mirror of
https://git.yoctoproject.org/meta-arm
synced 2026-01-12 03:10:15 +00:00
arm-bsp/trusted-firmware-m: corstone1000: update to 2.0
This change upgrades the trusted-firmware-m version to 2.0 for Corstone-1000. Emekcan Aras <emekcan.aras@arm.com> Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com> Signed-off-by: Bence Balogh <bence.balogh@arm.com> Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit is contained in:
Ali Can Ozaslan
committed by
Jon Mason
Jon Mason
parent
74ac722826
commit
a8f47e9504
@@ -3,7 +3,7 @@ require conf/machine/include/arm/armv8a/tune-cortexa35.inc
|
||||
MACHINEOVERRIDES =. "corstone1000:"
|
||||
|
||||
# TF-M
|
||||
PREFERRED_VERSION_trusted-firmware-m ?= "1.8.%"
|
||||
PREFERRED_VERSION_trusted-firmware-m ?= "2.0.%"
|
||||
|
||||
# TF-A
|
||||
TFA_PLATFORM = "corstone1000"
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 40 KiB After Width: | Height: | Size: 54 KiB |
@@ -0,0 +1,26 @@
|
||||
From 961d2e3718e9e6d652cadf5b4d3597cfe822dd04 Mon Sep 17 00:00:00 2001
|
||||
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
|
||||
Date: Wed, 24 Jan 2024 16:10:08 +0000
|
||||
Subject: [PATCH] arm/trusted-firmware-m: disable address warnings into an
|
||||
error
|
||||
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
|
||||
Upstream-Status: Inappropriate
|
||||
|
||||
---
|
||||
toolchain_GNUARM.cmake | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake
|
||||
index b6ae50ec3..4c2f5b3d7 100644
|
||||
--- a/toolchain_GNUARM.cmake
|
||||
+++ b/toolchain_GNUARM.cmake
|
||||
@@ -111,6 +111,7 @@ add_compile_options(
|
||||
-Wno-format
|
||||
-Wno-return-type
|
||||
-Wno-unused-but-set-variable
|
||||
+ -Wno-error=address
|
||||
-c
|
||||
-fdata-sections
|
||||
-ffunction-sections
|
||||
@@ -1,27 +0,0 @@
|
||||
From 60598f3b44237bd5038e33400e749ec1e7e8fbda Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Date: Mon, 15 May 2023 10:42:23 +0100
|
||||
Subject: [PATCH] Platform: corstone1000: Increase BL2 size in flash layout
|
||||
|
||||
Increases BL2 size to align with the flash page size in corstone1000.
|
||||
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103]
|
||||
|
||||
---
|
||||
platform/ext/target/arm/corstone1000/partition/flash_layout.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
index 41b4c6323f..bfe8c4fb3c 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
@@ -89,7 +89,7 @@
|
||||
#endif
|
||||
|
||||
/* Static Configurations of the Flash */
|
||||
-#define SE_BL2_PARTITION_SIZE (0x18800) /* 98 KB */
|
||||
+#define SE_BL2_PARTITION_SIZE (0x19000) /* 98 KB */
|
||||
#define SE_BL2_BANK_0_OFFSET (0x9000) /* 72nd LBA */
|
||||
#define SE_BL2_BANK_1_OFFSET (0x1002000) /* 32784th LBA */
|
||||
|
||||
@@ -0,0 +1,274 @@
|
||||
From eb096e4c03b80f9f31e5d15ca06e5a38e4112664 Mon Sep 17 00:00:00 2001
|
||||
From: Bence Balogh <bence.balogh@arm.com>
|
||||
Date: Tue, 7 Nov 2023 20:25:49 +0100
|
||||
Subject: [PATCH 1/2] platform: corstone1000: Update MPU configuration
|
||||
|
||||
In Armv6-M the MPU requires the regions to be aligned with
|
||||
region sizes.
|
||||
The commit aligns the different code/data sections using the
|
||||
alignment macros. The code/data sections can be covered by
|
||||
multiple MPU regions in order to save memory.
|
||||
|
||||
Small adjustments had to be made in the memory layout in order to
|
||||
not overflow the flash:
|
||||
- Decreased TFM_PARTITION_SIZE
|
||||
- Increased S_UNPRIV_DATA_SIZE
|
||||
|
||||
Added checks to the MPU configuration function for checking the
|
||||
MPU constraints:
|
||||
- Base address has to be aligned to the size
|
||||
- The minimum MPU region size is 0x100
|
||||
- The MPU can have 8 regions at most
|
||||
|
||||
Change-Id: I059468e8aba0822bb354fd1cd4987ac2bb1f34d1
|
||||
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25393]
|
||||
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 19 +++++
|
||||
.../arm/corstone1000/create-flash-image.sh | 8 +-
|
||||
.../arm/corstone1000/partition/flash_layout.h | 2 +-
|
||||
.../arm/corstone1000/partition/region_defs.h | 6 +-
|
||||
.../arm/corstone1000/tfm_hal_isolation.c | 83 +++++++++++++++----
|
||||
5 files changed, 93 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index e6cf15b11..8817f514c 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -22,6 +22,25 @@ target_compile_definitions(platform_region_defs
|
||||
INTERFACE
|
||||
$<$<BOOL:${TFM_S_REG_TEST}>:TFM_S_REG_TEST>
|
||||
)
|
||||
+
|
||||
+# The Armv6-M MPU requires that the MPU regions be aligned to the region sizes.
|
||||
+# The minimal region size is 0x100 bytes.
|
||||
+#
|
||||
+# The alignments have to be a power of two and ideally bigger than the section size (which
|
||||
+# can be checked in the map file).
|
||||
+# In some cases the alignment value is smaller than the actual section
|
||||
+# size to save memory. In that case, multiple MPU region has to be configured to cover it.
|
||||
+#
|
||||
+# To save memory, the attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for
|
||||
+# the SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE don't have to
|
||||
+# be aligned. The higher-priority regions will overwrite these attributes if needed.
|
||||
+# The RAM is also located in the SRAM so it has to be configured to overwrite these default
|
||||
+# attributes.
|
||||
+target_compile_definitions(platform_region_defs
|
||||
+ INTERFACE
|
||||
+ TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
|
||||
+ TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
|
||||
+)
|
||||
#========================= Platform common defs ===============================#
|
||||
|
||||
# Specify the location of platform specific build dependencies.
|
||||
diff --git a/platform/ext/target/arm/corstone1000/create-flash-image.sh b/platform/ext/target/arm/corstone1000/create-flash-image.sh
|
||||
index 2522d3674..a6be61384 100755
|
||||
--- a/platform/ext/target/arm/corstone1000/create-flash-image.sh
|
||||
+++ b/platform/ext/target/arm/corstone1000/create-flash-image.sh
|
||||
@@ -8,7 +8,7 @@
|
||||
|
||||
######################################################################
|
||||
# This script is to create a flash gpt image for corstone platform
|
||||
-#
|
||||
+#
|
||||
# Flash image layout:
|
||||
# |------------------------------|
|
||||
# | Protective MBR |
|
||||
@@ -82,15 +82,15 @@ sgdisk --mbrtogpt \
|
||||
--new=4:56:+4K --typecode=4:$PRIVATE_METADATA_TYPE_UUID --partition-guid=4:$(uuidgen) --change-name=4:'private_metadata_replica_1' \
|
||||
--new=5:64:+4k --typecode=5:$PRIVATE_METADATA_TYPE_UUID --partition-guid=5:$(uuidgen) --change-name=5:'private_metadata_replica_2' \
|
||||
--new=6:72:+100k --typecode=6:$SE_BL2_TYPE_UUID --partition-guid=6:$(uuidgen) --change-name=6:'bl2_primary' \
|
||||
- --new=7:272:+376K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
|
||||
+ --new=7:272:+368K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \
|
||||
--new=8:32784:+100k --typecode=8:$SE_BL2_TYPE_UUID --partition-guid=8:$(uuidgen) --change-name=8:'bl2_secondary' \
|
||||
- --new=9:32984:+376K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
|
||||
+ --new=9:32984:+368K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \
|
||||
--new=10:65496:65501 --partition-guid=10:$(uuidgen) --change-name=10:'reserved_2' \
|
||||
$IMAGE
|
||||
|
||||
[ $? -ne 0 ] && echo "Error occurs while writing the GPT layout" && exit 1
|
||||
|
||||
-# Write partitions
|
||||
+# Write partitions
|
||||
# conv=notrunc avoids truncation to keep the geometry of the image.
|
||||
dd if=$BIN_DIR/bl2_signed.bin of=${IMAGE} seek=72 conv=notrunc
|
||||
dd if=$BIN_DIR/tfm_s_signed.bin of=${IMAGE} seek=272 conv=notrunc
|
||||
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
index 568c8de28..7fffd94c6 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
|
||||
@@ -134,7 +134,7 @@
|
||||
|
||||
/* Bank configurations */
|
||||
#define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */
|
||||
-#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */
|
||||
+#define TFM_PARTITION_SIZE (0x5C000) /* 368 KB */
|
||||
|
||||
/************************************************************/
|
||||
/* Bank : Images flash offsets are with respect to the bank */
|
||||
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
index 99e822f51..64ab786e5 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
@@ -1,8 +1,10 @@
|
||||
/*
|
||||
- * Copyright (c) 2017-2022 Arm Limited. All rights reserved.
|
||||
+ * Copyright (c) 2017-2023 Arm Limited. All rights reserved.
|
||||
* Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company)
|
||||
* or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
|
||||
*
|
||||
+ * SPDX-License-Identifier: Apache-2.0
|
||||
+ *
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
@@ -53,7 +55,7 @@
|
||||
|
||||
#define S_DATA_START (SRAM_BASE + TFM_PARTITION_SIZE)
|
||||
#define S_DATA_SIZE (SRAM_SIZE - TFM_PARTITION_SIZE)
|
||||
-#define S_UNPRIV_DATA_SIZE (0x2160)
|
||||
+#define S_UNPRIV_DATA_SIZE (0x4000)
|
||||
#define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1)
|
||||
#define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
index 01f7687bc..98e795dde 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
|
||||
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
|
||||
* Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
|
||||
* company) or an affiliate of Cypress Semiconductor Corporation. All rights
|
||||
* reserved.
|
||||
@@ -14,9 +14,11 @@
|
||||
#include "tfm_hal_isolation.h"
|
||||
#include "mpu_config.h"
|
||||
#include "mmio_defs.h"
|
||||
+#include "flash_layout.h"
|
||||
|
||||
#define PROT_BOUNDARY_VAL \
|
||||
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
|
||||
+#define MPU_REGION_MIN_SIZE (0x100)
|
||||
|
||||
#ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT
|
||||
|
||||
@@ -31,20 +33,38 @@ REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
|
||||
REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
|
||||
#endif /* CONFIG_TFM_PARTITION_META */
|
||||
|
||||
-static void configure_mpu(uint32_t rnr, uint32_t base, uint32_t limit,
|
||||
- uint32_t is_xn_exec, uint32_t ap_permissions)
|
||||
+static enum tfm_hal_status_t configure_mpu(uint32_t rnr, uint32_t base,
|
||||
+ uint32_t limit, uint32_t is_xn_exec, uint32_t ap_permissions)
|
||||
{
|
||||
- uint32_t size; /* region size */
|
||||
+ uint32_t rbar_size_field; /* region size as it is used in the RBAR */
|
||||
uint32_t rasr; /* region attribute and size register */
|
||||
uint32_t rbar; /* region base address register */
|
||||
|
||||
- size = get_rbar_size_field(limit - base);
|
||||
+ rbar_size_field = get_rbar_size_field(limit - base);
|
||||
+
|
||||
+ /* The MPU region's base address has to be aligned to the region
|
||||
+ * size for a valid MPU configuration */
|
||||
+ if ((base % (1 << (rbar_size_field + 1))) != 0) {
|
||||
+ return TFM_HAL_ERROR_INVALID_INPUT;
|
||||
+ }
|
||||
+
|
||||
+ /* The MPU supports only 8 memory regions */
|
||||
+ if (rnr > 7) {
|
||||
+ return TFM_HAL_ERROR_INVALID_INPUT;
|
||||
+ }
|
||||
+
|
||||
+ /* The minimum size for a region is 0x100 bytes */
|
||||
+ if((limit - base) < MPU_REGION_MIN_SIZE) {
|
||||
+ return TFM_HAL_ERROR_INVALID_INPUT;
|
||||
+ }
|
||||
|
||||
rasr = ARM_MPU_RASR(is_xn_exec, ap_permissions, TEX, NOT_SHAREABLE,
|
||||
- NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, size);
|
||||
+ NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, rbar_size_field);
|
||||
rbar = base & MPU_RBAR_ADDR_Msk;
|
||||
|
||||
ARM_MPU_SetRegionEx(rnr, rbar, rasr);
|
||||
+
|
||||
+ return TFM_HAL_SUCCESS;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
|
||||
@@ -56,33 +76,60 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
|
||||
uint32_t rnr = TFM_ISOLATION_REGION_START_NUMBER; /* current region number */
|
||||
uint32_t base; /* start address */
|
||||
uint32_t limit; /* end address */
|
||||
+ enum tfm_hal_status_t ret;
|
||||
|
||||
ARM_MPU_Disable();
|
||||
|
||||
- /* TFM Core unprivileged code region */
|
||||
- base = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base);
|
||||
- limit = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit);
|
||||
-
|
||||
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
|
||||
-
|
||||
- /* RO region */
|
||||
- base = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base);
|
||||
- limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base);
|
||||
+ /* Armv6-M MPU allows region overlapping. The region with the higher RNR
|
||||
+ * will decide the attributes.
|
||||
+ *
|
||||
+ * The default attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for the
|
||||
+ * whole SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE
|
||||
+ * don't have to be aligned and memory space can be saved.
|
||||
+ * This region has the lowest RNR so the next regions can overwrite these
|
||||
+ * attributes if it's needed.
|
||||
+ */
|
||||
+ base = SRAM_BASE;
|
||||
+ limit = SRAM_BASE + SRAM_SIZE;
|
||||
+
|
||||
+ ret = configure_mpu(rnr++, base, limit,
|
||||
+ XN_EXEC_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ if (ret != TFM_HAL_SUCCESS) {
|
||||
+ return ret;
|
||||
+ }
|
||||
|
||||
- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV);
|
||||
|
||||
/* RW, ZI and stack as one region */
|
||||
base = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
|
||||
limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base);
|
||||
|
||||
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ /* The section size can be bigger than the alignment size, else the code would
|
||||
+ * not fit into the memory. Because of this, the sections can use multiple MPU
|
||||
+ * regions. */
|
||||
+ do {
|
||||
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT,
|
||||
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ if (ret != TFM_HAL_SUCCESS) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+ base += TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT;
|
||||
+ } while (base < limit);
|
||||
+
|
||||
|
||||
#ifdef CONFIG_TFM_PARTITION_META
|
||||
/* TFM partition metadata pointer region */
|
||||
base = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base);
|
||||
limit = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit);
|
||||
|
||||
- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ do {
|
||||
+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_SP_META_PTR_ALIGNMENT,
|
||||
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ if (ret != TFM_HAL_SUCCESS) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+ base += TFM_LINKER_SP_META_PTR_ALIGNMENT;
|
||||
+ } while (base < limit);
|
||||
+
|
||||
#endif
|
||||
|
||||
arm_mpu_enable();
|
||||
@@ -1,31 +0,0 @@
|
||||
From b05fb661b3afc3ed8e3d4817df2798e9d4877b39 Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Date: Mon, 15 May 2023 10:46:18 +0100
|
||||
Subject: [PATCH] Platform: Corstone1000: Increase BL2_DATA_SIZE
|
||||
|
||||
Increases BL2_DATA_SIZE to accommodate the changes in
|
||||
metadata_write/read.
|
||||
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103]
|
||||
|
||||
---
|
||||
platform/ext/target/arm/corstone1000/partition/region_defs.h | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
index abfac39b62..e7f0bad2ba 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
|
||||
@@ -90,9 +90,10 @@
|
||||
#define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE)
|
||||
#define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
|
||||
|
||||
+#define BL2_DATA_ADDITIONAL 448 /* To increase the BL2_DATA_SIZE more than the default value */
|
||||
#define BL2_DATA_START (BOOT_TFM_SHARED_DATA_BASE + \
|
||||
BOOT_TFM_SHARED_DATA_SIZE)
|
||||
-#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START)
|
||||
+#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START + BL2_DATA_ADDITIONAL)
|
||||
#define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1)
|
||||
|
||||
/* SE BL1 regions */
|
||||
@@ -0,0 +1,76 @@
|
||||
From ca7696bca357cfd71a34582c65a7c7c08828b6dc Mon Sep 17 00:00:00 2001
|
||||
From: Bence Balogh <bence.balogh@arm.com>
|
||||
Date: Mon, 18 Dec 2023 14:00:14 +0100
|
||||
Subject: [PATCH 2/2] platform: corstone1000: Cover S_DATA with MPU
|
||||
|
||||
The S_DATA has to be covered with MPU regions to override the
|
||||
other MPU regions with smaller RNR values.
|
||||
|
||||
Change-Id: I45fec65f51241939314941e25d287e6fdc82777c
|
||||
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25583]
|
||||
|
||||
---
|
||||
.../target/arm/corstone1000/CMakeLists.txt | 8 +++++++
|
||||
.../arm/corstone1000/tfm_hal_isolation.c | 22 +++++++++++++++++++
|
||||
2 files changed, 30 insertions(+)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
index 8817f514c..541504368 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
|
||||
@@ -40,6 +40,14 @@ target_compile_definitions(platform_region_defs
|
||||
INTERFACE
|
||||
TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000
|
||||
TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100
|
||||
+
|
||||
+ # The RAM MPU Region block sizes are calculated manually. The RAM has to be covered
|
||||
+ # with the MPU regions. These regions also have to be the power of 2 and
|
||||
+ # the start addresses have to be aligned to these sizes. The sizes can be calculated
|
||||
+ # from the S_DATA_START and S_DATA_SIZE defines.
|
||||
+ RAM_MPU_REGION_BLOCK_1_SIZE=0x4000
|
||||
+ RAM_MPU_REGION_BLOCK_2_SIZE=0x20000
|
||||
+
|
||||
)
|
||||
#========================= Platform common defs ===============================#
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
index 98e795dde..39b19c535 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "mpu_config.h"
|
||||
#include "mmio_defs.h"
|
||||
#include "flash_layout.h"
|
||||
+#include "region_defs.h"
|
||||
|
||||
#define PROT_BOUNDARY_VAL \
|
||||
((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK)
|
||||
@@ -132,6 +133,27 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
|
||||
|
||||
#endif
|
||||
|
||||
+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
|
||||
+ * SRAM and it has to be overridden.
|
||||
+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
|
||||
+ * and added to the platform_region_defs compile definitions.
|
||||
+ */
|
||||
+ base = S_DATA_START;
|
||||
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
|
||||
+ ret = configure_mpu(rnr++, base, limit,
|
||||
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ if (ret != TFM_HAL_SUCCESS) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
|
||||
+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
|
||||
+ ret = configure_mpu(rnr++, base, limit,
|
||||
+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
|
||||
+ if (ret != TFM_HAL_SUCCESS) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
arm_mpu_enable();
|
||||
|
||||
#endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
|
||||
@@ -1,69 +0,0 @@
|
||||
From 88cfce2e04913d48ec8636b6a3550d71ebdd49c4 Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Date: Mon, 15 May 2023 10:47:27 +0100
|
||||
Subject: [PATCH] Platform: Corstone1000: Calculate the new CRC32 value after
|
||||
changing the metadata
|
||||
|
||||
Calculates the new CRC32 value for the metadata struct after chaing a value
|
||||
during the capsule update. It also updates the CRC32 field in the metadata
|
||||
so it doesn't fail the CRC check after a succesfull capsule update.
|
||||
It also skips doing a sanity check the BL2 nv counter after the capsule
|
||||
update since the tfm bl1 does not sync metadata and nv counters in OTP during
|
||||
the boot anymore.
|
||||
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24104/7]
|
||||
|
||||
---
|
||||
.../arm/corstone1000/fw_update_agent/fwu_agent.c | 10 +++++++---
|
||||
1 file changed, 7 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index afd8d66e42..f564f2902c 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -802,6 +802,8 @@ static enum fwu_agent_error_t flash_full_capsule(
|
||||
}
|
||||
metadata->active_index = previous_active_index;
|
||||
metadata->previous_active_index = active_index;
|
||||
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
|
||||
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
|
||||
|
||||
ret = metadata_write(metadata);
|
||||
if (ret) {
|
||||
@@ -913,6 +915,8 @@ static enum fwu_agent_error_t accept_full_capsule(
|
||||
if (ret) {
|
||||
return ret;
|
||||
}
|
||||
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
|
||||
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
|
||||
|
||||
ret = metadata_write(metadata);
|
||||
if (ret) {
|
||||
@@ -1007,6 +1011,8 @@ static enum fwu_agent_error_t fwu_select_previous(
|
||||
if (ret) {
|
||||
return ret;
|
||||
}
|
||||
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
|
||||
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
|
||||
|
||||
ret = metadata_write(metadata);
|
||||
if (ret) {
|
||||
@@ -1119,8 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters(
|
||||
|
||||
FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
|
||||
- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
|
||||
-
|
||||
+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
|
||||
switch (i) {
|
||||
case FWU_BL2_NV_COUNTER:
|
||||
tfm_nv_counter_i = PLAT_NV_COUNTER_BL1_0;
|
||||
@@ -1141,7 +1146,6 @@ static enum fwu_agent_error_t update_nv_counters(
|
||||
if (err != TFM_PLAT_ERR_SUCCESS) {
|
||||
return FWU_AGENT_ERROR;
|
||||
}
|
||||
-
|
||||
if (priv_metadata->nv_counter[i] < security_cnt) {
|
||||
return FWU_AGENT_ERROR;
|
||||
} else if (priv_metadata->nv_counter[i] > security_cnt) {
|
||||
@@ -0,0 +1,76 @@
|
||||
From f7b58b5ba5b48e071eb360c1bcfc4d31290a77c1 Mon Sep 17 00:00:00 2001
|
||||
From: Ali Can Ozaslan <ali.oezaslan@arm.com>
|
||||
Date: Tue, 5 Mar 2024 21:01:59 +0000
|
||||
Subject: [PATCH] Platform:corstone1000:Fix issues due to adjustment Mailbox
|
||||
Agent params
|
||||
|
||||
Adjust Mailbox Agent API parameters patch changed memory check and
|
||||
related parameters. As a result, platform-specific issues occurred.
|
||||
Secure side client IDs are converted to negative values. Control
|
||||
parameter is created.
|
||||
|
||||
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
|
||||
Upstream-Status: Pending
|
||||
|
||||
---
|
||||
.../tfm_spe_dual_core_psa_client_secure_lib.c | 23 +++++++++++++++----
|
||||
1 file changed, 18 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c
|
||||
index d2eabe144..39e11b8cd 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c
|
||||
@@ -18,6 +18,9 @@
|
||||
#include "utilities.h"
|
||||
#include "thread.h"
|
||||
|
||||
+#define SE_PROXY_SP_UID 0
|
||||
+#define SMM_GW_SP_UID 0x8003
|
||||
+
|
||||
/**
|
||||
* In linux environment and for psa_call type client api,
|
||||
* the layout of the reply from tf-m to linux is as following.
|
||||
@@ -174,7 +177,14 @@ static psa_status_t prepare_params_for_psa_call(struct client_params_t *params,
|
||||
{
|
||||
psa_status_t ret = PSA_SUCCESS;
|
||||
|
||||
- params->ns_client_id_stateless = s_map_entry->msg.client_id;
|
||||
+ if (s_map_entry->msg.client_id == SE_PROXY_SP_UID) {
|
||||
+ params->ns_client_id_stateless = -1;
|
||||
+ }
|
||||
+ else if (s_map_entry->msg.client_id == SMM_GW_SP_UID) {
|
||||
+ params->ns_client_id_stateless = -1 * s_map_entry->msg.client_id;
|
||||
+ } else {
|
||||
+ params->ns_client_id_stateless = s_map_entry->msg.client_id;
|
||||
+ }
|
||||
|
||||
params->p_outvecs = NULL;
|
||||
ret = alloc_and_prepare_out_vecs(¶ms->p_outvecs, s_map_entry);
|
||||
@@ -250,6 +260,9 @@ void deliver_msg_to_tfm_spe(void *private)
|
||||
struct client_params_t params = {0};
|
||||
psa_status_t psa_ret = PSA_ERROR_GENERIC_ERROR;
|
||||
unordered_map_entry_t* s_map_entry = (unordered_map_entry_t*)private;
|
||||
+ uint32_t control = PARAM_PACK(s_map_entry->msg.params.psa_call_params.type,
|
||||
+ s_map_entry->msg.params.psa_call_params.in_len,
|
||||
+ s_map_entry->msg.params.psa_call_params.out_len);
|
||||
|
||||
switch(s_map_entry->msg.call_type) {
|
||||
case OPENAMP_PSA_FRAMEWORK_VERSION:
|
||||
@@ -266,11 +279,11 @@ void deliver_msg_to_tfm_spe(void *private)
|
||||
send_service_reply_to_non_secure(psa_ret, s_map_entry);
|
||||
break;
|
||||
}
|
||||
+ control = PARAM_SET_NS_INVEC(control);
|
||||
+ control = PARAM_SET_NS_OUTVEC(control);
|
||||
+ control = PARAM_SET_NS_VEC(control);
|
||||
psa_ret = tfm_rpc_psa_call(s_map_entry->msg.params.psa_call_params.handle,
|
||||
- PARAM_PACK(s_map_entry->msg.params.psa_call_params.type,
|
||||
- s_map_entry->msg.params.psa_call_params.in_len,
|
||||
- s_map_entry->msg.params.psa_call_params.out_len),
|
||||
- ¶ms, NULL);
|
||||
+ control, ¶ms, NULL);
|
||||
if (psa_ret != PSA_SUCCESS) {
|
||||
send_service_reply_to_non_secure(psa_ret, s_map_entry);
|
||||
break;
|
||||
@@ -1,24 +0,0 @@
|
||||
From 04ce07d289e8cec75223349e9ebf7e69126fc04d Mon Sep 17 00:00:00 2001
|
||||
From: Jon Mason <jon.mason@arm.com>
|
||||
Date: Wed, 18 Jan 2023 15:13:37 -0500
|
||||
Subject: [PATCH] arm/trusted-firmware-m: disable fatal warnings
|
||||
|
||||
Signed-off-by: Jon Mason <jon.mason@arm.com>
|
||||
Upstream-Status: Inappropriate
|
||||
|
||||
---
|
||||
toolchain_GNUARM.cmake | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake
|
||||
index 7989718515..a5939323d6 100644
|
||||
--- a/toolchain_GNUARM.cmake
|
||||
+++ b/toolchain_GNUARM.cmake
|
||||
@@ -71,7 +71,6 @@ macro(tfm_toolchain_reset_linker_flags)
|
||||
--entry=Reset_Handler
|
||||
-specs=nano.specs
|
||||
LINKER:-check-sections
|
||||
- LINKER:-fatal-warnings
|
||||
LINKER:--gc-sections
|
||||
LINKER:--no-wchar-size-warning
|
||||
${MEMORY_USAGE_FLAG}
|
||||
@@ -1,35 +0,0 @@
|
||||
From 3004fda909079ebebd62c495a4e49e64d6c8a85f Mon Sep 17 00:00:00 2001
|
||||
From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
|
||||
Date: Tue, 8 Aug 2023 10:58:01 +0000
|
||||
Subject: [PATCH] Platform corstone1000 add unique firmware GUID
|
||||
|
||||
Add unique Corstone-1000 firmware GUID
|
||||
|
||||
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24132/3]
|
||||
---
|
||||
.../target/arm/corstone1000/fw_update_agent/fwu_agent.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index f564f2902c..9c31aeee9d 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -113,10 +113,10 @@ enum fwu_agent_state_t {
|
||||
};
|
||||
|
||||
struct efi_guid full_capsule_image_guid = {
|
||||
- .time_low = 0xe2bb9c06,
|
||||
- .time_mid = 0x70e9,
|
||||
- .time_hi_and_version = 0x4b14,
|
||||
- .clock_seq_and_node = {0x97, 0xa3, 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f}
|
||||
+ .time_low = 0x989f3a4e,
|
||||
+ .time_mid = 0x46e0,
|
||||
+ .time_hi_and_version = 0x4cd0,
|
||||
+ .clock_seq_and_node = {0x98, 0x77, 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29}
|
||||
};
|
||||
|
||||
|
||||
--
|
||||
2.38.1
|
||||
|
||||
@@ -1,102 +0,0 @@
|
||||
From fa0988fd876400dc1bb451fffc4b167265b40d25 Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Date: Thu, 14 Sep 2023 12:14:28 +0100
|
||||
Subject: [PATCH] Platform: Corstone1000: Enable Signed Capsule
|
||||
|
||||
Enables signed capsule update and adjusts the necessary structs (fmp_payload_header
|
||||
, image_auth, etc.) to comply with the new capsule generation tool (mkeficapsule).
|
||||
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24131/3]
|
||||
---
|
||||
.../fw_update_agent/uefi_capsule_parser.c | 25 +++++++++++--------
|
||||
.../fw_update_agent/uefi_capsule_parser.h | 2 ++
|
||||
2 files changed, 17 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
index b72ff1eb91..c706c040ac 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
|
||||
@@ -102,11 +102,9 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
|
||||
}
|
||||
|
||||
capsule_header = (efi_capsule_header_t*)ptr;
|
||||
- ptr += sizeof(efi_capsule_header_t) + sizeof(uint32_t);
|
||||
+ ptr += sizeof(efi_capsule_header_t);
|
||||
fmp_capsule_header = (efi_firmware_management_capsule_header_t*)ptr;
|
||||
|
||||
- fmp_payload_header = fmp_capsule_header + sizeof(*fmp_capsule_header);
|
||||
-
|
||||
total_size = capsule_header->capsule_image_size;
|
||||
image_count = fmp_capsule_header->payload_item_count;
|
||||
images_info->nr_image = image_count;
|
||||
@@ -119,22 +117,20 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
|
||||
}
|
||||
|
||||
for (int i = 0; i < image_count; i++) {
|
||||
-
|
||||
image_header = (efi_firmware_management_capsule_image_header_t*)(ptr +
|
||||
fmp_capsule_header->item_offset_list[i]);
|
||||
|
||||
images_info->size[i] = image_header->update_image_size;
|
||||
- images_info->version[i] = fmp_payload_header->fw_version;
|
||||
- FWU_LOG_MSG("%s: image %i version = %u\n\r", __func__, i,
|
||||
- images_info->version[i]);
|
||||
+
|
||||
#ifdef AUTHENTICATED_CAPSULE
|
||||
image_auth = (efi_firmware_image_authentication_t*)(
|
||||
(char*)image_header +
|
||||
sizeof (efi_firmware_management_capsule_image_header_t)
|
||||
);
|
||||
auth_size = sizeof(uint64_t) /* monotonic_count */ +
|
||||
- image_auth->auth_info.hdr.dwLength /* WIN_CERTIFICATE + cert_data */ +
|
||||
- sizeof(struct efi_guid) /* cert_type */;
|
||||
+ image_auth->auth_info.hdr.dwLength/* WIN_CERTIFICATE + cert_data + cert_type */;
|
||||
+
|
||||
+ fmp_payload_header = (fmp_payload_header_t*)((char*)image_auth + auth_size);
|
||||
|
||||
FWU_LOG_MSG("%s: auth size = %u\n\r", __func__, auth_size);
|
||||
|
||||
@@ -143,16 +139,25 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
|
||||
images_info->image[i] = (
|
||||
(char*)image_header +
|
||||
sizeof(efi_firmware_management_capsule_image_header_t) +
|
||||
- auth_size);
|
||||
+ auth_size +
|
||||
+ sizeof(*fmp_payload_header));
|
||||
#else
|
||||
images_info->image[i] = (
|
||||
(char*)image_header +
|
||||
sizeof(efi_firmware_management_capsule_image_header_t) +
|
||||
sizeof(*fmp_payload_header));
|
||||
+
|
||||
+ fmp_payload_header = (fmp_payload_header_t*)((char*)image_header +
|
||||
+ sizeof(efi_firmware_management_capsule_image_header_t));
|
||||
+
|
||||
#endif
|
||||
memcpy(&images_info->guid[i], &(image_header->update_image_type_id),
|
||||
sizeof(struct efi_guid));
|
||||
|
||||
+ images_info->version[i] = fmp_payload_header->fw_version;
|
||||
+ FWU_LOG_MSG("%s: image %i version = %d\n\r", __func__, i,
|
||||
+ images_info->version[i]);
|
||||
+
|
||||
FWU_LOG_MSG("%s: image %d at %p, size=%u\n\r", __func__, i,
|
||||
images_info->image[i], images_info->size[i]);
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
index a890a709e9..a31cd8a3a0 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
|
||||
@@ -12,6 +12,8 @@
|
||||
#include "fip_parser/external/uuid.h"
|
||||
#include "flash_layout.h"
|
||||
|
||||
+#define AUTHENTICATED_CAPSULE 1
|
||||
+
|
||||
enum uefi_capsule_error_t {
|
||||
UEFI_CAPSULE_PARSER_SUCCESS = 0,
|
||||
UEFI_CAPSULE_PARSER_ERROR = (-1)
|
||||
--
|
||||
2.17.1
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
From 001e5bea183bc78352ac3ba6283d9d7912bb6ea5 Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <Emekcan.Aras@arm.com>
|
||||
Date: Wed, 21 Feb 2024 07:44:25 +0000
|
||||
Subject: [PATCH] Platform: Corstone1000: skip the first nv counter
|
||||
|
||||
It skips doing a sanity check the BL2 nv counter after the capsule
|
||||
update since the tfm bl1 does not sync metadata and nv counters in OTP during
|
||||
the boot anymore.
|
||||
|
||||
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
|
||||
Upstream-Status: Pending
|
||||
|
||||
---
|
||||
.../ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
index 2e6de255b..2e6cf8047 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
|
||||
@@ -1125,7 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters(
|
||||
|
||||
FWU_LOG_MSG("%s: enter\n\r", __func__);
|
||||
|
||||
- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
|
||||
+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
|
||||
|
||||
switch (i) {
|
||||
case FWU_BL2_NV_COUNTER:
|
||||
--
|
||||
2.25.1
|
||||
|
||||
|
||||
@@ -1,29 +0,0 @@
|
||||
From ef97f7083279565dab45a550139935d741f159a9 Mon Sep 17 00:00:00 2001
|
||||
From: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Date: Fri, 29 Sep 2023 09:57:19 +0100
|
||||
Subject: [PATCH] platform: corstone1000: Increase ITS max asset size
|
||||
|
||||
Increases the max asset size for ITS to enable parsec services & tests
|
||||
|
||||
Upstream-Status: Pending
|
||||
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
|
||||
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
|
||||
---
|
||||
platform/ext/target/arm/corstone1000/config_tfm_target.h | 5 +++++
|
||||
1 files changed, 5 insertions(+)
|
||||
|
||||
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
|
||||
index e968366639..3f6e8477e5 100644
|
||||
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
|
||||
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
|
||||
@@ -24,4 +24,9 @@
|
||||
#undef PS_NUM_ASSETS
|
||||
#define PS_NUM_ASSETS 20
|
||||
|
||||
+/* The maximum size of asset to be stored in the Internal Trusted Storage area. */
|
||||
+#undef ITS_MAX_ASSET_SIZE
|
||||
+#define ITS_MAX_ASSET_SIZE 2048
|
||||
+
|
||||
+
|
||||
#endif /* __CONFIG_TFM_TARGET_H__ */
|
||||
--
|
||||
@@ -1,46 +0,0 @@
|
||||
# Common src definitions for trusted-firmware-m and trusted-firmware-m-scripts
|
||||
|
||||
LICENSE = "BSD-2-Clause & BSD-3-Clause & Apache-2.0"
|
||||
|
||||
LIC_FILES_CHKSUM = "file://license.rst;md5=07f368487da347f3c7bd0fc3085f3afa \
|
||||
file://../tf-m-tests/license.rst;md5=4481bae2221b0cfca76a69fb3411f390 \
|
||||
file://../mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
|
||||
file://../mcuboot/LICENSE;md5=b6ee33f1d12a5e6ee3de1e82fb51eeb8"
|
||||
|
||||
SRC_URI_TRUSTED_FIRMWARE_M ?= "git://git.trustedfirmware.org/TF-M/trusted-firmware-m.git;protocol=https"
|
||||
SRC_URI_TRUSTED_FIRMWARE_M_TESTS ?= "git://git.trustedfirmware.org/TF-M/tf-m-tests.git;protocol=https"
|
||||
SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS ?= "git://github.com/ARMmbed/mbedtls.git;protocol=https"
|
||||
SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT ?= "git://github.com/mcu-tools/mcuboot.git;protocol=https"
|
||||
SRC_URI_TRUSTED_FIRMWARE_M_QCBOR ?= "git://github.com/laurencelundblade/QCBOR.git;protocol=https"
|
||||
SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS ?= "git://git.trustedfirmware.org/TF-M/tf-m-extras.git;protocol=https"
|
||||
SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_M};branch=${SRCBRANCH_tfm};name=tfm;destsuffix=git/tfm \
|
||||
${SRC_URI_TRUSTED_FIRMWARE_M_TESTS};branch=${SRCBRANCH_tfm-tests};name=tfm-tests;destsuffix=git/tf-m-tests \
|
||||
${SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS};branch=${SRCBRANCH_mbedtls};name=mbedtls;destsuffix=git/mbedtls \
|
||||
${SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT};branch=${SRCBRANCH_mcuboot};name=mcuboot;destsuffix=git/mcuboot \
|
||||
${SRC_URI_TRUSTED_FIRMWARE_M_QCBOR};branch=${SRCBRANCH_qcbor};name=qcbor;destsuffix=git/qcbor \
|
||||
${SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS};branch=${SRCBRANCH_tfm-extras};name=tfm-extras;destsuffix=git/tfm-extras \
|
||||
"
|
||||
|
||||
# The required dependencies are documented in tf-m/config/config_default.cmake
|
||||
# TF-Mv1.8.1
|
||||
SRCBRANCH_tfm ?= "master"
|
||||
SRCREV_tfm = "53aa78efef274b9e46e63b429078ae1863609728"
|
||||
# TF-Mv1.8.1
|
||||
SRCBRANCH_tfm-tests ?= "master"
|
||||
SRCREV_tfm-tests = "1273c5bcd3d8ade60d51524797e0b22b6fd7eea1"
|
||||
# mbedtls-3.4.1
|
||||
SRCBRANCH_mbedtls ?= "master"
|
||||
SRCREV_mbedtls = "72718dd87e087215ce9155a826ee5a66cfbe9631"
|
||||
# mcuboot v1.10.0
|
||||
SRCBRANCH_mcuboot ?= "main"
|
||||
SRCREV_mcuboot = "23d28832f02dcdc18687782c6cd8ba99e9b274d2"
|
||||
# QCBOR v1.2
|
||||
SRCBRANCH_qcbor ?= "master"
|
||||
SRCREV_qcbor = "b0e7033268e88c9f27146fa9a1415ef4c19ebaff"
|
||||
# TF-Mv1.8.1
|
||||
SRCBRANCH_tfm-extras ?= "master"
|
||||
SRCREV_tfm-extras = "504ae9a9a50981e9dd4d8accec8261a1dba9e965"
|
||||
|
||||
SRCREV_FORMAT = "tfm"
|
||||
|
||||
S = "${WORKDIR}/git/tfm"
|
||||
@@ -9,13 +9,14 @@ TFM_DEBUG = "1"
|
||||
## Default is the MPS3 board
|
||||
TFM_PLATFORM_IS_FVP ?= "FALSE"
|
||||
EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}"
|
||||
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=ON"
|
||||
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=OFF"
|
||||
|
||||
# libmetal v2023.04.0
|
||||
LICENSE += "& BSD-3-Clause"
|
||||
LIC_FILES_CHKSUM += "file://../libmetal/LICENSE.md;md5=f4d5df0f12dcea1b1a0124219c0dbab4"
|
||||
SRC_URI += "git://github.com/OpenAMP/libmetal.git;protocol=https;branch=main;name=libmetal;destsuffix=git/libmetal \
|
||||
file://0001-cmake-modify-path-to-libmetal-version-file.patch;patchdir=../libmetal \
|
||||
file://0002-arm-trusted-firmware-m-disable-address-warnings-into.patch \
|
||||
"
|
||||
SRCREV_libmetal = "28fa2351d6a8121ce6c1c2ac5ee43ce08d38dbae"
|
||||
EXTRA_OECMAKE += "-DLIBMETAL_SRC_PATH=${S}/../libmetal -DLIBMETAL_BIN_PATH=${B}/libmetal-build"
|
||||
@@ -32,15 +33,12 @@ EXTRA_OECMAKE += "-DLIBOPENAMP_SRC_PATH=${S}/../openamp -DLIBOPENAMP_BIN_PATH=${
|
||||
|
||||
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
|
||||
SRC_URI:append:corstone1000 = " \
|
||||
file://0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch \
|
||||
file://0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch \
|
||||
file://0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch \
|
||||
file://0004-arm-trusted-firmware-m-disable-fatal-warnings.patch \
|
||||
file://0005-Platform-corstone1000-add-unique-firmware-GUID.patch \
|
||||
file://0006-Platform-Corstone1000-Enable-Signed-Capsule.patch \
|
||||
file://0007-platform-corstone1000-increase-ITS-max-asset-size.patch \
|
||||
file://0008-platform-corstone1000-align-capsule-update-structs.patch \
|
||||
file://0009-platform-corstone1000-fix-synchronization-issue-on-o.patch \
|
||||
file://0001-platform-corstone1000-Update-MPU-configuration.patch \
|
||||
file://0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch \
|
||||
file://0003-Platform-corstone1000-Fix-issues-due-to-adjustment-M.patch \
|
||||
file://0004-platform-corstone1000-align-capsule-update-structs.patch \
|
||||
file://0005-platform-corstone1000-fix-synchronization-issue-on-o.patch \
|
||||
file://0006-Platform-Corstone1000-skip-the-first-nv-counter.patch \
|
||||
"
|
||||
|
||||
# TF-M ships patches for external dependencies that needs to be applied
|
||||
@@ -54,10 +52,10 @@ apply_tfm_patches() {
|
||||
do_patch[postfuncs] += "apply_tfm_patches"
|
||||
|
||||
do_install() {
|
||||
install -D -p -m 0644 ${B}/install/outputs/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
|
||||
install -D -p -m 0644 ${B}/install/outputs/bl2_signed.bin ${D}/firmware/bl2_signed.bin
|
||||
install -D -p -m 0644 ${B}/install/outputs/bl1_1.bin ${D}/firmware/bl1_1.bin
|
||||
install -D -p -m 0644 ${B}/install/outputs/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin
|
||||
install -D -p -m 0644 ${B}/bin/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
|
||||
install -D -p -m 0644 ${B}/bin/bl2_signed.bin ${D}/firmware/bl2_signed.bin
|
||||
install -D -p -m 0644 ${B}/bin/bl1_1.bin ${D}/firmware/bl1_1.bin
|
||||
install -D -p -m 0644 ${B}/bin/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin
|
||||
}
|
||||
|
||||
create_bl1_image(){
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc
|
||||
require recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native.inc
|
||||
@@ -1,2 +0,0 @@
|
||||
require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc
|
||||
require recipes-bsp/trusted-firmware-m/trusted-firmware-m.inc
|
||||
@@ -17,7 +17,7 @@ part --source empty --size 4k --align 4 --offset 32k --part-name="private_metada
|
||||
|
||||
part --source rawcopy --size 100k --sourceparams="file=bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9
|
||||
|
||||
part --source rawcopy --size 376k --sourceparams="file=tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
|
||||
part --source rawcopy --size 368k --sourceparams="file=tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
|
||||
|
||||
# Rawcopy of the FIP binary
|
||||
part --source rawcopy --size 2 --sourceparams="file=signed_fip-corstone1000.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7
|
||||
@@ -26,8 +26,8 @@ part --source rawcopy --size 2 --sourceparams="file=signed_fip-corstone1000.bin"
|
||||
part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type 8197561D-6124-46FC-921E-141CC5745B05
|
||||
|
||||
|
||||
part --source empty --size 100k --offset 16492k --align 4 --part-name="bl2_secondary" --uuid 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9
|
||||
part --source empty --size 376k --align 4 --part-name="tfm_secondary" --uuid 009A6A12-64A6-4F0F-9882-57CD79A34A3D --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
|
||||
part --source empty --size 100k --offset 16488k --align 4 --part-name="bl2_secondary" --uuid 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9
|
||||
part --source empty --size 368k --align 4 --part-name="tfm_secondary" --uuid 009A6A12-64A6-4F0F-9882-57CD79A34A3D --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
|
||||
part --source empty --size 2 --align 4 --part-name="FIP_B" --uuid 9424E370-7BC9-43BB-8C23-71EE645E1273 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7
|
||||
part --source empty --size 12 --align 4 --part-name="kernel_secondary" --uuid A2698A91-F9B1-4629-9188-94E4520808F8 --part-type 8197561D-6124-46FC-921E-141CC5745B05
|
||||
|
||||
|
||||
Reference in New Issue
Block a user