0+:
+
+armffa command
+==============
+
+Synopsis
+--------
+
+::
+
+ armffa [sub-command] [arguments]
+
+ sub-commands:
+
+ getpart [partition UUID]
+
+ lists the partition(s) info
+
+ ping [partition ID]
+
+ sends a data pattern to the specified partition
+
+ devlist
+
+ displays information about the FF-A device/driver
+
+Description
+-----------
+
+armffa is a command showcasing how to use the FF-A bus and how to invoke its operations.
+
+This provides a guidance to the client developers on how to call the FF-A bus interfaces.
+
+The command also allows to gather secure partitions information and ping these partitions.
+
+The command is also helpful in testing the communication with secure partitions.
+
+Example
+-------
+
+The following examples are run on Corstone-1000 platform.
+
+* ping
+
+::
+
+ corstone1000# armffa ping 0x8003
+ SP response:
+ [LSB]
+ fffffffe
+ 0
+ 0
+ 0
+ 0
+
+* ping (failure case)
+
+::
+
+ corstone1000# armffa ping 0
+ Sending direct request error (-22)
+
+* getpart
+
+::
+
+ corstone1000# armffa getpart 33d532ed-e699-0942-c09c-a798d9cd722d
+ Partition: id = 8003 , exec_ctxt 1 , properties 3
+
+* getpart (failure case)
+
+::
+
+ corstone1000# armffa getpart 33d532ed-e699-0942-c09c-a798d9cd7221
+ INVALID_PARAMETERS: Unrecognized UUID
+ Failure in querying partitions count (error code: -22)
+
+* devlist
+
+::
+
+ corstone1000# armffa devlist
+ device name arm_ffa, dev 00000000fdf41c30, driver name arm_ffa, ops 00000000fffc0e98
+
+Configuration
+-------------
+
+The command is available if CONFIG_CMD_ARMFFA=y and CONFIG_ARM_FFA_TRANSPORT=y.
+
+Return value
+------------
+
+The return value $? is 0 (true) on success, 1 (false) on failure.
diff --git a/doc/usage/index.rst b/doc/usage/index.rst
index 388e59f173..e462de2806 100644
--- a/doc/usage/index.rst
+++ b/doc/usage/index.rst
@@ -22,6 +22,7 @@ Shell commands
cmd/acpi
cmd/addrmap
+ cmd/armffa
cmd/askenv
cmd/base
cmd/bdinfo
diff --git a/drivers/firmware/arm-ffa/Kconfig b/drivers/firmware/arm-ffa/Kconfig
index 9200c8028b..a7d5392859 100644
--- a/drivers/firmware/arm-ffa/Kconfig
+++ b/drivers/firmware/arm-ffa/Kconfig
@@ -5,6 +5,7 @@ config ARM_FFA_TRANSPORT
depends on DM && ARM64
select ARM_SMCCC
select ARM_SMCCC_FEATURES
+ imply CMD_ARMFFA
select LIB_UUID
select DEVRES
help

1311
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch Normal file
View File

File diff suppressed because it is too large Load Diff

338
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch Normal file
View File

@@ -0,0 +1,338 @@
From effa8444b74e456f724146c2593991281f95762d Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Wed, 10 May 2023 17:34:55 +0100
Subject: [PATCH] FF-A v15: arm_ffa: introduce sandbox test cases for
UCLASS_FFA
Add functional test cases for the FF-A support
These tests rely on the FF-A sandbox emulator and FF-A
sandbox driver which help in inspecting the FF-A communication.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
MAINTAINERS | 1 +
doc/arch/arm64.ffa.rst | 1 +
test/dm/Makefile | 3 +-
test/dm/ffa.c | 261 +++++++++++++++++++++++++++++++++++++++++
4 files changed, 265 insertions(+), 1 deletion(-)
create mode 100644 test/dm/ffa.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 679a3acdd8..ccd7859c88 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -276,6 +276,7 @@ F: doc/arch/arm64.ffa.rst
F: doc/usage/cmd/armffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
+F: test/dm/ffa.c
ARM FREESCALE IMX
M: Stefano Babic <sbabic@denx.de>
diff --git a/doc/arch/arm64.ffa.rst b/doc/arch/arm64.ffa.rst
index b7c754fa3d..325fb80346 100644
--- a/doc/arch/arm64.ffa.rst
+++ b/doc/arch/arm64.ffa.rst
@@ -37,6 +37,7 @@ The U-Boot FF-A support provides the following parts:
FF-A ABIs inspection methods.
- An FF-A sandbox device driver for FF-A communication with the emulated Secure World.
The driver leverages the FF-A Uclass to establish FF-A communication.
+- Sandbox FF-A test cases.
FF-A and SMC specifications
-------------------------------------------
diff --git a/test/dm/Makefile b/test/dm/Makefile
index 3799b1ae8f..7ed00733c1 100644
--- a/test/dm/Makefile
+++ b/test/dm/Makefile
@@ -1,7 +1,7 @@
# SPDX-License-Identifier: GPL-2.0+
#
# Copyright (c) 2013 Google, Inc
-# Copyright 2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+# Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
obj-$(CONFIG_UT_DM) += test-dm.o
@@ -92,6 +92,7 @@ obj-$(CONFIG_POWER_DOMAIN) += power-domain.o
obj-$(CONFIG_ACPI_PMC) += pmc.o
obj-$(CONFIG_DM_PMIC) += pmic.o
obj-$(CONFIG_DM_PWM) += pwm.o
+obj-$(CONFIG_ARM_FFA_TRANSPORT) += ffa.o
obj-$(CONFIG_QFW) += qfw.o
obj-$(CONFIG_RAM) += ram.o
obj-y += regmap.o
diff --git a/test/dm/ffa.c b/test/dm/ffa.c
new file mode 100644
index 0000000000..6912666bb4
--- /dev/null
+++ b/test/dm/ffa.c
@@ -0,0 +1,261 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Functional tests for UCLASS_FFA class
+ *
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <common.h>
+#include <console.h>
+#include <dm.h>
+#include <asm/sandbox_arm_ffa.h>
+#include <asm/sandbox_arm_ffa_priv.h>
+#include <dm/test.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+/* Functional tests for the UCLASS_FFA */
+
+static int check_fwk_version(struct ffa_priv *uc_priv, struct unit_test_state *uts)
+{
+ struct ffa_sandbox_data func_data;
+ u32 fwk_version = 0;
+
+ func_data.data0 = &fwk_version;
+ func_data.data0_size = sizeof(fwk_version);
+ ut_assertok(sandbox_query_ffa_emul_state(FFA_VERSION, &func_data));
+ ut_asserteq(uc_priv->fwk_version, fwk_version);
+
+ return 0;
+}
+
+static int check_endpoint_id(struct ffa_priv *uc_priv, struct unit_test_state *uts)
+{
+ ut_asserteq(0, uc_priv->id);
+
+ return 0;
+}
+
+static int check_rxtxbuf(struct ffa_priv *uc_priv, struct unit_test_state *uts)
+{
+ ut_assertnonnull(uc_priv->pair.rxbuf);
+ ut_assertnonnull(uc_priv->pair.txbuf);
+
+ return 0;
+}
+
+static int check_features(struct ffa_priv *uc_priv, struct unit_test_state *uts)
+{
+ ut_assert(uc_priv->pair.rxtx_min_pages == RXTX_4K ||
+ uc_priv->pair.rxtx_min_pages == RXTX_16K ||
+ uc_priv->pair.rxtx_min_pages == RXTX_64K);
+
+ return 0;
+}
+
+static int check_rxbuf_mapped_flag(u32 queried_func_id,
+ u8 rxbuf_mapped,
+ struct unit_test_state *uts)
+{
+ switch (queried_func_id) {
+ case FFA_RXTX_MAP:
+ ut_asserteq(1, rxbuf_mapped);
+ break;
+ case FFA_RXTX_UNMAP:
+ ut_asserteq(0, rxbuf_mapped);
+ break;
+ default:
+ ut_assert(false);
+ }
+
+ return 0;
+}
+
+static int check_rxbuf_release_flag(u8 rxbuf_owned, struct unit_test_state *uts)
+{
+ ut_asserteq(0, rxbuf_owned);
+
+ return 0;
+}
+
+static int test_ffa_msg_send_direct_req(u16 part_id, struct unit_test_state *uts)
+{
+ struct ffa_send_direct_data msg;
+ u8 cnt;
+ struct udevice *dev;
+
+ ut_assertok(uclass_first_device_err(UCLASS_FFA, &dev));
+
+ ut_assertok(ffa_sync_send_receive(dev, part_id, &msg, 1));
+
+ for (cnt = 0; cnt < sizeof(struct ffa_send_direct_data) / sizeof(u64); cnt++)
+ ut_asserteq_64(-1UL, ((u64 *)&msg)[cnt]);
+
+ return 0;
+}
+
+static int test_partitions_and_comms(const char *service_uuid,
+ struct unit_test_state *uts)
+{
+ struct ffa_partition_desc *descs;
+ u32 count, i, j, valid_sps = 0;
+ struct udevice *dev;
+ struct ffa_sandbox_data func_data;
+ struct ffa_partitions *partitions;
+
+ ut_assertok(uclass_first_device_err(UCLASS_FFA, &dev));
+
+ /* Get from the driver the count and information of the SPs matching the UUID */
+ ut_assertok(ffa_partition_info_get(dev, service_uuid, &count, &descs));
+
+ /* Make sure the count is correct */
+ ut_asserteq(SANDBOX_SP_COUNT_PER_VALID_SERVICE, count);
+
+ /* SPs found , verify the partitions information */
+
+ func_data.data0 = &partitions;
+ func_data.data0_size = sizeof(struct ffa_partitions *);
+ ut_assertok(sandbox_query_ffa_emul_state(FFA_PARTITION_INFO_GET, &func_data));
+
+ for (i = 0; i < count ; i++) {
+ for (j = 0;
+ j < partitions->count;
+ j++) {
+ if (descs[i].info.id ==
+ partitions->descs[j].info.id) {
+ valid_sps++;
+ ut_asserteq_mem(&descs[i],
+ &partitions->descs[j],
+ sizeof(struct ffa_partition_desc));
+ /* Send and receive data from the current partition */
+ test_ffa_msg_send_direct_req(descs[i].info.id, uts);
+ }
+ }
+ }
+
+ /* Verify expected partitions found in the emulated secure world */
+ ut_asserteq(SANDBOX_SP_COUNT_PER_VALID_SERVICE, valid_sps);
+
+ return 0;
+}
+
+static int dm_test_ffa_ack(struct unit_test_state *uts)
+{
+ struct ffa_priv *uc_priv;
+ struct ffa_sandbox_data func_data;
+ u8 rxbuf_flag = 0;
+ const char *svc1_uuid = SANDBOX_SERVICE1_UUID;
+ const char *svc2_uuid = SANDBOX_SERVICE2_UUID;
+ struct udevice *dev;
+
+ /* Test probing the sandbox FF-A bus */
+ ut_assertok(uclass_first_device_err(UCLASS_FFA, &dev));
+
+ /* Get a pointer to the sandbox FF-A bus private data */
+ uc_priv = dev_get_uclass_priv(dev);
+
+ /* Make sure the private data pointer is retrieved */
+ ut_assertnonnull(uc_priv);
+
+ /* Test FFA_VERSION */
+ check_fwk_version(uc_priv, uts);
+
+ /* Test FFA_ID_GET */
+ check_endpoint_id(uc_priv, uts);
+
+ /* Test FFA_FEATURES */
+ check_features(uc_priv, uts);
+
+ /* Test RX/TX buffers */
+ check_rxtxbuf(uc_priv, uts);
+
+ /* Test FFA_RXTX_MAP */
+ func_data.data0 = &rxbuf_flag;
+ func_data.data0_size = sizeof(rxbuf_flag);
+
+ rxbuf_flag = 0;
+ sandbox_query_ffa_emul_state(FFA_RXTX_MAP, &func_data);
+ check_rxbuf_mapped_flag(FFA_RXTX_MAP, rxbuf_flag, uts);
+
+ /* FFA_PARTITION_INFO_GET / FFA_MSG_SEND_DIRECT_REQ */
+ test_partitions_and_comms(svc1_uuid, uts);
+
+ /* Test FFA_RX_RELEASE */
+ rxbuf_flag = 1;
+ sandbox_query_ffa_emul_state(FFA_RX_RELEASE, &func_data);
+ check_rxbuf_release_flag(rxbuf_flag, uts);
+
+ /* FFA_PARTITION_INFO_GET / FFA_MSG_SEND_DIRECT_REQ */
+ test_partitions_and_comms(svc2_uuid, uts);
+
+ /* Test FFA_RX_RELEASE */
+ rxbuf_flag = 1;
+ ut_assertok(sandbox_query_ffa_emul_state(FFA_RX_RELEASE, &func_data));
+ check_rxbuf_release_flag(rxbuf_flag, uts);
+
+ return 0;
+}
+
+DM_TEST(dm_test_ffa_ack, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);
+
+static int dm_test_ffa_nack(struct unit_test_state *uts)
+{
+ struct ffa_priv *uc_priv;
+ const char *valid_svc_uuid = SANDBOX_SERVICE1_UUID;
+ const char *unvalid_svc_uuid = SANDBOX_SERVICE3_UUID;
+ const char *unvalid_svc_uuid_str = SANDBOX_SERVICE4_UUID;
+ struct ffa_send_direct_data msg;
+ int ret;
+ u32 count;
+ u16 part_id = 0;
+ struct udevice *dev;
+ struct ffa_partition_desc *descs = NULL;
+
+ /* Test probing the sandbox FF-A bus */
+ ut_assertok(uclass_first_device_err(UCLASS_FFA, &dev));
+
+ /* Get a pointer to the sandbox FF-A bus private data */
+ uc_priv = dev_get_uclass_priv(dev);
+
+ /* Make sure the private data pointer is retrieved */
+ ut_assertnonnull(uc_priv);
+
+ /* Query partitions count using invalid arguments */
+ ret = ffa_partition_info_get(dev, NULL, NULL, NULL);
+ ut_asserteq(-EINVAL, ret);
+ ret = ffa_partition_info_get(dev, unvalid_svc_uuid, NULL, NULL);
+ ut_asserteq(-EINVAL, ret);
+ ret = ffa_partition_info_get(dev, unvalid_svc_uuid, &count, NULL);
+ ut_asserteq(-EINVAL, ret);
+
+ /* Query partitions count using an invalid UUID string */
+ ret = ffa_partition_info_get(dev, unvalid_svc_uuid_str, &count, &descs);
+ ut_asserteq(-EINVAL, ret);
+
+ /* Query partitions count using an invalid UUID (no matching SP) */
+ count = 0;
+ ret = ffa_partition_info_get(dev, unvalid_svc_uuid, &count, &descs);
+ ut_asserteq(0, count);
+
+ /* Query partitions data using a valid UUID */
+ count = 0;
+ ut_assertok(ffa_partition_info_get(dev, valid_svc_uuid, &count, &descs));
+ /* Make sure partitions are detected */
+ ut_asserteq(SANDBOX_SP_COUNT_PER_VALID_SERVICE, count);
+ ut_assertnonnull(descs);
+
+ /* Send data to an invalid partition */
+ ret = ffa_sync_send_receive(dev, part_id, &msg, 1);
+ ut_asserteq(-EINVAL, ret);
+
+ /* Send data to a valid partition */
+ part_id = uc_priv->partitions.descs[0].info.id;
+ ut_assertok(ffa_sync_send_receive(dev, part_id, &msg, 1));
+
+ return 0;
+}
+
+DM_TEST(dm_test_ffa_nack, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);

91
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch Normal file
View File

@@ -0,0 +1,91 @@
From c95d1bd311b251e5dd6c6e53c2dc7977bdca7870 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Fri, 23 Jun 2023 13:44:10 +0100
Subject: [PATCH] FF-A v15: arm_ffa: introduce armffa command Sandbox test
Add Sandbox test for the armffa command
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
MAINTAINERS | 1 +
test/cmd/Makefile | 2 ++
test/cmd/armffa.c | 33 +++++++++++++++++++++++++++++++++
3 files changed, 36 insertions(+)
create mode 100644 test/cmd/armffa.c
diff --git a/MAINTAINERS b/MAINTAINERS
index ccd7859c88..885d91fe5c 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -276,6 +276,7 @@ F: doc/arch/arm64.ffa.rst
F: doc/usage/cmd/armffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
+F: test/cmd/armffa.c
F: test/dm/ffa.c
ARM FREESCALE IMX
diff --git a/test/cmd/Makefile b/test/cmd/Makefile
index 055adc65a2..1d1dbb4fbc 100644
--- a/test/cmd/Makefile
+++ b/test/cmd/Makefile
@@ -1,6 +1,7 @@
# SPDX-License-Identifier: GPL-2.0+
#
# Copyright (c) 2013 Google, Inc
+# Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
ifdef CONFIG_HUSH_PARSER
obj-$(CONFIG_CONSOLE_RECORD) += test_echo.o
@@ -23,6 +24,7 @@ obj-$(CONFIG_CMD_SEAMA) += seama.o
ifdef CONFIG_SANDBOX
obj-$(CONFIG_CMD_READ) += rw.o
obj-$(CONFIG_CMD_SETEXPR) += setexpr.o
+obj-$(CONFIG_ARM_FFA_TRANSPORT) += armffa.o
endif
obj-$(CONFIG_CMD_TEMPERATURE) += temperature.o
obj-$(CONFIG_CMD_WGET) += wget.o
diff --git a/test/cmd/armffa.c b/test/cmd/armffa.c
new file mode 100644
index 0000000000..9a44a397e8
--- /dev/null
+++ b/test/cmd/armffa.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Test for armffa command
+ *
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <common.h>
+#include <string.h>
+#include <asm/sandbox_arm_ffa.h>
+#include <dm/test.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+/* Basic test of 'armffa' command */
+static int dm_test_armffa_cmd(struct unit_test_state *uts)
+{
+ /* armffa getpart <UUID> */
+ ut_assertok(run_command("armffa getpart " SANDBOX_SERVICE1_UUID, 0));
+
+ /* armffa ping <ID> */
+ ut_assertok(run_commandf("armffa ping 0x%x", SANDBOX_SP1_ID));
+
+ /* armffa devlist */
+ ut_assertok(run_command("armffa devlist", 0));
+
+ return 0;
+}
+
+DM_TEST(dm_test_armffa_cmd, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);

446
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch Normal file
View File

@@ -0,0 +1,446 @@
From c40964dc6ba6baea0adf8f384e1e57fcd5ca18b0 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 15 Aug 2022 15:12:49 +0100
Subject: [PATCH] FF-A v15: arm_ffa: efi: introduce FF-A MM communication
Add MM communication support using FF-A transport
This feature allows accessing MM partitions services through
EFI MM communication protocol. MM partitions such as StandAlonneMM
or smm-gateway secure partitions which reside in secure world.
An MM shared buffer and a door bell event are used to exchange
the data.
The data is used by EFI services such as GetVariable()/SetVariable()
and copied from the communication buffer to the MM shared buffer.
The secure partition is notified about availability of data in the
MM shared buffer by an FF-A message (door bell).
On such event, MM SP can read the data and updates the MM shared
buffer with the response data.
The response data is copied back to the communication buffer and
consumed by the EFI subsystem.
MM communication protocol supports FF-A 64-bit direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
include/mm_communication.h | 13 ++
lib/efi_loader/Kconfig | 46 +++++-
lib/efi_loader/efi_variable_tee.c | 257 +++++++++++++++++++++++++++++-
3 files changed, 309 insertions(+), 7 deletions(-)
diff --git a/include/mm_communication.h b/include/mm_communication.h
index e65fbde60d..f17847583b 100644
--- a/include/mm_communication.h
+++ b/include/mm_communication.h
@@ -6,6 +6,9 @@
* Copyright (c) 2017, Intel Corporation. All rights reserved.
* Copyright (C) 2020 Linaro Ltd. <sughosh.ganu@linaro.org>
* Copyright (C) 2020 Linaro Ltd. <ilias.apalodimas@linaro.org>
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef _MM_COMMUNICATION_H_
@@ -13,6 +16,9 @@
#include <part_efi.h>
+/* MM service UUID string (big-endian format). This UUID is common across all MM SPs */
+#define MM_SP_UUID "33d532ed-e699-0942-c09c-a798d9cd722d"
+
/*
* Interface to the pseudo Trusted Application (TA), which provides a
* communication channel with the Standalone MM (Management Mode)
@@ -248,4 +254,11 @@ struct smm_variable_var_check_property {
u16 name[];
};
+/* supported MM transports */
+enum mm_comms_select {
+ MM_COMMS_UNDEFINED,
+ MM_COMMS_FFA,
+ MM_COMMS_OPTEE
+};
+
#endif /* _MM_COMMUNICATION_H_ */
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index c5835e6ef6..553e6a30a2 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -55,13 +55,55 @@ config EFI_VARIABLE_FILE_STORE
stored as file /ubootefi.var on the EFI system partition.
config EFI_MM_COMM_TEE
- bool "UEFI variables storage service via OP-TEE"
- depends on OPTEE
+ bool "UEFI variables storage service via the trusted world"
+ select ARM_FFA_TRANSPORT
+ select TEE
+ select OPTEE
help
+ Allowing access to the MM SP services (SPs such as StandAlonneMM, smm-gateway).
+ When using the u-boot OP-TEE driver, StandAlonneMM is supported.
+ When using the u-boot FF-A driver any MM SP is supported.
+
If OP-TEE is present and running StandAloneMM, dispatch all UEFI
variable related operations to that. The application will verify,
authenticate and store the variables on an RPMB.
+ When ARM_FFA_TRANSPORT is used, dispatch all UEFI variable related
+ operations to the MM SP running in the secure world.
+ A door bell mechanism is used to notify the SP when there is data in the shared
+ MM buffer. The data is copied by u-boot to the shared buffer before issuing
+ the door bell event.
+
+config FFA_SHARED_MM_BUF_SIZE
+ int "Memory size of the shared MM communication buffer"
+ default 0
+ depends on EFI_MM_COMM_TEE
+ help
+ This defines the size in bytes of the memory area reserved for the shared
+ buffer used for communication between the MM feature in U-Boot and
+ the MM SP in secure world.
+ The size of the memory region must be a multiple of the size of the maximum
+ translation granule size that is specified in the ID_AA64MMFR0_EL1 System register.
+ It is assumed that the MM SP knows the size of the shared MM communication buffer.
+
+config FFA_SHARED_MM_BUF_OFFSET
+ int "Data offset in the shared MM communication buffer"
+ default 0
+ depends on EFI_MM_COMM_TEE
+ help
+ This defines the offset in bytes of the data read or written to in the shared
+ buffer by the MM SP.
+
+config FFA_SHARED_MM_BUF_ADDR
+ hex "Define the address of the shared MM communication buffer"
+ default 0x0
+ depends on EFI_MM_COMM_TEE
+ help
+ This defines the address of the shared MM communication buffer
+ used for communication between the MM feature in U-Boot and
+ the MM SP in secure world.
+ It is assumed that the MM SP knows the address of the shared MM communication buffer.
+
config EFI_VARIABLE_NO_STORE
bool "Don't persist non-volatile UEFI variables"
help
diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
index dfef18435d..5137b871ea 100644
--- a/lib/efi_loader/efi_variable_tee.c
+++ b/lib/efi_loader/efi_variable_tee.c
@@ -4,17 +4,34 @@
*
* Copyright (C) 2019 Linaro Ltd. <sughosh.ganu@linaro.org>
* Copyright (C) 2019 Linaro Ltd. <ilias.apalodimas@linaro.org>
+ * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com>
+ *
+ * Authors:
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
+#include <arm_ffa.h>
+#include <cpu_func.h>
+#include <dm.h>
#include <efi.h>
#include <efi_api.h>
#include <efi_loader.h>
#include <efi_variable.h>
-#include <tee.h>
#include <malloc.h>
+#include <mapmem.h>
#include <mm_communication.h>
+#include <tee.h>
+
+/* MM return codes */
+#define MM_SUCCESS (0)
+#define MM_NOT_SUPPORTED (-1)
+#define MM_INVALID_PARAMETER (-2)
+#define MM_DENIED (-3)
+#define MM_NO_MEMORY (-5)
+static const char *mm_sp_svc_uuid = MM_SP_UUID;
+static u16 mm_sp_id;
extern struct efi_var_file __efi_runtime_data *efi_var_buf;
static efi_uintn_t max_buffer_size; /* comm + var + func + data */
static efi_uintn_t max_payload_size; /* func + data */
@@ -145,16 +162,241 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize)
}
/**
- * mm_communicate() - Adjust the cmonnucation buffer to StandAlonneMM and send
+ * ffa_notify_mm_sp() - Announce there is data in the shared buffer
+ *
+ * Notify the MM partition in the trusted world that
+ * data is available in the shared buffer.
+ * This is a blocking call during which trusted world has exclusive access
+ * to the MM shared buffer.
+ *
+ * Return:
+ *
+ * 0 on success
+ */
+static int ffa_notify_mm_sp(void)
+{
+ struct ffa_send_direct_data msg = {0};
+ int ret;
+ int sp_event_ret;
+ struct udevice *dev;
+
+ ret = uclass_first_device_err(UCLASS_FFA, &dev);
+ if (ret) {
+ log_err("EFI: Cannot find FF-A bus device, notify MM SP failure\n");
+ return ret;
+ }
+
+ msg.data0 = CONFIG_FFA_SHARED_MM_BUF_OFFSET; /* x3 */
+
+ ret = ffa_sync_send_receive(dev, mm_sp_id, &msg, 1);
+ if (ret)
+ return ret;
+
+ sp_event_ret = msg.data0; /* x3 */
+
+ switch (sp_event_ret) {
+ case MM_SUCCESS:
+ ret = 0;
+ break;
+ case MM_NOT_SUPPORTED:
+ ret = -EINVAL;
+ break;
+ case MM_INVALID_PARAMETER:
+ ret = -EPERM;
+ break;
+ case MM_DENIED:
+ ret = -EACCES;
+ break;
+ case MM_NO_MEMORY:
+ ret = -EBUSY;
+ break;
+ default:
+ ret = -EACCES;
+ }
+
+ return ret;
+}
+
+/**
+ * ffa_discover_mm_sp_id() - Query the MM partition ID
+ *
+ * Use the FF-A driver to get the MM partition ID.
+ * If multiple partitions are found, use the first one.
+ * This is a boot time function.
+ *
+ * Return:
+ *
+ * 0 on success
+ */
+static int ffa_discover_mm_sp_id(void)
+{
+ u32 count = 0;
+ int ret;
+ struct ffa_partition_desc *descs;
+ struct udevice *dev;
+
+ ret = uclass_first_device_err(UCLASS_FFA, &dev);
+ if (ret) {
+ log_err("EFI: Cannot find FF-A bus device, MM SP discovery failure\n");
+ return ret;
+ }
+
+ /* Ask the driver to fill the buffer with the SPs info */
+ ret = ffa_partition_info_get(dev, mm_sp_svc_uuid, &count, &descs);
+ if (ret) {
+ log_err("EFI: Failure in querying SPs info (%d), MM SP discovery failure\n", ret);
+ return ret;
+ }
+
+ /* MM SPs found , use the first one */
+
+ mm_sp_id = descs[0].info.id;
+
+ log_info("EFI: MM partition ID 0x%x\n", mm_sp_id);
+
+ return 0;
+}
+
+/**
+ * ffa_mm_communicate() - Exchange EFI services data with the MM partition using FF-A
+ * @comm_buf: locally allocated communication buffer used for rx/tx
+ * @dsize: communication buffer size
+ *
+ * Issue a door bell event to notify the MM partition (SP) running in OP-TEE
+ * that there is data to read from the shared buffer.
+ * Communication with the MM SP is performed using FF-A transport.
+ * On the event, MM SP can read the data from the buffer and
+ * update the MM shared buffer with response data.
+ * The response data is copied back to the communication buffer.
+ *
+ * Return:
+ *
+ * EFI status code
+ */
+static efi_status_t ffa_mm_communicate(void *comm_buf, ulong comm_buf_size)
+{
+ ulong tx_data_size;
+ int ffa_ret;
+ efi_status_t efi_ret;
+ struct efi_mm_communicate_header *mm_hdr;
+ void *virt_shared_buf;
+
+ if (!comm_buf)
+ return EFI_INVALID_PARAMETER;
+
+ /* Discover MM partition ID at boot time */
+ if (!mm_sp_id && ffa_discover_mm_sp_id()) {
+ log_err("EFI: Failure to discover MM SP ID at boot time, FF-A MM comms failure\n");
+ return EFI_UNSUPPORTED;
+ }
+
+ mm_hdr = (struct efi_mm_communicate_header *)comm_buf;
+ tx_data_size = mm_hdr->message_len + sizeof(efi_guid_t) + sizeof(size_t);
+
+ if (comm_buf_size != tx_data_size || tx_data_size > CONFIG_FFA_SHARED_MM_BUF_SIZE)
+ return EFI_INVALID_PARAMETER;
+
+ /* Copy the data to the shared buffer */
+
+ virt_shared_buf = map_sysmem((phys_addr_t)CONFIG_FFA_SHARED_MM_BUF_ADDR, 0);
+ memcpy(virt_shared_buf, comm_buf, tx_data_size);
+
+ /*
+ * The secure world might have cache disabled for
+ * the device region used for shared buffer (which is the case for Optee).
+ * In this case, the secure world reads the data from DRAM.
+ * Let's flush the cache so the DRAM is updated with the latest data.
+ */
+#ifdef CONFIG_ARM64
+ invalidate_dcache_all();
+#endif
+
+ /* Announce there is data in the shared buffer */
+
+ ffa_ret = ffa_notify_mm_sp();
+
+ switch (ffa_ret) {
+ case 0: {
+ ulong rx_data_size;
+ /* Copy the MM SP response from the shared buffer to the communication buffer */
+ rx_data_size = ((struct efi_mm_communicate_header *)virt_shared_buf)->message_len +
+ sizeof(efi_guid_t) +
+ sizeof(size_t);
+
+ if (rx_data_size > comm_buf_size) {
+ efi_ret = EFI_OUT_OF_RESOURCES;
+ break;
+ }
+
+ memcpy(comm_buf, virt_shared_buf, rx_data_size);
+ efi_ret = EFI_SUCCESS;
+ break;
+ }
+ case -EINVAL:
+ efi_ret = EFI_DEVICE_ERROR;
+ break;
+ case -EPERM:
+ efi_ret = EFI_INVALID_PARAMETER;
+ break;
+ case -EACCES:
+ efi_ret = EFI_ACCESS_DENIED;
+ break;
+ case -EBUSY:
+ efi_ret = EFI_OUT_OF_RESOURCES;
+ break;
+ default:
+ efi_ret = EFI_ACCESS_DENIED;
+ }
+
+ unmap_sysmem(virt_shared_buf);
+ return efi_ret;
+}
+
+/**
+ * get_mm_comms() - detect the available MM transport
+ *
+ * Make sure the FF-A bus is probed successfully
+ * which means FF-A communication with secure world works and ready
+ * for use.
+ *
+ * If FF-A bus is not ready, use OPTEE comms.
+ *
+ * Return:
+ *
+ * MM_COMMS_FFA or MM_COMMS_OPTEE
+ */
+static enum mm_comms_select get_mm_comms(void)
+{
+ struct udevice *dev;
+ int ret;
+
+ ret = uclass_first_device_err(UCLASS_FFA, &dev);
+ if (ret) {
+ log_err("EFI: Cannot find FF-A bus device, trying Optee comms\n");
+ return MM_COMMS_OPTEE;
+ }
+
+ return MM_COMMS_FFA;
+}
+
+/**
+ * mm_communicate() - Adjust the communication buffer to the MM SP and send
* it to OP-TEE
*
- * @comm_buf: locally allocted communcation buffer
+ * @comm_buf: locally allocated communication buffer
* @dsize: buffer size
+ *
+ * The SP (also called partition) can be any MM SP such as StandAlonneMM or smm-gateway.
+ * The comm_buf format is the same for both partitions.
+ * When using the u-boot OP-TEE driver, StandAlonneMM is supported.
+ * When using the u-boot FF-A driver, any MM SP is supported.
+ *
* Return: status code
*/
static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize)
{
efi_status_t ret;
+ enum mm_comms_select mm_comms;
struct efi_mm_communicate_header *mm_hdr;
struct smm_variable_communicate_header *var_hdr;
@@ -162,7 +404,12 @@ static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize)
mm_hdr = (struct efi_mm_communicate_header *)comm_buf;
var_hdr = (struct smm_variable_communicate_header *)mm_hdr->data;
- ret = optee_mm_communicate(comm_buf, dsize);
+ mm_comms = get_mm_comms();
+ if (mm_comms == MM_COMMS_FFA)
+ ret = ffa_mm_communicate(comm_buf, dsize);
+ else
+ ret = optee_mm_communicate(comm_buf, dsize);
+
if (ret != EFI_SUCCESS) {
log_err("%s failed!\n", __func__);
return ret;
@@ -697,7 +944,7 @@ void efi_variables_boot_exit_notify(void)
ret = EFI_NOT_FOUND;
if (ret != EFI_SUCCESS)
- log_err("Unable to notify StMM for ExitBootServices\n");
+ log_err("Unable to notify the MM partition for ExitBootServices\n");
free(comm_buf);
/*

29
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch Normal file
View File

@@ -0,0 +1,29 @@
From c27f5fe90433f8e1b6eaa84857171ea7fc26593a Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 17 Jul 2023 15:23:33 +0100
Subject: [PATCH] FF-A v15: arm_ffa: efi: corstone1000: enable MM communication
turn on EFI MM communication
On corstone1000 platform MM communication between u-boot
and the secure world (Optee) is done using the FF-A bus.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20230713132847.176000-1-abdellatif.elkhlifi@arm.com/]
---
configs/corstone1000_defconfig | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 2d391048cd..ee5481b63c 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -53,3 +53,8 @@ CONFIG_DM_SERIAL=y
CONFIG_USB=y
CONFIG_USB_ISP1760=y
CONFIG_ERRNO_STR=y
+CONFIG_NVMXIP_QSPI=y
+CONFIG_EFI_MM_COMM_TEE=y
+CONFIG_FFA_SHARED_MM_BUF_SIZE=4096
+CONFIG_FFA_SHARED_MM_BUF_OFFSET=0
+CONFIG_FFA_SHARED_MM_BUF_ADDR=0x02000000

406
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch Normal file
View File

@@ -0,0 +1,406 @@
From 2a054e537037bb4f4f9e144ca69438abd9bb38ed Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 17 Jul 2023 15:56:18 +0100
Subject: [PATCH] efi: corstone1000: fwu: introduce EFI capsule update
This commit provides capsule update feature for Corstone1000.
This feature is available before and after ExitBootServices().
A platform specific capsule buffer is allocated. This buffer
is physically contiguous and allocated at the start of the DDR
memory after u-boot relocation to the end of DDR.
The capsule buffer is shared between u-boot and the secure world.
On UpdateCapsule() , capsule data is copied to the buffer and a buffer ready event is generated using FF-A transport.
On efi_init_capsule() in U-Boot, an EFI started event is sent to SE Proxy FW update service. This event is generated on each boot.
Note: The SE proxy SP requires that the interface/event IDs are passed using register w4 for the buffer ready event and the EFI started event.
interface ID (31:16)
event ID (15:0)
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
board/armltd/corstone1000/corstone1000.c | 4 +
configs/corstone1000_defconfig | 3 +
include/configs/corstone1000.h | 24 ++++
include/efi_loader.h | 4 +-
lib/efi_loader/efi_boottime.c | 7 ++
lib/efi_loader/efi_capsule.c | 136 ++++++++++++++++++++++-
lib/efi_loader/efi_setup.c | 64 +++++++++++
7 files changed, 238 insertions(+), 4 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index 6ec8e6144f..c840290885 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -67,6 +67,10 @@ static struct mm_region corstone1000_mem_map[] = {
struct mm_region *mem_map = corstone1000_mem_map;
+void set_dfu_alt_info(char *interface, char *devstr)
+{
+}
+
int board_init(void)
{
return 0;
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index ee5481b63c..40ba415ecb 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -58,3 +58,6 @@ CONFIG_EFI_MM_COMM_TEE=y
CONFIG_FFA_SHARED_MM_BUF_SIZE=4096
CONFIG_FFA_SHARED_MM_BUF_OFFSET=0
CONFIG_FFA_SHARED_MM_BUF_ADDR=0x02000000
+CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y
+CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y
+CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index 3347c11792..8927b09499 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -14,6 +14,30 @@
#include <linux/sizes.h>
+/* The SE Proxy partition ID*/
+#define CORSTONE1000_SEPROXY_PART_ID (0x8002)
+
+/* Update service ID provided by the SE Proxy secure partition*/
+#define CORSTONE1000_SEPROXY_UPDATE_SVC_ID (0x4)
+
+/* Notification events used with SE Proxy update service */
+#define CORSTONE1000_BUFFER_READY_EVT (0x1)
+#define CORSTONE1000_UBOOT_EFI_STARTED_EVT (0x2)
+
+#define PREP_SEPROXY_SVC_ID_MASK GENMASK(31, 16)
+#define PREP_SEPROXY_SVC_ID(x) (FIELD_PREP(PREP_SEPROXY_SVC_ID_MASK, (x)))
+
+#define PREP_SEPROXY_EVT_MASK GENMASK(15, 0)
+#define PREP_SEPROXY_EVT(x) (FIELD_PREP(PREP_SEPROXY_EVT_MASK, (x)))
+
+/* Size in 4KB pages of the EFI capsule buffer */
+#define CORSTONE1000_CAPSULE_BUFFER_SIZE (8192) /* 32 MB */
+
+/* Capsule GUID */
+#define EFI_CORSTONE1000_CAPSULE_ID_GUID \
+ EFI_GUID(0x3a770ddc, 0x409b, 0x48b2, 0x81, 0x41, \
+ 0x93, 0xb7, 0xc6, 0x0b, 0x20, 0x9e)
+
#define V2M_BASE 0x80000000
#define CFG_PL011_CLOCK 50000000
diff --git a/include/efi_loader.h b/include/efi_loader.h
index 38d7f66bab..0a613ed51e 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -1036,11 +1036,11 @@ extern const struct efi_firmware_management_protocol efi_fmp_fit;
extern const struct efi_firmware_management_protocol efi_fmp_raw;
/* Capsule update */
-efi_status_t EFIAPI efi_update_capsule(
+efi_status_t __efi_runtime EFIAPI efi_update_capsule(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 scatter_gather_list);
-efi_status_t EFIAPI efi_query_capsule_caps(
+efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 *maximum_capsule_size,
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index d5065f296a..a5da77c36c 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -23,6 +23,13 @@
#include <asm/setjmp.h>
#include <linux/libfdt_env.h>
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+#include <arm_ffa.h>
+#include <dm.h>
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
+#endif
+
DECLARE_GLOBAL_DATA_PTR;
/* Task priority level */
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 7a6f195cbc..ea084e4ed2 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -26,6 +26,17 @@
#include <crypto/pkcs7_parser.h>
#include <linux/err.h>
+#ifdef CONFIG_TARGET_CORSTONE1000
+#include <arm_ffa.h>
+#include <cpu_func.h>
+#include <dm.h>
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
+
+void *__efi_runtime_data corstone1000_capsule_buf; /* capsule shared buffer virtual address */
+efi_guid_t corstone1000_capsule_guid = EFI_CORSTONE1000_CAPSULE_ID_GUID;
+#endif
+
DECLARE_GLOBAL_DATA_PTR;
const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
@@ -709,6 +720,87 @@ static efi_status_t efi_capsule_update_firmware(
}
#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+
+/**
+ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
+ * @capsule_image_size: The capsule data (header + payload)
+ *
+ * This function allocates the physically contiguous buffer shared between u-boot
+ * and the secure world. On UpdateCapsule() capsule data is copied to the buffer
+ * and a door bell event is generated.
+ * The buffer is allocated at the start of the DDR memory after u-boot has been relocated
+ * to the end of DDR.
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ */
+efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void)
+{
+ efi_status_t efi_ret;
+ u64 ram_base = CFG_SYS_SDRAM_BASE;
+
+ log_debug("[%s]\n", __func__);
+
+ efi_ret = efi_allocate_pages(EFI_ALLOCATE_ADDRESS,
+ EFI_RUNTIME_SERVICES_DATA,
+ CORSTONE1000_CAPSULE_BUFFER_SIZE,
+ &ram_base);
+
+ if (efi_ret != EFI_SUCCESS) {
+ corstone1000_capsule_buf = NULL;
+ log_err("EFI: Corstone1000: Allocating capsule shared buffer error (%d)\n"
+ , (int)efi_ret);
+ return efi_ret;
+ }
+
+ log_info("EFI: Corstone1000: Capsule shared buffer at 0x%x , size %d pages\n"
+ , (unsigned int)ram_base,
+ CORSTONE1000_CAPSULE_BUFFER_SIZE);
+
+ corstone1000_capsule_buf = (void *)map_sysmem((phys_addr_t)ram_base, 0);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * efi_corstone1000_buffer_ready_event - issue door bell event
+ * @capsule_image_size: The capsule data (header + payload)
+ *
+ * This function notifies the SE Proxy update service that capsule data is available
+ * in the capsule shared buffer.
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ */
+static int __efi_runtime efi_corstone1000_buffer_ready_event(u32 capsule_image_size)
+{
+ struct ffa_send_direct_data msg = {0};
+ int ret;
+ struct udevice *dev;
+
+ log_debug("[%s]\n", __func__);
+
+ ret = uclass_first_device_err(UCLASS_FFA, &dev);
+ if (ret) {
+ log_err("Cannot find FF-A bus device\n");
+ return ret;
+ }
+
+ /*
+ * setting the buffer ready event arguments in register w4:
+ * - capsule update interface ID (31:16)
+ * - the buffer ready event ID (15:0)
+ */
+ msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
+ PREP_SEPROXY_EVT(CORSTONE1000_BUFFER_READY_EVT); /* w4 */
+
+ return ffa_sync_send_receive(dev, CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
+}
+#endif
+
/**
* efi_update_capsule() - process information from operating system
* @capsule_header_array: Array of virtual address pointers
@@ -722,7 +814,7 @@ static efi_status_t efi_capsule_update_firmware(
*
* Return: status code
*/
-efi_status_t EFIAPI efi_update_capsule(
+efi_status_t __efi_runtime EFIAPI efi_update_capsule(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 scatter_gather_list)
@@ -739,6 +831,13 @@ efi_status_t EFIAPI efi_update_capsule(
goto out;
}
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ if (capsule_count != 1 || !corstone1000_capsule_buf) {
+ ret = EFI_INVALID_PARAMETER;
+ goto out;
+ }
+#endif
+
ret = EFI_SUCCESS;
for (i = 0, capsule = *capsule_header_array; i < capsule_count;
i++, capsule = *(++capsule_header_array)) {
@@ -751,6 +850,39 @@ efi_status_t EFIAPI efi_update_capsule(
log_debug("Capsule[%d] (guid:%pUs)\n",
i, &capsule->capsule_guid);
+
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ if (guidcmp(&corstone1000_capsule_guid, &capsule->capsule_guid)) {
+ ret = EFI_INVALID_PARAMETER;
+ log_err("Corstone1000: Invalid capsule GUID\n");
+ goto out;
+ }
+
+ if (efi_size_in_pages(capsule->capsule_image_size) >
+ CORSTONE1000_CAPSULE_BUFFER_SIZE) {
+ log_err("Corstone1000: Capsule data size exceeds the shared buffer size\n");
+ ret = EFI_BUFFER_TOO_SMALL;
+ goto out;
+ }
+
+ /* copy the data to the contiguous buffer */
+ efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size);
+
+ /* invalidate the data cache */
+ invalidate_dcache_all();
+
+ /* issue buffer ready event */
+ ret = efi_corstone1000_buffer_ready_event(capsule->capsule_image_size);
+ if (ret) {
+ log_err("EFI: Corstone1000: Buffer ready event error (%d)\n", (int)ret);
+ ret = EFI_DEVICE_ERROR;
+ } else {
+ ret = EFI_SUCCESS;
+ }
+
+ goto out;
+#endif
+
if (!guidcmp(&capsule->capsule_guid,
&efi_guid_firmware_management_capsule_id)) {
ret = efi_capsule_update_firmware(capsule);
@@ -789,7 +921,7 @@ out:
*
* Return: status code
*/
-efi_status_t EFIAPI efi_query_capsule_caps(
+efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 *maximum_capsule_size,
diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 58d4e13402..bf90a98b5a 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -17,6 +17,18 @@
efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED;
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
+#include <arm_ffa.h>
+#include <dm.h>
+
+/**
+ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
+ */
+extern efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void);
+#endif
+
/*
* Allow unaligned memory access.
*
@@ -120,6 +132,42 @@ static efi_status_t efi_init_secure_boot(void)
}
#endif /* CONFIG_EFI_SECURE_BOOT */
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+/**
+ * efi_corstone1000_uboot-efi_started_event - notifies SE Proxy FW update service
+ *
+ * This function notifies the SE Proxy update service that uboot efi has already started
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ * */
+static int efi_corstone1000_uboot_efi_started_event(void)
+{
+ struct ffa_send_direct_data msg = {0};
+ int ret;
+ struct udevice *dev;
+
+ log_debug("[%s]\n", __func__);
+
+ ret = uclass_first_device_err(UCLASS_FFA, &dev);
+ if (ret) {
+ log_err("Cannot find FF-A bus device\n");
+ return ret;
+ }
+
+ /*
+ * setting the kernel started event arguments:
+ * setting capsule update interface ID(31:16)
+ * the kernel started event ID(15:0)
+ */
+ msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
+ PREP_SEPROXY_EVT(CORSTONE1000_UBOOT_EFI_STARTED_EVT); /* w4 */
+
+ return ffa_sync_send_receive(dev, CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
+}
+#endif
+
/**
* efi_init_capsule - initialize capsule update state
*
@@ -129,6 +177,22 @@ static efi_status_t efi_init_capsule(void)
{
efi_status_t ret = EFI_SUCCESS;
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ int ffa_ret;
+
+ ffa_ret = efi_corstone1000_uboot_efi_started_event();
+ if (ffa_ret)
+ log_err("Failure to notify SE Proxy FW update service\n");
+ else
+ debug("SE Proxy FW update service notified\n");
+
+ ret = efi_corstone1000_alloc_capsule_shared_buf();
+ if (ret != EFI_SUCCESS) {
+ printf("EFI: Corstone-1000: cannot allocate caspsule shared buffer\n");
+ return ret;
+ }
+#endif
+
if (IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)) {
u16 var_name16[12];

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch Normal file
View File

@@ -0,0 +1,28 @@
From 2351cdc3787cd8b06579dcb1986fe80a57dd2d6e Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Fri, 4 Mar 2022 15:56:09 +0000
Subject: [PATCH] arm: corstone1000: fix unrecognized filesystem type
Some usb sticks are not recognized by usb, just add a
delay before checking status.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
common/usb_storage.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/common/usb_storage.c b/common/usb_storage.c
index ac64275773..1d2680c3cd 100644
--- a/common/usb_storage.c
+++ b/common/usb_storage.c
@@ -785,6 +785,9 @@ static int usb_stor_BBB_transport(struct scsi_cmd *srb, struct us_data *us)
st:
retry = 0;
again:
+ if (srb->cmd[0] == SCSI_TST_U_RDY)
+ mdelay(100);
+
debug("STATUS phase\n");
result = usb_bulk_msg(us->pusb_dev, pipein, csw, UMASS_BBB_CSW_SIZE,
&actlen, USB_CNTL_TIMEOUT*5);

50
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch Normal file
View File

@@ -0,0 +1,50 @@
From 42d0694494fdc549a989ca5a3924fdc82a4647c1 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Sat, 11 Dec 2021 13:23:55 +0000
Subject: [PATCH] efi_loader: corstone1000: remove guid check from corstone1000
config option
Use generic fmp guid and no separte check is required for
CORSTONE1000 target.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_capsule.c | 16 +---------------
1 file changed, 1 insertion(+), 15 deletions(-)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index ea084e4ed2..5314f529b4 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -852,12 +852,6 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
i, &capsule->capsule_guid);
#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
- if (guidcmp(&corstone1000_capsule_guid, &capsule->capsule_guid)) {
- ret = EFI_INVALID_PARAMETER;
- log_err("Corstone1000: Invalid capsule GUID\n");
- goto out;
- }
-
if (efi_size_in_pages(capsule->capsule_image_size) >
CORSTONE1000_CAPSULE_BUFFER_SIZE) {
log_err("Corstone1000: Capsule data size exceeds the shared buffer size\n");
@@ -883,15 +877,7 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
goto out;
#endif
- if (!guidcmp(&capsule->capsule_guid,
- &efi_guid_firmware_management_capsule_id)) {
- ret = efi_capsule_update_firmware(capsule);
- } else {
- log_err("Unsupported capsule type: %pUs\n",
- &capsule->capsule_guid);
- ret = EFI_UNSUPPORTED;
- }
-
+ ret = efi_capsule_update_firmware(capsule);
if (ret != EFI_SUCCESS)
goto out;
}

34
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch Normal file
View File

@@ -0,0 +1,34 @@
From a368e6a94382bb88f3603107d14ff3af0fb4eaa2 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 17 Dec 2021 19:49:02 +0000
Subject: [PATCH] efi_loader: populate ESRT table if EFI_ESRT config option is
set
This change is to call efi_esrt_populate function if CONFIG_EFI_ESRT
is set. This will populte esrt table with firmware image info
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_capsule.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 5314f529b4..6a06605ad9 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -874,6 +874,13 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
ret = EFI_SUCCESS;
}
+ if (IS_ENABLED(CONFIG_EFI_ESRT)) {
+ /* Rebuild the ESRT to reflect any updated FW images. */
+ ret = efi_esrt_populate();
+ if (ret != EFI_SUCCESS)
+ log_warning("EFI Capsule: failed to update ESRT\n");
+ }
+
goto out;
#endif

120
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_firmware-add-get_image_info-for-corstone1000.patch Normal file
View File

@@ -0,0 +1,120 @@
From 972ed0e27cce6d2822055f31e336213043bcb1f3 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 17 Dec 2021 19:50:25 +0000
Subject: [PATCH] efi_firmware: add get_image_info for corstone1000
This change is to populate get_image_info which eventually
will be populated in ESRT table
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_firmware.c | 72 ++++++++++++++++++++++++++++++++++-
1 file changed, 71 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 93e2b01c07..0a38a96351 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -18,11 +18,69 @@
#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \
+ EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \
+ 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f)
+
+ const efi_guid_t efi_firmware_image_type_uboot_raw =
+ EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
+
+static efi_status_t efi_corstone1000_img_info_get (
+ efi_uintn_t *image_info_size,
+ struct efi_firmware_image_descriptor *image_info,
+ u32 *descriptor_version,
+ u8 *descriptor_count,
+ efi_uintn_t *descriptor_size,
+ u32 *package_version,
+ u16 **package_version_name,
+ const efi_guid_t *image_type)
+{
+ int i = 0;
+
+ *image_info_size = sizeof(*image_info);
+ *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
+ *descriptor_count = 1;//dfu_num;
+ *descriptor_size = sizeof(*image_info);
+ if (package_version)
+ *package_version = 0xffffffff; /* not supported */
+ if(package_version_name)
+ *package_version_name = NULL; /* not supported */
+
+ if(image_info == NULL) {
+ log_warning("image_info is null\n");
+ return EFI_BUFFER_TOO_SMALL;
+ }
+
+ image_info[i].image_index = i;
+ image_info[i].image_type_id = *image_type;
+ image_info[i].image_id = 0;
+ image_info[i].image_id_name = "wic";
+ image_info[i].version = 1;
+ image_info[i].version_name = NULL;
+ image_info[i].size = 0x1000;
+ image_info[i].attributes_supported = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
+ image_info[i].attributes_setting = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
+ /* Check if the capsule authentication is enabled */
+ if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE))
+ image_info[0].attributes_setting |=
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
+ image_info[i].lowest_supported_image_version = 0;
+ image_info[i].last_attempt_version = 0;
+ image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS;
+ image_info[i].hardware_instance = 1;
+ image_info[i].dependencies = NULL;
+
+ return EFI_SUCCESS;
+}
+#endif
+
/**
* struct fmp_payload_header - EDK2 header for the FMP payload
*
* This structure describes the header which is preprended to the
- * FMP payload by the edk2 capsule generation scripts.
+ * FMP payload by the edk1 capsule generation scripts.
*
* @signature: Header signature used to identify the header
* @header_size: Size of the structure
@@ -286,10 +344,18 @@ efi_status_t EFIAPI efi_firmware_get_image_info(
!descriptor_size || !package_version || !package_version_name))
return EFI_EXIT(EFI_INVALID_PARAMETER);
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ ret = efi_corstone1000_img_info_get(image_info_size, image_info,
+ descriptor_version, descriptor_count,
+ descriptor_size,
+ package_version, package_version_name,
+ &efi_firmware_image_type_uboot_raw);
+#else
ret = efi_fill_image_desc_array(image_info_size, image_info,
descriptor_version, descriptor_count,
descriptor_size, package_version,
package_version_name);
+#endif
return EFI_EXIT(ret);
}
@@ -415,6 +481,10 @@ efi_status_t EFIAPI efi_firmware_raw_set_image(
}
}
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ return EFI_EXIT(EFI_SUCCESS);
+#endif
+
if (dfu_write_by_alt(image_index - 1, (void *)image, image_size,
NULL, NULL))
return EFI_EXIT(EFI_DEVICE_ERROR);

59
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-fix-null-pointer-exception-with-get_image.patch Normal file
View File

@@ -0,0 +1,59 @@
From 75ace03c24d92a206957a1a2392eab3c892cf960 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 14 Jan 2022 15:24:18 +0000
Subject: [PATCH] efi_loader: fix null pointer exception with get_image_info
get_img_info API implemented for corstone1000 target does not
check the input attributes and as a result uboot crash's with
null pointer access. This change is to fix the null pointer
exception.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_firmware.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 0a38a96351..c883e2ff0a 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -39,26 +39,29 @@ static efi_status_t efi_corstone1000_img_info_get (
int i = 0;
*image_info_size = sizeof(*image_info);
- *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
- *descriptor_count = 1;//dfu_num;
- *descriptor_size = sizeof(*image_info);
+ if(descriptor_version)
+ *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
+ if(descriptor_count)
+ *descriptor_count = 1;
+ if(descriptor_size)
+ *descriptor_size = sizeof(*image_info);
if (package_version)
*package_version = 0xffffffff; /* not supported */
if(package_version_name)
*package_version_name = NULL; /* not supported */
if(image_info == NULL) {
- log_warning("image_info is null\n");
+ log_debug("image_info is null\n");
return EFI_BUFFER_TOO_SMALL;
}
- image_info[i].image_index = i;
+ image_info[i].image_index = 1;
image_info[i].image_type_id = *image_type;
image_info[i].image_id = 0;
- image_info[i].image_id_name = "wic";
- image_info[i].version = 1;
+ image_info[i].image_id_name = L"wic image";
+ image_info[i].version = 0;
image_info[i].version_name = NULL;
- image_info[i].size = 0x1000;
+ image_info[i].size = 0;
image_info[i].attributes_supported = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
image_info[i].attributes_setting = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;

97
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-add-mmc-for-fvp.patch Normal file
View File

@@ -0,0 +1,97 @@
From 7dec0707573062aba859e4cd3be073c24b112efa Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Mon, 17 Jul 2023 16:50:53 +0100
Subject: [PATCH] arm:corstone1000: add mmc for fvp
Enable support mmc/sdcard for the corstone1000 FVP.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
board/armltd/corstone1000/corstone1000.c | 28 +++++++++++++++++++-----
configs/corstone1000_defconfig | 9 ++++++--
include/configs/corstone1000.h | 4 +++-
3 files changed, 32 insertions(+), 9 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index c840290885..ecfd8366df 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -39,19 +39,35 @@ static struct mm_region corstone1000_mem_map[] = {
}, {
/* USB */
.virt = 0x40200000UL,
- .phys = 0x40200000UL,
+ .phys = 0x40200000UL,
+ .size = 0x00100000UL,
+ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ }, {
+ /* MMC0 */
+ .virt = 0x40300000UL,
+ .phys = 0x40300000UL,
.size = 0x00100000UL,
.attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
- PTE_BLOCK_NON_SHARE |
- PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
}, {
/* ethernet */
.virt = 0x40100000UL,
- .phys = 0x40100000UL,
+ .phys = 0x40100000UL,
+ .size = 0x00100000UL,
+ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ }, {
+ /* MMC1 */
+ .virt = 0x50000000UL,
+ .phys = 0x50000000UL,
.size = 0x00100000UL,
.attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
- PTE_BLOCK_NON_SHARE |
- PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
}, {
/* OCVM */
.virt = 0x80000000UL,
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 40ba415ecb..76158fc37d 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -40,8 +40,13 @@ CONFIG_VERSION_VARIABLE=y
CONFIG_NET_RANDOM_ETHADDR=y
CONFIG_REGMAP=y
CONFIG_MISC=y
-# CONFIG_MMC is not set
-CONFIG_NVMXIP_QSPI=y
+CONFIG_CLK=y
+CONFIG_CMD_MMC=y
+CONFIG_DM_MMC=y
+CONFIG_ARM_PL180_MMCI=y
+CONFIG_MMC_SDHCI_ADMA_HELPERS=y
+CONFIG_MMC_WRITE=y
+CONFIG_DM_GPIO=y
CONFIG_PHYLIB=y
CONFIG_PHY_SMSC=y
CONFIG_SMC911X=y
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index 8927b09499..1466507f80 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -49,7 +49,9 @@
#define CFG_SYS_SDRAM_BASE PHYS_SDRAM_1
#define BOOT_TARGET_DEVICES(func) \
- func(USB, usb, 0)
+ func(USB, usb, 0) \
+ func(MMC, mmc, 0) \
+ func(MMC, mmc, 1)
#include <config_distro_bootcmd.h>

31
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-corstone1000-add-compressed-kernel-support.patch Normal file
View File

@@ -0,0 +1,31 @@
From 67f9f4dbb58a9213232523a433cd6d7c50eeadc7 Mon Sep 17 00:00:00 2001
From: Jon Mason <jon.mason@arm.com>
Date: Wed, 30 Nov 2022 18:59:59 +0000
Subject: [PATCH] corstone1000: add compressed kernel support
The corstone1000 kernel has become too large to fit in the available
storage. Swtiching to a compressed kernel avoids the problem, but
requires uncompressing it. Add this decompression to the default boot
instructions.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
configs/corstone1000_defconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 76158fc37d..a92668389a 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -15,7 +15,7 @@ CONFIG_DISTRO_DEFAULTS=y
CONFIG_BOOTDELAY=3
CONFIG_USE_BOOTARGS=y
CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk"
-CONFIG_BOOTCOMMAND="run retrieve_kernel_load_addr; echo Loading kernel from $kernel_addr to memory ... ; loadm $kernel_addr $kernel_addr_r 0xc00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
+CONFIG_BOOTCOMMAND="run retrieve_kernel_load_addr; echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
CONFIG_CONSOLE_RECORD=y
CONFIG_LOGLEVEL=7
# CONFIG_DISPLAY_CPUINFO is not set

222
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-arm-corstone1000-esrt-support.patch Normal file
View File

@@ -0,0 +1,222 @@
From 47479f96cb3b3646d298c39216b2c960940476bd Mon Sep 17 00:00:00 2001
From: Satish Kumar <satish.kumar01@arm.com>
Date: Wed, 30 Nov 2022 19:11:43 +0000
Subject: [PATCH] arm/corstone1000: esrt support
The implementation is platform specific and would require
change in future.
The patch should not be upstreamed as it is to the u-boot.
Redesign of FMP protocol for ESRT and Capsule Update interface
is to be considered in the future.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Upstream-Status: Inappropriate [Redesign of FMP protocol for ESRT and Capsule update interface is required]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
include/efi_api.h | 2 +-
lib/efi_loader/efi_firmware.c | 133 ++++++++++++++++++++++++++++++++++
lib/efi_loader/efi_setup.c | 17 +++--
3 files changed, 143 insertions(+), 9 deletions(-)
diff --git a/include/efi_api.h b/include/efi_api.h
index 55a4c989fc..f267ab5110 100644
--- a/include/efi_api.h
+++ b/include/efi_api.h
@@ -2086,7 +2086,7 @@ struct efi_firmware_image_descriptor {
u32 last_attempt_status;
u64 hardware_instance;
efi_firmware_image_dep_t *dependencies;
-};
+} __packed;
struct efi_firmware_management_protocol {
efi_status_t (EFIAPI *get_image_info)(
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index c883e2ff0a..c6ab6e2182 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -15,6 +15,7 @@
#include <signatures.h>
#include <linux/list.h>
+#include <efi_variable.h>
#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
@@ -417,8 +418,140 @@ efi_status_t EFIAPI efi_firmware_fit_set_image(
return EFI_EXIT(EFI_SUCCESS);
}
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+
+/**
+ * efi_firmware_corstone1000_get_image_info - return information about the current
+ firmware image
+ * @this: Protocol instance
+ * @image_info_size: Size of @image_info
+ * @image_info: Image information
+ * @descriptor_version: Pointer to version number
+ * @descriptor_count: Pointer to number of descriptors
+ * @descriptor_size: Pointer to descriptor size
+ * package_version: Package version
+ * package_version_name: Package version's name
+ *
+ * Return information bout the current firmware image in @image_info.
+ * @image_info will consist of a number of descriptors.
+ * Each descriptor will be created based on efi fetched variable.
+ *
+ * Return status code
+ */
+static
+efi_status_t EFIAPI efi_firmware_corstone1000_get_image_info(
+ struct efi_firmware_management_protocol *this,
+ efi_uintn_t *image_info_size,
+ struct efi_firmware_image_descriptor *image_info,
+ u32 *descriptor_version,
+ u8 *descriptor_count,
+ efi_uintn_t *descriptor_size,
+ u32 *package_version,
+ u16 **package_version_name)
+{
+ efi_uintn_t var_size;
+ efi_status_t ret = EFI_SUCCESS;
+ efi_uintn_t image_info_size_var = 0;
+ efi_uintn_t image_info_name_size_var;
+ efi_uintn_t image_info_version_size_var;
+ u8 *runner = (u8 *)image_info;
+ u16 fmp_image_name[14] = {'F', 'm', 'p', 'I', 'm', 'a', 'g', 'e', 'N', 'a', 'm', 'e', '1', '\0'};
+ u16 fmp_version_name[16] = {'F', 'm', 'p', 'V', 'e', 'r', 's', 'i', 'o', 'n', 'N', 'a', 'm', 'e', '1', '\0'};
+
+ EFI_ENTRY("%p %p %p %p %p %p %p %p\n", this,
+ image_info_size, image_info,
+ descriptor_version, descriptor_count, descriptor_size,
+ package_version, package_version_name);
+
+ if (!image_info_size)
+ return EFI_EXIT(EFI_INVALID_PARAMETER);
+
+ if (*image_info_size &&
+ (!image_info || !descriptor_version || !descriptor_count ||
+ !descriptor_size || !package_version || !package_version_name))
+ return EFI_EXIT(EFI_INVALID_PARAMETER);
+
+ var_size = sizeof(*descriptor_version);
+ ret = efi_get_variable(u"FmpDescriptorVersion",
+ &efi_guid_firmware_management_protocol, NULL,
+ &var_size, descriptor_version);
+ if (ret != EFI_SUCCESS)
+ return EFI_EXIT(ret);
+
+ if (*descriptor_version != EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION)
+ return EFI_EXIT(EFI_UNSUPPORTED);
+
+ var_size = sizeof(image_info_size_var);
+ ret = efi_get_variable(u"FmpImageInfoSize",
+ &efi_guid_firmware_management_protocol, NULL,
+ &var_size, &image_info_size_var);
+ if (ret != EFI_SUCCESS)
+ return EFI_EXIT(ret);
+
+ if (*image_info_size < image_info_size_var) {
+ *image_info_size = image_info_size_var;
+ return EFI_EXIT(EFI_BUFFER_TOO_SMALL);
+ }
+
+ image_info_name_size_var = image_info_size_var;
+
+ var_size = sizeof(*descriptor_count);
+ ret = efi_get_variable(u"FmpDescriptorCount",
+ &efi_guid_firmware_management_protocol, NULL,
+ &var_size, descriptor_count);
+ if (ret != EFI_SUCCESS) {
+ return EFI_EXIT(ret);
+ }
+
+ ret = efi_get_variable(u"FmpImageInfo",
+ &efi_guid_firmware_management_protocol, NULL,
+ &image_info_size_var, image_info);
+ if (ret != EFI_SUCCESS)
+ return EFI_EXIT(ret);
+
+ runner += image_info_size_var;
+
+ image_info_name_size_var -= image_info_size_var;
+ image_info_version_size_var = image_info_name_size_var;
+
+ /* Consider changing the string modfication logic */
+ fmp_image_name[12] = '0' + (u16)image_info->image_id;
+ ret = efi_get_variable(fmp_image_name,
+ &efi_guid_firmware_management_protocol, NULL,
+ &image_info_name_size_var, runner);
+ if (ret != EFI_SUCCESS)
+ return EFI_EXIT(ret);
+
+ image_info_version_size_var -= image_info_name_size_var;
+ image_info->image_id_name = runner;
+ runner += image_info_name_size_var;
+
+ /* Consider changing the string modfication logic */
+ fmp_version_name[14] = '0' + (u16)image_info->image_id;
+ ret = efi_get_variable(fmp_version_name,
+ &efi_guid_firmware_management_protocol, NULL,
+ &image_info_version_size_var, runner);
+ if (ret != EFI_SUCCESS)
+ return EFI_EXIT(ret);
+
+ image_info->version_name = runner;
+
+ *image_info_size = image_info_size_var;
+
+ *package_version = 0xffffffff; /* not supported */
+ *package_version_name = NULL; /* not supported */
+
+ return EFI_EXIT(ret);
+}
+
+#endif
+
const struct efi_firmware_management_protocol efi_fmp_fit = {
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ .get_image_info = efi_firmware_corstone1000_get_image_info,
+#else
.get_image_info = efi_firmware_get_image_info,
+#endif
.get_image = efi_firmware_get_image_unsupported,
.set_image = efi_firmware_fit_set_image,
.check_image = efi_firmware_check_image_unsupported,
diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index bf90a98b5a..d20568c1c8 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -178,14 +178,6 @@ static efi_status_t efi_init_capsule(void)
efi_status_t ret = EFI_SUCCESS;
#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
- int ffa_ret;
-
- ffa_ret = efi_corstone1000_uboot_efi_started_event();
- if (ffa_ret)
- log_err("Failure to notify SE Proxy FW update service\n");
- else
- debug("SE Proxy FW update service notified\n");
-
ret = efi_corstone1000_alloc_capsule_shared_buf();
if (ret != EFI_SUCCESS) {
printf("EFI: Corstone-1000: cannot allocate caspsule shared buffer\n");
@@ -304,6 +296,15 @@ efi_status_t efi_init_obj_list(void)
if (ret != EFI_SUCCESS)
goto out;
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ int ffa_ret;
+ ffa_ret = efi_corstone1000_uboot_efi_started_event();
+ if (ffa_ret)
+ log_err("Failure to notify SE Proxy FW update service\n");
+ else
+ debug("SE Proxy FW update service notified\n");
+#endif
+
/* Initialize variable services */
ret = efi_init_variables();
if (ret != EFI_SUCCESS)

25
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-corstone1000-enable-distro-booting-command.patch Normal file
View File

@@ -0,0 +1,25 @@
From c95dbed049801401ac98afc8ef53e917b69f9a62 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 5 Dec 2022 17:02:32 +0000
Subject: [PATCH] corstone1000: enable distro booting command
enable distro_bootcmd
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
include/configs/corstone1000.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index 1466507f80..8622565a87 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -55,5 +55,6 @@
#include <config_distro_bootcmd.h>
+#define CFG_EXTRA_ENV_SETTINGS BOOTENV
#endif

39
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-corstone1000-add-fwu-metadata-store-info.patch Normal file
View File

@@ -0,0 +1,39 @@
From c250b6b896facee9ef42f88f5c76f055dbcfc708 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Wed, 1 Feb 2023 15:58:07 +0000
Subject: [PATCH] corstone1000: add fwu-metadata store info
Add fwu-mdata node and handle for the reference
nvmxip-qspi.
Upstream-Status: Submitted
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
arch/arm/dts/corstone1000.dtsi | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi
index 533dfdf8e1..1e0ec075e4 100644
--- a/arch/arm/dts/corstone1000.dtsi
+++ b/arch/arm/dts/corstone1000.dtsi
@@ -38,7 +38,7 @@
reg = <0x88200000 0x77e00000>;
};
- nvmxip-qspi@08000000 {
+ nvmxip: nvmxip-qspi@08000000 {
compatible = "nvmxip,qspi";
reg = <0x08000000 0x2000000>;
lba_shift = <9>;
@@ -106,6 +106,11 @@
method = "smc";
};
+ fwu-mdata {
+ compatible = "u-boot,fwu-mdata-gpt";
+ fwu-mdata-store = <&nvmxip>;
+ };
+
soc {
compatible = "simple-bus";
#address-cells = <1>;

47
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0022-fwu_metadata-make-sure-structures-are-packed.patch Normal file
View File

@@ -0,0 +1,47 @@
From b1445e50c1f260e3454bc4946ea1009ff3e0dda6 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Wed, 1 Feb 2023 16:13:24 +0000
Subject: [PATCH] fwu_metadata: make sure structures are packed
The fwu metadata in the metadata partitions
should/are packed to guarantee that the info is
correct in all platforms. Also the size of them
are used to calculate the crc32 and that is important
to get it right.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
include/fwu_mdata.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/include/fwu_mdata.h b/include/fwu_mdata.h
index 8fda4f4ac2..c61221a917 100644
--- a/include/fwu_mdata.h
+++ b/include/fwu_mdata.h
@@ -22,7 +22,7 @@ struct fwu_image_bank_info {
efi_guid_t image_uuid;
uint32_t accepted;
uint32_t reserved;
-};
+} __packed;
/**
* struct fwu_image_entry - information for a particular type of image
@@ -38,7 +38,7 @@ struct fwu_image_entry {
efi_guid_t image_type_uuid;
efi_guid_t location_uuid;
struct fwu_image_bank_info img_bank_info[CONFIG_FWU_NUM_BANKS];
-};
+} __packed;
/**
* struct fwu_mdata - FWU metadata structure for multi-bank updates
@@ -62,6 +62,6 @@ struct fwu_mdata {
uint32_t previous_active_index;
struct fwu_image_entry img_entry[CONFIG_FWU_NUM_IMAGES_PER_BANK];
-};
+} __packed;
#endif /* _FWU_MDATA_H_ */

39
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0023-corstone1000-add-boot-index.patch Normal file
View File

@@ -0,0 +1,39 @@
From 7a71000da87c4b48c6c42043924863c2933d8bdf Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Mon, 17 Jul 2023 17:04:10 +0100
Subject: [PATCH] corstone1000: add boot index
it is expected that the firmware that runs before
u-boot somehow provide the information of the bank
(index) of it is booting.
We will need to extend tf-a to pass that info,
meanwhile just set it to the default bank.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
---
board/armltd/corstone1000/corstone1000.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index ecfd8366df..ba6d024b80 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -8,6 +8,7 @@
#include <common.h>
#include <cpu_func.h>
#include <dm.h>
+#include <fwu.h>
#include <netdev.h>
#include <dm/platform_data/serial_pl01x.h>
#include <asm/armv8/mmu.h>
@@ -107,6 +108,7 @@ int dram_init_banksize(void)
return 0;
}
-void reset_cpu(void)
+void fwu_plat_get_bootidx(uint *boot_idx)
{
+ *boot_idx = 0;
}

33
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0024-corstone1000-adjust-boot-bank-and-kernel-location.patch Normal file
View File

@@ -0,0 +1,33 @@
From b15518faa5eba9ffb9da4d6e17d8ab4bb8e69f27 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Wed, 1 Feb 2023 16:17:21 +0000
Subject: [PATCH] corstone1000: adjust boot bank and kernel location
Adjust in the env boot script the address of the
bootbank with the new gpt layout, and also the
kernel partition address. Please be aware that
this is hack and needs a proper fix, since the
offset of the kernel partition is not fixed,
but for the propose of PoC it is enough for testing.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
board/armltd/corstone1000/corstone1000.env | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.env b/board/armltd/corstone1000/corstone1000.env
index b24ff07fc6..a6ee496221 100644
--- a/board/armltd/corstone1000/corstone1000.env
+++ b/board/armltd/corstone1000/corstone1000.env
@@ -1,8 +1,8 @@
/* SPDX-License-Identifier: GPL-2.0+ */
usb_pgood_delay=250
-boot_bank_flag=0x08002000
-kernel_addr_bank_0=0x083EE000
+boot_bank_flag=0x08005006
+kernel_addr_bank_0=0x08280000
kernel_addr_bank_1=0x0936E000
retrieve_kernel_load_addr=
if itest.l *${boot_bank_flag} == 0; then

72
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0025-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch Normal file
View File

@@ -0,0 +1,72 @@
From 085b51e1545e905b4ba87c529954f31067032eaa Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Mon, 17 Jul 2023 17:33:52 +0100
Subject: [PATCH] corstone1000: add nvmxip, fwu-mdata and gpt options
Enable the newest features: nvmxip, fwu-metadata and
gpt. Commands to print the partition info, gpt info
and fwu metadata will be available.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
configs/corstone1000_defconfig | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index a92668389a..4c75a01818 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -15,7 +15,7 @@ CONFIG_DISTRO_DEFAULTS=y
CONFIG_BOOTDELAY=3
CONFIG_USE_BOOTARGS=y
CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk"
-CONFIG_BOOTCOMMAND="run retrieve_kernel_load_addr; echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
+CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
CONFIG_CONSOLE_RECORD=y
CONFIG_LOGLEVEL=7
# CONFIG_DISPLAY_CPUINFO is not set
@@ -23,11 +23,15 @@ CONFIG_LOGLEVEL=7
CONFIG_SYS_MAXARGS=64
CONFIG_SYS_CBSIZE=512
# CONFIG_CMD_CONSOLE is not set
+CONFIG_CMD_FWU_METADATA=y
CONFIG_CMD_BOOTZ=y
CONFIG_SYS_BOOTM_LEN=0x800000
# CONFIG_CMD_XIMG is not set
+CONFIG_CMD_GPT=y
+# CONFIG_RANDOM_UUID is not set
CONFIG_CMD_LOADM=y
# CONFIG_CMD_LOADS is not set
+CONFIG_CMD_MMC=y
CONFIG_CMD_USB=y
# CONFIG_CMD_SETEXPR is not set
# CONFIG_CMD_NFS is not set
@@ -41,12 +45,7 @@ CONFIG_NET_RANDOM_ETHADDR=y
CONFIG_REGMAP=y
CONFIG_MISC=y
CONFIG_CLK=y
-CONFIG_CMD_MMC=y
-CONFIG_DM_MMC=y
CONFIG_ARM_PL180_MMCI=y
-CONFIG_MMC_SDHCI_ADMA_HELPERS=y
-CONFIG_MMC_WRITE=y
-CONFIG_DM_GPIO=y
CONFIG_PHYLIB=y
CONFIG_PHY_SMSC=y
CONFIG_SMC911X=y
@@ -65,4 +64,12 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0
CONFIG_FFA_SHARED_MM_BUF_ADDR=0x02000000
CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y
CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y
-CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
+CONFIG_FWU_NUM_IMAGES_PER_BANK=4
+CONFIG_FWU_MDATA=y
+CONFIG_FWU_MDATA_GPT_BLK=y
+CONFIG_SYSRESET=y
+CONFIG_EFI_CAPSULE_ON_DISK=y
+CONFIG_EFI_IGNORE_OSINDICATIONS=y
+CONFIG_FWU_MULTI_BANK_UPDATE=y
+# CONFIG_TOOLS_MKEFICAPSULE is not set
+CONFIG_DM_GPIO=y
\ No newline at end of file

39
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0026-nvmxip-move-header-to-include.patch Normal file
View File

@@ -0,0 +1,39 @@
From e7db287eb8bda80465d0c11cbb41acc798bb9fc6 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Fri, 9 Jun 2023 13:31:53 +0100
Subject: [PATCH] nvmxip: move header to include
Move header to include to allow external code
to get the internal bdev structures to access
block device operations.
as at it, just add the UCLASS_NVMXIP string
so we get the correct output in partitions
listing.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
disk/part.c | 3 +++
{drivers/mtd/nvmxip => include}/nvmxip.h | 0
2 files changed, 3 insertions(+)
rename {drivers/mtd/nvmxip => include}/nvmxip.h (100%)
diff --git a/disk/part.c b/disk/part.c
index 35300df590..f57dce7a29 100644
--- a/disk/part.c
+++ b/disk/part.c
@@ -271,6 +271,9 @@ static void print_part_header(const char *type, struct blk_desc *dev_desc)
case UCLASS_NVME:
puts ("NVMe");
break;
+ case UCLASS_NVMXIP:
+ puts ("NVMXIP");
+ break;
case UCLASS_PVBLOCK:
puts("PV BLOCK");
break;
diff --git a/drivers/mtd/nvmxip/nvmxip.h b/include/nvmxip.h
similarity index 100%
rename from drivers/mtd/nvmxip/nvmxip.h
rename to include/nvmxip.h

132
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0027-corstone1000-set-kernel_addr-based-on-boot_idx.patch Normal file
View File

@@ -0,0 +1,132 @@
From ae098fd5c47f6d805b356c892558a85d571bed67 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Tue, 18 Jul 2023 12:14:47 +0100
Subject: [PATCH] corstone1000: set kernel_addr based on boot_idx
We need to distinguish between boot banks and from which
partition to load the kernel+initramfs to memory.
For that, fetch the boot index, fetch the correspondent
partition, calculate the correct kernel address and
then set the env variable kernel_addr with that value.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
board/armltd/corstone1000/corstone1000.c | 58 +++++++++++++++++++++-
board/armltd/corstone1000/corstone1000.env | 8 ---
configs/corstone1000_defconfig | 1 +
3 files changed, 58 insertions(+), 9 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index ba6d024b80..a045262ebb 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -5,15 +5,25 @@
* Rui Miguel Silva <rui.silva@linaro.org>
*/
+#include <blk.h>
#include <common.h>
#include <cpu_func.h>
#include <dm.h>
+#include <env.h>
#include <fwu.h>
#include <netdev.h>
+#include <nvmxip.h>
+#include <part.h>
#include <dm/platform_data/serial_pl01x.h>
#include <asm/armv8/mmu.h>
#include <asm/global_data.h>
+#define CORSTONE1000_KERNEL_PARTS 2
+#define CORSTONE1000_KERNEL_PRIMARY "kernel_primary"
+#define CORSTONE1000_KERNEL_SECONDARY "kernel_secondary"
+
+static int corstone1000_boot_idx;
+
static struct mm_region corstone1000_mem_map[] = {
{
/* CVM */
@@ -110,5 +120,51 @@ int dram_init_banksize(void)
void fwu_plat_get_bootidx(uint *boot_idx)
{
- *boot_idx = 0;
+ *boot_idx = corstone1000_boot_idx;
+}
+
+int board_late_init(void)
+{
+ struct disk_partition part_info;
+ struct udevice *dev, *bdev;
+ struct nvmxip_plat *plat;
+ struct blk_desc *desc;
+ int ret;
+
+ ret = uclass_first_device_err(UCLASS_NVMXIP, &dev);
+ if (ret < 0) {
+ log_err("Cannot find kernel device\n");
+ return ret;
+ }
+
+ plat = dev_get_plat(dev);
+ device_find_first_child(dev, &bdev);
+ desc = dev_get_uclass_plat(bdev);
+ ret = fwu_get_active_index(&corstone1000_boot_idx);
+ if (ret < 0)
+ log_err("corstone1000: failed to read boot index\n");
+
+ if (!corstone1000_boot_idx)
+ ret = part_get_info_by_name(desc, CORSTONE1000_KERNEL_PRIMARY,
+ &part_info);
+ else
+ ret = part_get_info_by_name(desc, CORSTONE1000_KERNEL_SECONDARY,
+ &part_info);
+
+ if (ret < 0) {
+ log_err("failed to fetch kernel partition index: %d\n",
+ corstone1000_boot_idx);
+ return ret;
+ }
+
+ ret = 0;
+
+ ret |= env_set_hex("kernel_addr", plat->phys_base +
+ (part_info.start * part_info.blksz));
+ ret |= env_set_hex("kernel_size", part_info.size * part_info.blksz);
+
+ if (ret < 0)
+ log_err("failed to setup kernel addr and size\n");
+
+ return ret;
}
diff --git a/board/armltd/corstone1000/corstone1000.env b/board/armltd/corstone1000/corstone1000.env
index a6ee496221..ee318b1b1c 100644
--- a/board/armltd/corstone1000/corstone1000.env
+++ b/board/armltd/corstone1000/corstone1000.env
@@ -2,12 +2,4 @@
usb_pgood_delay=250
boot_bank_flag=0x08005006
-kernel_addr_bank_0=0x08280000
-kernel_addr_bank_1=0x0936E000
-retrieve_kernel_load_addr=
- if itest.l *${boot_bank_flag} == 0; then
- setenv kernel_addr $kernel_addr_bank_0;
- else
- setenv kernel_addr $kernel_addr_bank_1;
- fi;
kernel_addr_r=0x88200000
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 4c75a01818..0232131a11 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -20,6 +20,7 @@ CONFIG_CONSOLE_RECORD=y
CONFIG_LOGLEVEL=7
# CONFIG_DISPLAY_CPUINFO is not set
# CONFIG_DISPLAY_BOARDINFO is not set
+CONFIG_BOARD_LATE_INIT=y
CONFIG_SYS_MAXARGS=64
CONFIG_SYS_CBSIZE=512
# CONFIG_CMD_CONSOLE is not set

38
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0028-corstone1000-boot-index-from-active.patch Normal file
View File

@@ -0,0 +1,38 @@
From 67c439b974da80208962c1c7f0a1291908e23a30 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Mon, 27 Feb 2023 14:40:13 +0000
Subject: [PATCH] corstone1000: boot index from active
In our platform, the Secure Enclave is the one who control
all the boot tries and status, so, every time we get here
we know that the we are booting from the active index.
Upstream-Status: Pending
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
---
board/armltd/corstone1000/corstone1000.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index a045262ebb..53c65506d5 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -120,7 +120,16 @@ int dram_init_banksize(void)
void fwu_plat_get_bootidx(uint *boot_idx)
{
- *boot_idx = corstone1000_boot_idx;
+ int ret;
+
+ /*
+ * in our platform, the Secure Enclave is the one who control
+ * all the boot tries and status, so, every time we get here
+ * we know that the we are booting from the active index
+ */
+ ret = fwu_get_active_index(boot_idx);
+ if (ret < 0)
+ log_err("corstone1000: failed to read active index err %d\n", ret);
}
int board_late_init(void)

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0029-corstone1000-enable-PSCI-reset.patch Normal file
View File

@@ -0,0 +1,28 @@
From 8b7260db2b0c560b430657f801dd102fb2b141de Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Tue, 18 Jul 2023 12:19:17 +0100
Subject: [PATCH] corstone1000: enable PSCI reset
Even though corstone1000 does not implement entire PSCI APIs,it relies on
PSCI reset interface for the system reset. U-boot change the config name, so we
need to enable it again.
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
configs/corstone1000_defconfig | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 0232131a11..ccd558cfce 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -73,4 +73,5 @@ CONFIG_EFI_CAPSULE_ON_DISK=y
CONFIG_EFI_IGNORE_OSINDICATIONS=y
CONFIG_FWU_MULTI_BANK_UPDATE=y
# CONFIG_TOOLS_MKEFICAPSULE is not set
-CONFIG_DM_GPIO=y
\ No newline at end of file
+CONFIG_DM_GPIO=y
+CONFIG_SYSRESET_PSCI=y
\ No newline at end of file

30
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0030-Enable-EFI-set-get-time-services.patch Normal file
View File

@@ -0,0 +1,30 @@
From 03f53356a5b8b30b981ab7a16c6f48ca7fffe489 Mon Sep 17 00:00:00 2001
From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Date: Tue, 18 Jul 2023 12:21:39 +0100
Subject: [PATCH] Enable EFI set/get time services
SetTime_Conf and SetTime_Func tests in UEFI SCT test suite of ACS
fails with unsupported return value. CONFIG_EFI_SET_TIME and
CONFIG_EFI_GET_TIME config values are added to enable these EFI
services.
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
---
configs/corstone1000_defconfig | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index ccd558cfce..a0af413de8 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -74,4 +74,6 @@ CONFIG_EFI_IGNORE_OSINDICATIONS=y
CONFIG_FWU_MULTI_BANK_UPDATE=y
# CONFIG_TOOLS_MKEFICAPSULE is not set
CONFIG_DM_GPIO=y
-CONFIG_SYSRESET_PSCI=y
\ No newline at end of file
+CONFIG_SYSRESET_PSCI=y
+CONFIG_EFI_SET_TIME=y
+CONFIG_EFI_GET_TIME=y

26
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0031-corstone1000-detect-inflated-kernel-size.patch Normal file
View File

@@ -0,0 +1,26 @@
From affde70e4ba728b0ce855f53501bdb5caa8afa6d Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Fri, 11 Aug 2023 10:41:19 +0100
Subject: [PATCH] corstone1000: detect inflated kernel size
use filesize variable set by unzip command
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
---
configs/corstone1000_defconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index a0af413de8..5b0b2ac3bf 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -15,7 +15,7 @@ CONFIG_DISTRO_DEFAULTS=y
CONFIG_BOOTDELAY=3
CONFIG_USE_BOOTARGS=y
CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk"
-CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
+CONFIG_BOOTCOMMAND="echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r $filesize; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
CONFIG_CONSOLE_RECORD=y
CONFIG_LOGLEVEL=7
# CONFIG_DISPLAY_CPUINFO is not set

44
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0032-corstone1000-ESRT-add-unique-firmware-GUID.patch Normal file
View File

@@ -0,0 +1,44 @@
From 1f1e0c35c9a11e956a8dc10002d17a497de947e3 Mon Sep 17 00:00:00 2001
From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
Date: Tue, 8 Aug 2023 10:24:39 +0000
Subject: [PATCH] corstone1000: ESRT: add unique firmware GUID
Add unique Corstone-1000 firmware GUID
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
---
lib/efi_loader/efi_firmware.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index c6ab6e2182..7792a6aa83 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -20,12 +20,12 @@
#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
-#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \
- EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \
- 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f)
+/* Firmware GUID */
+#define EFI_CORSTONE1000_FIRMWARE_GUID \
+ EFI_GUID(0x989f3a4e, 0x46e0, 0x4cd0, 0x98, 0x77, \
+ 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29)
- const efi_guid_t efi_firmware_image_type_uboot_raw =
- EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
+efi_guid_t corstone1000_firmware_guid = EFI_CORSTONE1000_FIRMWARE_GUID;
static efi_status_t efi_corstone1000_img_info_get (
efi_uintn_t *image_info_size,
@@ -353,7 +353,7 @@ efi_status_t EFIAPI efi_firmware_get_image_info(
descriptor_version, descriptor_count,
descriptor_size,
package_version, package_version_name,
- &efi_firmware_image_type_uboot_raw);
+ &corstone1000_firmware_guid);
#else
ret = efi_fill_image_desc_array(image_info_size, image_info,
descriptor_version, descriptor_count,

134
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch Normal file
View File

@@ -0,0 +1,134 @@
From f098724d2a59bf5c265a81c5b8767563c6c2d8de Mon Sep 17 00:00:00 2001
From: Sughosh Ganu <sughosh.ganu@linaro.org>
Date: Thu, 21 Sep 2023 14:13:42 +0100
Subject: [PATCH] dt: Provide a way to remove non-compliant nodes and
properties
Add a function which is registered to spy for a EVT_FT_FIXUP event,
and removes the non upstreamed nodes and properties from the
devicetree before it gets passed to the OS.
This allows removing entire nodes, or specific properties under nodes
from the devicetree. The required nodes and properties can be
registered for removal through the DT_NON_COMPLIANT_PURGE and
DT_NON_COMPLIANT_PURGE_LIST macros.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Upstream-Status: Submitted [RFC: https://lore.kernel.org/u-boot/aca7e6fa-2dec-a7c5-e47e-84c5ffa6f9b7@gmx.de/T/#m16d14ee960427cc88066bdcdd76f0a26738bb66d]
---
include/dt-structs.h | 11 +++++++
lib/Makefile | 1 +
lib/dt_purge.c | 73 ++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 85 insertions(+)
create mode 100644 lib/dt_purge.c
diff --git a/include/dt-structs.h b/include/dt-structs.h
index fa1622cb1d..f535c60471 100644
--- a/include/dt-structs.h
+++ b/include/dt-structs.h
@@ -57,3 +57,14 @@ struct phandle_2_arg {
#endif
#endif
+
+struct dt_non_compliant_purge {
+ const char *node_path;
+ const char *prop;
+};
+
+#define DT_NON_COMPLIANT_PURGE(__name) \
+ ll_entry_declare(struct dt_non_compliant_purge, __name, dt_purge)
+
+#define DT_NON_COMPLIANT_PURGE_LIST(__name) \
+ ll_entry_declare_list(struct dt_non_compliant_purge, __name, dt_purge)
diff --git a/lib/Makefile b/lib/Makefile
index 8d8ccc8bbc..82a906daa0 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -37,6 +37,7 @@ endif
obj-y += crc8.o
obj-y += crc16.o
obj-y += crc16-ccitt.o
+obj-y += dt_purge.o
obj-$(CONFIG_ERRNO_STR) += errno_str.o
obj-$(CONFIG_FIT) += fdtdec_common.o
obj-$(CONFIG_TEST_FDTDEC) += fdtdec_test.o
diff --git a/lib/dt_purge.c b/lib/dt_purge.c
new file mode 100644
index 0000000000..f893ba9796
--- /dev/null
+++ b/lib/dt_purge.c
@@ -0,0 +1,73 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (c) 2023, Linaro Limited
+ */
+
+#include <dt-structs.h>
+#include <event.h>
+#include <linker_lists.h>
+
+#include <linux/libfdt.h>
+
+/**
+ * dt_non_compliant_purge() - Remove non-upstreamed nodes and properties
+ * from the DT
+ * @ctx: Context for event
+ * @event: Event to process
+ *
+ * Iterate through an array of DT nodes and properties, and remove them
+ * from the device-tree before the DT gets handed over to the kernel.
+ * These are nodes and properties which do not have upstream bindings
+ * and need to be purged before being handed over to the kernel.
+ *
+ * If both the node and property are specified, delete the property. If
+ * only the node is specified, delete the entire node, including it's
+ * subnodes, if any.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+static int dt_non_compliant_purge(void *ctx, struct event *event)
+{
+ int nodeoff = 0;
+ int err = 0;
+ void *fdt;
+ const struct event_ft_fixup *fixup = &event->data.ft_fixup;
+ struct dt_non_compliant_purge *purge_entry;
+ struct dt_non_compliant_purge *purge_start =
+ ll_entry_start(struct dt_non_compliant_purge, dt_purge);
+ int nentries = ll_entry_count(struct dt_non_compliant_purge, dt_purge);
+
+ if (fixup->images)
+ return 0;
+
+ fdt = fixup->tree.fdt;
+ for (purge_entry = purge_start; purge_entry != purge_start + nentries;
+ purge_entry++) {
+ nodeoff = fdt_path_offset(fdt, purge_entry->node_path);
+ if (nodeoff < 0) {
+ log_debug("Error (%d) getting node offset for %s\n",
+ nodeoff, purge_entry->node_path);
+ continue;
+ }
+
+ if (purge_entry->prop) {
+ err = fdt_delprop(fdt, nodeoff, purge_entry->prop);
+ if (err < 0 && err != -FDT_ERR_NOTFOUND) {
+ log_debug("Error (%d) deleting %s\n",
+ err, purge_entry->prop);
+ goto out;
+ }
+ } else {
+ err = fdt_del_node(fdt, nodeoff);
+ if (err) {
+ log_debug("Error (%d) trying to delete node %s\n",
+ err, purge_entry->node_path);
+ goto out;
+ }
+ }
+ }
+
+out:
+ return err;
+}
+EVENT_SPY(EVT_FT_FIXUP, dt_non_compliant_purge);

53
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch Normal file
View File

@@ -0,0 +1,53 @@
From ff83070da7d1f547fc640e8446251f8e1e4ffc33 Mon Sep 17 00:00:00 2001
From: Sughosh Ganu <sughosh.ganu@linaro.org>
Date: Thu, 21 Sep 2023 14:15:13 +0100
Subject: [PATCH] bootefi: Call the EVT_FT_FIXUP event handler
The bootefi command passes the devicetree to the kernel through the
EFI config table. Call the event handlers for fixing the devicetree
before jumping into the kernel. This removes any devicetree nodes
and/or properties that are specific only to U-Boot, and are not to be
passed to the OS.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Upstream-Status: Submitted [RFC: https://lore.kernel.org/u-boot/aca7e6fa-2dec-a7c5-e47e-84c5ffa6f9b7@gmx.de/T/#m16d14ee960427cc88066bdcdd76f0a26738bb66d]
---
cmd/bootefi.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/cmd/bootefi.c b/cmd/bootefi.c
index 5c0afec154..f9588b66c7 100644
--- a/cmd/bootefi.c
+++ b/cmd/bootefi.c
@@ -237,6 +237,23 @@ static void *get_config_table(const efi_guid_t *guid)
return NULL;
}
+/**
+ * event_notify_dt_fixup() - call ft_fixup event
+ *
+ * @fdt: address of the device tree to be passed to the kernel
+ * through the configuration table
+ * Return: None
+ */
+static void event_notify_dt_fixup(void *fdt)
+{
+ int ret;
+ struct event_ft_fixup fixup = {0};
+
+ fixup.tree.fdt = fdt;
+ ret = event_notify(EVT_FT_FIXUP, &fixup, sizeof(fixup));
+ if (ret)
+ printf("Error: %d: FDT Fixup event failed\n", ret);
+}
#endif /* !CONFIG_IS_ENABLED(GENERATE_ACPI_TABLE) */
/**
@@ -318,6 +335,7 @@ efi_status_t efi_install_fdt(void *fdt)
efi_carve_out_dt_rsv(fdt);
efi_try_purge_kaslr_seed(fdt);
+ event_notify_dt_fixup(fdt);
if (CONFIG_IS_ENABLED(EFI_TCG2_PROTOCOL_MEASURE_DTB)) {
ret = efi_tcg2_measure_dtb(fdt);

48
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0035-corstone1000-purge-U-Boot-specific-DT-nodes.patch Normal file
View File

@@ -0,0 +1,48 @@
From 49e3463a397b61e859df5e1a383f82d64c1e4f3f Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Thu, 21 Sep 2023 15:24:34 +0100
Subject: [PATCH] corstone1000: purge U-Boot specific DT nodes
Remove U-Boot specific DT nodes before passing the DT to Linux
This is needed to pass SystemReady IR 2.0 dt-schema tests
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Upstream-Status: Pending [RFC: https://lore.kernel.org/u-boot/aca7e6fa-2dec-a7c5-e47e-84c5ffa6f9b7@gmx.de/T/#m16d14ee960427cc88066bdcdd76f0a26738bb66d]
---
board/armltd/corstone1000/corstone1000.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index 53c65506d5..e3c0e5bf50 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -9,6 +9,7 @@
#include <common.h>
#include <cpu_func.h>
#include <dm.h>
+#include <dt-structs.h>
#include <env.h>
#include <fwu.h>
#include <netdev.h>
@@ -18,6 +19,20 @@
#include <asm/armv8/mmu.h>
#include <asm/global_data.h>
+/* remove the DT nodes not needed in Linux */
+DT_NON_COMPLIANT_PURGE_LIST(foo) = {
+ { .node_path = "/fwu-mdata" },
+ { .node_path = "/nvmxip-qspi@08000000" },
+ { .node_path = "/soc/mailbox@1b820000" },
+ { .node_path = "/soc/mailbox@1b830000" },
+ { .node_path = "/soc/mhu@1b000000" },
+ { .node_path = "/soc/mhu@1b010000" },
+ { .node_path = "/soc/mhu@1b020000" },
+ { .node_path = "/soc/mhu@1b030000" },
+ { .node_path = "/soc/client" },
+ { .node_path = "/soc/extsys@1A010310" },
+};
+
#define CORSTONE1000_KERNEL_PARTS 2
#define CORSTONE1000_KERNEL_PRIMARY "kernel_primary"
#define CORSTONE1000_KERNEL_SECONDARY "kernel_secondary"

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0036-corstone1000-add-signature-device-tree-overlay.patch Normal file
View File

@@ -0,0 +1,28 @@
From 57e2230470c32bf2c6206813bcdfc9ce30b70c1d Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Wed, 13 Sep 2023 13:20:15 +0100
Subject: [PATCH] corstone1000: add signature device tree overlay
Adds signature device tree overlay.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
arch/arm/dts/corstone1000.dtsi | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi
index 1e0ec075e4..077673dd44 100644
--- a/arch/arm/dts/corstone1000.dtsi
+++ b/arch/arm/dts/corstone1000.dtsi
@@ -111,6 +111,10 @@
fwu-mdata-store = <&nvmxip>;
};
+ signature {
+ capsule-key = /incbin/("../../../CRT.esl");
+ };
+
soc {
compatible = "simple-bus";
#address-cells = <1>;

Some files were not shown because too many files have changed in this diff Show More