diff --git a/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm-bsp/conf/machine/include/corstone1000.inc index a1e67c21..64e166af 100644 --- a/meta-arm-bsp/conf/machine/include/corstone1000.inc +++ b/meta-arm-bsp/conf/machine/include/corstone1000.inc @@ -2,70 +2,63 @@ require conf/machine/include/arm/armv8a/tune-cortexa35.inc MACHINEOVERRIDES =. "corstone1000:" +# TF-M +PREFERRED_VERSION_trusted-firmware-m ?= "1.8.%" + # TF-A TFA_PLATFORM = "corstone1000" -EXTRA_IMAGEDEPENDS += "trusted-firmware-a" PREFERRED_VERSION_trusted-firmware-a ?= "2.9.%" PREFERRED_VERSION_tf-a-tests ?= "2.8.%" TFA_BL2_BINARY = "bl2-corstone1000.bin" TFA_FIP_BINARY = "fip-corstone1000.bin" -# TF-M -EXTRA_IMAGEDEPENDS += "trusted-firmware-m" -PREFERRED_VERSION_trusted-firmware-m ?= "1.8.%" +# optee +PREFERRED_VERSION_optee-os ?= "4.1.%" -# TF-M settings for signing host images -TFA_BL2_RE_IMAGE_LOAD_ADDRESS = "0x62353000" -TFA_BL2_RE_SIGN_BIN_SIZE = "0x2d000" -TFA_FIP_RE_IMAGE_LOAD_ADDRESS = "0x68130000" -TFA_FIP_RE_SIGN_BIN_SIZE = "0x00200000" +# Trusted Services +TS_PLATFORM = "arm/corstone1000" +TS_SP_SE_PROXY_CONFIG = "corstone1000" +# Include smm-gateway and se-proxy SPs into optee-os binary +MACHINE_FEATURES += "ts-smm-gateway ts-se-proxy" # u-boot PREFERRED_VERSION_u-boot ?= "2023.07%" -EXTRA_IMAGEDEPENDS += "u-boot" +MACHINE_FEATURES += "efi" +EFI_PROVIDER ?= "grub-efi" -#optee -PREFERRED_VERSION_optee-os ?= "4.1.%" -EXTRA_IMAGEDEPENDS += "optee-os" -OPTEE_ARCH = "arm64" -OPTEE_BINARY = "tee-pager_v2.bin" - -# Include smm-gateway and se-proxy SPs into optee-os binary -MACHINE_FEATURES += "ts-smm-gateway ts-se-proxy" -TS_PLATFORM = "arm/corstone1000" -TS_SP_SE_PROXY_CONFIG = "corstone1000" - -# External System(Cortex-M3) -EXTRA_IMAGEDEPENDS += "external-system" +# Grub +LINUX_KERNEL_ARGS ?= "earlycon=pl011,0x1a510000 console=ttyAMA0,115200" +GRUB_LINUX_APPEND ?= "${LINUX_KERNEL_ARGS}" +IMAGE_CMD:wic[vardeps] += "GRUB_LINUX_APPEND" # Linux kernel PREFERRED_PROVIDER_virtual/kernel:forcevariable = "linux-yocto" PREFERRED_VERSION_linux-yocto = "6.6.%" KERNEL_IMAGETYPE = "Image.gz" - -INITRAMFS_IMAGE_BUNDLE ?= "1" - -#telling the build system which image is responsible of the generation of the initramfs rootfs -INITRAMFS_IMAGE = "corstone1000-initramfs-image" -IMAGE_NAME_SUFFIX = "" - # add FF-A support in the kernel MACHINE_FEATURES += "arm-ffa" - -# prevent the kernel image from being included in the intramfs rootfs -PACKAGE_EXCLUDE = "kernel-image-*" - # enable this feature for kernel debugging # MACHINE_FEATURES += "corstone1000_kernel_debug" +# Telling the build system which image is responsible of the generation of the initramfs rootfs +INITRAMFS_IMAGE_BUNDLE = "1" +INITRAMFS_IMAGE ?= "corstone1000-initramfs-image" +IMAGE_NAME_SUFFIX = "" # login terminal serial port settings SERIAL_CONSOLES ?= "115200;ttyAMA0" +WKS_FILE ?= "corstone1000-image.corstone1000.wks" + # making sure EXTRA_IMAGEDEPENDS will be used while creating the image WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}" -WKS_FILE ?= "corstone1000-image.corstone1000.wks" +# prevent the kernel image from being included in the intramfs rootfs +PACKAGE_EXCLUDE += "kernel-image-*" +# Don't include kernel binary in rootfs /boot path +RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base = "" +# Disable python usage in opkg-utils since it won't build with tiny config +PACKAGECONFIG:remove:pn-opkg-utils = "python" # Disable openssl in kmod to shink the initramfs size PACKAGECONFIG:remove:pn-kmod = "openssl" diff --git a/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb b/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb index e7d00596..73fc1766 100644 --- a/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb +++ b/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb @@ -5,19 +5,35 @@ LICENSE = "MIT" COMPATIBLE_MACHINE = "corstone1000" +# IMAGE_FSTYPES must be set before 'inherit image' +# https://docs.yoctoproject.org/ref-manual/variables.html#term-IMAGE_FSTYPES +IMAGE_FSTYPES = "wic uefi_capsule" + inherit image inherit tfm_sign_image -inherit uefi_capsule +inherit uefi_capsule + +DEPENDS += "external-system \ + trusted-firmware-a \ + trusted-firmware-m \ +" + +IMAGE_FEATURES = "" +IMAGE_LINGUAS = "" PACKAGE_INSTALL = "" -IMAGE_FSTYPES += "wic uefi_capsule" - -UEFI_FIRMWARE_BINARY = "${PN}-${MACHINE}.${CAPSULE_IMGTYPE}" +UEFI_FIRMWARE_BINARY = "${IMAGE_LINK_NAME}.${CAPSULE_IMGTYPE}" UEFI_CAPSULE_CONFIG = "${THISDIR}/files/${PN}-capsule-update-image.json" CAPSULE_IMGTYPE = "wic" -# TF-X settings for signing host images +# TF-A settings for signing host images +TFA_BL2_BINARY = "bl2-corstone1000.bin" +TFA_FIP_BINARY = "fip-corstone1000.bin" +TFA_BL2_RE_IMAGE_LOAD_ADDRESS = "0x62353000" +TFA_BL2_RE_SIGN_BIN_SIZE = "0x2d000" +TFA_FIP_RE_IMAGE_LOAD_ADDRESS = "0x68130000" +TFA_FIP_RE_SIGN_BIN_SIZE = "0x00200000" RE_LAYOUT_WRAPPER_VERSION = "0.0.7" TFM_SIGN_PRIVATE_KEY = "${libdir}/tfm-scripts/root-RSA-3072_1.pem" RE_IMAGE_OFFSET = "0x1000" @@ -38,6 +54,5 @@ do_sign_images() { ${TFA_FIP_RE_IMAGE_LOAD_ADDRESS} ${TFA_FIP_RE_SIGN_BIN_SIZE} } do_sign_images[depends] = "\ - trusted-firmware-a:do_populate_sysroot \ fiptool-native:do_populate_sysroot \ "