diff --git a/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm-bsp/conf/machine/include/corstone1000.inc index a25a214e..a82d0076 100644 --- a/meta-arm-bsp/conf/machine/include/corstone1000.inc +++ b/meta-arm-bsp/conf/machine/include/corstone1000.inc @@ -3,7 +3,7 @@ require conf/machine/include/arm/armv8a/tune-cortexa35.inc MACHINEOVERRIDES =. "corstone1000:" # TF-M -PREFERRED_VERSION_trusted-firmware-m ?= "1.8.%" +PREFERRED_VERSION_trusted-firmware-m ?= "2.0.%" # TF-A TFA_PLATFORM = "corstone1000" diff --git a/meta-arm-bsp/documentation/corstone1000/images/ExternalFlash.png b/meta-arm-bsp/documentation/corstone1000/images/ExternalFlash.png index 399f8756..578f0389 100644 Binary files a/meta-arm-bsp/documentation/corstone1000/images/ExternalFlash.png and b/meta-arm-bsp/documentation/corstone1000/images/ExternalFlash.png differ diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/0002-arm-trusted-firmware-m-disable-address-warnings-into.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/0002-arm-trusted-firmware-m-disable-address-warnings-into.patch new file mode 100644 index 00000000..1f19f55c --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/0002-arm-trusted-firmware-m-disable-address-warnings-into.patch @@ -0,0 +1,26 @@ +From 961d2e3718e9e6d652cadf5b4d3597cfe822dd04 Mon Sep 17 00:00:00 2001 +From: Ali Can Ozaslan +Date: Wed, 24 Jan 2024 16:10:08 +0000 +Subject: [PATCH] arm/trusted-firmware-m: disable address warnings into an + error + +Signed-off-by: Emekcan Aras +Signed-off-by: Ali Can Ozaslan +Upstream-Status: Inappropriate + +--- + toolchain_GNUARM.cmake | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake +index b6ae50ec3..4c2f5b3d7 100644 +--- a/toolchain_GNUARM.cmake ++++ b/toolchain_GNUARM.cmake +@@ -111,6 +111,7 @@ add_compile_options( + -Wno-format + -Wno-return-type + -Wno-unused-but-set-variable ++ -Wno-error=address + -c + -fdata-sections + -ffunction-sections diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch deleted file mode 100644 index 4f00ea28..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 60598f3b44237bd5038e33400e749ec1e7e8fbda Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Mon, 15 May 2023 10:42:23 +0100 -Subject: [PATCH] Platform: corstone1000: Increase BL2 size in flash layout - -Increases BL2 size to align with the flash page size in corstone1000. - -Signed-off-by: Emekcan Aras -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103] - ---- - platform/ext/target/arm/corstone1000/partition/flash_layout.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h -index 41b4c6323f..bfe8c4fb3c 100644 ---- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h -+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h -@@ -89,7 +89,7 @@ - #endif - - /* Static Configurations of the Flash */ --#define SE_BL2_PARTITION_SIZE (0x18800) /* 98 KB */ -+#define SE_BL2_PARTITION_SIZE (0x19000) /* 98 KB */ - #define SE_BL2_BANK_0_OFFSET (0x9000) /* 72nd LBA */ - #define SE_BL2_BANK_1_OFFSET (0x1002000) /* 32784th LBA */ - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch new file mode 100644 index 00000000..25e53b56 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch @@ -0,0 +1,274 @@ +From eb096e4c03b80f9f31e5d15ca06e5a38e4112664 Mon Sep 17 00:00:00 2001 +From: Bence Balogh +Date: Tue, 7 Nov 2023 20:25:49 +0100 +Subject: [PATCH 1/2] platform: corstone1000: Update MPU configuration + +In Armv6-M the MPU requires the regions to be aligned with +region sizes. +The commit aligns the different code/data sections using the +alignment macros. The code/data sections can be covered by +multiple MPU regions in order to save memory. + +Small adjustments had to be made in the memory layout in order to +not overflow the flash: +- Decreased TFM_PARTITION_SIZE +- Increased S_UNPRIV_DATA_SIZE + +Added checks to the MPU configuration function for checking the +MPU constraints: +- Base address has to be aligned to the size +- The minimum MPU region size is 0x100 +- The MPU can have 8 regions at most + +Change-Id: I059468e8aba0822bb354fd1cd4987ac2bb1f34d1 +Signed-off-by: Bence Balogh +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25393] + +--- + .../target/arm/corstone1000/CMakeLists.txt | 19 +++++ + .../arm/corstone1000/create-flash-image.sh | 8 +- + .../arm/corstone1000/partition/flash_layout.h | 2 +- + .../arm/corstone1000/partition/region_defs.h | 6 +- + .../arm/corstone1000/tfm_hal_isolation.c | 83 +++++++++++++++---- + 5 files changed, 93 insertions(+), 25 deletions(-) + +diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt +index e6cf15b11..8817f514c 100644 +--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt ++++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt +@@ -22,6 +22,25 @@ target_compile_definitions(platform_region_defs + INTERFACE + $<$:TFM_S_REG_TEST> + ) ++ ++# The Armv6-M MPU requires that the MPU regions be aligned to the region sizes. ++# The minimal region size is 0x100 bytes. ++# ++# The alignments have to be a power of two and ideally bigger than the section size (which ++# can be checked in the map file). ++# In some cases the alignment value is smaller than the actual section ++# size to save memory. In that case, multiple MPU region has to be configured to cover it. ++# ++# To save memory, the attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for ++# the SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE don't have to ++# be aligned. The higher-priority regions will overwrite these attributes if needed. ++# The RAM is also located in the SRAM so it has to be configured to overwrite these default ++# attributes. ++target_compile_definitions(platform_region_defs ++ INTERFACE ++ TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000 ++ TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100 ++) + #========================= Platform common defs ===============================# + + # Specify the location of platform specific build dependencies. +diff --git a/platform/ext/target/arm/corstone1000/create-flash-image.sh b/platform/ext/target/arm/corstone1000/create-flash-image.sh +index 2522d3674..a6be61384 100755 +--- a/platform/ext/target/arm/corstone1000/create-flash-image.sh ++++ b/platform/ext/target/arm/corstone1000/create-flash-image.sh +@@ -8,7 +8,7 @@ + + ###################################################################### + # This script is to create a flash gpt image for corstone platform +-# ++# + # Flash image layout: + # |------------------------------| + # | Protective MBR | +@@ -82,15 +82,15 @@ sgdisk --mbrtogpt \ + --new=4:56:+4K --typecode=4:$PRIVATE_METADATA_TYPE_UUID --partition-guid=4:$(uuidgen) --change-name=4:'private_metadata_replica_1' \ + --new=5:64:+4k --typecode=5:$PRIVATE_METADATA_TYPE_UUID --partition-guid=5:$(uuidgen) --change-name=5:'private_metadata_replica_2' \ + --new=6:72:+100k --typecode=6:$SE_BL2_TYPE_UUID --partition-guid=6:$(uuidgen) --change-name=6:'bl2_primary' \ +- --new=7:272:+376K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \ ++ --new=7:272:+368K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \ + --new=8:32784:+100k --typecode=8:$SE_BL2_TYPE_UUID --partition-guid=8:$(uuidgen) --change-name=8:'bl2_secondary' \ +- --new=9:32984:+376K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \ ++ --new=9:32984:+368K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \ + --new=10:65496:65501 --partition-guid=10:$(uuidgen) --change-name=10:'reserved_2' \ + $IMAGE + + [ $? -ne 0 ] && echo "Error occurs while writing the GPT layout" && exit 1 + +-# Write partitions ++# Write partitions + # conv=notrunc avoids truncation to keep the geometry of the image. + dd if=$BIN_DIR/bl2_signed.bin of=${IMAGE} seek=72 conv=notrunc + dd if=$BIN_DIR/tfm_s_signed.bin of=${IMAGE} seek=272 conv=notrunc +diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h +index 568c8de28..7fffd94c6 100644 +--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h ++++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h +@@ -134,7 +134,7 @@ + + /* Bank configurations */ + #define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */ +-#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */ ++#define TFM_PARTITION_SIZE (0x5C000) /* 368 KB */ + + /************************************************************/ + /* Bank : Images flash offsets are with respect to the bank */ +diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h +index 99e822f51..64ab786e5 100644 +--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h ++++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h +@@ -1,8 +1,10 @@ + /* +- * Copyright (c) 2017-2022 Arm Limited. All rights reserved. ++ * Copyright (c) 2017-2023 Arm Limited. All rights reserved. + * Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company) + * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. + * ++ * SPDX-License-Identifier: Apache-2.0 ++ * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at +@@ -53,7 +55,7 @@ + + #define S_DATA_START (SRAM_BASE + TFM_PARTITION_SIZE) + #define S_DATA_SIZE (SRAM_SIZE - TFM_PARTITION_SIZE) +-#define S_UNPRIV_DATA_SIZE (0x2160) ++#define S_UNPRIV_DATA_SIZE (0x4000) + #define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1) + #define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE) + +diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c +index 01f7687bc..98e795dde 100644 +--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c ++++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2020-2022, Arm Limited. All rights reserved. ++ * Copyright (c) 2020-2023, Arm Limited. All rights reserved. + * Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon + * company) or an affiliate of Cypress Semiconductor Corporation. All rights + * reserved. +@@ -14,9 +14,11 @@ + #include "tfm_hal_isolation.h" + #include "mpu_config.h" + #include "mmio_defs.h" ++#include "flash_layout.h" + + #define PROT_BOUNDARY_VAL \ + ((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK) ++#define MPU_REGION_MIN_SIZE (0x100) + + #ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT + +@@ -31,20 +33,38 @@ REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base); + REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit); + #endif /* CONFIG_TFM_PARTITION_META */ + +-static void configure_mpu(uint32_t rnr, uint32_t base, uint32_t limit, +- uint32_t is_xn_exec, uint32_t ap_permissions) ++static enum tfm_hal_status_t configure_mpu(uint32_t rnr, uint32_t base, ++ uint32_t limit, uint32_t is_xn_exec, uint32_t ap_permissions) + { +- uint32_t size; /* region size */ ++ uint32_t rbar_size_field; /* region size as it is used in the RBAR */ + uint32_t rasr; /* region attribute and size register */ + uint32_t rbar; /* region base address register */ + +- size = get_rbar_size_field(limit - base); ++ rbar_size_field = get_rbar_size_field(limit - base); ++ ++ /* The MPU region's base address has to be aligned to the region ++ * size for a valid MPU configuration */ ++ if ((base % (1 << (rbar_size_field + 1))) != 0) { ++ return TFM_HAL_ERROR_INVALID_INPUT; ++ } ++ ++ /* The MPU supports only 8 memory regions */ ++ if (rnr > 7) { ++ return TFM_HAL_ERROR_INVALID_INPUT; ++ } ++ ++ /* The minimum size for a region is 0x100 bytes */ ++ if((limit - base) < MPU_REGION_MIN_SIZE) { ++ return TFM_HAL_ERROR_INVALID_INPUT; ++ } + + rasr = ARM_MPU_RASR(is_xn_exec, ap_permissions, TEX, NOT_SHAREABLE, +- NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, size); ++ NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, rbar_size_field); + rbar = base & MPU_RBAR_ADDR_Msk; + + ARM_MPU_SetRegionEx(rnr, rbar, rasr); ++ ++ return TFM_HAL_SUCCESS; + } + + #endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */ +@@ -56,33 +76,60 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries( + uint32_t rnr = TFM_ISOLATION_REGION_START_NUMBER; /* current region number */ + uint32_t base; /* start address */ + uint32_t limit; /* end address */ ++ enum tfm_hal_status_t ret; + + ARM_MPU_Disable(); + +- /* TFM Core unprivileged code region */ +- base = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base); +- limit = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit); +- +- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV); +- +- /* RO region */ +- base = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base); +- limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base); ++ /* Armv6-M MPU allows region overlapping. The region with the higher RNR ++ * will decide the attributes. ++ * ++ * The default attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for the ++ * whole SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE ++ * don't have to be aligned and memory space can be saved. ++ * This region has the lowest RNR so the next regions can overwrite these ++ * attributes if it's needed. ++ */ ++ base = SRAM_BASE; ++ limit = SRAM_BASE + SRAM_SIZE; ++ ++ ret = configure_mpu(rnr++, base, limit, ++ XN_EXEC_OK, AP_RW_PRIV_UNPRIV); ++ if (ret != TFM_HAL_SUCCESS) { ++ return ret; ++ } + +- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV); + + /* RW, ZI and stack as one region */ + base = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base); + limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base); + +- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ /* The section size can be bigger than the alignment size, else the code would ++ * not fit into the memory. Because of this, the sections can use multiple MPU ++ * regions. */ ++ do { ++ ret = configure_mpu(rnr++, base, base + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT, ++ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ if (ret != TFM_HAL_SUCCESS) { ++ return ret; ++ } ++ base += TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT; ++ } while (base < limit); ++ + + #ifdef CONFIG_TFM_PARTITION_META + /* TFM partition metadata pointer region */ + base = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base); + limit = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit); + +- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ do { ++ ret = configure_mpu(rnr++, base, base + TFM_LINKER_SP_META_PTR_ALIGNMENT, ++ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ if (ret != TFM_HAL_SUCCESS) { ++ return ret; ++ } ++ base += TFM_LINKER_SP_META_PTR_ALIGNMENT; ++ } while (base < limit); ++ + #endif + + arm_mpu_enable(); diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch deleted file mode 100644 index 6bbd66fd..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch +++ /dev/null @@ -1,31 +0,0 @@ -From b05fb661b3afc3ed8e3d4817df2798e9d4877b39 Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Mon, 15 May 2023 10:46:18 +0100 -Subject: [PATCH] Platform: Corstone1000: Increase BL2_DATA_SIZE - -Increases BL2_DATA_SIZE to accommodate the changes in -metadata_write/read. - -Signed-off-by: Emekcan Aras -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103] - ---- - platform/ext/target/arm/corstone1000/partition/region_defs.h | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h -index abfac39b62..e7f0bad2ba 100644 ---- a/platform/ext/target/arm/corstone1000/partition/region_defs.h -+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h -@@ -90,9 +90,10 @@ - #define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE) - #define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1) - -+#define BL2_DATA_ADDITIONAL 448 /* To increase the BL2_DATA_SIZE more than the default value */ - #define BL2_DATA_START (BOOT_TFM_SHARED_DATA_BASE + \ - BOOT_TFM_SHARED_DATA_SIZE) --#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START) -+#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START + BL2_DATA_ADDITIONAL) - #define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1) - - /* SE BL1 regions */ diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch new file mode 100644 index 00000000..6676acf8 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch @@ -0,0 +1,76 @@ +From ca7696bca357cfd71a34582c65a7c7c08828b6dc Mon Sep 17 00:00:00 2001 +From: Bence Balogh +Date: Mon, 18 Dec 2023 14:00:14 +0100 +Subject: [PATCH 2/2] platform: corstone1000: Cover S_DATA with MPU + +The S_DATA has to be covered with MPU regions to override the +other MPU regions with smaller RNR values. + +Change-Id: I45fec65f51241939314941e25d287e6fdc82777c +Signed-off-by: Bence Balogh +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25583] + +--- + .../target/arm/corstone1000/CMakeLists.txt | 8 +++++++ + .../arm/corstone1000/tfm_hal_isolation.c | 22 +++++++++++++++++++ + 2 files changed, 30 insertions(+) + +diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt +index 8817f514c..541504368 100644 +--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt ++++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt +@@ -40,6 +40,14 @@ target_compile_definitions(platform_region_defs + INTERFACE + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000 + TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100 ++ ++ # The RAM MPU Region block sizes are calculated manually. The RAM has to be covered ++ # with the MPU regions. These regions also have to be the power of 2 and ++ # the start addresses have to be aligned to these sizes. The sizes can be calculated ++ # from the S_DATA_START and S_DATA_SIZE defines. ++ RAM_MPU_REGION_BLOCK_1_SIZE=0x4000 ++ RAM_MPU_REGION_BLOCK_2_SIZE=0x20000 ++ + ) + #========================= Platform common defs ===============================# + +diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c +index 98e795dde..39b19c535 100644 +--- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c ++++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c +@@ -15,6 +15,7 @@ + #include "mpu_config.h" + #include "mmio_defs.h" + #include "flash_layout.h" ++#include "region_defs.h" + + #define PROT_BOUNDARY_VAL \ + ((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK) +@@ -132,6 +133,27 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries( + + #endif + ++ /* Set the RAM attributes. It is needed because the first region overlaps the whole ++ * SRAM and it has to be overridden. ++ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually ++ * and added to the platform_region_defs compile definitions. ++ */ ++ base = S_DATA_START; ++ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE; ++ ret = configure_mpu(rnr++, base, limit, ++ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ if (ret != TFM_HAL_SUCCESS) { ++ return ret; ++ } ++ ++ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE; ++ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE; ++ ret = configure_mpu(rnr++, base, limit, ++ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); ++ if (ret != TFM_HAL_SUCCESS) { ++ return ret; ++ } ++ + arm_mpu_enable(); + + #endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */ diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch deleted file mode 100644 index 7a07c0c1..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 88cfce2e04913d48ec8636b6a3550d71ebdd49c4 Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Mon, 15 May 2023 10:47:27 +0100 -Subject: [PATCH] Platform: Corstone1000: Calculate the new CRC32 value after - changing the metadata - -Calculates the new CRC32 value for the metadata struct after chaing a value -during the capsule update. It also updates the CRC32 field in the metadata -so it doesn't fail the CRC check after a succesfull capsule update. -It also skips doing a sanity check the BL2 nv counter after the capsule -update since the tfm bl1 does not sync metadata and nv counters in OTP during -the boot anymore. - -Signed-off-by: Emekcan Aras -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24104/7] - ---- - .../arm/corstone1000/fw_update_agent/fwu_agent.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -index afd8d66e42..f564f2902c 100644 ---- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -@@ -802,6 +802,8 @@ static enum fwu_agent_error_t flash_full_capsule( - } - metadata->active_index = previous_active_index; - metadata->previous_active_index = active_index; -+ metadata->crc_32 = crc32((uint8_t *)&metadata->version, -+ sizeof(struct fwu_metadata) - sizeof(uint32_t)); - - ret = metadata_write(metadata); - if (ret) { -@@ -913,6 +915,8 @@ static enum fwu_agent_error_t accept_full_capsule( - if (ret) { - return ret; - } -+ metadata->crc_32 = crc32((uint8_t *)&metadata->version, -+ sizeof(struct fwu_metadata) - sizeof(uint32_t)); - - ret = metadata_write(metadata); - if (ret) { -@@ -1007,6 +1011,8 @@ static enum fwu_agent_error_t fwu_select_previous( - if (ret) { - return ret; - } -+ metadata->crc_32 = crc32((uint8_t *)&metadata->version, -+ sizeof(struct fwu_metadata) - sizeof(uint32_t)); - - ret = metadata_write(metadata); - if (ret) { -@@ -1119,8 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters( - - FWU_LOG_MSG("%s: enter\n\r", __func__); - -- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) { -- -+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) { - switch (i) { - case FWU_BL2_NV_COUNTER: - tfm_nv_counter_i = PLAT_NV_COUNTER_BL1_0; -@@ -1141,7 +1146,6 @@ static enum fwu_agent_error_t update_nv_counters( - if (err != TFM_PLAT_ERR_SUCCESS) { - return FWU_AGENT_ERROR; - } -- - if (priv_metadata->nv_counter[i] < security_cnt) { - return FWU_AGENT_ERROR; - } else if (priv_metadata->nv_counter[i] > security_cnt) { diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-corstone1000-Fix-issues-due-to-adjustment-M.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-corstone1000-Fix-issues-due-to-adjustment-M.patch new file mode 100644 index 00000000..23609921 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-corstone1000-Fix-issues-due-to-adjustment-M.patch @@ -0,0 +1,76 @@ +From f7b58b5ba5b48e071eb360c1bcfc4d31290a77c1 Mon Sep 17 00:00:00 2001 +From: Ali Can Ozaslan +Date: Tue, 5 Mar 2024 21:01:59 +0000 +Subject: [PATCH] Platform:corstone1000:Fix issues due to adjustment Mailbox + Agent params + +Adjust Mailbox Agent API parameters patch changed memory check and +related parameters. As a result, platform-specific issues occurred. +Secure side client IDs are converted to negative values. Control +parameter is created. + +Signed-off-by: Bence Balogh +Signed-off-by: Emekcan Aras +Signed-off-by: Ali Can Ozaslan +Upstream-Status: Pending + +--- + .../tfm_spe_dual_core_psa_client_secure_lib.c | 23 +++++++++++++++---- + 1 file changed, 18 insertions(+), 5 deletions(-) + +diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c +index d2eabe144..39e11b8cd 100644 +--- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c ++++ b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c +@@ -18,6 +18,9 @@ + #include "utilities.h" + #include "thread.h" + ++#define SE_PROXY_SP_UID 0 ++#define SMM_GW_SP_UID 0x8003 ++ + /** + * In linux environment and for psa_call type client api, + * the layout of the reply from tf-m to linux is as following. +@@ -174,7 +177,14 @@ static psa_status_t prepare_params_for_psa_call(struct client_params_t *params, + { + psa_status_t ret = PSA_SUCCESS; + +- params->ns_client_id_stateless = s_map_entry->msg.client_id; ++ if (s_map_entry->msg.client_id == SE_PROXY_SP_UID) { ++ params->ns_client_id_stateless = -1; ++ } ++ else if (s_map_entry->msg.client_id == SMM_GW_SP_UID) { ++ params->ns_client_id_stateless = -1 * s_map_entry->msg.client_id; ++ } else { ++ params->ns_client_id_stateless = s_map_entry->msg.client_id; ++ } + + params->p_outvecs = NULL; + ret = alloc_and_prepare_out_vecs(¶ms->p_outvecs, s_map_entry); +@@ -250,6 +260,9 @@ void deliver_msg_to_tfm_spe(void *private) + struct client_params_t params = {0}; + psa_status_t psa_ret = PSA_ERROR_GENERIC_ERROR; + unordered_map_entry_t* s_map_entry = (unordered_map_entry_t*)private; ++ uint32_t control = PARAM_PACK(s_map_entry->msg.params.psa_call_params.type, ++ s_map_entry->msg.params.psa_call_params.in_len, ++ s_map_entry->msg.params.psa_call_params.out_len); + + switch(s_map_entry->msg.call_type) { + case OPENAMP_PSA_FRAMEWORK_VERSION: +@@ -266,11 +279,11 @@ void deliver_msg_to_tfm_spe(void *private) + send_service_reply_to_non_secure(psa_ret, s_map_entry); + break; + } ++ control = PARAM_SET_NS_INVEC(control); ++ control = PARAM_SET_NS_OUTVEC(control); ++ control = PARAM_SET_NS_VEC(control); + psa_ret = tfm_rpc_psa_call(s_map_entry->msg.params.psa_call_params.handle, +- PARAM_PACK(s_map_entry->msg.params.psa_call_params.type, +- s_map_entry->msg.params.psa_call_params.in_len, +- s_map_entry->msg.params.psa_call_params.out_len), +- ¶ms, NULL); ++ control, ¶ms, NULL); + if (psa_ret != PSA_SUCCESS) { + send_service_reply_to_non_secure(psa_ret, s_map_entry); + break; diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-arm-trusted-firmware-m-disable-fatal-warnings.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-arm-trusted-firmware-m-disable-fatal-warnings.patch deleted file mode 100644 index 07db4f6d..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-arm-trusted-firmware-m-disable-fatal-warnings.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 04ce07d289e8cec75223349e9ebf7e69126fc04d Mon Sep 17 00:00:00 2001 -From: Jon Mason -Date: Wed, 18 Jan 2023 15:13:37 -0500 -Subject: [PATCH] arm/trusted-firmware-m: disable fatal warnings - -Signed-off-by: Jon Mason -Upstream-Status: Inappropriate - ---- - toolchain_GNUARM.cmake | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake -index 7989718515..a5939323d6 100644 ---- a/toolchain_GNUARM.cmake -+++ b/toolchain_GNUARM.cmake -@@ -71,7 +71,6 @@ macro(tfm_toolchain_reset_linker_flags) - --entry=Reset_Handler - -specs=nano.specs - LINKER:-check-sections -- LINKER:-fatal-warnings - LINKER:--gc-sections - LINKER:--no-wchar-size-warning - ${MEMORY_USAGE_FLAG} diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-platform-corstone1000-align-capsule-update-structs.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-platform-corstone1000-align-capsule-update-structs.patch similarity index 100% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-platform-corstone1000-align-capsule-update-structs.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-platform-corstone1000-align-capsule-update-structs.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch deleted file mode 100644 index e4eba624..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 3004fda909079ebebd62c495a4e49e64d6c8a85f Mon Sep 17 00:00:00 2001 -From: Anusmita Dutta Mazumder -Date: Tue, 8 Aug 2023 10:58:01 +0000 -Subject: [PATCH] Platform corstone1000 add unique firmware GUID - -Add unique Corstone-1000 firmware GUID - -Signed-off-by: Anusmita Dutta Mazumder -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24132/3] ---- - .../target/arm/corstone1000/fw_update_agent/fwu_agent.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -index f564f2902c..9c31aeee9d 100644 ---- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -@@ -113,10 +113,10 @@ enum fwu_agent_state_t { - }; - - struct efi_guid full_capsule_image_guid = { -- .time_low = 0xe2bb9c06, -- .time_mid = 0x70e9, -- .time_hi_and_version = 0x4b14, -- .clock_seq_and_node = {0x97, 0xa3, 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f} -+ .time_low = 0x989f3a4e, -+ .time_mid = 0x46e0, -+ .time_hi_and_version = 0x4cd0, -+ .clock_seq_and_node = {0x98, 0x77, 0xa2, 0x5c, 0x70, 0xc0, 0x13, 0x29} - }; - - --- -2.38.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-fix-synchronization-issue-on-o.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-fix-synchronization-issue-on-o.patch similarity index 100% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-fix-synchronization-issue-on-o.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-fix-synchronization-issue-on-o.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch deleted file mode 100644 index f805a44d..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch +++ /dev/null @@ -1,102 +0,0 @@ -From fa0988fd876400dc1bb451fffc4b167265b40d25 Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Thu, 14 Sep 2023 12:14:28 +0100 -Subject: [PATCH] Platform: Corstone1000: Enable Signed Capsule - -Enables signed capsule update and adjusts the necessary structs (fmp_payload_header -, image_auth, etc.) to comply with the new capsule generation tool (mkeficapsule). - -Signed-off-by: Emekcan Aras -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24131/3] ---- - .../fw_update_agent/uefi_capsule_parser.c | 25 +++++++++++-------- - .../fw_update_agent/uefi_capsule_parser.h | 2 ++ - 2 files changed, 17 insertions(+), 10 deletions(-) - -diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c -index b72ff1eb91..c706c040ac 100644 ---- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c -+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c -@@ -102,11 +102,9 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr, - } - - capsule_header = (efi_capsule_header_t*)ptr; -- ptr += sizeof(efi_capsule_header_t) + sizeof(uint32_t); -+ ptr += sizeof(efi_capsule_header_t); - fmp_capsule_header = (efi_firmware_management_capsule_header_t*)ptr; - -- fmp_payload_header = fmp_capsule_header + sizeof(*fmp_capsule_header); -- - total_size = capsule_header->capsule_image_size; - image_count = fmp_capsule_header->payload_item_count; - images_info->nr_image = image_count; -@@ -119,22 +117,20 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr, - } - - for (int i = 0; i < image_count; i++) { -- - image_header = (efi_firmware_management_capsule_image_header_t*)(ptr + - fmp_capsule_header->item_offset_list[i]); - - images_info->size[i] = image_header->update_image_size; -- images_info->version[i] = fmp_payload_header->fw_version; -- FWU_LOG_MSG("%s: image %i version = %u\n\r", __func__, i, -- images_info->version[i]); -+ - #ifdef AUTHENTICATED_CAPSULE - image_auth = (efi_firmware_image_authentication_t*)( - (char*)image_header + - sizeof (efi_firmware_management_capsule_image_header_t) - ); - auth_size = sizeof(uint64_t) /* monotonic_count */ + -- image_auth->auth_info.hdr.dwLength /* WIN_CERTIFICATE + cert_data */ + -- sizeof(struct efi_guid) /* cert_type */; -+ image_auth->auth_info.hdr.dwLength/* WIN_CERTIFICATE + cert_data + cert_type */; -+ -+ fmp_payload_header = (fmp_payload_header_t*)((char*)image_auth + auth_size); - - FWU_LOG_MSG("%s: auth size = %u\n\r", __func__, auth_size); - -@@ -143,16 +139,25 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr, - images_info->image[i] = ( - (char*)image_header + - sizeof(efi_firmware_management_capsule_image_header_t) + -- auth_size); -+ auth_size + -+ sizeof(*fmp_payload_header)); - #else - images_info->image[i] = ( - (char*)image_header + - sizeof(efi_firmware_management_capsule_image_header_t) + - sizeof(*fmp_payload_header)); -+ -+ fmp_payload_header = (fmp_payload_header_t*)((char*)image_header + -+ sizeof(efi_firmware_management_capsule_image_header_t)); -+ - #endif - memcpy(&images_info->guid[i], &(image_header->update_image_type_id), - sizeof(struct efi_guid)); - -+ images_info->version[i] = fmp_payload_header->fw_version; -+ FWU_LOG_MSG("%s: image %i version = %d\n\r", __func__, i, -+ images_info->version[i]); -+ - FWU_LOG_MSG("%s: image %d at %p, size=%u\n\r", __func__, i, - images_info->image[i], images_info->size[i]); - -diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h -index a890a709e9..a31cd8a3a0 100644 ---- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h -+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h -@@ -12,6 +12,8 @@ - #include "fip_parser/external/uuid.h" - #include "flash_layout.h" - -+#define AUTHENTICATED_CAPSULE 1 -+ - enum uefi_capsule_error_t { - UEFI_CAPSULE_PARSER_SUCCESS = 0, - UEFI_CAPSULE_PARSER_ERROR = (-1) --- -2.17.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-skip-the-first-nv-counter.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-skip-the-first-nv-counter.patch new file mode 100644 index 00000000..4c486e69 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-skip-the-first-nv-counter.patch @@ -0,0 +1,33 @@ +From 001e5bea183bc78352ac3ba6283d9d7912bb6ea5 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras +Date: Wed, 21 Feb 2024 07:44:25 +0000 +Subject: [PATCH] Platform: Corstone1000: skip the first nv counter + +It skips doing a sanity check the BL2 nv counter after the capsule +update since the tfm bl1 does not sync metadata and nv counters in OTP during +the boot anymore. + +Signed-off-by: Emekcan Aras +Upstream-Status: Pending + +--- + .../ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c +index 2e6de255b..2e6cf8047 100644 +--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c ++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c +@@ -1125,7 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters( + + FWU_LOG_MSG("%s: enter\n\r", __func__); + +- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) { ++ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) { + + switch (i) { + case FWU_BL2_NV_COUNTER: +-- +2.25.1 + + diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch deleted file mode 100644 index 97cd14da..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch +++ /dev/null @@ -1,29 +0,0 @@ -From ef97f7083279565dab45a550139935d741f159a9 Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Fri, 29 Sep 2023 09:57:19 +0100 -Subject: [PATCH] platform: corstone1000: Increase ITS max asset size -​ -Increases the max asset size for ITS to enable parsec services & tests -​ -Upstream-Status: Pending -Signed-off-by: Emekcan Aras -Signed-off-by: Vikas Katariya ---- - platform/ext/target/arm/corstone1000/config_tfm_target.h | 5 +++++ - 1 files changed, 5 insertions(+) -​ -diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h -index e968366639..3f6e8477e5 100644 ---- a/platform/ext/target/arm/corstone1000/config_tfm_target.h -+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h -@@ -24,4 +24,9 @@ - #undef PS_NUM_ASSETS - #define PS_NUM_ASSETS 20 - -+/* The maximum size of asset to be stored in the Internal Trusted Storage area. */ -+#undef ITS_MAX_ASSET_SIZE -+#define ITS_MAX_ASSET_SIZE 2048 -+ -+ - #endif /* __CONFIG_TFM_TARGET_H__ */ --- \ No newline at end of file diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.8.1-src.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.8.1-src.inc deleted file mode 100644 index f7e202ad..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.8.1-src.inc +++ /dev/null @@ -1,46 +0,0 @@ -# Common src definitions for trusted-firmware-m and trusted-firmware-m-scripts - -LICENSE = "BSD-2-Clause & BSD-3-Clause & Apache-2.0" - -LIC_FILES_CHKSUM = "file://license.rst;md5=07f368487da347f3c7bd0fc3085f3afa \ - file://../tf-m-tests/license.rst;md5=4481bae2221b0cfca76a69fb3411f390 \ - file://../mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \ - file://../mcuboot/LICENSE;md5=b6ee33f1d12a5e6ee3de1e82fb51eeb8" - -SRC_URI_TRUSTED_FIRMWARE_M ?= "git://git.trustedfirmware.org/TF-M/trusted-firmware-m.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_TESTS ?= "git://git.trustedfirmware.org/TF-M/tf-m-tests.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS ?= "git://github.com/ARMmbed/mbedtls.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT ?= "git://github.com/mcu-tools/mcuboot.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_QCBOR ?= "git://github.com/laurencelundblade/QCBOR.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS ?= "git://git.trustedfirmware.org/TF-M/tf-m-extras.git;protocol=https" -SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_M};branch=${SRCBRANCH_tfm};name=tfm;destsuffix=git/tfm \ - ${SRC_URI_TRUSTED_FIRMWARE_M_TESTS};branch=${SRCBRANCH_tfm-tests};name=tfm-tests;destsuffix=git/tf-m-tests \ - ${SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS};branch=${SRCBRANCH_mbedtls};name=mbedtls;destsuffix=git/mbedtls \ - ${SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT};branch=${SRCBRANCH_mcuboot};name=mcuboot;destsuffix=git/mcuboot \ - ${SRC_URI_TRUSTED_FIRMWARE_M_QCBOR};branch=${SRCBRANCH_qcbor};name=qcbor;destsuffix=git/qcbor \ - ${SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS};branch=${SRCBRANCH_tfm-extras};name=tfm-extras;destsuffix=git/tfm-extras \ - " - -# The required dependencies are documented in tf-m/config/config_default.cmake -# TF-Mv1.8.1 -SRCBRANCH_tfm ?= "master" -SRCREV_tfm = "53aa78efef274b9e46e63b429078ae1863609728" -# TF-Mv1.8.1 -SRCBRANCH_tfm-tests ?= "master" -SRCREV_tfm-tests = "1273c5bcd3d8ade60d51524797e0b22b6fd7eea1" -# mbedtls-3.4.1 -SRCBRANCH_mbedtls ?= "master" -SRCREV_mbedtls = "72718dd87e087215ce9155a826ee5a66cfbe9631" -# mcuboot v1.10.0 -SRCBRANCH_mcuboot ?= "main" -SRCREV_mcuboot = "23d28832f02dcdc18687782c6cd8ba99e9b274d2" -# QCBOR v1.2 -SRCBRANCH_qcbor ?= "master" -SRCREV_qcbor = "b0e7033268e88c9f27146fa9a1415ef4c19ebaff" -# TF-Mv1.8.1 -SRCBRANCH_tfm-extras ?= "master" -SRCREV_tfm-extras = "504ae9a9a50981e9dd4d8accec8261a1dba9e965" - -SRCREV_FORMAT = "tfm" - -S = "${WORKDIR}/git/tfm" diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index 19ad2897..716d3f1c 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -9,13 +9,14 @@ TFM_DEBUG = "1" ## Default is the MPS3 board TFM_PLATFORM_IS_FVP ?= "FALSE" EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}" -EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=ON" +EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=OFF" # libmetal v2023.04.0 LICENSE += "& BSD-3-Clause" LIC_FILES_CHKSUM += "file://../libmetal/LICENSE.md;md5=f4d5df0f12dcea1b1a0124219c0dbab4" SRC_URI += "git://github.com/OpenAMP/libmetal.git;protocol=https;branch=main;name=libmetal;destsuffix=git/libmetal \ file://0001-cmake-modify-path-to-libmetal-version-file.patch;patchdir=../libmetal \ + file://0002-arm-trusted-firmware-m-disable-address-warnings-into.patch \ " SRCREV_libmetal = "28fa2351d6a8121ce6c1c2ac5ee43ce08d38dbae" EXTRA_OECMAKE += "-DLIBMETAL_SRC_PATH=${S}/../libmetal -DLIBMETAL_BIN_PATH=${B}/libmetal-build" @@ -32,15 +33,12 @@ EXTRA_OECMAKE += "-DLIBOPENAMP_SRC_PATH=${S}/../openamp -DLIBOPENAMP_BIN_PATH=${ FILESEXTRAPATHS:prepend := "${THISDIR}/files:" SRC_URI:append:corstone1000 = " \ - file://0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch \ - file://0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch \ - file://0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch \ - file://0004-arm-trusted-firmware-m-disable-fatal-warnings.patch \ - file://0005-Platform-corstone1000-add-unique-firmware-GUID.patch \ - file://0006-Platform-Corstone1000-Enable-Signed-Capsule.patch \ - file://0007-platform-corstone1000-increase-ITS-max-asset-size.patch \ - file://0008-platform-corstone1000-align-capsule-update-structs.patch \ - file://0009-platform-corstone1000-fix-synchronization-issue-on-o.patch \ + file://0001-platform-corstone1000-Update-MPU-configuration.patch \ + file://0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch \ + file://0003-Platform-corstone1000-Fix-issues-due-to-adjustment-M.patch \ + file://0004-platform-corstone1000-align-capsule-update-structs.patch \ + file://0005-platform-corstone1000-fix-synchronization-issue-on-o.patch \ + file://0006-Platform-Corstone1000-skip-the-first-nv-counter.patch \ " # TF-M ships patches for external dependencies that needs to be applied @@ -54,10 +52,10 @@ apply_tfm_patches() { do_patch[postfuncs] += "apply_tfm_patches" do_install() { - install -D -p -m 0644 ${B}/install/outputs/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin - install -D -p -m 0644 ${B}/install/outputs/bl2_signed.bin ${D}/firmware/bl2_signed.bin - install -D -p -m 0644 ${B}/install/outputs/bl1_1.bin ${D}/firmware/bl1_1.bin - install -D -p -m 0644 ${B}/install/outputs/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin + install -D -p -m 0644 ${B}/bin/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin + install -D -p -m 0644 ${B}/bin/bl2_signed.bin ${D}/firmware/bl2_signed.bin + install -D -p -m 0644 ${B}/bin/bl1_1.bin ${D}/firmware/bl1_1.bin + install -D -p -m 0644 ${B}/bin/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin } create_bl1_image(){ diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_1.8.1.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_1.8.1.bb deleted file mode 100644 index d50d886f..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_1.8.1.bb +++ /dev/null @@ -1,2 +0,0 @@ -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native.inc diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.8.1.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.8.1.bb deleted file mode 100644 index 3464f49d..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.8.1.bb +++ /dev/null @@ -1,2 +0,0 @@ -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc -require recipes-bsp/trusted-firmware-m/trusted-firmware-m.inc diff --git a/meta-arm-bsp/wic/corstone1000-flash-firmware.wks.in b/meta-arm-bsp/wic/corstone1000-flash-firmware.wks.in index 88559dee..6919afd0 100644 --- a/meta-arm-bsp/wic/corstone1000-flash-firmware.wks.in +++ b/meta-arm-bsp/wic/corstone1000-flash-firmware.wks.in @@ -17,7 +17,7 @@ part --source empty --size 4k --align 4 --offset 32k --part-name="private_metada part --source rawcopy --size 100k --sourceparams="file=bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9 -part --source rawcopy --size 376k --sourceparams="file=tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E +part --source rawcopy --size 368k --sourceparams="file=tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E # Rawcopy of the FIP binary part --source rawcopy --size 2 --sourceparams="file=signed_fip-corstone1000.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7 @@ -26,8 +26,8 @@ part --source rawcopy --size 2 --sourceparams="file=signed_fip-corstone1000.bin" part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type 8197561D-6124-46FC-921E-141CC5745B05 -part --source empty --size 100k --offset 16492k --align 4 --part-name="bl2_secondary" --uuid 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9 -part --source empty --size 376k --align 4 --part-name="tfm_secondary" --uuid 009A6A12-64A6-4F0F-9882-57CD79A34A3D --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E +part --source empty --size 100k --offset 16488k --align 4 --part-name="bl2_secondary" --uuid 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9 +part --source empty --size 368k --align 4 --part-name="tfm_secondary" --uuid 009A6A12-64A6-4F0F-9882-57CD79A34A3D --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E part --source empty --size 2 --align 4 --part-name="FIP_B" --uuid 9424E370-7BC9-43BB-8C23-71EE645E1273 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7 part --source empty --size 12 --align 4 --part-name="kernel_secondary" --uuid A2698A91-F9B1-4629-9188-94E4520808F8 --part-type 8197561D-6124-46FC-921E-141CC5745B05