mirror of
https://git.yoctoproject.org/meta-arm
synced 2026-05-08 05:09:56 +00:00
arm-bsp/trusted-firmware-m: corstone1000: remove unused patches
commit ab339b24d4 removed the reference to
these patches but did not remove them. Removing now to clean-up the
tree.
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit is contained in:
Jon Mason
-33
@@ -1,33 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From beb8a8d92537b9574717f0a9a914642c15b439b1 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Wed, 29 Sep 2021 04:58:59 +0100
|
||||
Subject: [PATCH 01/15] corstone1000: disable secure debug temporarily
|
||||
|
||||
Until ARM-DS is ready to use psa-adac secure debug protocol,
|
||||
disable the secure debug in the platform. At present, the
|
||||
secure debug integration is tested with the PyOCD based
|
||||
scripts.
|
||||
|
||||
Change-Id: I3dd0f20e5714a2db69425607d9404172ce52129e
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
platform/ext/target/arm/corstone1000/config.cmake | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
index dc12d27f9c..203e6b79a6 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/config.cmake
|
||||
+++ b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
@@ -37,5 +37,5 @@ set(OPENAMP_VERSION "33037b04e0732e58fc0fa36afc244999ef632e1
|
||||
if (${PLATFORM_IS_FVP})
|
||||
set(PLATFORM_PSA_ADAC_SECURE_DEBUG FALSE CACHE BOOL "Whether to use psa-adac secure debug.")
|
||||
else()
|
||||
- set(PLATFORM_PSA_ADAC_SECURE_DEBUG TRUE CACHE BOOL "Whether to use psa-adac secure debug.")
|
||||
+ set(PLATFORM_PSA_ADAC_SECURE_DEBUG FALSE CACHE BOOL "Whether to use psa-adac secure debug.")
|
||||
endif()
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-470
@@ -1,470 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 8e2b5cee153763dd35bba1bff3568e2e3c6f58d3 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Fri, 1 Oct 2021 14:20:55 +0100
|
||||
Subject: [PATCH 02/15] corstone1000: provision firmware update metadata (fwu)
|
||||
|
||||
Firmware update metadata region in the flash is provisioned.
|
||||
The metadata is provisioned assuming images are present in
|
||||
bank-0.
|
||||
|
||||
Change-Id: I2a2274505d80528a3a0cc9211c1c6263415015d8
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../arm/corstone1000/bl1/CMakeLists.txt | 2 +
|
||||
.../arm/corstone1000/bl1/bl1_boot_hal.c | 18 +
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 309 ++++++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 31 ++
|
||||
.../arm/corstone1000/partition/flash_layout.h | 11 +-
|
||||
5 files changed, 369 insertions(+), 2 deletions(-)
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
index 0634fed4b8..92a78c1168 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
@@ -238,6 +238,7 @@ target_sources(bl1_main
|
||||
../Device/Source/system_core_init.c
|
||||
../Native_Driver/firewall.c
|
||||
../Native_Driver/uart_pl011_drv.c
|
||||
+ ../fw_update_agent/fwu_agent.c
|
||||
bl1_boot_hal.c
|
||||
bl1_flash_map.c
|
||||
bl1_security_cnt.c
|
||||
@@ -267,6 +268,7 @@ target_include_directories(bl1_main
|
||||
../CMSIS_Driver/Config
|
||||
../Device/Config
|
||||
../Native_Driver
|
||||
+ ../fw_update_agent
|
||||
)
|
||||
|
||||
############################### SIGNING BL2 image ##################################
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
index 3d1e3e72fc..5e5e5c9e68 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
@@ -12,8 +12,12 @@
|
||||
#include "Driver_Flash.h"
|
||||
#include "flash_layout.h"
|
||||
#include "bootutil/fault_injection_hardening.h"
|
||||
+#include "bootutil/bootutil_log.h"
|
||||
#include "firewall.h"
|
||||
#include "mpu_config.h"
|
||||
+#include "tfm_plat_otp.h"
|
||||
+#include "tfm_plat_provisioning.h"
|
||||
+#include "fwu_agent.h"
|
||||
|
||||
#if defined(CRYPTO_HW_ACCELERATOR) || \
|
||||
defined(CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING)
|
||||
@@ -595,6 +599,20 @@ int32_t boot_platform_init(void)
|
||||
}
|
||||
#endif /* CRYPTO_HW_ACCELERATOR */
|
||||
|
||||
+ result = tfm_plat_otp_init();
|
||||
+ if (result != TFM_PLAT_ERR_SUCCESS) {
|
||||
+ BOOT_LOG_ERR("OTP system initialization failed");
|
||||
+ FIH_PANIC;
|
||||
+ }
|
||||
+
|
||||
+ if (tfm_plat_provisioning_is_required()) {
|
||||
+ result = fwu_metadata_provision();
|
||||
+ if (result != FWU_AGENT_SUCCESS) {
|
||||
+ BOOT_LOG_ERR("Provisioning FWU Metadata failed");
|
||||
+ FIH_PANIC;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
new file mode 100644
|
||||
index 0000000000..b9c507e4ef
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -0,0 +1,309 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#include <stdint.h>
|
||||
+#include <string.h>
|
||||
+#include "fwu_agent.h"
|
||||
+#include "Driver_Flash.h"
|
||||
+#include "flash_layout.h"
|
||||
+#include "fip_parser/external/uuid.h"
|
||||
+
|
||||
+/* Properties of image in a bank */
|
||||
+struct fwu_image_properties {
|
||||
+
|
||||
+ /* UUID of the image in this bank */
|
||||
+ uuid_t img_uuid;
|
||||
+
|
||||
+ /* [0]: bit describing the image acceptance status –
|
||||
+ * 1 means the image is accepted
|
||||
+ * [31:1]: MBZ
|
||||
+ */
|
||||
+ uint32_t accepted;
|
||||
+
|
||||
+ /* NOTE: using the reserved field */
|
||||
+ /* image version */
|
||||
+ uint32_t version;
|
||||
+
|
||||
+} __packed;
|
||||
+
|
||||
+/* Image entry information */
|
||||
+struct fwu_image_entry {
|
||||
+
|
||||
+ /* UUID identifying the image type */
|
||||
+ uuid_t img_type_uuid;
|
||||
+
|
||||
+ /* UUID of the storage volume where the image is located */
|
||||
+ uuid_t location_uuid;
|
||||
+
|
||||
+ /* Properties of images with img_type_uuid in the different FW banks */
|
||||
+ struct fwu_image_properties img_props[NR_OF_FW_BANKS];
|
||||
+
|
||||
+} __packed;
|
||||
+
|
||||
+struct fwu_metadata {
|
||||
+
|
||||
+ /* Metadata CRC value */
|
||||
+ uint32_t crc_32;
|
||||
+
|
||||
+ /* Metadata version */
|
||||
+ uint32_t version;
|
||||
+
|
||||
+ /* Bank index with which device boots */
|
||||
+ uint32_t active_index;
|
||||
+
|
||||
+ /* Previous bank index with which device booted successfully */
|
||||
+ uint32_t previous_active_index;
|
||||
+
|
||||
+ /* Image entry information */
|
||||
+ struct fwu_image_entry img_entry[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+
|
||||
+} __packed;
|
||||
+
|
||||
+/* This is Corstone1000 speific metadata for OTA.
|
||||
+ * Private metadata is written at next sector following
|
||||
+ * FWU METADATA location */
|
||||
+struct fwu_private_metadata {
|
||||
+
|
||||
+ /* boot_index: the bank from which system is booted from */
|
||||
+ uint32_t boot_index;
|
||||
+
|
||||
+} __packed;
|
||||
+
|
||||
+struct fwu_metadata _metadata;
|
||||
+int is_initialized = 0;
|
||||
+
|
||||
+#define IMAGE_ACCEPTED (1)
|
||||
+#define IMAGE_NOT_ACCEPTED (0)
|
||||
+#define BANK_0 (0)
|
||||
+#define BANK_1 (1)
|
||||
+#define IMAGE_0 (0)
|
||||
+#define IMAGE_1 (1)
|
||||
+#define IMAGE_2 (2)
|
||||
+#define IMAGE_3 (3)
|
||||
+#define INVALID_VERSION (0xffffffff)
|
||||
+
|
||||
+#ifndef FWU_METADATA_FLASH_DEV
|
||||
+ #ifndef FLASH_DEV_NAME
|
||||
+ #error "FWU_METADATA_FLASH_DEV or FLASH_DEV_NAME must be defined in flash_layout.h"
|
||||
+ #else
|
||||
+ #define FWU_METADATA_FLASH_DEV FLASH_DEV_NAME
|
||||
+ #endif
|
||||
+#endif
|
||||
+
|
||||
+/* Import the CMSIS flash device driver */
|
||||
+extern ARM_DRIVER_FLASH FWU_METADATA_FLASH_DEV;
|
||||
+
|
||||
+static enum fwu_agent_error_t private_metadata_read(
|
||||
+ struct fwu_private_metadata* p_metadata)
|
||||
+{
|
||||
+ int ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (!p_metadata) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_PRIVATE_AREA_OFFSET, p_metadata,
|
||||
+ sizeof(struct fwu_private_metadata));
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: success: boot_index = %u\n\r", __func__,
|
||||
+ p_metadata->boot_index);
|
||||
+
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static enum fwu_agent_error_t private_metadata_write(
|
||||
+ struct fwu_private_metadata* p_metadata)
|
||||
+{
|
||||
+ int ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter: boot_index = %u\n\r", __func__,
|
||||
+ p_metadata->boot_index);
|
||||
+
|
||||
+ if (!p_metadata) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_PRIVATE_AREA_OFFSET);
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_PRIVATE_AREA_OFFSET,
|
||||
+ p_metadata, sizeof(struct fwu_private_metadata));
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: success\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
|
||||
+{
|
||||
+ int ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
|
||||
+ FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
|
||||
+
|
||||
+ if (!p_metadata) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
|
||||
+ p_metadata, sizeof(struct fwu_metadata));
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
|
||||
+ p_metadata->active_index, p_metadata->previous_active_index);
|
||||
+
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static enum fwu_agent_error_t metadata_write(
|
||||
+ struct fwu_metadata *p_metadata)
|
||||
+{
|
||||
+ int ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
|
||||
+ FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
|
||||
+
|
||||
+ if (!p_metadata) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_1_OFFSET);
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_1_OFFSET,
|
||||
+ p_metadata, sizeof(struct fwu_metadata));
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
|
||||
+ p_metadata->active_index, p_metadata->previous_active_index);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+enum fwu_agent_error_t fwu_metadata_init(void)
|
||||
+{
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+ ARM_FLASH_INFO* flash_info;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (is_initialized) {
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+ }
|
||||
+
|
||||
+ /* Code assumes everything fits into a sector */
|
||||
+ if (sizeof(struct fwu_metadata) > FWU_METADATA_FLASH_SECTOR_SIZE) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (sizeof(struct fwu_private_metadata) > FWU_METADATA_FLASH_SECTOR_SIZE) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ ret = FWU_METADATA_FLASH_DEV.Initialize(NULL);
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ flash_info = FWU_METADATA_FLASH_DEV.GetInfo();
|
||||
+ if (flash_info->program_unit != 1) {
|
||||
+ FWU_METADATA_FLASH_DEV.Uninitialize();
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ is_initialized = 1;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: is_initialized = %d\n\r", __func__, is_initialized);
|
||||
+
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+enum fwu_agent_error_t fwu_metadata_provision(void)
|
||||
+{
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ uint32_t image_version = 0;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ ret = fwu_metadata_init();
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ /* Provision FWU Agent Metadata */
|
||||
+
|
||||
+ memset(&_metadata, 0, sizeof(struct fwu_metadata));
|
||||
+
|
||||
+ _metadata.version = 1;
|
||||
+ _metadata.active_index = 0;
|
||||
+ _metadata.previous_active_index = 1;
|
||||
+
|
||||
+ /* bank 0 is the place where images are located at the
|
||||
+ * start of device lifecycle */
|
||||
+
|
||||
+ for (int i = 0; i < NR_OF_IMAGES_IN_FW_BANK; i++) {
|
||||
+
|
||||
+ _metadata.img_entry[i].img_props[BANK_0].accepted = IMAGE_ACCEPTED;
|
||||
+ _metadata.img_entry[i].img_props[BANK_0].version = image_version;
|
||||
+
|
||||
+ _metadata.img_entry[i].img_props[BANK_1].accepted = IMAGE_NOT_ACCEPTED;
|
||||
+ _metadata.img_entry[i].img_props[BANK_1].version = INVALID_VERSION;
|
||||
+ }
|
||||
+
|
||||
+ ret = metadata_write(&_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ memset(&_metadata, 0, sizeof(struct fwu_metadata));
|
||||
+ ret = metadata_read(&_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+ FWU_LOG_MSG("%s: provisioned values: active = %u, previous = %d\n\r",
|
||||
+ __func__, _metadata.active_index, _metadata.previous_active_index);
|
||||
+
|
||||
+
|
||||
+ /* Provision Private metadata for update agent which is shared
|
||||
+ beween BL1 and tf-m of secure enclave */
|
||||
+
|
||||
+ memset(&priv_metadata, 0, sizeof(struct fwu_private_metadata));
|
||||
+
|
||||
+ priv_metadata.boot_index = BANK_0;
|
||||
+
|
||||
+ ret = private_metadata_write(&priv_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ memset(&priv_metadata, 0, sizeof(struct fwu_private_metadata));
|
||||
+ ret = private_metadata_read(&priv_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+ FWU_LOG_MSG("%s: provisioned values: boot_index = %u\n\r", __func__,
|
||||
+ priv_metadata.boot_index);
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: FWU METADATA PROVISIONED.\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
new file mode 100644
|
||||
index 0000000000..449d354100
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -0,0 +1,31 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#ifndef FWU_AGENT_H
|
||||
+#define FWU_AGENT_H
|
||||
+
|
||||
+/* Set 1 to enable debug messages */
|
||||
+#define ENABLE_DEBUG_LOGS 1
|
||||
+
|
||||
+#if (ENABLE_DEBUG_LOGS == 1)
|
||||
+ #include <stdio.h>
|
||||
+ #define FWU_LOG_MSG(f_, ...) printf((f_), ##__VA_ARGS__)
|
||||
+#else
|
||||
+ #define FWU_LOG_MSG(f_, ...)
|
||||
+#endif
|
||||
+
|
||||
+enum fwu_agent_error_t {
|
||||
+ FWU_AGENT_SUCCESS = 0,
|
||||
+ FWU_AGENT_ERROR = (-1)
|
||||
+};
|
||||
+
|
||||
+enum fwu_agent_error_t fwu_metadata_provision(void);
|
||||
+enum fwu_agent_error_t fwu_metadata_init(void);
|
||||
+
|
||||
+
|
||||
+#endif /* FWU_AGENT_H */
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
index f120a7b8ee..47445d9d29 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
@@ -117,11 +117,18 @@
|
||||
|
||||
|
||||
/* 1MB: space in flash to store metadata and uefi variables */
|
||||
+#define FWU_METADATA_FLASH_DEV (FLASH_DEV_NAME)
|
||||
+#define FWU_METADATA_FLASH_SECTOR_SIZE (FLASH_SECTOR_SIZE)
|
||||
+
|
||||
#define FWU_METADATA_PARTITION_OFFSET (FLASH_BASE_OFFSET)
|
||||
-#define FWU_METADATA_AREA_SIZE (FLASH_SECTOR_SIZE) /* 4KB */
|
||||
+#define FWU_METADATA_AREA_SIZE (FWU_METADATA_FLASH_SECTOR_SIZE)
|
||||
#define FWU_METADATA_REPLICA_1_OFFSET (FLASH_BASE_OFFSET)
|
||||
#define FWU_METADATA_REPLICA_2_OFFSET (FWU_METADATA_REPLICA_1_OFFSET + \
|
||||
FWU_METADATA_AREA_SIZE)
|
||||
+#define FWU_PRIVATE_AREA_SIZE (FLASH_SECTOR_SIZE)
|
||||
+#define FWU_PRIVATE_AREA_OFFSET (FWU_METADATA_REPLICA_2_OFFSET + \
|
||||
+ FWU_METADATA_AREA_SIZE)
|
||||
+
|
||||
#define NR_OF_FW_BANKS (2)
|
||||
#define NR_OF_IMAGES_IN_FW_BANK (4) /* Secure Enclave: BL2 and TF-M \
|
||||
* Host: FIP and Kernel image
|
||||
@@ -217,7 +224,7 @@
|
||||
/*** ITS, PS and NV Counters ***/
|
||||
/*******************************/
|
||||
|
||||
-#define FLASH_ITS_AREA_OFFSET (0)
|
||||
+#define FLASH_ITS_AREA_OFFSET (0x10000) /* 64 KB */
|
||||
#define FLASH_ITS_AREA_SIZE (4 * FLASH_SECTOR_SIZE) /* 4 KiB */
|
||||
|
||||
#define FLASH_PS_AREA_OFFSET (FLASH_ITS_AREA_OFFSET + \
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-243
@@ -1,243 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 22aeb7708773c2cc9df2cc501d411b94c09fd0bd Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Sat, 2 Oct 2021 12:31:07 +0100
|
||||
Subject: [PATCH 03/15] corstone1000: parse the uefi firmware update capsule
|
||||
|
||||
The Host (OTA Client) sends a capsule containing fwu images
|
||||
to secure enclave. The commit parses the capsule to retrieve
|
||||
images.
|
||||
|
||||
Change-Id: Icf097cf88911a568bdc9eba8c98e2da93994f0bc
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 2 +
|
||||
.../fw_update_agent/uefi_capsule_parser.c | 155 ++++++++++++++++++
|
||||
.../fw_update_agent/uefi_capsule_parser.h | 31 ++++
|
||||
3 files changed, 188 insertions(+)
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index 16d256bc34..f34035d361 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -51,6 +51,7 @@ target_include_directories(platform_s
|
||||
services/include
|
||||
INTERFACE
|
||||
cc312
|
||||
+ fw_update_agent
|
||||
)
|
||||
|
||||
target_sources(platform_s
|
||||
@@ -67,6 +68,7 @@ target_sources(platform_s
|
||||
tfm_hal_platform.c
|
||||
${CMAKE_SOURCE_DIR}/platform/ext/common/tfm_hal_nvic.c
|
||||
$<$<BOOL:TFM_PARTITION_PLATFORM>:${CMAKE_CURRENT_SOURCE_DIR}/services/src/tfm_platform_system.c>
|
||||
+ fw_update_agent/uefi_capsule_parser.c
|
||||
)
|
||||
|
||||
if (PLATFORM_IS_FVP)
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
new file mode 100644
|
||||
index 0000000000..32133b2eb2
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
@@ -0,0 +1,155 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#include "uefi_capsule_parser.h"
|
||||
+#include "fwu_agent.h"
|
||||
+#include <string.h>
|
||||
+
|
||||
+/*
|
||||
+Update Capsule Structure (UEFI spec 2.9 1004)
|
||||
+ EFI_CAPSULE_HEADER
|
||||
+ ...
|
||||
+ ...
|
||||
+ ...
|
||||
+ CAPSULE_BODY
|
||||
+ efi_firmware_management_capsule_header
|
||||
+ Optional Driver 1 (item_offset[0])
|
||||
+ Optional Driver 2 (item_offset[1])
|
||||
+ Payload 1 (item_offset[2])
|
||||
+ efi_firmware_management_capsule_iamge_header
|
||||
+ Binary Update image (Image_length == update_image_size)
|
||||
+ Vendor Code bytes (Data lenght == update_vendorcode_size)
|
||||
+ Payload 2 (item_offset[3])
|
||||
+ ...
|
||||
+ ...
|
||||
+ Payload n (item_offset[embedded_driver_count + payload_item_count -1])
|
||||
+*/
|
||||
+
|
||||
+typedef struct {
|
||||
+ struct efi_guid capsule_guid;
|
||||
+ uint32_t header_size;
|
||||
+ uint32_t flags;
|
||||
+ uint32_t capsule_image_size;
|
||||
+} efi_capsule_header_t;
|
||||
+
|
||||
+typedef struct {
|
||||
+ uint32_t version;
|
||||
+ uint16_t embedded_driver_count;
|
||||
+ uint16_t payload_item_count;
|
||||
+ uint64_t item_offset_list[];
|
||||
+} efi_firmware_management_capsule_header_t;
|
||||
+
|
||||
+typedef struct {
|
||||
+ uint32_t version;
|
||||
+ struct efi_guid update_image_type_id;
|
||||
+ uint8_t update_image_index;
|
||||
+ uint8_t reserved_bytes[3];
|
||||
+ uint32_t update_image_size;
|
||||
+ uint32_t update_vendorcode_size;
|
||||
+ uint64_t update_hardware_instance; //introduced in v2
|
||||
+ uint64_t image_capsule_support; //introduced in v3
|
||||
+} efi_firmware_management_capsule_image_header_t;
|
||||
+
|
||||
+#define ANYSIZE_ARRAY 0
|
||||
+
|
||||
+typedef struct {
|
||||
+ uint32_t dwLength;
|
||||
+ uint16_t wRevision;
|
||||
+ uint16_t wCertificateType;
|
||||
+ uint8_t bCertificate[ANYSIZE_ARRAY];
|
||||
+} WIN_CERTIFICATE;
|
||||
+
|
||||
+typedef struct {
|
||||
+ WIN_CERTIFICATE hdr;
|
||||
+ struct efi_guid cert_type;
|
||||
+ uint8_t cert_data[ANYSIZE_ARRAY];
|
||||
+} win_certificate_uefi_guid_t;
|
||||
+
|
||||
+typedef struct {
|
||||
+ uint64_t monotonic_count;
|
||||
+ win_certificate_uefi_guid_t auth_info;
|
||||
+} efi_firmware_image_authentication_t;
|
||||
+
|
||||
+
|
||||
+enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
|
||||
+ capsule_image_info_t* images_info)
|
||||
+{
|
||||
+ char *ptr = (char*)capsule_ptr;
|
||||
+ efi_capsule_header_t* capsule_header;
|
||||
+ efi_firmware_management_capsule_header_t* payload_header;
|
||||
+ efi_firmware_management_capsule_image_header_t* image_header;
|
||||
+ efi_firmware_image_authentication_t* image_auth;
|
||||
+ uint32_t total_size;
|
||||
+ uint32_t image_count;
|
||||
+ uint32_t auth_size;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter, capsule ptr = 0x%p\n\r", __func__, capsule_ptr);
|
||||
+
|
||||
+ if (!capsule_ptr) {
|
||||
+ return UEFI_CAPSULE_PARSER_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ capsule_header = (efi_capsule_header_t*)ptr;
|
||||
+ ptr += sizeof(efi_capsule_header_t) + sizeof(uint32_t);
|
||||
+ payload_header = (efi_firmware_management_capsule_header_t*)ptr;
|
||||
+
|
||||
+ total_size = capsule_header->capsule_image_size;
|
||||
+ image_count = payload_header->payload_item_count;
|
||||
+ images_info->nr_image = image_count;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: capsule size = %u, image count = %u\n\r", __func__,
|
||||
+ total_size, image_count);
|
||||
+
|
||||
+ if ((image_count == 0) || (image_count > NR_OF_IMAGES_IN_FW_BANK)) {
|
||||
+ return UEFI_CAPSULE_PARSER_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ for (int i = 0; i < image_count; i++) {
|
||||
+
|
||||
+ image_header = (efi_firmware_management_capsule_image_header_t*)(ptr +
|
||||
+ payload_header->item_offset_list[i]);
|
||||
+
|
||||
+ images_info->size[i] = image_header->update_image_size;
|
||||
+ images_info->version[i] = image_header->version;
|
||||
+ FWU_LOG_MSG("%s: image %i version = %u\n\r", __func__, i,
|
||||
+ images_info->version[i]);
|
||||
+
|
||||
+ image_auth = (efi_firmware_image_authentication_t*)(
|
||||
+ (char*)image_header +
|
||||
+ sizeof (efi_firmware_management_capsule_image_header_t)
|
||||
+ );
|
||||
+ auth_size = sizeof(uint64_t) /* monotonic_count */ +
|
||||
+ image_auth->auth_info.hdr.dwLength /* WIN_CERTIFICATE + cert_data */ +
|
||||
+ sizeof(struct efi_guid) /* cert_type */;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: auth size = %u\n\r", __func__, auth_size);
|
||||
+
|
||||
+ images_info->size[i] -= auth_size;
|
||||
+
|
||||
+ images_info->image[i] = (
|
||||
+ (char*)image_header +
|
||||
+ sizeof(efi_firmware_management_capsule_image_header_t) +
|
||||
+ auth_size);
|
||||
+
|
||||
+ memcpy(&images_info->guid[i], &(image_header->update_image_type_id),
|
||||
+ sizeof(struct efi_guid));
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: image %d at %p, size=%u\n\r", __func__, i,
|
||||
+ images_info->image[i], images_info->size[i]);
|
||||
+
|
||||
+ if ((payload_header->item_offset_list[i] +
|
||||
+ sizeof(efi_firmware_management_capsule_image_header_t) +
|
||||
+ image_header->update_image_size) > total_size)
|
||||
+ {
|
||||
+ return UEFI_CAPSULE_PARSER_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return UEFI_CAPSULE_PARSER_SUCCESS;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
new file mode 100644
|
||||
index 0000000000..a890a709e9
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
@@ -0,0 +1,31 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#ifndef UEFI_CAPSULE_PARSER_H
|
||||
+#define UEFI_CAPSULE_PARSER_H
|
||||
+
|
||||
+#include <stdint.h>
|
||||
+#include "fip_parser/external/uuid.h"
|
||||
+#include "flash_layout.h"
|
||||
+
|
||||
+enum uefi_capsule_error_t {
|
||||
+ UEFI_CAPSULE_PARSER_SUCCESS = 0,
|
||||
+ UEFI_CAPSULE_PARSER_ERROR = (-1)
|
||||
+};
|
||||
+
|
||||
+typedef struct capsule_image_info {
|
||||
+ uint32_t nr_image;
|
||||
+ void *image[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+ struct efi_guid guid[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+ uint32_t size[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+ uint32_t version[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+} capsule_image_info_t;
|
||||
+
|
||||
+enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
|
||||
+ capsule_image_info_t* images_info);
|
||||
+
|
||||
+#endif /* UEFI_CAPSULE_PARSER_H */
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-106
@@ -1,106 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From c1ae09844562f33ddf07b8f5ca6b7d98ccbaf24c Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Sat, 2 Oct 2021 18:48:31 +0100
|
||||
Subject: [PATCH 04/15] corstone1000: add firmware update (fwu) agent into TF-M
|
||||
|
||||
The commit links the firmware-update (fwu) agent into the
|
||||
TF-M.
|
||||
|
||||
The commit also configures the secure enclave firewall to
|
||||
access DRAM, where uefi capsule will be written by ota client
|
||||
for fwu agent to parse.
|
||||
|
||||
Change-Id: I89617a9b515d6aa5cc4f383b5a75a4beef73cc33
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../ext/target/arm/corstone1000/CMakeLists.txt | 1 +
|
||||
.../Device/Include/platform_base_address.h | 1 +
|
||||
.../target/arm/corstone1000/bl1/bl1_boot_hal.c | 17 +++++++++++++++++
|
||||
.../target/arm/corstone1000/tfm_hal_platform.c | 5 +++++
|
||||
4 files changed, 24 insertions(+)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index f34035d361..81623f16ff 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -69,6 +69,7 @@ target_sources(platform_s
|
||||
${CMAKE_SOURCE_DIR}/platform/ext/common/tfm_hal_nvic.c
|
||||
$<$<BOOL:TFM_PARTITION_PLATFORM>:${CMAKE_CURRENT_SOURCE_DIR}/services/src/tfm_platform_system.c>
|
||||
fw_update_agent/uefi_capsule_parser.c
|
||||
+ fw_update_agent/fwu_agent.c
|
||||
)
|
||||
|
||||
if (PLATFORM_IS_FVP)
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
|
||||
index 5f37caa09c..e86ddcfbc9 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
|
||||
@@ -75,5 +75,6 @@
|
||||
#define CORSTONE1000_HOST_FPGA_SCC_REGISTERS (0x80000000U) /* FPGA SCC Registers */
|
||||
#define CORSTONE1000_HOST_SE_SECURE_FLASH_BASE_FVP (0x80010000U) /* SE Flash */
|
||||
#define CORSTONE1000_HOST_AXI_QSPI_CTRL_REG_BASE (0x80050000U) /* AXI QSPI Controller */
|
||||
+#define CORSTONE1000_HOST_DRAM_UEFI_CAPSULE (0xA0000000U) /* 1.5 GB DDR */
|
||||
|
||||
#endif /* __PLATFORM_BASE_ADDRESS_H__ */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
index 5e5e5c9e68..54042495d7 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
@@ -47,6 +47,7 @@ REGION_DECLARE(Image$$, ARM_LIB_HEAP, $$ZI$$Limit)[];
|
||||
#define HOST_AXI_QSPI_CTRL_REG_BASE_SE_SECURE_FLASH 0x60010000
|
||||
|
||||
#define HOST_DRAM_BASE 0x80000000
|
||||
+#define HOST_DRAM_UEFI_CAPSULE 0x80000000
|
||||
|
||||
#define SE_MID 0
|
||||
|
||||
@@ -249,6 +250,22 @@ static void setup_se_firewall(void)
|
||||
fc_enable_mpe(RGN_MPE0);
|
||||
fc_enable_regions();
|
||||
|
||||
+ /* DDR/DRAM/UEFI_CAPSULE: 32MB */
|
||||
+ fc_select_region(6);
|
||||
+ fc_disable_regions();
|
||||
+ fc_disable_mpe(RGN_MPE0);
|
||||
+ fc_prog_rgn(RGN_SIZE_32MB, CORSTONE1000_HOST_DRAM_UEFI_CAPSULE);
|
||||
+ fc_prog_rgn_upper_addr(HOST_DRAM_UEFI_CAPSULE);
|
||||
+ fc_enable_addr_trans();
|
||||
+ fc_init_mpl(RGN_MPE0);
|
||||
+ mpl_rights = (RGN_MPL_SECURE_READ_MASK |
|
||||
+ RGN_MPL_SECURE_WRITE_MASK);
|
||||
+
|
||||
+ fc_enable_mpl(RGN_MPE0, mpl_rights);
|
||||
+ fc_prog_mid(RGN_MPE0, SE_MID);
|
||||
+ fc_enable_mpe(RGN_MPE0);
|
||||
+ fc_enable_regions();
|
||||
+
|
||||
|
||||
fc_pe_enable();
|
||||
}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
index 71472ea08c..0072b5b928 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
@@ -8,11 +8,16 @@
|
||||
#include "cmsis.h"
|
||||
#include "tfm_hal_platform.h"
|
||||
#include "uart_stdout.h"
|
||||
+#include "fwu_agent.h"
|
||||
|
||||
enum tfm_hal_status_t tfm_hal_platform_init(void)
|
||||
{
|
||||
__enable_irq();
|
||||
stdio_init();
|
||||
|
||||
+ if (fwu_metadata_init()) {
|
||||
+ return TFM_HAL_ERROR_GENERIC;
|
||||
+ }
|
||||
+
|
||||
return TFM_HAL_SUCCESS;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-437
@@ -1,437 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 593087034655eca09ff8e80e67c3252399fa0ce7 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Sat, 2 Oct 2021 18:51:21 +0100
|
||||
Subject: [PATCH 05/15] corstone1000: implement corstone1000_fwu_flash_images
|
||||
|
||||
The API, corstone1000_fwu_flash_images, is an non-secure host
|
||||
inteface (firmware update client) to send new updatable images,
|
||||
and to start the update process. The implementation of the API does
|
||||
version verfification before coping the images to the update bank.
|
||||
After copy, the platform is reset.
|
||||
|
||||
On successful call to the API, the firmware update state of the
|
||||
system changes from regular state to trial state. On reset,
|
||||
the system is expected but not guaranteed to boot from the
|
||||
update/trial bank.
|
||||
|
||||
Change-Id: I6c278145ec95ec522f7e59d00e1640a039c9778e
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../corstone1000/CMSIS_Driver/Driver_Flash.c | 11 +
|
||||
.../corstone1000/Native_Driver/flash_common.h | 1 +
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 225 ++++++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 11 +
|
||||
.../include/corstone1000_ioctl_requests.h | 32 +++
|
||||
.../services/src/tfm_platform_system.c | 24 +-
|
||||
6 files changed, 300 insertions(+), 4 deletions(-)
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/services/include/corstone1000_ioctl_requests.h
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMSIS_Driver/Driver_Flash.c b/platform/ext/target/arm/corstone1000/CMSIS_Driver/Driver_Flash.c
|
||||
index 10952d4cbe..01c535e094 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMSIS_Driver/Driver_Flash.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMSIS_Driver/Driver_Flash.c
|
||||
@@ -175,6 +175,11 @@ int32_t Select_XIP_Mode_For_Shared_Flash(void)
|
||||
return ARM_DRIVER_OK;
|
||||
}
|
||||
|
||||
+int32_t Select_Write_Mode_For_Shared_Flash(void)
|
||||
+{
|
||||
+ return ARM_DRIVER_OK;
|
||||
+}
|
||||
+
|
||||
static int32_t STRATAFLASHJ3_Initialize(ARM_Flash_SignalEvent_t cb_event)
|
||||
{
|
||||
ARG_UNUSED(cb_event);
|
||||
@@ -392,6 +397,12 @@ int32_t Select_XIP_Mode_For_Shared_Flash(void)
|
||||
return ARM_DRIVER_OK;
|
||||
}
|
||||
|
||||
+int32_t Select_Write_Mode_For_Shared_Flash(void)
|
||||
+{
|
||||
+ select_qspi_mode(&AXI_QSPI_DEV_S);
|
||||
+ return ARM_DRIVER_OK;
|
||||
+}
|
||||
+
|
||||
static ARM_FLASH_CAPABILITIES N25Q256A_Driver_GetCapabilities(void)
|
||||
{
|
||||
return N25Q256ADriverCapabilities;
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/flash_common.h b/platform/ext/target/arm/corstone1000/Native_Driver/flash_common.h
|
||||
index 76d5303f83..2e91fb2db4 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/Native_Driver/flash_common.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/flash_common.h
|
||||
@@ -18,6 +18,7 @@ extern "C"
|
||||
#include "Driver_Common.h"
|
||||
|
||||
int32_t Select_XIP_Mode_For_Shared_Flash(void);
|
||||
+int32_t Select_Write_Mode_For_Shared_Flash(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index b9c507e4ef..7fa64db0f7 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -11,6 +11,10 @@
|
||||
#include "Driver_Flash.h"
|
||||
#include "flash_layout.h"
|
||||
#include "fip_parser/external/uuid.h"
|
||||
+#include "region_defs.h"
|
||||
+#include "uefi_capsule_parser.h"
|
||||
+#include "flash_common.h"
|
||||
+#include "platform_base_address.h"
|
||||
|
||||
/* Properties of image in a bank */
|
||||
struct fwu_image_properties {
|
||||
@@ -73,9 +77,27 @@ struct fwu_private_metadata {
|
||||
|
||||
} __packed;
|
||||
|
||||
+
|
||||
struct fwu_metadata _metadata;
|
||||
+
|
||||
int is_initialized = 0;
|
||||
|
||||
+capsule_image_info_t capsule_info;
|
||||
+
|
||||
+enum fwu_agent_state_t {
|
||||
+ FWU_AGENT_STATE_UNKNOWN = -1,
|
||||
+ FWU_AGENT_STATE_REGULAR = 0,
|
||||
+ FWU_AGENT_STATE_TRIAL,
|
||||
+};
|
||||
+
|
||||
+struct efi_guid full_capsule_image_guid = {
|
||||
+ .time_low = 0x3a770ddc,
|
||||
+ .time_mid = 0x409b,
|
||||
+ .time_hi_and_version = 0x48b2,
|
||||
+ .clock_seq_and_node = {0x81, 0x41, 0x93, 0xb7, 0xc6, 0x0b, 0x20, 0x9e}
|
||||
+};
|
||||
+
|
||||
+
|
||||
#define IMAGE_ACCEPTED (1)
|
||||
#define IMAGE_NOT_ACCEPTED (0)
|
||||
#define BANK_0 (0)
|
||||
@@ -84,8 +106,12 @@ int is_initialized = 0;
|
||||
#define IMAGE_1 (1)
|
||||
#define IMAGE_2 (2)
|
||||
#define IMAGE_3 (3)
|
||||
+#define IMAGE_END (IMAGE_3)
|
||||
+#define IMAGE_ALL (IMAGE_END + 1)
|
||||
+#define IMAGE_NOT_RECOGNIZED (-1)
|
||||
#define INVALID_VERSION (0xffffffff)
|
||||
|
||||
+
|
||||
#ifndef FWU_METADATA_FLASH_DEV
|
||||
#ifndef FLASH_DEV_NAME
|
||||
#error "FWU_METADATA_FLASH_DEV or FLASH_DEV_NAME must be defined in flash_layout.h"
|
||||
@@ -307,3 +333,202 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
|
||||
return FWU_AGENT_SUCCESS;
|
||||
}
|
||||
|
||||
+static enum fwu_agent_state_t get_fwu_agent_state(
|
||||
+ struct fwu_metadata *metadata_ptr,
|
||||
+ struct fwu_private_metadata *priv_metadata_ptr)
|
||||
+{
|
||||
+ uint32_t boot_index;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ boot_index = priv_metadata_ptr->boot_index;
|
||||
+
|
||||
+ if (boot_index != metadata_ptr->active_index) {
|
||||
+ return FWU_AGENT_STATE_TRIAL;
|
||||
+ }
|
||||
+
|
||||
+ for (int i = 0; i < NR_OF_IMAGES_IN_FW_BANK; i++) {
|
||||
+ if ((metadata_ptr->img_entry[i].img_props[boot_index].accepted)
|
||||
+ == (IMAGE_NOT_ACCEPTED)) {
|
||||
+ return FWU_AGENT_STATE_TRIAL;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: FWU_AGENT_STATE_REGULAR\n\r", __func__);
|
||||
+ return FWU_AGENT_STATE_REGULAR;
|
||||
+}
|
||||
+
|
||||
+static int get_image_info_in_bank(struct efi_guid* guid, uint32_t* image_bank_offset)
|
||||
+{
|
||||
+ if ((memcmp(guid, &full_capsule_image_guid, sizeof(struct efi_guid))) == 0) {
|
||||
+ *image_bank_offset = 0;
|
||||
+ return IMAGE_ALL;
|
||||
+ }
|
||||
+
|
||||
+ return IMAGE_NOT_RECOGNIZED;
|
||||
+}
|
||||
+
|
||||
+static enum fwu_agent_error_t erase_bank(uint32_t bank_offset)
|
||||
+{
|
||||
+ int ret;
|
||||
+ uint32_t sectors;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if ((bank_offset % FWU_METADATA_FLASH_SECTOR_SIZE) != 0) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if ((BANK_PARTITION_SIZE % FWU_METADATA_FLASH_SECTOR_SIZE) != 0) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ sectors = BANK_PARTITION_SIZE / FWU_METADATA_FLASH_SECTOR_SIZE;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: erasing sectors = %u, from offset = %u\n\r", __func__,
|
||||
+ sectors, bank_offset);
|
||||
+
|
||||
+ for (int i = 0; i < sectors; i++) {
|
||||
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(
|
||||
+ bank_offset + (i * FWU_METADATA_FLASH_SECTOR_SIZE));
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static enum fwu_agent_error_t flash_full_capsule(
|
||||
+ struct fwu_metadata* metadata, void* images, uint32_t size,
|
||||
+ uint32_t version)
|
||||
+{
|
||||
+ int ret;
|
||||
+ uint32_t active_index = metadata->active_index;
|
||||
+ uint32_t bank_offset;
|
||||
+ uint32_t previous_active_index;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter: image = 0x%p, size = %u, version = %u\n\r"
|
||||
+ , __func__, images, size, version);
|
||||
+
|
||||
+ if (!metadata || !images) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (size > BANK_PARTITION_SIZE) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (version <=
|
||||
+ (metadata->img_entry[IMAGE_0].img_props[active_index].version)) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (active_index == BANK_0) {
|
||||
+ previous_active_index = BANK_1;
|
||||
+ bank_offset = BANK_1_PARTITION_OFFSET;
|
||||
+ } else if (active_index == BANK_1) {
|
||||
+ previous_active_index = BANK_0;
|
||||
+ bank_offset = BANK_0_PARTITION_OFFSET;
|
||||
+ } else {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (erase_bank(bank_offset)) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: writing capsule to the flash at offset = %u...\n\r",
|
||||
+ __func__, bank_offset);
|
||||
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(bank_offset, images, size);
|
||||
+ if (ret != ARM_DRIVER_OK) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+ FWU_LOG_MSG("%s: images are written to bank offset = %u\n\r", __func__,
|
||||
+ bank_offset);
|
||||
+
|
||||
+ /* Change system state to trial bank state */
|
||||
+ for (int i = 0; i < NR_OF_IMAGES_IN_FW_BANK; i++) {
|
||||
+ metadata->img_entry[i].img_props[previous_active_index].accepted =
|
||||
+ IMAGE_NOT_ACCEPTED;
|
||||
+ metadata->img_entry[i].img_props[previous_active_index].version = version;
|
||||
+ }
|
||||
+ metadata->active_index = previous_active_index;
|
||||
+ metadata->previous_active_index = active_index;
|
||||
+
|
||||
+ ret = metadata_write(metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+enum fwu_agent_error_t corstone1000_fwu_flash_image(void)
|
||||
+{
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+ void *capsule_ptr = (char*)CORSTONE1000_HOST_DRAM_UEFI_CAPSULE;
|
||||
+ int image_index;
|
||||
+ uint32_t image_bank_offset;
|
||||
+ uint32_t nr_images;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (!is_initialized) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ Select_Write_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ if (metadata_read(&_metadata)) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ /* Firmware update process can only start in regular state. */
|
||||
+ current_state = get_fwu_agent_state(&_metadata, &priv_metadata);
|
||||
+ if (current_state != FWU_AGENT_STATE_REGULAR) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ memset(&capsule_info, 0, sizeof(capsule_image_info_t));
|
||||
+ if (uefi_capsule_retrieve_images(capsule_ptr, &capsule_info)) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ nr_images = capsule_info.nr_image;
|
||||
+
|
||||
+ for (int i = 0; i < nr_images; i++) {
|
||||
+ image_index = get_image_info_in_bank(&capsule_info.guid[i],
|
||||
+ &image_bank_offset);
|
||||
+ switch(image_index) {
|
||||
+ case IMAGE_ALL:
|
||||
+ ret = flash_full_capsule(&_metadata, capsule_info.image[i],
|
||||
+ capsule_info.size[i],
|
||||
+ capsule_info.version[i]);
|
||||
+ break;
|
||||
+ default:
|
||||
+ FWU_LOG_MSG("%s: sent image not recognized\n\r", __func__);
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+out:
|
||||
+ Select_XIP_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: ret = %d\n\r", __func__, ret);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
index 449d354100..f5ab877ef1 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -23,9 +23,20 @@ enum fwu_agent_error_t {
|
||||
FWU_AGENT_ERROR = (-1)
|
||||
};
|
||||
|
||||
+#define FWU_ASSERT(_c_) \
|
||||
+ if (!(_c_)) { \
|
||||
+ FWU_LOG_MSG("%s:%d assert hit\n\r", __func__, __LINE__); \
|
||||
+ while(1) {}; \
|
||||
+ } \
|
||||
+
|
||||
+
|
||||
enum fwu_agent_error_t fwu_metadata_provision(void);
|
||||
enum fwu_agent_error_t fwu_metadata_init(void);
|
||||
|
||||
+/* host to secure enclave:
|
||||
+ * firwmare update image is sent accross
|
||||
+ */
|
||||
+enum fwu_agent_error_t corstone1000_fwu_flash_image(void);
|
||||
|
||||
#endif /* FWU_AGENT_H */
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/services/include/corstone1000_ioctl_requests.h b/platform/ext/target/arm/corstone1000/services/include/corstone1000_ioctl_requests.h
|
||||
new file mode 100644
|
||||
index 0000000000..8ac67346b6
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/services/include/corstone1000_ioctl_requests.h
|
||||
@@ -0,0 +1,32 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#ifndef CORSTONE1000_IOCTL_REQUESTS_H
|
||||
+#define CORSTONE1000_IOCTL_REQUESTS_H
|
||||
+
|
||||
+#include<stdint.h>
|
||||
+
|
||||
+
|
||||
+enum corstone1000_ioctl_id_t {
|
||||
+ IOCTL_CORSTONE1000_FWU_FLASH_IMAGES = 0,
|
||||
+ IOCTL_CORSTONE1000_FWU_HOST_ACK,
|
||||
+};
|
||||
+
|
||||
+
|
||||
+typedef struct corstone1000_ioctl_in_params {
|
||||
+
|
||||
+ uint32_t ioctl_id;
|
||||
+
|
||||
+} corstone1000_ioctl_in_params_t;
|
||||
+
|
||||
+typedef struct corstone1000_ioctl_out_params {
|
||||
+
|
||||
+ int32_t result;
|
||||
+
|
||||
+} corstone1000_ioctl_out_params_t;
|
||||
+
|
||||
+#endif /* CORSTONE1000_IOCTL_REQUESTS_H */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
index ed31c8895a..f9629a1688 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
@@ -7,6 +7,8 @@
|
||||
|
||||
#include "tfm_platform_system.h"
|
||||
#include "platform_description.h"
|
||||
+#include "corstone1000_ioctl_requests.h"
|
||||
+#include "fwu_agent.h"
|
||||
|
||||
void tfm_platform_hal_system_reset(void)
|
||||
{
|
||||
@@ -18,8 +20,22 @@ enum tfm_platform_err_t tfm_platform_hal_ioctl(tfm_platform_ioctl_req_t request,
|
||||
psa_invec *in_vec,
|
||||
psa_outvec *out_vec)
|
||||
{
|
||||
- (void)in_vec;
|
||||
- (void)out_vec;
|
||||
- /* No IOCTL is ipmlemented */
|
||||
- return TFM_PLATFORM_ERR_NOT_SUPPORTED;
|
||||
+ int32_t ret = TFM_PLATFORM_ERR_SUCCESS;
|
||||
+ const corstone1000_ioctl_in_params_t *in_params =
|
||||
+ (corstone1000_ioctl_in_params_t *)in_vec->base;
|
||||
+ corstone1000_ioctl_out_params_t *out_params = (corstone1000_ioctl_out_params_t *)out_vec->base;
|
||||
+
|
||||
+ switch(in_params->ioctl_id) {
|
||||
+ case IOCTL_CORSTONE1000_FWU_FLASH_IMAGES:
|
||||
+ out_params->result = corstone1000_fwu_flash_image();
|
||||
+ if (!out_params->result) {
|
||||
+ NVIC_SystemReset();
|
||||
+ }
|
||||
+ break;
|
||||
+ default:
|
||||
+ ret = TFM_PLATFORM_ERR_NOT_SUPPORTED;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ return ret;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-266
@@ -1,266 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 7ec8812451a4e25ca0790f84c7a0ee1f260f864c Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Mon, 11 Oct 2021 20:12:46 +0100
|
||||
Subject: [PATCH 06/15] corstone1000: add logic to select boot bank
|
||||
|
||||
Bl1 selects the boot bank depending upon the firmware update state
|
||||
of the system. When in the trial state, new images are being tried,
|
||||
BL1 select trial/update image bank for a pre-determined number of
|
||||
times. If in all attempts, the trial bank fails to boot, BL1 falls
|
||||
back to the previous active bank. For any reason, if previous active
|
||||
bank also fails to boot for that pre-determined number of times,
|
||||
the BL1 simply goes into an assert halt state. Idealy a recovery
|
||||
mechanism should boot but this is currently out-of-scope for the
|
||||
project.
|
||||
|
||||
BL2 logic simply tries to boot from the bank selected by the BL1.
|
||||
|
||||
It is expected that the fail boots are detected by secure enclave,
|
||||
and in those cases, reset of the system is triggered.
|
||||
|
||||
Change-Id: I773752f789bf8b402436c61134ac79bb405553b5
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 2 +
|
||||
.../arm/corstone1000/bl1/bl1_boot_hal.c | 6 +-
|
||||
.../target/arm/corstone1000/bl2_boot_hal.c | 8 +-
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 102 ++++++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 5 +-
|
||||
5 files changed, 117 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index 81623f16ff..a2191c835f 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -109,6 +109,7 @@ target_sources(platform_bl2
|
||||
Native_Driver/uart_pl011_drv.c
|
||||
fip_parser/fip_parser.c
|
||||
bl2_boot_hal.c
|
||||
+ fw_update_agent/fwu_agent.c
|
||||
)
|
||||
|
||||
if (PLATFORM_IS_FVP)
|
||||
@@ -155,6 +156,7 @@ target_include_directories(platform_bl2
|
||||
${MCUBOOT_PATH}/boot/bootutil/include # for fault_injection_hardening.h only
|
||||
${CMAKE_BINARY_DIR}/bl2/ext/mcuboot # for mcuboot_config.h only
|
||||
$<BUILD_INTERFACE:${BL2_SOURCE}/ext/mcuboot/include>
|
||||
+ fw_update_agent
|
||||
)
|
||||
|
||||
#========================= BL1 component =======================================#
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
index 54042495d7..2af5b8c846 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
@@ -587,7 +587,7 @@ extern void add_bank_offset_to_image_offset(uint32_t bank_offset);
|
||||
int32_t boot_platform_init(void)
|
||||
{
|
||||
int32_t result;
|
||||
- uint32_t bank_offset = BANK_0_PARTITION_OFFSET;
|
||||
+ uint32_t bank_offset;
|
||||
|
||||
#if !(PLATFORM_IS_FVP)
|
||||
setup_mpu();
|
||||
@@ -596,7 +596,6 @@ int32_t boot_platform_init(void)
|
||||
#if !(PLATFORM_IS_FVP)
|
||||
setup_host_firewall();
|
||||
#endif
|
||||
- add_bank_offset_to_image_offset(bank_offset);
|
||||
|
||||
result = FLASH_DEV_NAME.Initialize(NULL);
|
||||
if (result != ARM_DRIVER_OK) {
|
||||
@@ -630,6 +629,9 @@ int32_t boot_platform_init(void)
|
||||
}
|
||||
}
|
||||
|
||||
+ bl1_get_boot_bank(&bank_offset);
|
||||
+ add_bank_offset_to_image_offset(bank_offset);
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl2_boot_hal.c b/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
index 75d2cb60d8..4f5b48a2e0 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
@@ -18,6 +18,7 @@
|
||||
#include <string.h>
|
||||
#include "tfm_plat_otp.h"
|
||||
#include "tfm_plat_provisioning.h"
|
||||
+#include "fwu_agent.h"
|
||||
|
||||
#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
|
||||
#include "psa_adac_platform.h"
|
||||
@@ -112,15 +113,13 @@ int32_t boot_platform_init(void)
|
||||
{
|
||||
int32_t result;
|
||||
enum tfm_plat_err_t plat_err;
|
||||
- uint32_t bank_offset = BANK_0_PARTITION_OFFSET;
|
||||
+ uint32_t bank_offset;
|
||||
|
||||
result = fill_bl2_flash_map_by_parsing_fips(BANK_0_PARTITION_OFFSET);
|
||||
if (result) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
- add_bank_offset_to_image_offset(bank_offset);
|
||||
-
|
||||
result = FLASH_DEV_NAME.Initialize(NULL);
|
||||
if (result != ARM_DRIVER_OK) {
|
||||
return 1;
|
||||
@@ -154,6 +153,9 @@ int32_t boot_platform_init(void)
|
||||
}
|
||||
#endif
|
||||
|
||||
+ bl2_get_boot_bank(&bank_offset);
|
||||
+ add_bank_offset_to_image_offset(bank_offset);
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index 7fa64db0f7..23a15ee71b 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -75,8 +75,12 @@ struct fwu_private_metadata {
|
||||
/* boot_index: the bank from which system is booted from */
|
||||
uint32_t boot_index;
|
||||
|
||||
+ /* counter: tracking number of boot attempted so far */
|
||||
+ uint32_t boot_attempted;
|
||||
+
|
||||
} __packed;
|
||||
|
||||
+#define MAX_BOOT_ATTEMPTS_PER_BANK 3
|
||||
|
||||
struct fwu_metadata _metadata;
|
||||
|
||||
@@ -315,6 +319,7 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
|
||||
memset(&priv_metadata, 0, sizeof(struct fwu_private_metadata));
|
||||
|
||||
priv_metadata.boot_index = BANK_0;
|
||||
+ priv_metadata.boot_attempted = 0;
|
||||
|
||||
ret = private_metadata_write(&priv_metadata);
|
||||
if (ret) {
|
||||
@@ -532,3 +537,100 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
+void bl1_get_boot_bank(uint32_t *bank_offset)
|
||||
+{
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+ uint32_t boot_attempted;
|
||||
+ uint32_t boot_index;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (fwu_metadata_init()) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (metadata_read(&_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ current_state = get_fwu_agent_state(&_metadata, &priv_metadata);
|
||||
+
|
||||
+ if (current_state == FWU_AGENT_STATE_REGULAR) {
|
||||
+ boot_index = _metadata.active_index;
|
||||
+ FWU_ASSERT(boot_index == priv_metadata.boot_index);
|
||||
+ boot_attempted = 0;
|
||||
+ } else if (current_state == FWU_AGENT_STATE_TRIAL) {
|
||||
+ boot_attempted = (++priv_metadata.boot_attempted);
|
||||
+ FWU_LOG_MSG("%s: attempting boot number = %u\n\r",
|
||||
+ __func__, boot_attempted);
|
||||
+ if (boot_attempted <= MAX_BOOT_ATTEMPTS_PER_BANK) {
|
||||
+ boot_index = _metadata.active_index;
|
||||
+ FWU_LOG_MSG("%s: booting from trial bank: %u\n\r",
|
||||
+ __func__, boot_index);
|
||||
+ } else if (boot_attempted <= (2 * MAX_BOOT_ATTEMPTS_PER_BANK)) {
|
||||
+ boot_index = _metadata.previous_active_index;
|
||||
+ FWU_LOG_MSG("%s: gave up booting from trial bank\n\r", __func__);
|
||||
+ FWU_LOG_MSG("%s: booting from previous active bank: %u\n\r",
|
||||
+ __func__, boot_index);
|
||||
+ } else {
|
||||
+ FWU_LOG_MSG("%s: cannot boot system from any bank, halting...\n\r", __func__);
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+ } else {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ priv_metadata.boot_index = boot_index;
|
||||
+ if (private_metadata_write(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (boot_index == BANK_0) {
|
||||
+ *bank_offset = BANK_0_PARTITION_OFFSET;
|
||||
+ } else if (boot_index == BANK_1) {
|
||||
+ *bank_offset = BANK_1_PARTITION_OFFSET;
|
||||
+ } else {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: booting from bank = %u, offset = %x\n\r", __func__,
|
||||
+ boot_index, *bank_offset);
|
||||
+
|
||||
+ return;
|
||||
+}
|
||||
+
|
||||
+void bl2_get_boot_bank(uint32_t *bank_offset)
|
||||
+{
|
||||
+ uint32_t boot_index;
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (fwu_metadata_init()) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ boot_index = priv_metadata.boot_index;
|
||||
+
|
||||
+ if (boot_index == BANK_0) {
|
||||
+ *bank_offset = BANK_0_PARTITION_OFFSET;
|
||||
+ } else if (boot_index == BANK_1) {
|
||||
+ *bank_offset = BANK_1_PARTITION_OFFSET;
|
||||
+ } else {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: booting from bank = %u, offset = %x\n\r", __func__,
|
||||
+ boot_index, *bank_offset);
|
||||
+
|
||||
+ return;
|
||||
+}
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
index f5ab877ef1..389381c326 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -38,5 +38,8 @@ enum fwu_agent_error_t fwu_metadata_init(void);
|
||||
*/
|
||||
enum fwu_agent_error_t corstone1000_fwu_flash_image(void);
|
||||
|
||||
-#endif /* FWU_AGENT_H */
|
||||
|
||||
+void bl1_get_boot_bank(uint32_t *bank_offset);
|
||||
+void bl2_get_boot_bank(uint32_t *bank_offset);
|
||||
+
|
||||
+#endif /* FWU_AGENT_H */
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-645
@@ -1,645 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From d8c6e41ee040d19748915d2c598df1c4b90a93a8 Mon Sep 17 00:00:00 2001
|
||||
From: Harry Moulton <harry.moulton@arm.com>
|
||||
Date: Tue, 5 Oct 2021 12:40:57 +0100
|
||||
Subject: [PATCH 07/15] corstone1000: integrate watchdog driver
|
||||
|
||||
This change integrates and enables the watchdog timer driver
|
||||
inside the BL1, BL2 and TF-M. SoC and SE watchdogs are enabled,
|
||||
meaning the system should get reset if software becomes
|
||||
unresponsive.
|
||||
|
||||
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
|
||||
Change-Id: Iab957a58025aac98140bb71289a269443529e8ed
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 4 +
|
||||
.../Native_Driver/arm_watchdog_drv.c | 190 ++++++++++++++++++
|
||||
.../Native_Driver/arm_watchdog_drv.h | 179 +++++++++++++++++
|
||||
.../arm/corstone1000/Native_Driver/watchdog.c | 81 ++++++++
|
||||
.../arm/corstone1000/Native_Driver/watchdog.h | 32 +++
|
||||
.../arm/corstone1000/bl1/CMakeLists.txt | 2 +
|
||||
.../arm/corstone1000/bl1/bl1_boot_hal.c | 6 +
|
||||
.../target/arm/corstone1000/bl2_boot_hal.c | 6 +
|
||||
.../arm/corstone1000/tfm_hal_platform.c | 5 +
|
||||
9 files changed, 505 insertions(+)
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.c
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.h
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index a2191c835f..cb66bd48d6 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -62,6 +62,8 @@ target_sources(platform_s
|
||||
Device/Source/system_core_init.c
|
||||
Native_Driver/uart_pl011_drv.c
|
||||
Native_Driver/mhu_v2_x.c
|
||||
+ Native_Driver/watchdog.c
|
||||
+ Native_Driver/arm_watchdog_drv.c
|
||||
spm_hal.c
|
||||
tfm_hal_multi_core.c
|
||||
tfm_hal_isolation.c
|
||||
@@ -107,6 +109,8 @@ target_sources(platform_bl2
|
||||
Device/Source/device_definition.c
|
||||
Device/Source/system_core_init.c
|
||||
Native_Driver/uart_pl011_drv.c
|
||||
+ Native_Driver/watchdog.c
|
||||
+ Native_Driver/arm_watchdog_drv.c
|
||||
fip_parser/fip_parser.c
|
||||
bl2_boot_hal.c
|
||||
fw_update_agent/fwu_agent.c
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.c b/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.c
|
||||
new file mode 100644
|
||||
index 0000000000..b6323c99a5
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.c
|
||||
@@ -0,0 +1,190 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2016-2020 Arm Limited
|
||||
+ *
|
||||
+ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
+ * you may not use this file except in compliance with the License.
|
||||
+ * You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+
|
||||
+#include "arm_watchdog_drv.h"
|
||||
+
|
||||
+/* Watchdog control definitions */
|
||||
+#define ARM_WATCHDOG_CTRL_INTEN (0x1UL << 0)
|
||||
+#define ARM_WATCHDOG_CTRL_RESEN (0x1UL << 1)
|
||||
+#define ARM_WATCHDOG_INTCLR 1UL
|
||||
+#define ARM_WATCHDOG_RAWINTSTAT 1UL
|
||||
+#define ARM_WATCHDOG_MASKINTSTAT 1UL
|
||||
+#define ARM_WATCHDOG_UNLOCK_VALUE 0x1ACCE551
|
||||
+#define ARM_WATCHDOG_LOCK_VALUE 0x00000001
|
||||
+#define ARM_WATCHDOG_INTEGTESTEN 1UL
|
||||
+#define ARM_WATCHDOG_INTEGTESTOUTSET 1UL
|
||||
+#define ARM_WATCHDOG_MAX_VALUE 0xFFFFFFFF
|
||||
+
|
||||
+/* Watchdog state definitions */
|
||||
+#define ARM_WATCHDOG_INITIALIZED (1ul << 0)
|
||||
+#define ARM_WATCHDOG_ENABLED (1ul << 1)
|
||||
+
|
||||
+/* ARM watchdog memory mapped register access structure */
|
||||
+struct arm_watchdog_t {
|
||||
+ volatile uint32_t load; /* Offset: 0x000 (R/W) Load register */
|
||||
+ volatile uint32_t value; /* Offset: 0x004 (R/ ) Value register */
|
||||
+ volatile uint32_t ctrl; /* Offset: 0x008 (R/W) Control register */
|
||||
+ volatile uint32_t intclr; /* Offset: 0x00C ( /W) Clear interrupt
|
||||
+ * register */
|
||||
+ volatile uint32_t rawintstat; /* Offset: 0x010 (R/ ) Raw interrupt
|
||||
+ * status register */
|
||||
+ volatile uint32_t maskintstat; /* Offset: 0x014 (R/ ) Interrupt status
|
||||
+ * register */
|
||||
+ volatile uint32_t reserved0[762];
|
||||
+ volatile uint32_t lock; /* Offset: 0xC00 (R/W) Lock register */
|
||||
+ volatile uint32_t reserved1[191];
|
||||
+ volatile uint32_t itcr; /* Offset: 0xF00 (R/W) Integration test
|
||||
+ * control register */
|
||||
+ volatile uint32_t itop; /* Offset: 0xF04 ( /W) Integration Test
|
||||
+ * output set
|
||||
+ * register */
|
||||
+};
|
||||
+
|
||||
+void arm_watchdog_init(struct arm_watchdog_dev_t* dev, uint32_t timeout)
|
||||
+{
|
||||
+ /*
|
||||
+ * The init function leaves the watchdog in a clean state:
|
||||
+ * - initialized;
|
||||
+ * - disabled;
|
||||
+ * - locked.
|
||||
+ */
|
||||
+ if (arm_watchdog_is_enabled(dev)) {
|
||||
+ arm_watchdog_unlock(dev);
|
||||
+ (void)arm_watchdog_disable(dev);
|
||||
+ }
|
||||
+ arm_watchdog_lock(dev);
|
||||
+
|
||||
+ if (timeout == 0)
|
||||
+ dev->data->timeout = ARM_WATCHDOG_MAX_VALUE;
|
||||
+ else
|
||||
+ dev->data->timeout = timeout;
|
||||
+
|
||||
+ dev->data->state = ARM_WATCHDOG_INITIALIZED;
|
||||
+}
|
||||
+
|
||||
+enum arm_watchdog_error_t arm_watchdog_feed(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(dev))
|
||||
+ return ARM_WATCHDOG_ERR_NOT_ENAB;
|
||||
+
|
||||
+ if (arm_watchdog_is_locked(dev))
|
||||
+ return ARM_WATCHDOG_ERR_LOCKED;
|
||||
+
|
||||
+ p_wdog->load = dev->data->timeout;
|
||||
+
|
||||
+ return ARM_WATCHDOG_ERR_NONE;
|
||||
+}
|
||||
+
|
||||
+enum arm_watchdog_error_t
|
||||
+arm_watchdog_clear_interrupt_and_refresh_counter(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(dev))
|
||||
+ return ARM_WATCHDOG_ERR_NOT_ENAB;
|
||||
+
|
||||
+ if (arm_watchdog_is_locked(dev))
|
||||
+ return ARM_WATCHDOG_ERR_LOCKED;
|
||||
+
|
||||
+ p_wdog->intclr = ARM_WATCHDOG_INTCLR;
|
||||
+
|
||||
+ return ARM_WATCHDOG_ERR_NONE;
|
||||
+}
|
||||
+
|
||||
+enum arm_watchdog_error_t arm_watchdog_enable(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ if (!arm_watchdog_is_initialized(dev))
|
||||
+ return ARM_WATCHDOG_ERR_NOT_INIT;
|
||||
+
|
||||
+ if (arm_watchdog_is_locked(dev))
|
||||
+ return ARM_WATCHDOG_ERR_LOCKED;
|
||||
+
|
||||
+ p_wdog->load = dev->data->timeout;
|
||||
+
|
||||
+ /* Starts the watchdog counter */
|
||||
+ p_wdog->ctrl = (ARM_WATCHDOG_CTRL_RESEN | ARM_WATCHDOG_CTRL_INTEN);
|
||||
+ dev->data->state |= ARM_WATCHDOG_ENABLED;
|
||||
+
|
||||
+ return ARM_WATCHDOG_ERR_NONE;
|
||||
+}
|
||||
+
|
||||
+uint32_t arm_watchdog_is_enabled(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ return (dev->data->state & ARM_WATCHDOG_ENABLED);
|
||||
+}
|
||||
+
|
||||
+enum arm_watchdog_error_t arm_watchdog_disable(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(dev))
|
||||
+ return ARM_WATCHDOG_ERR_NOT_ENAB;
|
||||
+
|
||||
+ if (arm_watchdog_is_locked(dev))
|
||||
+ return ARM_WATCHDOG_ERR_LOCKED;
|
||||
+
|
||||
+ /* Stops the watchdog */
|
||||
+ p_wdog->ctrl &= ~(ARM_WATCHDOG_CTRL_RESEN | ARM_WATCHDOG_CTRL_INTEN);
|
||||
+ dev->data->state &= ~ARM_WATCHDOG_ENABLED;
|
||||
+
|
||||
+ return ARM_WATCHDOG_ERR_NONE;
|
||||
+}
|
||||
+
|
||||
+void arm_watchdog_lock(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ /* Prevents writing to all of the registers */
|
||||
+ p_wdog->lock = ARM_WATCHDOG_LOCK_VALUE;
|
||||
+}
|
||||
+
|
||||
+uint32_t arm_watchdog_is_locked(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ /* The lock register can only return 0 or 1 when read */
|
||||
+ return p_wdog->lock;
|
||||
+}
|
||||
+
|
||||
+void arm_watchdog_unlock(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ p_wdog->lock = ARM_WATCHDOG_UNLOCK_VALUE;
|
||||
+}
|
||||
+
|
||||
+inline uint32_t arm_watchdog_is_initialized(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ return (dev->data->state & ARM_WATCHDOG_INITIALIZED);
|
||||
+}
|
||||
+
|
||||
+uint32_t arm_watchdog_get_remaining_time(struct arm_watchdog_dev_t* dev)
|
||||
+{
|
||||
+ struct arm_watchdog_t* p_wdog = (struct arm_watchdog_t*)dev->cfg->base;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(dev))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (arm_watchdog_is_locked(dev))
|
||||
+ return 0;
|
||||
+
|
||||
+ return p_wdog->value;
|
||||
+}
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.h b/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.h
|
||||
new file mode 100644
|
||||
index 0000000000..3b163625f5
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/arm_watchdog_drv.h
|
||||
@@ -0,0 +1,179 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2016-2020 ARM Limited
|
||||
+ *
|
||||
+ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
+ * you may not use this file except in compliance with the License.
|
||||
+ * You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+
|
||||
+/**
|
||||
+ * \file arm_watchdog_drv.h
|
||||
+ * \brief Generic driver for ARM watchdogs.
|
||||
+ */
|
||||
+
|
||||
+#ifndef __ARM_WATCHDOG_DRV_H__
|
||||
+#define __ARM_WATCHDOG_DRV_H__
|
||||
+
|
||||
+#include <stdint.h>
|
||||
+
|
||||
+#ifdef __cplusplus
|
||||
+extern "C" {
|
||||
+#endif
|
||||
+
|
||||
+enum arm_watchdog_error_t {
|
||||
+ ARM_WATCHDOG_ERR_NONE = 0, /*!< No error */
|
||||
+ ARM_WATCHDOG_ERR_NOT_INIT, /*!< Watchdog is not initialized */
|
||||
+ ARM_WATCHDOG_ERR_NOT_ENAB, /*!< Watchdog is not enabled */
|
||||
+ ARM_WATCHDOG_ERR_LOCKED /*!< Watchdog is locked */
|
||||
+};
|
||||
+
|
||||
+/* ARM watchdog device configuration structure */
|
||||
+struct arm_watchdog_dev_cfg_t {
|
||||
+ const uint32_t base; /*!< Watchdog base address */
|
||||
+};
|
||||
+
|
||||
+/* ARM watchdog device data structure */
|
||||
+struct arm_watchdog_dev_data_t {
|
||||
+ uint32_t state; /*!< Indicates if the watchdog
|
||||
+ is initialized and enabled */
|
||||
+ uint32_t timeout; /*!< Timeout to reset in cycles */
|
||||
+};
|
||||
+
|
||||
+/* ARM watchdog device structure */
|
||||
+struct arm_watchdog_dev_t {
|
||||
+ const struct arm_watchdog_dev_cfg_t* const cfg; /*!< Watchdog
|
||||
+ configuration */
|
||||
+ struct arm_watchdog_dev_data_t* const data; /*!< Watchdog data */
|
||||
+};
|
||||
+
|
||||
+/**
|
||||
+ * \brief Initializes a watchdog hardware.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be initialized \ref arm_watchdog_dev_t
|
||||
+ * \param[in] timeout Timeout in cycles - 0 assings timeout to max value.
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ * This function leaves the watchdog locked. Before any further
|
||||
+ * operations, it needs to be unlocked and locked again.
|
||||
+ */
|
||||
+void arm_watchdog_init(struct arm_watchdog_dev_t* dev, uint32_t timeout);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Feeds the watchdog to not cause a reset.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be fed \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return Returns error code as specified in \ref arm_watchdog_error_t
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+enum arm_watchdog_error_t arm_watchdog_feed(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Clear the interrupt and load timeout value to the load register.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be fed \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return Returns error code as specified in \ref arm_watchdog_error_t
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+enum arm_watchdog_error_t
|
||||
+arm_watchdog_clear_interrupt_and_refresh_counter(
|
||||
+ struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Enables the watchdog.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be enabled \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return Returns error code as specified in \ref arm_watchdog_error_t
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+enum arm_watchdog_error_t arm_watchdog_enable(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Checks if the watchdog is enabled
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be checked \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return 1 if watchdog is enabled, 0 otherwise.
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+uint32_t arm_watchdog_is_enabled(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Disables the watchdog.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be disabled \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return 1 if watchdog is enabled, 0 otherwise.
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+enum arm_watchdog_error_t arm_watchdog_disable(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Locks the registers to not be written again.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be locked \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+void arm_watchdog_lock(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Checks if the watchdog registers are locked
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be checked \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return 1 if the registers are locked, 0 otherwise
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+uint32_t arm_watchdog_is_locked(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Unlocks the registers to configure the watchdog again.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be unlocked \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+void arm_watchdog_unlock(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Gets if watchdog driver is initialized
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to be initialized \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \returns 1 if watchdog driver is initialized. Otherwise 0.
|
||||
+ */
|
||||
+uint32_t arm_watchdog_is_initialized(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+/**
|
||||
+ * \brief Provides watchdog remaining time before reset.
|
||||
+ *
|
||||
+ * \param[in] dev Watchdog to get the remaining time \ref arm_watchdog_dev_t
|
||||
+ *
|
||||
+ * \return 0 if watchdog is disabled.
|
||||
+ *
|
||||
+ * \note This function doesn't check if dev is NULL.
|
||||
+ */
|
||||
+uint32_t arm_watchdog_get_remaining_time(struct arm_watchdog_dev_t* dev);
|
||||
+
|
||||
+#ifdef __cplusplus
|
||||
+}
|
||||
+#endif
|
||||
+#endif /* __ARM_WATCHDOG_DRV_H__ */
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
new file mode 100644
|
||||
index 0000000000..d375af3afb
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
@@ -0,0 +1,81 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#include "watchdog.h"
|
||||
+
|
||||
+#include "arm_watchdog_drv.h"
|
||||
+#include "platform_base_address.h"
|
||||
+#include "Driver_Common.h"
|
||||
+#include "cmsis.h"
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+/* SoC watchdog config */
|
||||
+struct arm_watchdog_dev_cfg_t SOC_WD_DEV_CFG = {CORSTONE1000_SOC_WATCHDOG_BASE};
|
||||
+struct arm_watchdog_dev_data_t SOC_WD_DEV_DATA;
|
||||
+struct arm_watchdog_dev_t SOC_WD_DEV = {&SOC_WD_DEV_CFG, &SOC_WD_DEV_DATA};
|
||||
+#define SOC_WD_TIMEOUT 0x00030000
|
||||
+
|
||||
+/* SE watchdog config */
|
||||
+struct arm_watchdog_dev_cfg_t SE_WD_DEV_CFG = {CORSTONE1000_WATCHDOG_TIMER_BASE};
|
||||
+struct arm_watchdog_dev_data_t SE_WD_DEV_DATA;
|
||||
+struct arm_watchdog_dev_t SE_WD_DEV = {&SE_WD_DEV_CFG, &SE_WD_DEV_DATA};
|
||||
+#define SE_WD_TIMEOUT 0x0FFFFFFF
|
||||
+#define SE_WD_IRQn SE_WATCHDOG_TIMER_IRQn
|
||||
+
|
||||
+
|
||||
+/* SoC watchdog */
|
||||
+void NMI_Handler(void)
|
||||
+{
|
||||
+ /* Unlock, clear and lock the watchdog timer */
|
||||
+ arm_watchdog_unlock(&SOC_WD_DEV);
|
||||
+ arm_watchdog_clear_interrupt_and_refresh_counter(&SOC_WD_DEV);
|
||||
+ arm_watchdog_lock(&SOC_WD_DEV);
|
||||
+}
|
||||
+
|
||||
+/* SE watchdog */
|
||||
+void SE_WATCHDOG_TIMER_IRQHandler(void)
|
||||
+{
|
||||
+ /* Unlock, clear and lock the watchdog timer */
|
||||
+ arm_watchdog_unlock(&SE_WD_DEV);
|
||||
+ arm_watchdog_clear_interrupt_and_refresh_counter(&SE_WD_DEV);
|
||||
+ arm_watchdog_lock(&SE_WD_DEV);
|
||||
+}
|
||||
+
|
||||
+int corstone1000_watchdog_init()
|
||||
+{
|
||||
+ __disable_irq();
|
||||
+
|
||||
+ /* SoC Watchdog setup */
|
||||
+ arm_watchdog_init(&SOC_WD_DEV, SOC_WD_TIMEOUT);
|
||||
+ arm_watchdog_unlock(&SOC_WD_DEV);
|
||||
+ arm_watchdog_enable(&SOC_WD_DEV);
|
||||
+ arm_watchdog_lock(&SOC_WD_DEV);
|
||||
+
|
||||
+ if (!arm_watchdog_is_initialized(&SOC_WD_DEV))
|
||||
+ return ARM_DRIVER_ERROR_UNSUPPORTED;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(&SOC_WD_DEV))
|
||||
+ return ARM_DRIVER_ERROR_UNSUPPORTED;
|
||||
+
|
||||
+ /* SE Watchdog setup */
|
||||
+ arm_watchdog_init(&SE_WD_DEV, SE_WD_TIMEOUT);
|
||||
+ arm_watchdog_unlock(&SE_WD_DEV);
|
||||
+ arm_watchdog_enable(&SE_WD_DEV);
|
||||
+ arm_watchdog_lock(&SE_WD_DEV);
|
||||
+
|
||||
+ NVIC_EnableIRQ(SE_WD_IRQn);
|
||||
+
|
||||
+ if (!arm_watchdog_is_initialized(&SE_WD_DEV))
|
||||
+ return ARM_DRIVER_ERROR_UNSUPPORTED;
|
||||
+
|
||||
+ if (!arm_watchdog_is_enabled(&SE_WD_DEV))
|
||||
+ return ARM_DRIVER_ERROR_UNSUPPORTED;
|
||||
+
|
||||
+ __enable_irq();
|
||||
+
|
||||
+ return ARM_DRIVER_OK;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
new file mode 100644
|
||||
index 0000000000..fd1b7cf124
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
@@ -0,0 +1,32 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#ifndef WATCHDOG_H
|
||||
+#define WATCHDOG_H
|
||||
+
|
||||
+#include <stddef.h>
|
||||
+#include <stdint.h>
|
||||
+
|
||||
+#include "Driver_Common.h"
|
||||
+#include "arm_watchdog_drv.h"
|
||||
+#include "platform_base_address.h"
|
||||
+
|
||||
+/**
|
||||
+ * \brief Initializes Secure Enclave & SoC Watchdog.
|
||||
+ *
|
||||
+ * \returns ARM Driver return code.
|
||||
+ */
|
||||
+int corstone1000_watchdog_init();
|
||||
+
|
||||
+/**
|
||||
+ * \brief Reset the Secure Enclave & SoC Watchdog's.
|
||||
+ *
|
||||
+ * \returns ARM Driver return code.
|
||||
+ */
|
||||
+int corstone1000_watchdog_reset_timer();
|
||||
+
|
||||
+#endif /* watchdog_h */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
index 92a78c1168..1737fbee91 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
|
||||
@@ -239,6 +239,8 @@ target_sources(bl1_main
|
||||
../Native_Driver/firewall.c
|
||||
../Native_Driver/uart_pl011_drv.c
|
||||
../fw_update_agent/fwu_agent.c
|
||||
+ ../Native_Driver/arm_watchdog_drv.c
|
||||
+ ../Native_Driver/watchdog.c
|
||||
bl1_boot_hal.c
|
||||
bl1_flash_map.c
|
||||
bl1_security_cnt.c
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
index 2af5b8c846..edde6fb24e 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
|
||||
@@ -14,6 +14,7 @@
|
||||
#include "bootutil/fault_injection_hardening.h"
|
||||
#include "bootutil/bootutil_log.h"
|
||||
#include "firewall.h"
|
||||
+#include "watchdog.h"
|
||||
#include "mpu_config.h"
|
||||
#include "tfm_plat_otp.h"
|
||||
#include "tfm_plat_provisioning.h"
|
||||
@@ -589,6 +590,11 @@ int32_t boot_platform_init(void)
|
||||
int32_t result;
|
||||
uint32_t bank_offset;
|
||||
|
||||
+ result = corstone1000_watchdog_init();
|
||||
+ if (result != ARM_DRIVER_OK) {
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
#if !(PLATFORM_IS_FVP)
|
||||
setup_mpu();
|
||||
#endif
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl2_boot_hal.c b/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
index 4f5b48a2e0..5c6b78ffb3 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl2_boot_hal.c
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "bootutil/bootutil_log.h"
|
||||
#include "fip_parser.h"
|
||||
#include "flash_map/flash_map.h"
|
||||
+#include "watchdog.h"
|
||||
#include <string.h>
|
||||
#include "tfm_plat_otp.h"
|
||||
#include "tfm_plat_provisioning.h"
|
||||
@@ -115,6 +116,11 @@ int32_t boot_platform_init(void)
|
||||
enum tfm_plat_err_t plat_err;
|
||||
uint32_t bank_offset;
|
||||
|
||||
+ result = corstone1000_watchdog_init();
|
||||
+ if (result != ARM_DRIVER_OK) {
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
result = fill_bl2_flash_map_by_parsing_fips(BANK_0_PARTITION_OFFSET);
|
||||
if (result) {
|
||||
return 1;
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
index 0072b5b928..7faa71eb63 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
@@ -9,12 +9,17 @@
|
||||
#include "tfm_hal_platform.h"
|
||||
#include "uart_stdout.h"
|
||||
#include "fwu_agent.h"
|
||||
+#include "watchdog.h"
|
||||
|
||||
enum tfm_hal_status_t tfm_hal_platform_init(void)
|
||||
{
|
||||
__enable_irq();
|
||||
stdio_init();
|
||||
|
||||
+ if (corstone1000_watchdog_init()) {
|
||||
+ return TFM_HAL_ERROR_GENERIC;
|
||||
+ }
|
||||
+
|
||||
if (fwu_metadata_init()) {
|
||||
return TFM_HAL_ERROR_GENERIC;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-119
@@ -1,119 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 9b2b4e284d36d0433f5aa0af6f13e7eda5c783c0 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Thu, 14 Oct 2021 05:08:04 +0100
|
||||
Subject: [PATCH 08/15] corstone1000: impelment accept image logic
|
||||
|
||||
Until all new images in the update/trial bank is accepted,
|
||||
the firmware update state of the system remains in the trial
|
||||
state. The state changes automatically to regular state when
|
||||
all new images in the trial bank is accepted.
|
||||
|
||||
This commit adds the logic to accept one of the image type.
|
||||
|
||||
Change-Id: I1f18d77b185f2e5dd26d6e02bed792689019b7b8
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 70 +++++++++++++++++++
|
||||
.../services/src/tfm_platform_system.c | 2 +-
|
||||
2 files changed, 71 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index 23a15ee71b..a70638e993 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -537,6 +537,76 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
+static enum fwu_agent_error_t accept_full_capsule(
|
||||
+ struct fwu_metadata* metadata,
|
||||
+ struct fwu_private_metadata* priv_metadata)
|
||||
+{
|
||||
+ uint32_t active_index = metadata->active_index;
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ for (int i = 0; i < NR_OF_IMAGES_IN_FW_BANK; i++) {
|
||||
+ metadata->img_entry[i].img_props[active_index].accepted =
|
||||
+ IMAGE_ACCEPTED;
|
||||
+ }
|
||||
+
|
||||
+ priv_metadata->boot_attempted = 0;
|
||||
+
|
||||
+ ret = private_metadata_write(priv_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ ret = metadata_write(metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: fwu state is changed to regular\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static enum fwu_agent_error_t fwu_accept_image(struct efi_guid* guid,
|
||||
+ struct fwu_metadata *metadata,
|
||||
+ struct fwu_private_metadata *priv_metadata)
|
||||
+{
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+ int image_index;
|
||||
+ uint32_t image_bank_offset;
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ /* it is expected to receive this call only when
|
||||
+ in trial state */
|
||||
+ current_state = get_fwu_agent_state(metadata, priv_metadata);
|
||||
+ if (current_state != FWU_AGENT_STATE_TRIAL) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ /* booted from previous_active_bank, not expected
|
||||
+ * to receive this call in this state, rather host should
|
||||
+ * call corstone1000_fwu_select_previous */
|
||||
+ if (metadata->active_index != priv_metadata->boot_index) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ image_index = get_image_info_in_bank(guid, &image_bank_offset);
|
||||
+ switch(image_index) {
|
||||
+ case IMAGE_ALL:
|
||||
+ ret = accept_full_capsule(metadata, priv_metadata);
|
||||
+ break;
|
||||
+ default:
|
||||
+ FWU_LOG_MSG("%s: sent image not recognized\n\r", __func__);
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: ret = %d\n\r", __func__, ret);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
void bl1_get_boot_bank(uint32_t *bank_offset)
|
||||
{
|
||||
struct fwu_private_metadata priv_metadata;
|
||||
diff --git a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
index f9629a1688..16ad975c32 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
@@ -21,7 +21,7 @@ enum tfm_platform_err_t tfm_platform_hal_ioctl(tfm_platform_ioctl_req_t request,
|
||||
psa_outvec *out_vec)
|
||||
{
|
||||
int32_t ret = TFM_PLATFORM_ERR_SUCCESS;
|
||||
- const corstone1000_ioctl_in_params_t *in_params =
|
||||
+ corstone1000_ioctl_in_params_t *in_params =
|
||||
(corstone1000_ioctl_in_params_t *)in_vec->base;
|
||||
corstone1000_ioctl_out_params_t *out_params = (corstone1000_ioctl_out_params_t *)out_vec->base;
|
||||
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-91
@@ -1,91 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From a565999300cf5d40c772d3ff29e2020b786a2a10 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Sat, 16 Oct 2021 09:07:17 +0100
|
||||
Subject: [PATCH 09/15] corstone1000: implement select previous bank logic
|
||||
|
||||
When firmware update process is not successful, the commit logic
|
||||
reverts the system state to previous active bank. With this,
|
||||
the state of the system also changes from the trial to regular
|
||||
state. System gets reverted back to its previous known good state.
|
||||
|
||||
Change-Id: I265635ea984ae9542518a0e389c98e1242e78d10
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 58 +++++++++++++++++++
|
||||
1 file changed, 58 insertions(+)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index a70638e993..89f0a08eb5 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -607,6 +607,64 @@ static enum fwu_agent_error_t fwu_accept_image(struct efi_guid* guid,
|
||||
return ret;
|
||||
}
|
||||
|
||||
+static enum fwu_agent_error_t fwu_select_previous(
|
||||
+ struct fwu_metadata *metadata,
|
||||
+ struct fwu_private_metadata *priv_metadata)
|
||||
+{
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+ uint32_t index;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ /* it is expected to receive this call only when
|
||||
+ in trial state */
|
||||
+ current_state = get_fwu_agent_state(metadata, priv_metadata);
|
||||
+ if (current_state != FWU_AGENT_STATE_TRIAL) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ /* not expected to receive this call in this state, system
|
||||
+ * did not boot from previous active index */
|
||||
+ if (metadata->previous_active_index != priv_metadata->boot_index) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: trial state: active index = %u, previous active = %u\n\r",
|
||||
+ __func__, metadata->active_index, metadata->previous_active_index);
|
||||
+
|
||||
+ index = metadata->previous_active_index;
|
||||
+ for (int i = 0; i < NR_OF_IMAGES_IN_FW_BANK; i++) {
|
||||
+ if (metadata->img_entry[i].img_props[index].accepted != IMAGE_ACCEPTED)
|
||||
+ {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ index = metadata->active_index;
|
||||
+ metadata->active_index = metadata->previous_active_index;
|
||||
+ metadata->previous_active_index = index;
|
||||
+
|
||||
+ priv_metadata->boot_attempted = 0;
|
||||
+
|
||||
+ ret = private_metadata_write(priv_metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ ret = metadata_write(metadata);
|
||||
+ if (ret) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: in regular state by choosing previous active bank\n\r",
|
||||
+ __func__);
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: ret = %d\n\r", __func__, ret);
|
||||
+ return ret;
|
||||
+
|
||||
+}
|
||||
+
|
||||
void bl1_get_boot_bank(uint32_t *bank_offset)
|
||||
{
|
||||
struct fwu_private_metadata priv_metadata;
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-136
@@ -1,136 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 0a4c27173e9ac31e6bfe424b6856c4dc612e247a Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Tue, 16 Nov 2021 04:56:52 +0000
|
||||
Subject: [PATCH 10/15] corstone1000: implement corstone1000_fwu_host_ack
|
||||
|
||||
The host uses the api 'corstone1000_fwu_host_ack' to acknowledge its
|
||||
successful boot to the secure enclave. Based on the fwu state of
|
||||
the system, the secure enalve decides where to move in the fwu state
|
||||
machine. If in regular state, there is nothing to be done. If in
|
||||
trial state and firmware update is a success, state moves to regular
|
||||
by accepting images in the trial/update bank. Finaly if in trial
|
||||
state and firmware update is a failure, state moves to regular by
|
||||
reverting to previous known state.
|
||||
|
||||
Change-Id: I16657537909916bd19520eac3899501fdb14ecb4
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 47 +++++++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 5 ++
|
||||
.../services/src/tfm_platform_system.c | 14 +++++-
|
||||
3 files changed, 64 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index 89f0a08eb5..5e87fd8d5e 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -762,3 +762,50 @@ void bl2_get_boot_bank(uint32_t *bank_offset)
|
||||
return;
|
||||
}
|
||||
|
||||
+enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
|
||||
+{
|
||||
+ enum fwu_agent_error_t ret;
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ if (!is_initialized) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ Select_Write_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ if (metadata_read(&_metadata)) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ ret = FWU_AGENT_ERROR;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ current_state = get_fwu_agent_state(&_metadata, &priv_metadata);
|
||||
+ if (current_state == FWU_AGENT_STATE_REGULAR) {
|
||||
+ ret = FWU_AGENT_SUCCESS; /* nothing to be done */
|
||||
+ goto out;
|
||||
+ } else if (current_state != FWU_AGENT_STATE_TRIAL) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (_metadata.active_index != priv_metadata.boot_index) {
|
||||
+ /* firmware update failed, revert back to previous bank */
|
||||
+ ret = fwu_select_previous(&_metadata, &priv_metadata);
|
||||
+ } else {
|
||||
+ /* firmware update successful */
|
||||
+ ret = fwu_accept_image(&full_capsule_image_guid, &_metadata,
|
||||
+ &priv_metadata);
|
||||
+ }
|
||||
+
|
||||
+out:
|
||||
+ Select_XIP_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit: ret = %d\n\r", __func__, ret);
|
||||
+ return ret;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
index 389381c326..b8f7c676d7 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -38,6 +38,11 @@ enum fwu_agent_error_t fwu_metadata_init(void);
|
||||
*/
|
||||
enum fwu_agent_error_t corstone1000_fwu_flash_image(void);
|
||||
|
||||
+/* host to secure enclave:
|
||||
+ * host responds with this api to acknowledge its successful
|
||||
+ * boot.
|
||||
+ */
|
||||
+enum fwu_agent_error_t corstone1000_fwu_host_ack(void);
|
||||
|
||||
void bl1_get_boot_bank(uint32_t *bank_offset);
|
||||
void bl2_get_boot_bank(uint32_t *bank_offset);
|
||||
diff --git a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
index 16ad975c32..068234dcda 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/services/src/tfm_platform_system.c
|
||||
@@ -21,20 +21,30 @@ enum tfm_platform_err_t tfm_platform_hal_ioctl(tfm_platform_ioctl_req_t request,
|
||||
psa_outvec *out_vec)
|
||||
{
|
||||
int32_t ret = TFM_PLATFORM_ERR_SUCCESS;
|
||||
+
|
||||
corstone1000_ioctl_in_params_t *in_params =
|
||||
- (corstone1000_ioctl_in_params_t *)in_vec->base;
|
||||
- corstone1000_ioctl_out_params_t *out_params = (corstone1000_ioctl_out_params_t *)out_vec->base;
|
||||
+ (corstone1000_ioctl_in_params_t *)in_vec->base;
|
||||
+
|
||||
+ corstone1000_ioctl_out_params_t *out_params =
|
||||
+ (corstone1000_ioctl_out_params_t *)out_vec->base;
|
||||
|
||||
switch(in_params->ioctl_id) {
|
||||
+
|
||||
case IOCTL_CORSTONE1000_FWU_FLASH_IMAGES:
|
||||
out_params->result = corstone1000_fwu_flash_image();
|
||||
if (!out_params->result) {
|
||||
NVIC_SystemReset();
|
||||
}
|
||||
break;
|
||||
+
|
||||
+ case IOCTL_CORSTONE1000_FWU_HOST_ACK:
|
||||
+ out_params->result = corstone1000_fwu_host_ack();
|
||||
+ break;
|
||||
+
|
||||
default:
|
||||
ret = TFM_PLATFORM_ERR_NOT_SUPPORTED;
|
||||
break;
|
||||
+
|
||||
}
|
||||
|
||||
return ret;
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-39
@@ -1,39 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 35ab33099d7b091630ec677cbad57abd60105f91 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Sun, 14 Nov 2021 11:49:11 +0000
|
||||
Subject: [PATCH 11/15] SPM: multiple core: initailize multi-core communication
|
||||
before the non-secure core is out of rest
|
||||
|
||||
Tf-m should be ready to receive the communication before non-secure
|
||||
has been taken out of rest.
|
||||
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
Change-Id: I0b609fffbed0fc2f09b521389fd50f4e992ad00d
|
||||
---
|
||||
secure_fw/spm/cmsis_psa/tfm_multi_core.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/secure_fw/spm/cmsis_psa/tfm_multi_core.c b/secure_fw/spm/cmsis_psa/tfm_multi_core.c
|
||||
index f830a6f5f7..946d1a60eb 100644
|
||||
--- a/secure_fw/spm/cmsis_psa/tfm_multi_core.c
|
||||
+++ b/secure_fw/spm/cmsis_psa/tfm_multi_core.c
|
||||
@@ -25,11 +25,11 @@ void tfm_nspm_thread_entry(void)
|
||||
SPMLOG_DBGMSG("Enabling non-secure core...");
|
||||
#endif
|
||||
|
||||
+ tfm_inter_core_comm_init();
|
||||
+
|
||||
tfm_hal_boot_ns_cpu(tfm_spm_hal_get_ns_VTOR());
|
||||
tfm_hal_wait_for_ns_cpu_ready();
|
||||
|
||||
- tfm_inter_core_comm_init();
|
||||
-
|
||||
/*
|
||||
* TODO
|
||||
* The infinite-loop can be replaced with platform-specific low-power sleep
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-169
@@ -1,169 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 1a891fc818526bfb8b546c86a93b81353330a466 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Mon, 8 Nov 2021 18:10:44 +0000
|
||||
Subject: [PATCH 12/15] corstone1000: implement timer to track host progress
|
||||
|
||||
When in fwu trial state, the secure enclave starts the timer to
|
||||
keep track of host progress. Secure enclave expects that the host
|
||||
acknowledges before the timer expires. If host fails to do so,
|
||||
the secure enclave resets the system.
|
||||
|
||||
Change-Id: Ib63778b6c813f1b0d3517e0c05226d6f88927b04
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 78 +++++++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 7 ++
|
||||
.../arm/corstone1000/tfm_hal_multi_core.c | 5 +-
|
||||
3 files changed, 89 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index 5e87fd8d5e..e8686704b8 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "uefi_capsule_parser.h"
|
||||
#include "flash_common.h"
|
||||
#include "platform_base_address.h"
|
||||
+#include "platform_description.h"
|
||||
|
||||
/* Properties of image in a bank */
|
||||
struct fwu_image_properties {
|
||||
@@ -127,6 +128,8 @@ struct efi_guid full_capsule_image_guid = {
|
||||
/* Import the CMSIS flash device driver */
|
||||
extern ARM_DRIVER_FLASH FWU_METADATA_FLASH_DEV;
|
||||
|
||||
+#define HOST_ACK_TIMEOUT_SEC (6 * 60) /* ~seconds, not exact */
|
||||
+
|
||||
static enum fwu_agent_error_t private_metadata_read(
|
||||
struct fwu_private_metadata* p_metadata)
|
||||
{
|
||||
@@ -762,6 +765,13 @@ void bl2_get_boot_bank(uint32_t *bank_offset)
|
||||
return;
|
||||
}
|
||||
|
||||
+static void disable_host_ack_timer(void)
|
||||
+{
|
||||
+ FWU_LOG_MSG("%s: timer to reset is disabled\n\r", __func__);
|
||||
+ SysTick->CTRL &= (~SysTick_CTRL_ENABLE_Msk);
|
||||
+}
|
||||
+
|
||||
+
|
||||
enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
|
||||
{
|
||||
enum fwu_agent_error_t ret;
|
||||
@@ -803,9 +813,77 @@ enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
|
||||
&priv_metadata);
|
||||
}
|
||||
|
||||
+ if (ret == FWU_AGENT_SUCCESS) {
|
||||
+ disable_host_ack_timer();
|
||||
+ }
|
||||
+
|
||||
out:
|
||||
Select_XIP_Mode_For_Shared_Flash();
|
||||
|
||||
FWU_LOG_MSG("%s: exit: ret = %d\n\r", __func__, ret);
|
||||
return ret;
|
||||
}
|
||||
+
|
||||
+static int systic_counter = 0;
|
||||
+
|
||||
+void SysTick_Handler(void)
|
||||
+{
|
||||
+ systic_counter++;
|
||||
+ if ((systic_counter % 10) == 0) {
|
||||
+ FWU_LOG_MSG("%s: counted = %d, expiring on = %u\n\r", __func__,
|
||||
+ systic_counter, HOST_ACK_TIMEOUT_SEC);
|
||||
+ }
|
||||
+ if (systic_counter == HOST_ACK_TIMEOUT_SEC) {
|
||||
+ FWU_LOG_MSG("%s, timer expired, reseting the system\n\r", __func__);
|
||||
+ NVIC_SystemReset();
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+/* When in trial state, start the timer for host to respond.
|
||||
+ * Diable timer when host responds back either by calling
|
||||
+ * corstone1000_fwu_accept_image or corstone1000_fwu_select_previous.
|
||||
+ * Otherwise, resets the system.
|
||||
+ */
|
||||
+void host_acknowledgement_timer_to_reset(void)
|
||||
+{
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+ enum fwu_agent_state_t current_state;
|
||||
+ uint32_t boot_attempted;
|
||||
+ uint32_t boot_index;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ Select_Write_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ if (!is_initialized) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (metadata_read(&_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ Select_XIP_Mode_For_Shared_Flash();
|
||||
+
|
||||
+ current_state = get_fwu_agent_state(&_metadata, &priv_metadata);
|
||||
+
|
||||
+ if (current_state == FWU_AGENT_STATE_TRIAL) {
|
||||
+ FWU_LOG_MSG("%s: in trial state, starting host ack timer\n\r",
|
||||
+ __func__);
|
||||
+ systic_counter = 0;
|
||||
+ if (SysTick_Config(SysTick_LOAD_RELOAD_Msk)) {
|
||||
+ FWU_LOG_MSG("%s: timer init failed\n\r", __func__);
|
||||
+ FWU_ASSERT(0);
|
||||
+ } else {
|
||||
+ FWU_LOG_MSG("%s: timer started: seconds to expire : %u\n\r",
|
||||
+ __func__, HOST_ACK_TIMEOUT_SEC);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
index b8f7c676d7..80f72e2bd6 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -47,4 +47,11 @@ enum fwu_agent_error_t corstone1000_fwu_host_ack(void);
|
||||
void bl1_get_boot_bank(uint32_t *bank_offset);
|
||||
void bl2_get_boot_bank(uint32_t *bank_offset);
|
||||
|
||||
+/* When in trial state, start the timer for host to respond.
|
||||
+ * Diable timer when host responds back either by calling
|
||||
+ * corstone1000_fwu_accept_image or corstone1000_fwu_select_previous.
|
||||
+ * Otherwise, resets the system.
|
||||
+ */
|
||||
+void host_acknowledgement_timer_to_reset(void);
|
||||
+
|
||||
#endif /* FWU_AGENT_H */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
|
||||
index 834ebc33e3..cc94055b94 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c
|
||||
@@ -56,7 +56,10 @@ void tfm_hal_boot_ns_cpu(uintptr_t start_addr)
|
||||
|
||||
void tfm_hal_wait_for_ns_cpu_ready(void)
|
||||
{
|
||||
- /* Synchronization between Host and SE is done by OpenAMP */
|
||||
+ /* start the reset timer if firwmare update process is ongoing */
|
||||
+#if !(PLATFORM_IS_FVP)
|
||||
+ host_acknowledgement_timer_to_reset();
|
||||
+#endif
|
||||
}
|
||||
|
||||
void tfm_hal_get_mem_security_attr(const void *p, size_t s,
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-369
@@ -1,369 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From eb02f01cd9095f11bbd737db8b1723358e463d73 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Wed, 17 Nov 2021 07:30:26 +0000
|
||||
Subject: [PATCH 13/15] corstone1000: fwu nv-counter anti-rollback support
|
||||
|
||||
The patch implements anti-rollback protection on the nv-counters.
|
||||
The nv-counters are staged onto the flash, and only updated when
|
||||
firmware update process is successful. Before update, one more
|
||||
time verification is performed.
|
||||
|
||||
Change-Id: Ibe9df7f65c7aecdb9d712bd76c4dbff4e8fd1023
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 1 +
|
||||
.../arm/corstone1000/bl1/bl1_security_cnt.c | 20 ++-
|
||||
.../arm/corstone1000/bl2_security_cnt.c | 114 ++++++++++++++++++
|
||||
.../ext/target/arm/corstone1000/config.cmake | 2 +
|
||||
.../corstone1000/fw_update_agent/fwu_agent.c | 95 +++++++++++++++
|
||||
.../corstone1000/fw_update_agent/fwu_agent.h | 16 +++
|
||||
6 files changed, 245 insertions(+), 3 deletions(-)
|
||||
create mode 100644 platform/ext/target/arm/corstone1000/bl2_security_cnt.c
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index cb66bd48d6..7b1ee53b15 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -114,6 +114,7 @@ target_sources(platform_bl2
|
||||
fip_parser/fip_parser.c
|
||||
bl2_boot_hal.c
|
||||
fw_update_agent/fwu_agent.c
|
||||
+ bl2_security_cnt.c
|
||||
)
|
||||
|
||||
if (PLATFORM_IS_FVP)
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c b/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
|
||||
index f275cbfecb..e56defa09a 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
|
||||
@@ -10,6 +10,8 @@
|
||||
#include "tfm_plat_defs.h"
|
||||
#include "bootutil/fault_injection_hardening.h"
|
||||
#include <stdint.h>
|
||||
+#include "tfm_plat_provisioning.h"
|
||||
+#include "fwu_agent.h"
|
||||
|
||||
fih_int boot_nv_security_counter_init(void)
|
||||
{
|
||||
@@ -47,14 +49,26 @@ int32_t boot_nv_security_counter_update(uint32_t image_id,
|
||||
uint32_t img_security_cnt)
|
||||
{
|
||||
enum tfm_plat_err_t err;
|
||||
+ enum fwu_agent_error_t fwu_err;
|
||||
|
||||
if (image_id != 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- err = tfm_plat_set_nv_counter(PLAT_NV_COUNTER_BL1_0, img_security_cnt);
|
||||
- if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
- return -1;
|
||||
+ if (tfm_plat_provisioning_is_required()) {
|
||||
+
|
||||
+ err = tfm_plat_set_nv_counter(PLAT_NV_COUNTER_BL1_0, img_security_cnt);
|
||||
+ if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ } else {
|
||||
+
|
||||
+ fwu_err = fwu_stage_nv_counter(FWU_BL2_NV_COUNTER, img_security_cnt);
|
||||
+ if (fwu_err != FWU_AGENT_SUCCESS) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
}
|
||||
|
||||
return 0;
|
||||
diff --git a/platform/ext/target/arm/corstone1000/bl2_security_cnt.c b/platform/ext/target/arm/corstone1000/bl2_security_cnt.c
|
||||
new file mode 100644
|
||||
index 0000000000..adb0c13039
|
||||
--- /dev/null
|
||||
+++ b/platform/ext/target/arm/corstone1000/bl2_security_cnt.c
|
||||
@@ -0,0 +1,114 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
|
||||
+ *
|
||||
+ * SPDX-License-Identifier: BSD-3-Clause
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#include "bootutil/security_cnt.h"
|
||||
+#include "tfm_plat_nv_counters.h"
|
||||
+#include "tfm_plat_defs.h"
|
||||
+#include "bootutil/fault_injection_hardening.h"
|
||||
+#include <stdint.h>
|
||||
+#include "tfm_plat_provisioning.h"
|
||||
+#include "fwu_agent.h"
|
||||
+
|
||||
+#define TFM_BOOT_NV_COUNTER_0 PLAT_NV_COUNTER_BL2_0 /* NV counter of Image 0 */
|
||||
+#define TFM_BOOT_NV_COUNTER_1 PLAT_NV_COUNTER_BL2_1 /* NV counter of Image 1 */
|
||||
+#define TFM_BOOT_NV_COUNTER_2 PLAT_NV_COUNTER_BL2_2 /* NV counter of Image 2 */
|
||||
+#define TFM_BOOT_NV_COUNTER_MAX PLAT_NV_COUNTER_BL2_2 + 1
|
||||
+
|
||||
+static enum tfm_nv_counter_t get_nv_counter_from_image_id(uint32_t image_id)
|
||||
+{
|
||||
+ uint32_t nv_counter;
|
||||
+
|
||||
+ /* Avoid integer overflow */
|
||||
+ if ((UINT32_MAX - TFM_BOOT_NV_COUNTER_0) < image_id) {
|
||||
+ return TFM_BOOT_NV_COUNTER_MAX;
|
||||
+ }
|
||||
+
|
||||
+ nv_counter = TFM_BOOT_NV_COUNTER_0 + image_id;
|
||||
+
|
||||
+ /* Check the existence of the enumerated counter value */
|
||||
+ if (nv_counter >= TFM_BOOT_NV_COUNTER_MAX) {
|
||||
+ return TFM_BOOT_NV_COUNTER_MAX;
|
||||
+ }
|
||||
+
|
||||
+ return (enum tfm_nv_counter_t)nv_counter;
|
||||
+}
|
||||
+
|
||||
+fih_int boot_nv_security_counter_init(void)
|
||||
+{
|
||||
+ fih_int fih_rc = FIH_FAILURE;
|
||||
+
|
||||
+ fih_rc = fih_int_encode_zero_equality(tfm_plat_init_nv_counter());
|
||||
+
|
||||
+ FIH_RET(fih_rc);
|
||||
+}
|
||||
+
|
||||
+fih_int boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
|
||||
+{
|
||||
+ enum tfm_nv_counter_t nv_counter;
|
||||
+ fih_int fih_rc = FIH_FAILURE;
|
||||
+ uint32_t security_cnt_soft;
|
||||
+
|
||||
+ /* Check if it's a null-pointer. */
|
||||
+ if (!security_cnt) {
|
||||
+ FIH_RET(FIH_FAILURE);
|
||||
+ }
|
||||
+
|
||||
+ nv_counter = get_nv_counter_from_image_id(image_id);
|
||||
+ if (nv_counter >= TFM_BOOT_NV_COUNTER_MAX) {
|
||||
+ FIH_RET(FIH_FAILURE);
|
||||
+ }
|
||||
+
|
||||
+ fih_rc = fih_int_encode_zero_equality(
|
||||
+ tfm_plat_read_nv_counter(nv_counter,
|
||||
+ sizeof(security_cnt_soft),
|
||||
+ (uint8_t *)&security_cnt_soft));
|
||||
+ *security_cnt = fih_int_encode(security_cnt_soft);
|
||||
+
|
||||
+ printf("%s: security_cnt=%d\n\r", __func__, *security_cnt);
|
||||
+
|
||||
+ FIH_RET(fih_rc);
|
||||
+}
|
||||
+
|
||||
+int32_t boot_nv_security_counter_update(uint32_t image_id,
|
||||
+ uint32_t img_security_cnt)
|
||||
+{
|
||||
+ enum tfm_nv_counter_t nv_counter;
|
||||
+ enum tfm_plat_err_t err;
|
||||
+ enum fwu_agent_error_t fwu_err;
|
||||
+
|
||||
+ nv_counter = get_nv_counter_from_image_id(image_id);
|
||||
+ if (nv_counter >= TFM_BOOT_NV_COUNTER_MAX) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ printf("%s: security_cnt=%u:%u\n\r", __func__, nv_counter, img_security_cnt);
|
||||
+
|
||||
+ if (tfm_plat_provisioning_is_required()) {
|
||||
+
|
||||
+ err = tfm_plat_set_nv_counter(nv_counter, img_security_cnt);
|
||||
+ if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ } else {
|
||||
+
|
||||
+ if (nv_counter == PLAT_NV_COUNTER_BL2_0) {
|
||||
+ fwu_err = fwu_stage_nv_counter(FWU_TFM_NV_COUNTER, img_security_cnt);
|
||||
+ } else if (nv_counter == PLAT_NV_COUNTER_BL2_1) {
|
||||
+ fwu_err = fwu_stage_nv_counter(FWU_TFA_NV_COUNTER, img_security_cnt);
|
||||
+ } else {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (fwu_err != FWU_AGENT_SUCCESS) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
index 203e6b79a6..d6f3ef7d21 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/config.cmake
|
||||
+++ b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
@@ -39,3 +39,5 @@ if (${PLATFORM_IS_FVP})
|
||||
else()
|
||||
set(PLATFORM_PSA_ADAC_SECURE_DEBUG FALSE CACHE BOOL "Whether to use psa-adac secure debug.")
|
||||
endif()
|
||||
+
|
||||
+set(DEFAULT_MCUBOOT_SECURITY_COUNTERS OFF CACHE BOOL "Whether to use the default security counter configuration defined by TF-M project")
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index e8686704b8..cd7f901287 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -16,6 +16,8 @@
|
||||
#include "flash_common.h"
|
||||
#include "platform_base_address.h"
|
||||
#include "platform_description.h"
|
||||
+#include "tfm_plat_nv_counters.h"
|
||||
+#include "tfm_plat_defs.h"
|
||||
|
||||
/* Properties of image in a bank */
|
||||
struct fwu_image_properties {
|
||||
@@ -79,6 +81,9 @@ struct fwu_private_metadata {
|
||||
/* counter: tracking number of boot attempted so far */
|
||||
uint32_t boot_attempted;
|
||||
|
||||
+ /* staged nv_counter: temprary location before written to the otp */
|
||||
+ uint32_t nv_counter[NR_OF_IMAGES_IN_FW_BANK];
|
||||
+
|
||||
} __packed;
|
||||
|
||||
#define MAX_BOOT_ATTEMPTS_PER_BANK 3
|
||||
@@ -771,6 +776,56 @@ static void disable_host_ack_timer(void)
|
||||
SysTick->CTRL &= (~SysTick_CTRL_ENABLE_Msk);
|
||||
}
|
||||
|
||||
+static enum fwu_agent_error_t update_nv_counters(
|
||||
+ struct fwu_private_metadata* priv_metadata)
|
||||
+{
|
||||
+ enum tfm_plat_err_t err;
|
||||
+ uint32_t security_cnt;
|
||||
+ enum tfm_nv_counter_t tfm_nv_counter_i;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
+
|
||||
+ for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
|
||||
+
|
||||
+ switch (i) {
|
||||
+ case FWU_BL2_NV_COUNTER:
|
||||
+ tfm_nv_counter_i = PLAT_NV_COUNTER_BL1_0;
|
||||
+ break;
|
||||
+ case FWU_TFM_NV_COUNTER:
|
||||
+ tfm_nv_counter_i = PLAT_NV_COUNTER_BL2_0;
|
||||
+ break;
|
||||
+ case FWU_TFA_NV_COUNTER:
|
||||
+ tfm_nv_counter_i = PLAT_NV_COUNTER_BL2_1;
|
||||
+ break;
|
||||
+ default:
|
||||
+ FWU_ASSERT(0);
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ err = tfm_plat_read_nv_counter(tfm_nv_counter_i,
|
||||
+ sizeof(security_cnt), (uint8_t *)&security_cnt);
|
||||
+ if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (priv_metadata->nv_counter[i] < security_cnt) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ } else if (priv_metadata->nv_counter[i] > security_cnt) {
|
||||
+ FWU_LOG_MSG("%s: updaing index = %u nv counter = %u->%u\n\r",
|
||||
+ __func__, i, security_cnt,
|
||||
+ priv_metadata->nv_counter[FWU_BL2_NV_COUNTER]);
|
||||
+ err = tfm_plat_set_nv_counter(tfm_nv_counter_i,
|
||||
+ priv_metadata->nv_counter[FWU_BL2_NV_COUNTER]);
|
||||
+ if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
|
||||
enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
|
||||
{
|
||||
@@ -811,6 +866,9 @@ enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
|
||||
/* firmware update successful */
|
||||
ret = fwu_accept_image(&full_capsule_image_guid, &_metadata,
|
||||
&priv_metadata);
|
||||
+ if (!ret) {
|
||||
+ ret = update_nv_counters(&priv_metadata);
|
||||
+ }
|
||||
}
|
||||
|
||||
if (ret == FWU_AGENT_SUCCESS) {
|
||||
@@ -887,3 +945,40 @@ void host_acknowledgement_timer_to_reset(void)
|
||||
FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
return;
|
||||
}
|
||||
+
|
||||
+/* stage nv counter into private metadata section of the flash.
|
||||
+ * staged nv counters are written to the otp when firmware update
|
||||
+ * is successful
|
||||
+ * the function assumes that the api is called in the boot loading
|
||||
+ * stage
|
||||
+ */
|
||||
+enum fwu_agent_error_t fwu_stage_nv_counter(enum fwu_nv_counter_index_t index,
|
||||
+ uint32_t img_security_cnt)
|
||||
+{
|
||||
+ struct fwu_private_metadata priv_metadata;
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: enter: index = %u, val = %u\n\r", __func__,
|
||||
+ index, img_security_cnt);
|
||||
+
|
||||
+ if (!is_initialized) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (index > FWU_MAX_NV_COUNTER_INDEX) {
|
||||
+ return FWU_AGENT_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if (private_metadata_read(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+
|
||||
+ if (priv_metadata.nv_counter[index] != img_security_cnt) {
|
||||
+ priv_metadata.nv_counter[index] = img_security_cnt;
|
||||
+ if (private_metadata_write(&priv_metadata)) {
|
||||
+ FWU_ASSERT(0);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ FWU_LOG_MSG("%s: exit\n\r", __func__);
|
||||
+ return FWU_AGENT_SUCCESS;
|
||||
+}
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
index 80f72e2bd6..57b07e8d2c 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
|
||||
@@ -54,4 +54,20 @@ void bl2_get_boot_bank(uint32_t *bank_offset);
|
||||
*/
|
||||
void host_acknowledgement_timer_to_reset(void);
|
||||
|
||||
+enum fwu_nv_counter_index_t {
|
||||
+ FWU_BL2_NV_COUNTER = 0,
|
||||
+ FWU_TFM_NV_COUNTER,
|
||||
+ FWU_TFA_NV_COUNTER,
|
||||
+ FWU_MAX_NV_COUNTER_INDEX = FWU_TFA_NV_COUNTER
|
||||
+};
|
||||
+
|
||||
+/* stage nv counter into private metadata section of the flash.
|
||||
+ * staged nv counters are written to the otp when firmware update
|
||||
+ * is successful
|
||||
+ * the function assumes that the api is called in the boot loading
|
||||
+ * stage
|
||||
+ */
|
||||
+enum fwu_agent_error_t fwu_stage_nv_counter(enum fwu_nv_counter_index_t index,
|
||||
+ uint32_t img_security_cnt);
|
||||
+
|
||||
#endif /* FWU_AGENT_H */
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-50
@@ -1,50 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From 55d0c63bf6b097b6853e93355f5a1524df56f47b Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Mon, 1 Nov 2021 08:03:42 +0000
|
||||
Subject: [PATCH 14/15] corstone1000: bug fix in openamp version
|
||||
|
||||
Typing mistake in openamp version parameter, leads the cmake
|
||||
to fetch the head of the master branch.
|
||||
|
||||
Also, the previous hash used for code version is deleted from the
|
||||
openamp github. New hash from the master branch is in use.
|
||||
|
||||
Change-Id: Iee5980ba14f8bb9b964eb10c71ebb68664c1d441
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
---
|
||||
platform/ext/target/arm/corstone1000/config.cmake | 2 +-
|
||||
.../arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
index d6f3ef7d21..2dab210e0a 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/config.cmake
|
||||
+++ b/platform/ext/target/arm/corstone1000/config.cmake
|
||||
@@ -32,7 +32,7 @@ set(LIBMETAL_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Lib
|
||||
set(LIBMETAL_VERSION "f252f0e007fbfb8b3a52b1d5901250ddac96baad" CACHE STRING "The version of libmetal to use")
|
||||
|
||||
set(LIBOPENAMP_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libopenamp (or DOWNLOAD to fetch automatically")
|
||||
-set(OPENAMP_VERSION "33037b04e0732e58fc0fa36afc244999ef632e10" CACHE STRING "The version of openamp to use")
|
||||
+set(OPENAMP_VERSION "347397decaa43372fc4d00f965640ebde042966d" CACHE STRING "The version of openamp to use")
|
||||
|
||||
if (${PLATFORM_IS_FVP})
|
||||
set(PLATFORM_PSA_ADAC_SECURE_DEBUG FALSE CACHE BOOL "Whether to use psa-adac secure debug.")
|
||||
diff --git a/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt b/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt
|
||||
index d91dc7d845..9b1602a04f 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt
|
||||
@@ -16,7 +16,7 @@ endif()
|
||||
if ("${LIBOPENAMP_SRC_PATH}" STREQUAL "DOWNLOAD")
|
||||
FetchContent_Declare(libopenamp
|
||||
GIT_REPOSITORY https://github.com/OpenAMP/open-amp.git
|
||||
- GIT_TAG ${OEPNAMP_VERSION}
|
||||
+ GIT_TAG ${OPENAMP_VERSION}
|
||||
)
|
||||
|
||||
FetchContent_GetProperties(libopenamp)
|
||||
--
|
||||
2.17.1
|
||||
|
||||
-80
@@ -1,80 +0,0 @@
|
||||
Upstream-Status: Pending [Not submitted to upstream yet]
|
||||
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
||||
|
||||
From c33289422948ccb0bd6985512e5d0fc6936c0cd1 Mon Sep 17 00:00:00 2001
|
||||
From: Satish Kumar <satish.kumar01@arm.com>
|
||||
Date: Thu, 18 Nov 2021 12:49:10 +0000
|
||||
Subject: [PATCH 15/15] corstone1000: secure host watchdog interrupt handler
|
||||
|
||||
With this commit, the host secure watchdog interrupt 1
|
||||
(WS1) will be handled by the secure enclave. The commit
|
||||
implements and enables the SECURE_WATCHDOG_WS1_IRQHandler
|
||||
in NVIC controller. The host can now trigger a reboot
|
||||
using the secure watchdog.
|
||||
|
||||
Change-Id: Ied82cc04496f5daf678ad1cdc7bcf6d3a7879186
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
---
|
||||
.../arm/corstone1000/Native_Driver/watchdog.c | 17 +++++++++++++++++
|
||||
.../arm/corstone1000/Native_Driver/watchdog.h | 9 +++++++++
|
||||
.../target/arm/corstone1000/tfm_hal_platform.c | 2 ++
|
||||
3 files changed, 28 insertions(+)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
index d375af3afb..d7faa3067d 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
|
||||
@@ -79,3 +79,20 @@ int corstone1000_watchdog_init()
|
||||
|
||||
return ARM_DRIVER_OK;
|
||||
}
|
||||
+
|
||||
+/* Secure Host Watchdog WS1 Handler
|
||||
+ * efi_reset_system from the host triggers "Secure
|
||||
+ * watchdog WS1 interrupt" to reset the system. Host
|
||||
+ * cannot access this interrupt by design, so SE
|
||||
+ * resets the system using this handler
|
||||
+ * */
|
||||
+void SECURE_WATCHDOG_WS1_IRQHandler(void){
|
||||
+ NVIC_SystemReset();
|
||||
+}
|
||||
+
|
||||
+/*Enable Secure Watchdog WS1 Interrupt
|
||||
+ * in NVIC controller (asserted by host)*/
|
||||
+void corstone1000_host_watchdog_handler_init(){
|
||||
+ NVIC_EnableIRQ(SECURE_WATCHDOG_WS1_IRQn);
|
||||
+}
|
||||
+
|
||||
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
index fd1b7cf124..cd9bed3f63 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.h
|
||||
@@ -29,4 +29,13 @@ int corstone1000_watchdog_init();
|
||||
*/
|
||||
int corstone1000_watchdog_reset_timer();
|
||||
|
||||
+/**
|
||||
+ * \brief Initializes Interrupt Handler for
|
||||
+ * Secure Host Watchdog (WS1).
|
||||
+ *
|
||||
+ * \returns VOID
|
||||
+ */
|
||||
+void corstone1000_host_watchdog_handler_init();
|
||||
+
|
||||
+
|
||||
#endif /* watchdog_h */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
index 7faa71eb63..e3c6b78950 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_platform.c
|
||||
@@ -24,5 +24,7 @@ enum tfm_hal_status_t tfm_hal_platform_init(void)
|
||||
return TFM_HAL_ERROR_GENERIC;
|
||||
}
|
||||
|
||||
+ corstone1000_host_watchdog_handler_init();
|
||||
+
|
||||
return TFM_HAL_SUCCESS;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
||||
Reference in New Issue
Block a user