Ninja is a better Make. Add progress feedback and parallelisation
options, reducing the time to build TF-M on my machine from 100s to 6s.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update tfm-tests and mcuboot SHAs. mbedtls is still recommended to be
at 3.0.0, newer releases do not build.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch should have been removed as part of the 1.2.0 upgrade.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to update TF-M SHA which has fixes for capsule update.
Change-Id: I016381c2a95fcdd9629772671143a1e7332196e5
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch will fix the ffa mm communicate function behavior as
expected by efi_get_var() and also fix the com buffer size used by
u-boot.
Change-Id: I8ce28a2e51b8f52856d81ea6e3c1e2e72cfaa362
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The efi_get_var() expects EFI_BUFFER_TOO_SMALL return value
from efi_get_variable_int() to just read the size of the data.
So when comm buffer is smaller than received buffer,
efi_get_variable_int is expected to return error code. This
functionality will be fixed in future patches.
Change-Id: I3e5119b1fdf18c965cc2ebc11056b6ca70d57e0f
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add capsule update interface to SE proxy SP.
This interface sends following events to secure enclave
* firmware update request - SE will read the capsule and will flash the
image to flash to previous active bank
* kernel boot event - SE will delete timer on reciption of this event and
marks all the images as accepted if in trial state
Change-Id: I7cf9b729128d1e07e891253661fcd891191e8024
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The maximum number of UEFI variables that can be supported by SMM
gateway is currently 40. When more than 40 variables are written,
or read SMM gateway returns error code. Currently this value is
increased to 100 to support more UEFI variables.
Change-Id: I3ebef8052fd01c5b1c19cdfe71ab3c02447a005b
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit configures crypto and attestation tests for Corstone1000
platform.
It also fixes CMake issues on the current trusted-service CMake source
files to enable this configuration.
Change-Id: I334d661c1bc349e03f92611d6010360c08e6cc89
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting the last master branch SHA for openamp changes.
Change-Id: I58bc0a1adb7754af901fc1734ffeb92aad191fe5
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add psa ipc crypto backend and attach it to se proxy
deployment.
Change-Id: I072cd3f0661be33773a2132c2222dc4c7b8c6cb4
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Implement attestation client API as psa ipc and include it to
se proxy deployment.
Change-Id: I0a1130d2013717c6499da5bb2cd6cd11a752bcce
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since secure enclave is 32bit and we 64bit there is an issue
in the protocol communication design that force us to handle
on our side the manipulation of address and pointers to make
this work.
Change-Id: Icb29fdec6928dba6da7e845b3a13d8a3560c5fe1
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Fixes needed to run psa-arch-test
Change-Id: Iba090e151298a216f8f1bf81a72bba4587bec389
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
add the do_write_fvpboot_conf function into IMAGE_POSTPROCESS_COMMAND
so that this function can be called after the build system created the
final image output files.
It's possible that bitbake doesn't run start from the do_rootfs task but
run start from do_image_<type> at the stage of image generation.
For example, there are multiple partitions in the wic file and the
grub.cfg file is placed to the first partition and the rootfs is placed
to the second partition. At this time, if we change the content of
the grub.cfg file resided in the related recipe's directory and build,
the do_rootfs task won't be run by bitbake but a new wic file will be
generated. In this situation, the fvpconf file also won't be updated and
the 'bp.virtioblockdevice.image_path' is still pointing to a old image
file.
Issue-Id: SCM-3724
Signed-off-by: Huifeng Zhang <Huifeng.Zhang@arm.com>
Change-Id: I7a41afa1d7471d09b60d118c4a6c99c57a6b548c
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adding to SRCREV_FORMAT the names of the repos fetched.
Change-Id: Idf80065c39b2124bf384d0dbb4028138b27c1e10
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Aligning to the last meta-arm-image version to
add psa-arch-tests to the rootfs.
Change-Id: I40e945f814df4b6f7c30772d3dd6f91e6b6fcafc
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit adds support for building/installing the test
application.
Also fixing CMake issues on the current trusted-service CMake source files.
Change-Id: Iae0fc9bf9362cf5b7d65cd7b9f0445f62f3b83eb
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit adds a recipe for psa-arch-tests linux
userspace application.
Included tests are; crypto, protected_storage,
internal_trusted_storage and attestation.
Change-Id: I6285aa2a6ae8fdd25f4327f1d301c59a88bce775
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
EXTRA_OEMAKE is not needed since we are using CMake.
Change-Id: Ifc0dcc9313fe4e473cbba8eb3b716e11cf8e45ee
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Remove a backported patch which has been incorporated in this release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
edk2-firmware is machine-specific, but this is a generic binary so we
can reset PACKAGE_ARCH to the tune.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The invalidate_dcache_all function has been implicitly declared.
This commit fixes that.
Change-Id: I83e985e219af8687c0679045f6a979c91923be69
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When the GENMASK used is above 16-bits wide a u16 cast will cause
loss of data.
This commit fixes that.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: I72e5e42971a50ce167500a92cc529c5cb3ff781f
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to delete a separate check for guid for corstone1000
target. Generic check of fmp guid check should suffice.
Change-Id: Idec92c9307f903e52985057404daac2e40d05295
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Changing where to pass the SE Proxy interface and event IDs.
Now they are passed to the SE Proxy in register w4.
The events involved are kernel started and buffer ready
events.
Change-Id: Ib60897e9f01cd87b9923892198f8868e02cc830d
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
No need to set again the same SHA as the one provided
by the recipe.
Change-Id: I034aca31c1cc30868552be67a04400db20ad59b2
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Moving common settings that can be used by other
components to a common file: secure-partitions.inc
Change-Id: I81691ee52bef3dfbd72c59afe20b01a5cf2222ea
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch fixes the GetVariable() issue which causes
mm_communicate failure when called with 0 data size. The comm buffer
is set to maximum size when 0 data size request is made to handle the
MM response from the secure world. This is a generic fix but used by
corstone1000.
Change-Id: Id50619816a924b4fa7597295f89d54827191fbb5
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to fix missing error check during sp init
and add support for defining memory regions
Change-Id: I381ff9805288590809471494bdff5e7f62232f7c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes is to rebase patches to latest
SHA(a365a04f937b9b76ebb2e0eeade226f208cbc0d2) of integration branch.
Also cherry-picked other bug fixes with the exemption of adding
newlib changes. newlib changes brakes the build because of musl
libc, hence dropped those changes for now
Change-Id: If0131d00e63eb0f574fa41dd95cfee4351e696e8
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When using devtool the S is no longer an unpack location.
Let's use the default unpack location WORKDIR that works
whether devtool is used or not.
Change-Id: I34dfb53feddddfba82ff68a43b6cfe89a60c7701
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change the setting of PV from referancing SRCPV to using SRCREV.
Also drop the use of PREFERRED_VERSION. The existing TF-M recipe will
be selected automatically (1.4.1). Corstone1000 bbappend sets the SHA and
PV to 1.5
Change-Id: Id9332fd87e271608ba425e05e796f75fd1c0268d
Signed-off-by: Drew Reed <drew.reed@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove mock up backend for secure storage in se proxy
deployment and use instead the secure storage ipc backend with
openamp as rpc to secure enclave side.
Change-Id: I5225966ec621be9fa126b5af6ede0a1f6bbf469b
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add secure storage ipc ff-m implementation which may use
openamp as rpc to communicate with other processor.
Change-Id: I6707f3b0654fb255cacef930d9314662b106273c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for inter processor communication for PSA
including, the openamp client side structures lib.
Change-Id: Icb86045b7915c4b04d2ec73b88ed40a3d65be4af
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add PSA client definitions in common include to add future
ff-m support.
Change-Id: I0860fa347fd882d6e99da136a4273a0ef5d7d684
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The device tree is embedded in the u-boot binary
and located at the end of the DDR. Its address
is specified in fdtcontroladdr environment variable.
No need to use fdt_addr_r anymore.
Change-Id: I58b17fbcab36c7236d57eb2498c41b5f4960b6eb
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting stdout-path in the chosen node.
Change-Id: Ie0a6b140492f0c5fc323690d2f6bc921cbe76cb3
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The N1SDP build uses a non-standard FIP UUID, so explain where it comes
from.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The base recipe can install the required files, so this is redundant.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Using a path relative to a kas yaml file to include another kas yaml
file won't be supported in the future. This patch also updates the
documentation for fvp-baser to set the minimal supported version of kas
to 2.6.
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I757103c5433bca7af9ab024370cd1e994d59fe0e
Signed-off-by: Jon Mason <jon.mason@arm.com>
