arm-bsp/trusted-firmware-m: corstone1000: Add Bootloader Abstraction Layer (BAL) support

Introduce Bootloader Abstraction Layer (BAL) support for Corstone-1000 to enable flexible integration of firmware update including partial capsule update. This change includes: - Enable the firmware update partition for Corstone-1000 and create placeholder bootloader abstraction layer for Corstone-1000. - Change the insertion logic of TFM_FWU_BOOTLOADER_LIB to select a new platform-specific bootloader abstraction layer. - Use the necessary flags to use the service and resolve any linker issues that may arise. - Migration of capsule update logic to a new BAL module under `platform/ext/target/corstone1000/bootloader/mcuboot/`. - Implementation of BAL APIs in `tfm_mcuboot_fwu.c` as per the PSA FWU state machine. - Removal of `uefi_capsule_parser.c` and `uefi_capsule_parser.h` as capsule parsing is done in U-Boot. - Enhancement of `uefi_fmp.c` to handle FMP metadata for multiple images. - Update of `provisioning.c` and `security_cnt_bl2.c` to handle new BAL return values. - Addition of `fwu_config.h.in` with default FWU configuration. - Metadata layout changes to include size and image GUIDs for U-Boot compatibility during FWU Accept flow. Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com> Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com> Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-07 04:58:57 +00:00 · 2025-07-30 12:53:16 +01:00
parent 3a2cc58deb
commit c486835b98
4 changed files with 5139 additions and 0 deletions
@@ -0,0 +1,73 @@
+From 5afc6fde140e4033c4b69450daed42c6a3dea2bc Mon Sep 17 00:00:00 2001
+From: Ali Can Ozaslan <ali.oezaslan@arm.com>
+Date: Wed, 30 Oct 2024 09:54:49 +0000
+Subject: [PATCH] FWU: Make platform specific TFM_FWU_BOOTLOADER_LIB selectable
+ to add
+
+Prepare the environment where partition firmware update can be
+enabled and platform specific bootloader configuration can be used.
+
+FWU implementation provides an abstraction for the bootloader.
+This bootloader abstraction layer is implemented for MCUBoot.
+It can be used after making changes that can handle platform
+specific behaviors. But the implementation limits it.
+
+When TFM_PARTITION_FIRMWARE_UPDATE is enabled, the configuration
+becomes invalid. Therefore, the invalid configuration is limited
+to the case where TFM_FWU_BOOTLOADER_LIB is used for MCUboot.
+This makes the configuration valid when a platform specific
+configuration is used.
+
+TFM_FWU_BOOTLOADER_LIB can only be added from a subdirectory, which
+prevents the use of platform-specific bootloader configurations.
+The logic has been changed to allow the use of platform-specific
+bootloader configurations.
+
+Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
+
+Upstream-Status: Backport [3357369d7b878b8e8ad9515f821ac2226ec7fb18]
+---
+ config/check_config.cmake                           |  2 +-
+ secure_fw/partitions/firmware_update/CMakeLists.txt | 12 ++++++++----
+ 2 files changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/config/check_config.cmake b/config/check_config.cmake
+index 1039b22f9..d1929f6da 100644
+--- a/config/check_config.cmake
+++ b/config/check_config.cmake
+@@ -63,7 +63,7 @@ tfm_invalid_config(TFM_NS_NV_COUNTER_AMOUNT GREATER 3)
+ 
+ tfm_invalid_config(NOT PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT AND TFM_PARTITION_FIRMWARE_UPDATE)
+ tfm_invalid_config(TFM_PARTITION_FIRMWARE_UPDATE AND NOT TFM_PARTITION_PLATFORM)
+-tfm_invalid_config((MCUBOOT_UPGRADE_STRATEGY STREQUAL "DIRECT_XIP" OR MCUBOOT_UPGRADE_STRATEGY STREQUAL "RAM_LOAD") AND TFM_PARTITION_FIRMWARE_UPDATE)
+tfm_invalid_config((MCUBOOT_UPGRADE_STRATEGY STREQUAL "DIRECT_XIP" OR MCUBOOT_UPGRADE_STRATEGY STREQUAL "RAM_LOAD") AND TFM_PARTITION_FIRMWARE_UPDATE AND TFM_FWU_BOOTLOADER_LIB STREQUAL "mcuboot")
+ tfm_invalid_config(TFM_PARTITION_FIRMWARE_UPDATE AND NOT MCUBOOT_DATA_SHARING)
+ 
+ ####################### Protected Storage Partition ###############################
+diff --git a/secure_fw/partitions/firmware_update/CMakeLists.txt b/secure_fw/partitions/firmware_update/CMakeLists.txt
+index b249597b9..ecb90e0f0 100644
+--- a/secure_fw/partitions/firmware_update/CMakeLists.txt
+++ b/secure_fw/partitions/firmware_update/CMakeLists.txt
+@@ -37,11 +37,15 @@ target_sources(tfm_partitions
+         ${CMAKE_BINARY_DIR}/generated/secure_fw/partitions/firmware_update/auto_generated/load_info_tfm_firmware_update.c
+ )
+ 
+-# The bootloader specific configuration.
+-if ((NOT TFM_FWU_BOOTLOADER_LIB) OR (NOT EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/bootloader/${TFM_FWU_BOOTLOADER_LIB}))
+-    message(FATAL_ERROR "TFM_FWU_BOOTLOADER_LIB invalid")
+# Use platform specific bootloader configuration if present.
+if ((TFM_FWU_BOOTLOADER_LIB) AND (EXISTS ${TFM_FWU_BOOTLOADER_LIB}))
+    add_subdirectory(${TFM_FWU_BOOTLOADER_LIB} ${CMAKE_CURRENT_BINARY_DIR}/${TFM_FWU_BOOTLOADER_LIB})
+else()
+    if ((NOT TFM_FWU_BOOTLOADER_LIB) OR (NOT EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/bootloader/${TFM_FWU_BOOTLOADER_LIB}))
+        message(FATAL_ERROR "TFM_FWU_BOOTLOADER_LIB invalid")
+    endif()
+    add_subdirectory(bootloader/${TFM_FWU_BOOTLOADER_LIB})
+ endif()
+-add_subdirectory(bootloader/${TFM_FWU_BOOTLOADER_LIB})
+ 
+ target_link_libraries(tfm_psa_rot_partition_fwu
+     PRIVATE
+-- 
+2.34.1
+
@@ -0,0 +1,30 @@
+From 1f8eb5887f3de167ac68c92b5b77efc51308603c Mon Sep 17 00:00:00 2001
+From: Ali Can Ozaslan <ali.oezaslan@arm.com>
+Date: Tue, 15 Oct 2024 12:50:16 +0000
+Subject: [PATCH] Platform: Corstone1000: Enable FWU partition
+
+Enable firmware update partition for Corstone-1000 platform.
+
+Increase the necessary flags to enable firmware update partition.
+Set TFM_FWU_BOOTLOADER_LIB to use Corstone-1000 specific bootloader
+configuration. Fix linker issues caused by enablement.
+
+Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/39515]
+Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
+
+---
+diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
+index 6a805a122..1ba43a006 100644
+--- a/platform/ext/target/arm/corstone1000/config.cmake
+++ b/platform/ext/target/arm/corstone1000/config.cmake
+@@ -56,6 +56,10 @@ set(TFM_PARTITION_CRYPTO                ON          CACHE BOOL      "Enable Cryp
+ set(TFM_PARTITION_INITIAL_ATTESTATION   ON          CACHE BOOL      "Enable Initial Attestation partition")
+ set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON       CACHE BOOL      "Enable Internal Trusted Storage partition")
+ 
+set(TFM_PARTITION_FIRMWARE_UPDATE         ON        CACHE BOOL      "Enable firmware update partition")
+set(PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT ON         CACHE BOOL      "Wheter the platform has firmware update support")
+set(MCUBOOT_DATA_SHARING                 ON         CACHE BOOL      "Enable Data Sharing")
+set(TFM_FWU_BOOTLOADER_LIB                "${CMAKE_CURRENT_LIST_DIR}/bootloader/mcuboot"   CACHE STRING    "Bootloader configure file for Firmware Update partition")
+ 
+ if (${CMAKE_BUILD_TYPE} STREQUAL Debug OR ${CMAKE_BUILD_TYPE} STREQUAL RelWithDebInfo)
+   set(ENABLE_FWU_AGENT_DEBUG_LOGS     TRUE          CACHE BOOL      "Enable Firmware update agent debug logs.")
@@ -43,6 +43,9 @@ SRC_URI:append:corstone1000 = " \
    file://0022-CC312-alignment-of-cc312-differences.patch \
    file://0023-Platform-CS1000-Remove-duplicate-configuration-parameters.patch \
    file://0024-Platform-corstone1000-Allow-FWU-calls-in-RSE-COMMS.patch \
+    file://0025-FWU-Make-platform-specific-TFM_FWU_BOOTLOADER_LIB-se.patch \
+    file://0026-Platform-CS1000-Enable-FWU-partition.patch \
+    file://0027-Platform-Corstone1000-Implement-Bootloader-Abstracti.patch \
    "

 FILESEXTRAPATHS:prepend:corstone1000-mps3 := "${THISDIR}/files/corstone1000/psa-adac:"