openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/0001-arm-trusted-firmware-m-disable-address-warnings-into.patch Normal file
View File

@@ -0,0 +1,26 @@
From 961d2e3718e9e6d652cadf5b4d3597cfe822dd04 Mon Sep 17 00:00:00 2001
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
Date: Wed, 24 Jan 2024 16:10:08 +0000
Subject: [PATCH] arm/trusted-firmware-m: disable address warnings into an
error
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Upstream-Status: Inappropriate
---
toolchain_GNUARM.cmake | 1 +
1 file changed, 1 insertion(+)
diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake
index b6ae50ec3..4c2f5b3d7 100644
--- a/toolchain_GNUARM.cmake
+++ b/toolchain_GNUARM.cmake
@@ -111,6 +111,7 @@ add_compile_options(
-Wno-format
-Wno-return-type
-Wno-unused-but-set-variable
+ -Wno-error=address
-c
-fdata-sections
-ffunction-sections

274
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch Normal file
View File

@@ -0,0 +1,274 @@
From eb096e4c03b80f9f31e5d15ca06e5a38e4112664 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Tue, 7 Nov 2023 20:25:49 +0100
Subject: [PATCH 1/2] platform: corstone1000: Update MPU configuration
In Armv6-M the MPU requires the regions to be aligned with
region sizes.
The commit aligns the different code/data sections using the
alignment macros. The code/data sections can be covered by
multiple MPU regions in order to save memory.
Small adjustments had to be made in the memory layout in order to
not overflow the flash:
- Decreased TFM_PARTITION_SIZE
- Increased S_UNPRIV_DATA_SIZE
Added checks to the MPU configuration function for checking the
MPU constraints:
- Base address has to be aligned to the size
- The minimum MPU region size is 0x100
- The MPU can have 8 regions at most
Change-Id: I059468e8aba0822bb354fd1cd4987ac2bb1f34d1
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25393]
---
.../target/arm/corstone1000/CMakeLists.txt | 19 +++++
.../arm/corstone1000/create-flash-image.sh | 8 +-
.../arm/corstone1000/partition/flash_layout.h | 2 +-
.../arm/corstone1000/partition/region_defs.h | 6 +-
.../arm/corstone1000/tfm_hal_isolation.c | 83 +++++++++++++++----
5 files changed, 93 insertions(+), 25 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index e6cf15b11..8817f514c 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -22,6 +22,25 @@ target_compile_definitions(platform_region_defs
INTERFACE
$<$<BOOL:${TFM_S_REG_TEST}>:TFM_S_REG_TEST>
)
+
+# The Armv6-M MPU requires that the MPU regions be aligned to the region sizes.
+# The minimal region size is 0x100 bytes.
+#
+# The alignments have to be a power of two and ideally bigger than the section size (which
+# can be checked in the map file).
+# In some cases the alignment value is smaller than the actual section
+# size to save memory. In that case, multiple MPU region has to be configured to cover it.
+#
+# To save memory, the attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for
+# the SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE don't have to
+# be aligned. The higher-priority regions will overwrite these attributes if needed.
+# The RAM is also located in the SRAM so it has to be configured to overwrite these default
+# attributes.
+target_compile_definitions(platform_region_defs
+ INTERFACE
+ TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
+ TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
+)
#========================= Platform common defs ===============================#
# Specify the location of platform specific build dependencies.
diff --git a/platform/ext/target/arm/corstone1000/create-flash-image.sh b/platform/ext/target/arm/corstone1000/create-flash-image.sh
index 2522d3674..a6be61384 100755
--- a/platform/ext/target/arm/corstone1000/create-flash-image.sh
+++ b/platform/ext/target/arm/corstone1000/create-flash-image.sh
@@ -8,7 +8,7 @@
######################################################################
# This script is to create a flash gpt image for corstone platform
-#
+#
# Flash image layout:
# |------------------------------|
# | Protective MBR |
@@ -82,15 +82,15 @@ sgdisk --mbrtogpt \
--new=4:56:+4K --typecode=4:$PRIVATE_METADATA_TYPE_UUID --partition-guid=4:$(uuidgen) --change-name=4:'private_metadata_replica_1' \
--new=5:64:+4k --typecode=5:$PRIVATE_METADATA_TYPE_UUID --partition-guid=5:$(uuidgen) --change-name=5:'private_metadata_replica_2' \
--new=6:72:+100k --typecode=6:$SE_BL2_TYPE_UUID --partition-guid=6:$(uuidgen) --change-name=6:'bl2_primary' \
- --new=7:272:+376K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
+ --new=7:272:+368K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
--new=8:32784:+100k --typecode=8:$SE_BL2_TYPE_UUID --partition-guid=8:$(uuidgen) --change-name=8:'bl2_secondary' \
- --new=9:32984:+376K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
+ --new=9:32984:+368K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
--new=10:65496:65501 --partition-guid=10:$(uuidgen) --change-name=10:'reserved_2' \
$IMAGE
[ $? -ne 0 ] && echo "Error occurs while writing the GPT layout" && exit 1
-# Write partitions
+# Write partitions
# conv=notrunc avoids truncation to keep the geometry of the image.
dd if=$BIN_DIR/bl2_signed.bin of=${IMAGE} seek=72 conv=notrunc
dd if=$BIN_DIR/tfm_s_signed.bin of=${IMAGE} seek=272 conv=notrunc
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
index 568c8de28..7fffd94c6 100644
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
@@ -134,7 +134,7 @@
/* Bank configurations */
#define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */
-#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */
+#define TFM_PARTITION_SIZE (0x5C000) /* 368 KB */
/************************************************************/
/* Bank : Images flash offsets are with respect to the bank */
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
index 99e822f51..64ab786e5 100644
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
@@ -1,8 +1,10 @@
/*
- * Copyright (c) 2017-2022 Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2023 Arm Limited. All rights reserved.
* Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company)
* or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
*
+ * SPDX-License-Identifier: Apache-2.0
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@ -53,7 +55,7 @@
#define S_DATA_START (SRAM_BASE + TFM_PARTITION_SIZE)
#define S_DATA_SIZE (SRAM_SIZE - TFM_PARTITION_SIZE)
-#define S_UNPRIV_DATA_SIZE (0x2160)
+#define S_UNPRIV_DATA_SIZE (0x4000)
#define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1)
#define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE)
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 01f7687bc..98e795dde 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
* company) or an affiliate of Cypress Semiconductor Corporation. All rights
* reserved.
@@ -14,9 +14,11 @@
#include "tfm_hal_isolation.h"
#include "mpu_config.h"
#include "mmio_defs.h"
+#include "flash_layout.h"
#define PROT_BOUNDARY_VAL \
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
+#define MPU_REGION_MIN_SIZE (0x100)
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
@@ -31,20 +33,38 @@ REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
#endif /* CONFIG_TFM_PARTITION_META */
-static void configure_mpu(uint32_t rnr, uint32_t base, uint32_t limit,
- uint32_t is_xn_exec, uint32_t ap_permissions)
+static enum tfm_hal_status_t configure_mpu(uint32_t rnr, uint32_t base,
+ uint32_t limit, uint32_t is_xn_exec, uint32_t ap_permissions)
{
- uint32_t size; /* region size */
+ uint32_t rbar_size_field; /* region size as it is used in the RBAR */
uint32_t rasr; /* region attribute and size register */
uint32_t rbar; /* region base address register */
- size = get_rbar_size_field(limit - base);
+ rbar_size_field = get_rbar_size_field(limit - base);
+
+ /* The MPU region's base address has to be aligned to the region
+ * size for a valid MPU configuration */
+ if ((base % (1 << (rbar_size_field + 1))) != 0) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
+
+ /* The MPU supports only 8 memory regions */
+ if (rnr > 7) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
+
+ /* The minimum size for a region is 0x100 bytes */
+ if((limit - base) < MPU_REGION_MIN_SIZE) {
+ return TFM_HAL_ERROR_INVALID_INPUT;
+ }
rasr = ARM_MPU_RASR(is_xn_exec, ap_permissions, TEX, NOT_SHAREABLE,
- NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, size);
+ NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, rbar_size_field);
rbar = base & MPU_RBAR_ADDR_Msk;
ARM_MPU_SetRegionEx(rnr, rbar, rasr);
+
+ return TFM_HAL_SUCCESS;
}
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
@@ -56,33 +76,60 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
uint32_t rnr = TFM_ISOLATION_REGION_START_NUMBER; /* current region number */
uint32_t base; /* start address */
uint32_t limit; /* end address */
+ enum tfm_hal_status_t ret;
ARM_MPU_Disable();
- /* TFM Core unprivileged code region */
- base = (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base);
- limit = (uint32_t)&REGION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit);
-
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
-
- /* RO region */
- base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_CODE_START, $$Base);
- limit = (uint32_t)&REGION_NAME(Image$$, TFM_APP_CODE_END, $$Base);
+ /* Armv6-M MPU allows region overlapping. The region with the higher RNR
+ * will decide the attributes.
+ *
+ * The default attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for the
+ * whole SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE
+ * don't have to be aligned and memory space can be saved.
+ * This region has the lowest RNR so the next regions can overwrite these
+ * attributes if it's needed.
+ */
+ base = SRAM_BASE;
+ limit = SRAM_BASE + SRAM_SIZE;
+
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
/* RW, ZI and stack as one region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
limit = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base);
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ /* The section size can be bigger than the alignment size, else the code would
+ * not fit into the memory. Because of this, the sections can use multiple MPU
+ * regions. */
+ do {
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+ base += TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT;
+ } while (base < limit);
+
#ifdef CONFIG_TFM_PARTITION_META
/* TFM partition metadata pointer region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
limit = (uint32_t)&REGION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ do {
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_SP_META_PTR_ALIGNMENT,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+ base += TFM_LINKER_SP_META_PTR_ALIGNMENT;
+ } while (base < limit);
+
#endif
arm_mpu_enable();

76
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch Normal file
View File

@@ -0,0 +1,76 @@
From ca7696bca357cfd71a34582c65a7c7c08828b6dc Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Mon, 18 Dec 2023 14:00:14 +0100
Subject: [PATCH 2/2] platform: corstone1000: Cover S_DATA with MPU
The S_DATA has to be covered with MPU regions to override the
other MPU regions with smaller RNR values.
Change-Id: I45fec65f51241939314941e25d287e6fdc82777c
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25583]
---
.../target/arm/corstone1000/CMakeLists.txt | 8 +++++++
.../arm/corstone1000/tfm_hal_isolation.c | 22 +++++++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index 8817f514c..541504368 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -40,6 +40,14 @@ target_compile_definitions(platform_region_defs
INTERFACE
TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
+
+ # The RAM MPU Region block sizes are calculated manually. The RAM has to be covered
+ # with the MPU regions. These regions also have to be the power of 2 and
+ # the start addresses have to be aligned to these sizes. The sizes can be calculated
+ # from the S_DATA_START and S_DATA_SIZE defines.
+ RAM_MPU_REGION_BLOCK_1_SIZE=0x4000
+ RAM_MPU_REGION_BLOCK_2_SIZE=0x20000
+
)
#========================= Platform common defs ===============================#
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 98e795dde..39b19c535 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -15,6 +15,7 @@
#include "mpu_config.h"
#include "mmio_defs.h"
#include "flash_layout.h"
+#include "region_defs.h"
#define PROT_BOUNDARY_VAL \
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
@@ -132,6 +133,27 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
#endif
+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
+ * SRAM and it has to be overridden.
+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
+ * and added to the platform_region_defs compile definitions.
+ */
+ base = S_DATA_START;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
arm_mpu_enable();
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */

78
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-align-capsule-update-structs.patch Normal file
View File

@@ -0,0 +1,78 @@
From 6807d4b30f7d4ed32d3c54dfcaf3ace63eaa4f02 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Thu, 26 Oct 2023 11:46:04 +0100
Subject: [PATCH] platform: corstone1000: align capsule update structs
U-boot mkefitool creates capsule image without packed and byte-aligned
structs. This patch aligns the capsule-update structures and avoids
crashes in case of unaligned pointer access.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending
---
.../fw_update_agent/uefi_capsule_parser.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
index c706c040ac..9f8d12ad4e 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
@@ -34,14 +34,14 @@ typedef struct {
uint32_t header_size;
uint32_t flags;
uint32_t capsule_image_size;
-} efi_capsule_header_t;
+} efi_capsule_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t version;
uint16_t embedded_driver_count;
uint16_t payload_item_count;
uint64_t item_offset_list[];
-} efi_firmware_management_capsule_header_t;
+} efi_firmware_management_capsule_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t version;
@@ -52,14 +52,14 @@ typedef struct {
uint32_t update_vendorcode_size;
uint64_t update_hardware_instance; //introduced in v2
uint64_t image_capsule_support; //introduced in v3
-} efi_firmware_management_capsule_image_header_t;
+} efi_firmware_management_capsule_image_header_t __attribute__((packed, aligned(1)));
typedef struct {
uint32_t signature;
uint32_t header_size;
uint32_t fw_version;
uint32_t lowest_supported_version;
-} fmp_payload_header_t;
+} fmp_payload_header_t __attribute__((packed, aligned(1)));
#define ANYSIZE_ARRAY 0
@@ -68,18 +68,18 @@ typedef struct {
uint16_t wRevision;
uint16_t wCertificateType;
uint8_t bCertificate[ANYSIZE_ARRAY];
-} WIN_CERTIFICATE;
+} WIN_CERTIFICATE __attribute__((packed, aligned(1)));
typedef struct {
WIN_CERTIFICATE hdr;
struct efi_guid cert_type;
uint8_t cert_data[ANYSIZE_ARRAY];
-} win_certificate_uefi_guid_t;
+} win_certificate_uefi_guid_t __attribute__((packed, aligned(1)));
typedef struct {
uint64_t monotonic_count;
win_certificate_uefi_guid_t auth_info;
-} efi_firmware_image_authentication_t;
+} efi_firmware_image_authentication_t __attribute__((packed, aligned(1)));
enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
--
2.25.1

33
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-skip-the-first-nv-counter.patch Normal file
View File

@@ -0,0 +1,33 @@
From 001e5bea183bc78352ac3ba6283d9d7912bb6ea5 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 21 Feb 2024 07:44:25 +0000
Subject: [PATCH] Platform: Corstone1000: skip the first nv counter
It skips doing a sanity check the BL2 nv counter after the capsule
update since the tfm bl1 does not sync metadata and nv counters in OTP during
the boot anymore.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending
---
.../ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index 2e6de255b..2e6cf8047 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -1125,7 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters(
FWU_LOG_MSG("%s: enter\n\r", __func__);
- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
switch (i) {
case FWU_BL2_NV_COUNTER:
--
2.25.1

41
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-add-unique-guid-for-mps3.patch Normal file
View File

@@ -0,0 +1,41 @@
From 3d35eb08fe0cea5c4b882c448f44530bb45c05f0 Mon Sep 17 00:00:00 2001
From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
Date: Tue, 2 Apr 2024 13:04:56 +0000
Subject: [PATCH] platform: corstone1000: add unique guid for mps3
This patch sets unique GUID for Corstone1000 FVP and MPS3
Upstream-Status: Inappropriate [Redesign of Capsule update interface is required]
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
---
.../target/arm/corstone1000/fw_update_agent/fwu_agent.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index 2e6cf80470..be04e0e5df 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -113,13 +113,19 @@ enum fwu_agent_state_t {
};
struct efi_guid full_capsule_image_guid = {
+#if PLATFORM_IS_FVP
.time_low = 0x989f3a4e,
.time_mid = 0x46e0,
.time_hi_and_version = 0x4cd0,
.clock_seq_and_node = {0x98, 0x77, 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29}
+#else
+ .time_low = 0xdf1865d1,
+ .time_mid = 0x90fb,
+ .time_hi_and_version = 0x4d59,
+ .clock_seq_and_node = {0x9c, 0x38, 0xc9, 0xf2, 0xc1, 0xbb, 0xa8, 0xcc}
+#endif
};
-
#define IMAGE_ACCEPTED (1)
#define IMAGE_NOT_ACCEPTED (0)
#define BANK_0 (0)
--
2.38.1

177
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch Normal file
View File

@@ -0,0 +1,177 @@
From 1410dc5504d60219279581b1cf6442f81551cfe7 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <Emekcan.Aras@arm.com>
Date: Wed, 3 Apr 2024 13:37:40 +0100
Subject: [PATCH] Platform: Corstone1000: Enable host firewall in FVP
Enables host firewall and mpu setup for FVP. It also fixes secure-ram
configuration and disable access rights to secure ram from both normal world
for both mps3 and fvp.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
.../Device/Include/platform_base_address.h | 2 +-
.../arm/corstone1000/bl1/boot_hal_bl1_1.c | 42 ++++---------------
.../arm/corstone1000/bl2/flash_map_bl2.c | 2 +-
3 files changed, 11 insertions(+), 35 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
index 416f0ebcd..101cad9e7 100644
--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
+++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
@@ -67,7 +67,7 @@
* required by the SE are defined here */
#define CORSTONE1000_HOST_ADDRESS_SPACE_BASE (0x60000000U) /* Host Address Space */
#define CORSTONE1000_HOST_BIR_BASE (0x60000000U) /* Boot Instruction Register */
-#define CORSTONE1000_HOST_SHARED_RAM_BASE (0x62000000U) /* Shared RAM */
+#define CORSTONE1000_HOST_TRUSTED_RAM_BASE (0x62000000U) /* Secure RAM */
#define CORSTONE1000_HOST_XNVM_BASE (0x68000000U) /* XNVM */
#define CORSTONE1000_HOST_BASE_SYSTEM_CONTROL_BASE (0x7A010000U) /* Host SCB */
#define CORSTONE1000_EXT_SYS_RESET_REG (0x7A010310U) /* external system (cortex-M3) */
diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
index a5fee66af..7988c2392 100644
--- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c
@@ -35,7 +35,7 @@ REGION_DECLARE(Image$$, ER_DATA, $$Base)[];
REGION_DECLARE(Image$$, ARM_LIB_HEAP, $$ZI$$Limit)[];
#define HOST_ADDRESS_SPACE_BASE 0x00000000
-#define HOST_SHARED_RAM_BASE 0x02000000
+#define HOST_TRUSTED_RAM_BASE 0x02000000
#define HOST_XNVM_BASE 0x08000000
#define HOST_BASE_SYSTEM_CONTROL_BASE 0x1A010000
#define HOST_FIREWALL_BASE 0x1A800000
@@ -347,7 +347,7 @@ static void setup_host_firewall(void)
fc_pe_enable();
- /* CVM - Shared RAM */
+ /* CVM - Secure RAM */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_CVM);
fc_disable_bypass();
fc_pe_disable();
@@ -355,15 +355,12 @@ static void setup_host_firewall(void)
fc_select_region(1);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
- fc_prog_rgn(RGN_SIZE_4MB, HOST_SHARED_RAM_BASE);
+ fc_prog_rgn(RGN_SIZE_4MB, HOST_TRUSTED_RAM_BASE);
fc_init_mpl(RGN_MPE0);
mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK |
RGN_MPL_SECURE_WRITE_MASK |
- RGN_MPL_SECURE_EXECUTE_MASK |
- RGN_MPL_NONSECURE_READ_MASK |
- RGN_MPL_NONSECURE_WRITE_MASK |
- RGN_MPL_NONSECURE_EXECUTE_MASK);
+ RGN_MPL_SECURE_EXECUTE_MASK);
fc_enable_mpl(RGN_MPE0, mpl_rights);
fc_disable_mpl(RGN_MPE0, ~mpl_rights);
@@ -398,7 +395,9 @@ static void setup_host_firewall(void)
fc_pe_enable();
- /* Host Expansion Master 0 */
+#if !(PLATFORM_IS_FVP)
+ /* Host Expansion Master 0 (Due to the difference in the models only
+ * programming this for MPS3) */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST0);
fc_disable_bypass();
fc_pe_disable();
@@ -433,7 +432,6 @@ static void setup_host_firewall(void)
fc_enable_regions();
fc_rgn_lock();
-#if !(PLATFORM_IS_FVP)
fc_select_region(3);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
@@ -461,16 +459,14 @@ static void setup_host_firewall(void)
fc_enable_mpe(RGN_MPE0);
fc_enable_regions();
fc_rgn_lock();
-#endif
fc_pe_enable();
- /* Host Expansion Master 0 */
+ /* Host Expansion Master 1*/
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST1);
fc_disable_bypass();
fc_pe_disable();
-#if !(PLATFORM_IS_FVP)
fc_select_region(1);
fc_disable_regions();
fc_disable_mpe(RGN_MPE0);
@@ -484,22 +480,6 @@ static void setup_host_firewall(void)
fc_enable_mpe(RGN_MPE0);
fc_enable_regions();
fc_rgn_lock();
-#else
- fc_select_region(1);
- fc_disable_regions();
- fc_disable_mpe(RGN_MPE0);
- fc_prog_rgn(RGN_SIZE_8MB, HOST_SE_SECURE_FLASH_BASE_FVP);
- fc_init_mpl(RGN_MPE0);
-
- mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK |
- RGN_MPL_SECURE_WRITE_MASK);
-
- fc_enable_mpl(RGN_MPE0, mpl_rights);
- fc_enable_mpe(RGN_MPE0);
- fc_enable_regions();
- fc_rgn_lock();
-#endif
-
fc_pe_enable();
/* Always ON Host Peripherals */
@@ -527,7 +507,6 @@ static void setup_host_firewall(void)
}
fc_pe_enable();
-
/* Host System Peripherals */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_SYSPERIPH);
fc_disable_bypass();
@@ -553,6 +532,7 @@ static void setup_host_firewall(void)
}
fc_pe_enable();
+#endif
/* Host System Peripherals */
fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_DBGPERIPH);
@@ -592,13 +572,9 @@ int32_t boot_platform_init(void)
if (result != ARM_DRIVER_OK) {
return 1;
}
-#if !(PLATFORM_IS_FVP)
setup_mpu();
-#endif
setup_se_firewall();
-#if !(PLATFORM_IS_FVP)
setup_host_firewall();
-#endif
#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
stdio_init();
diff --git a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
index 2b1cdfa19..06cc3f0f5 100644
--- a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
+++ b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
@@ -70,7 +70,7 @@ int boot_get_image_exec_ram_info(uint32_t image_id,
rc = 0;
}
else if (image_id == 1 || image_id == 2) {
- (*exec_ram_start) = CORSTONE1000_HOST_SHARED_RAM_BASE;
+ (*exec_ram_start) = CORSTONE1000_HOST_TRUSTED_RAM_BASE;
(*exec_ram_size) = 0x20000000U;
rc = 0;
}
--
2.25.1

27
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-Increase-ITS-max-asset-size.patch Normal file
View File

@@ -0,0 +1,27 @@
From 2edf197735bd0efb1428c1710443dddcb376d930 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Wed, 17 Apr 2024 11:34:45 +0000
Subject: [PATCH] platform: corstone1000: Increase ITS max asset size
Increases the max asset size for ITS to enable parsec services & tests
Upstream-Status: Pending
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
---
platform/ext/target/arm/corstone1000/config_tfm_target.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
index 2c7341afd4..2eb0924770 100644
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
@@ -20,4 +20,8 @@
/* The maximum number of assets to be stored in the Protected Storage area. */
#define PS_NUM_ASSETS 20
+/* The maximum size of asset to be stored in the Internal Trusted Storage area. */
+#undef ITS_MAX_ASSET_SIZE
+#define ITS_MAX_ASSET_SIZE 2048
+
#endif /* __CONFIG_TFM_TARGET_H__ */

3620
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch Normal file
View File

File diff suppressed because it is too large Load Diff

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch Normal file
View File

@@ -0,0 +1,28 @@
From 21b0c9f028b6b04fa2f027510ec90969735f4dd1 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Wed, 17 Apr 2024 19:31:03 +0200
Subject: [PATCH] platform: corstone1000: Increase RSE_COMMS buffer size
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Pending
---
platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
index 6d79dd3bf..f079f6504 100644
--- a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h
@@ -16,7 +16,7 @@ extern "C" {
#endif
/* size suits to fit the largest message too (EFI variables) */
-#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x2100)
+#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x43C0)
/*
* Allocated for each client request.
--
2.25.1

31
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch Normal file
View File

@@ -0,0 +1,31 @@
From a8aeaafd6c26d6bc3066164d12aabc5cb754fe1c Mon Sep 17 00:00:00 2001
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
Date: Wed, 15 May 2024 12:12:15 +0000
Subject: [PATCH] CC312: alignment of cc312 differences between fvp and mps3
corstone1000 platforms
Configures CC312 mps3 model same as predefined cc312 FVP
configuration while keeping debug ports closed.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Upstream-Status: Inappropriate [Requires an aligment cc3xx with mps3 hw and fvp sw models]
---
lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
index 31e4332be..4d7e6fa61 100644
--- a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
+++ b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c
@@ -207,6 +207,9 @@ CClibRetCode_t CC_LibInit(CCRndContext_t *rndContext_ptr, CCRndWorkBuff_t *rndW
goto InitErr2;
}
+ /* configuring secure debug to align cc312 with corstone 1000 */
+ CC_HAL_WRITE_REGISTER(CC_REG_OFFSET(HOST_RGF,HOST_DCU_EN0), 0xffffe7fc);
+
/* turn off the DFA since Cerberus doen't support it */
reg = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, HOST_AO_LOCK_BITS));
CC_REG_FLD_SET(0, HOST_AO_LOCK_BITS, HOST_FORCE_DFA_ENABLE, reg, 0x0);

45
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch Normal file
View File

@@ -0,0 +1,45 @@
From d7725e629c9ba93523589cc9d8af3186db19d4e8 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Wed, 15 May 2024 22:37:51 +0200
Subject: [PATCH] Platform: corstone1000: Increase buffers for EFI vars
The UEFI variables are stored in the Protected Storage. The size of
the variables metadata have been increased so the related buffer sizes
have to be increased.
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Pending
---
.../ext/target/arm/corstone1000/config_tfm_target.h | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
index 2eb0924770..6ee823a7dc 100644
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -24,4 +24,15 @@
#undef ITS_MAX_ASSET_SIZE
#define ITS_MAX_ASSET_SIZE 2048
+/* The maximum asset size to be stored in the Protected Storage */
+#undef PS_MAX_ASSET_SIZE
+#define PS_MAX_ASSET_SIZE 2592
+
+/* This is needed to be able to process the EFI variables during PS writes. */
+#undef CRYPTO_ENGINE_BUF_SIZE
+#define CRYPTO_ENGINE_BUF_SIZE 0x5000
+
+/* This is also has to be increased to fit the EFI variables into the iovecs. */
+#undef CRYPTO_IOVEC_BUFFER_SIZE
+#define CRYPTO_IOVEC_BUFFER_SIZE 6000
#endif /* __CONFIG_TFM_TARGET_H__ */
--
2.25.1

28
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-corstone1000-Remove-reset-after-capsule-update.patch Normal file
View File

@@ -0,0 +1,28 @@
From 78db43f80676f8038b35edd6674d22fb5ff85c12 Mon Sep 17 00:00:00 2001
From: Bence Balogh <bence.balogh@arm.com>
Date: Mon, 27 May 2024 17:11:31 +0200
Subject: [PATCH] corstone1000: Remove reset after capsule update
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/29065]
---
.../target/arm/corstone1000/services/src/tfm_platform_system.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
index 41305ed966..1e837ce3b5 100644
--- a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
+++ b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
@@ -28,9 +28,6 @@ enum tfm_platform_err_t tfm_platform_hal_ioctl(tfm_platform_ioctl_req_t request,
case IOCTL_CORSTONE1000_FWU_FLASH_IMAGES:
result = corstone1000_fwu_flash_image();
- if (!result) {
- NVIC_SystemReset();
- }
break;
case IOCTL_CORSTONE1000_FWU_HOST_ACK:
--
2.25.1

88
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch Normal file
View File

@@ -0,0 +1,88 @@
From 4d3ebb03b89b122af490824ca73287954a35bd07 Mon Sep 17 00:00:00 2001
From: Jamie Fox <jamie.fox@arm.com>
Date: Thu, 22 Aug 2024 16:54:45 +0100
Subject: [PATCH] Platform: corstone1000: Fix isolation L2 memory protection
The whole of the SRAM was configured unprivileged on this platform, so
the memory protection required for isolation level 2 was not present.
This patch changes the S_DATA_START to S_DATA_LIMIT MPU region to be
configured for privileged access only. It also reorders the MPU regions
so that the App RoT sub-region overlapping S_DATA has a higher region
number and so takes priority in the operation of the Armv6-M MPU.
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/30951]
---
.../arm/corstone1000/tfm_hal_isolation.c | 43 +++++++++----------
1 file changed, 21 insertions(+), 22 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
index 39b19c535..498f14ed2 100644
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
* company) or an affiliate of Cypress Semiconductor Corporation. All rights
* reserved.
@@ -99,6 +99,26 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
return ret;
}
+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
+ * SRAM and it has to be overridden.
+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
+ * and added to the platform_region_defs compile definitions.
+ */
+ base = S_DATA_START;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
+
+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
+ ret = configure_mpu(rnr++, base, limit,
+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
+ if (ret != TFM_HAL_SUCCESS) {
+ return ret;
+ }
/* RW, ZI and stack as one region */
base = (uint32_t)&REGION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
@@ -133,27 +153,6 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
#endif
- /* Set the RAM attributes. It is needed because the first region overlaps the whole
- * SRAM and it has to be overridden.
- * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
- * and added to the platform_region_defs compile definitions.
- */
- base = S_DATA_START;
- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
- ret = configure_mpu(rnr++, base, limit,
- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
- if (ret != TFM_HAL_SUCCESS) {
- return ret;
- }
-
- base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
- ret = configure_mpu(rnr++, base, limit,
- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
- if (ret != TFM_HAL_SUCCESS) {
- return ret;
- }
-
arm_mpu_enable();
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
--
2.25.1

56
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc Normal file
View File

@@ -0,0 +1,56 @@
# Corstone1000 machines specific TFM support
COMPATIBLE_MACHINE = "(corstone1000)"
TFM_PLATFORM = "arm/corstone1000"
TFM_DEBUG = "1"
## Default is the MPS3 board
TFM_PLATFORM_IS_FVP ?= "FALSE"
EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}"
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=OFF"
SRC_URI += " \
file://0001-arm-trusted-firmware-m-disable-address-warnings-into.patch \
"
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
SRC_URI:append:corstone1000 = " \
file://0001-platform-corstone1000-Update-MPU-configuration.patch \
file://0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch \
file://0003-platform-corstone1000-align-capsule-update-structs.patch \
file://0004-Platform-Corstone1000-skip-the-first-nv-counter.patch \
file://0005-platform-corstone1000-add-unique-guid-for-mps3.patch \
file://0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch \
file://0007-platform-corstone1000-Increase-ITS-max-asset-size.patch \
file://0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch \
file://0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch \
file://0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch \
file://0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch \
file://0012-corstone1000-Remove-reset-after-capsule-update.patch \
file://0013-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch \
"
# TF-M ships patches for external dependencies that needs to be applied
apply_tfm_patches() {
find ${S}/lib/ext/qcbor -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../qcbor/ -i
find ${S}/lib/ext/mbedcrypto -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mbedtls/ -i
find ${S}/lib/ext/mcuboot -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mcuboot/ -i
find ${S}/lib/ext/tf-m-tests -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../tf-m-tests/ -i
}
do_patch[postfuncs] += "apply_tfm_patches"
do_install() {
install -D -p -m 0644 ${B}/bin/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
install -D -p -m 0644 ${B}/bin/bl2_signed.bin ${D}/firmware/bl2_signed.bin
install -D -p -m 0644 ${B}/bin/bl1_1.bin ${D}/firmware/bl1_1.bin
install -D -p -m 0644 ${B}/bin/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin
}
create_bl1_image(){
dd conv=notrunc bs=1 if=${D}/firmware/bl1_1.bin of=${D}/firmware/bl1.bin seek=0
dd conv=notrunc bs=1 if=${D}/firmware/bl1_provisioning_bundle.bin of=${D}/firmware/bl1.bin seek=40960
}
do_install[postfuncs] += "create_bl1_image"

6
sources/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend Normal file
View File

@@ -0,0 +1,6 @@
# Machine specific configurations
MACHINE_TFM_REQUIRE ?= ""
MACHINE_TFM_REQUIRE:corstone1000 = "trusted-firmware-m-corstone1000.inc"
require ${MACHINE_TFM_REQUIRE}