From 3a2cc58debf46c25fff5280cf25d940cc987201e Mon Sep 17 00:00:00 2001 From: Harsimran Singh Tungal Date: Wed, 30 Jul 2025 12:53:15 +0100 Subject: [PATCH] arm-bsp/trusted-firmware-m: corstone1000: Permit FWU calls in RSE-COMMS Add support to permit FWU calls in RSE-COMMS Trusted-Firmware-M for Corstone-1000 This change is required to allow the transmission of PSA FWU related calls between Cortex A and Cortex M side on Corstone-1000. For every PSA call from A side, the RSE-COMMS at M side validates, if the call is allowed or not. Signed-off-by: Harsimran Singh Tungal Signed-off-by: Jon Mason --- ...one1000-Allow-FWU-calls-in-RSE-COMMS.patch | 60 +++++++++++++++++++ .../trusted-firmware-m-corstone1000.inc | 1 + 2 files changed, 61 insertions(+) create mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch new file mode 100644 index 00000000..0c1b53c0 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch @@ -0,0 +1,60 @@ +From 47593ccd1b2a2210c0860d1670005780836f120b Mon Sep 17 00:00:00 2001 +From: Harsimran Singh Tungal +Date: Mon, 18 Nov 2024 11:40:25 +0000 +Subject: [PATCH] Platform: corstone1000: Permit FWU calls in RSE-COMMS + +Allow FWU calls to be dispatched by the RSE-COMMS for Corstone-1000. +This change is required to allow the transmission of PSA FWU related +calls between Cortex A and Cortex M side on Corstone-1000. +For every PSA call from A side, the RSE-COMMS at M side validates, if the +call is allowed or not. + +Upstream-Status: Backport [b1123e3bf99000dd45992c0638c8f9ae7dba2ed8] +Signed-off-by: Harsimran Singh Tungal +--- + .../corstone1000/rse_comms_permissions_hal.c | 22 +++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c b/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c +index 59724bc94..58ade2026 100644 +--- a/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c ++++ b/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c +@@ -33,6 +33,9 @@ + #ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE + #include "tfm_its_defs.h" + #endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ ++#ifdef TFM_PARTITION_FIRMWARE_UPDATE ++#include "tfm_fwu_defs.h" ++#endif /* TFM_PARTITION_FIRMWARE_UPDATE */ + + #define INVALID_REGION_COUNTER_MAX 128 + #define INVALID_SERVICE_COUNTER_MAX 64 +@@ -165,6 +168,25 @@ enum tfm_plat_err_t comms_permissions_service_check(psa_handle_t handle, + case TFM_DPE_SERVICE_HANDLE: + return TFM_PLAT_ERR_SUCCESS; + #endif /* TFM_PARTITION_DPE */ ++ ++#ifdef TFM_PARTITION_FIRMWARE_UPDATE ++ case TFM_FIRMWARE_UPDATE_SERVICE_HANDLE: ++ switch(type) { ++ case TFM_FWU_START: ++ case TFM_FWU_WRITE: ++ case TFM_FWU_FINISH: ++ case TFM_FWU_CANCEL: ++ case TFM_FWU_INSTALL: ++ case TFM_FWU_CLEAN: ++ case TFM_FWU_REJECT: ++ case TFM_FWU_REQUEST_REBOOT: ++ case TFM_FWU_ACCEPT: ++ case TFM_FWU_QUERY: ++ return TFM_PLAT_ERR_SUCCESS; ++ default: ++ goto out_err; ++ } ++#endif /* TFM_PARTITION_FIRMWARE_UPDATE */ + default: + goto out_err; + } +-- +2.25.1 + diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index b47dbe9b..a7bf34b5 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -42,6 +42,7 @@ SRC_URI:append:corstone1000 = " \ file://0021-platform-corstone1000-add-unique-guid-for-mps3.patch \ file://0022-CC312-alignment-of-cc312-differences.patch \ file://0023-Platform-CS1000-Remove-duplicate-configuration-parameters.patch \ + file://0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch \ " FILESEXTRAPATHS:prepend:corstone1000-mps3 := "${THISDIR}/files/corstone1000/psa-adac:"