Introduce the use of a gpt partition type layout, and use
the firmware metadata as source of the current boot bank
to boot from in the different boot stages.
This needs to be a large changeset, since it touches a lot
of software components to guarantee that everything works
in an atomic way, to not break the build and/or the boot flow
of the corstone1000 platform.
fdisk -o Start,End,Sectors,Size,Type-UUID,Attrs,Name,UUID -l tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic
Disk build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic: 32 MiB, 33554432 bytes, 65536 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 5BFC084A-9B95-4024-B60B-9748F5332524
Start End Sectors Size Type-UUID Attrs Name UUID
34 39 6 3K EBD0A0A2-B9E5-4433-87C0-68B6B72699C7 reserved_1 B1F2FC8C-A7A3-4485-87CB-16961B8847D7
40 47 8 4K 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23 FWU-Metadata 3FDFFEE1-3223-4C6B-80F9-B0E7D780C21D
48 55 8 4K 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23 Bkup-FWU-Metadata B3068316-5351-4998-823A-3A7B09133EC1
56 63 8 4K ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42 private_metadata_replica_2 3CC3B456-DEC8-4CE3-BC5C-965483CE4828
64 71 8 4K ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42 private_metadata_replica_2 DCE9C503-8DFD-4DCB-8889-647E49641552
72 271 200 100K 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9 bl2_primary 9A3A8FBF-55EF-439C-80C9-A3F728033929
272 1023 752 376K D763C27F-07F6-4FF0-B2F3-060CB465CD4E tfm_primary 07F9616C-1233-439C-ACBA-72D75421BF70
1024 5119 4096 2M B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7 FIP_A B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5
5120 15199 10080 4.9M 8197561D-6124-46FC-921E-141CC5745B05 kernel_primary BF7A6142-0662-47FD-9434-6A8811980816
32784 32983 200 100K 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9 bl2_secondary 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F
32984 32991 8 4K D763C27F-07F6-4FF0-B2F3-060CB465CD4E tfm_secondary 009A6A12-64A6-4F0F-9882-57CD79A34A3D
32992 32999 8 4K B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7 FIP_B 9424E370-7BC9-43BB-8C23-71EE645E1273
33000 33007 8 4K 8197561D-6124-46FC-921E-141CC5745B05 kernel_secondary A2698A91-F9B1-4629-9188-94E4520808F8
65496 65501 6 3K EBD0A0A2-B9E5-4433-87C0-68B6B72699C7 reserved_2 CCB18569-C0BA-42E0-A429-FE1DC862D660
Add new nvmxip qspi block storage device to u-boot and
the plumbing to boot using the fwu_metadata and gpt
partition information.
Make sure that fwu and fwu-backup have the correct, as defined
in spec, partition type. That will make SW pieces in the stack
identify it correctly.
Update the fvp config to use the new wic image with the gpt scheme
Depends on metadata to decide boot bank in TFA, TFM and u-boot
Using Reading partitions (GPT scheme)
changes needed:
- Rename FIP partition in wic image as defined in TF-A to FIP_A,FIP_B
- Rename metadata partitions to FWU_Metadata and Bkup-FWU-Metadata
- Enable support for GPT and PSA_FWU in TF-A
arm-bsp/corstone-1000: TF-M patch to calculate fwu metadata crc32
It's necessary to calculate the metadata crc for TF-A and U-boot
verify the metadata.
and at last remove the wic.nopt (wic no partition) as target fstype
since we now use the partitions.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump the preferred corstone1000 to v3.20, drop patch
that is already included in this version.
Create the 3.20 bbappend and remove the entry in 3.18 bbappend.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Poky commit 9ef8cbcdfc85c3ce2ca52d8bee2ab6929f589383 updates
the kernel to 6.1.20 which breaks the PCI quirk patch for the N1SDP.
This change fixes it.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If the repository reference directory gets corrupted it's not easy to
wipe it, so add a variable CI_CLEAN_REPOS that if set in the pipeline
will clean the clones and re-fetch them.
Also, stop the fetch from detaching during the garbage collection, just
in case it was a long-running GC that got killed that caused the
corruption in the first place.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Manually check every patch that was marked as Pending and update the
patches which are actually backports.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The infrastructure for edk2 and fvp-base is already present, but not
being used. Make the changes to get it compiling cleanly, and add it to
CI.
Note: testing is not passing because edk2 isn't booting an image
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest version of EDK2. There is an issue with memory not
being initialized and hanging boot. So revert the patch that is causing
the issue until the proper solution can be found.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest version and regenerate the patches via devtool.
This causes some patch renumeration to occur, which causes some other
modifications.
Signed-off-by: Jon Mason <jon.mason@arm.com>
optee-os-3_19.inc duplicates optee-os.inc. Remove that and cleanup
the fallout. Also, remove unused 3.19 bbappend
Signed-off-by: Jon Mason <jon.mason@arm.com>
With the removal of fvp-base-arm32, we no longer have test coverage for
the external Arm toolchain. Add this to qemuarm-secureboot CI so that
there is coverage again. Note: it must be a 32bit machine, since there
are currently no aarch64 host toolchains for aarch64
Signed-off-by: Jon Mason <jon.mason@arm.com>
fvp-base-arm32 isn't a real machine and supporting it has become hacky.
Drop support and remove from meta-arm-bsp
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest version of u-boot. This requires removing the new
way DRAM is handled, since we don't use dtb the way u-boot is expecting.
Also, change the default bootcmd to make things work (as that expects
env things as well).
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add the various kernels available in oe-core, as well as the poky-tiny
minimal distribution (which has a minimal kernel config). This
necessitated combining some kernel bbappends to have patching coverage
for all the variants.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Make things more obvious by adding yml files for the poky defaults
instead of disregarding them in the jobs-to-kas script
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit includes :
- Rebased and fixed N1SDP kernel PCIe quirk patches to apply on 6.1 kernel
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The UEFI capsule generated is in the incorrect build directory.
This patch copies it to IMGDEPLOYDIR.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Mirrors of meta-arm may focus their development on a small subset of
MACHINEs so provide the option to restrict the boards that are built on
CI using the variable BUILD_ENABLE_REGEX. If set, it conditionally
enables builds; if unset there is no change in behavior.
This variable could be overridden in a scheduled build, to e.g. build
all the MACHINEs weekly.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update tfa version to v2.8. Also, fiptool uses tfa sources. So, keep
it with the rest of tfa to prevent the version from becoming stale.
NOTE: tf-a-tests is being held back for corstone1000 due to compilation
errors.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Defining a task called do_deploy in an image recipe causes the
license_image bbclass in OE-core to think the recipe is not an image
recipe, which causes errors with license information collection if you
have an image recipe which depends on an image recipe using this
bbclass.
To fix this, and to add support for caching the signed binaries, use a
single task, do_sign_images (and its setscene task). The implementation
is based on deploy.bbclass, so the sstate is responsible for installing
the signed binaries in ${DEPLOY_DIR_IMAGE}, but using a different name
so that license information collection still works as expected.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To simplify adding support for new versions of TF-M scripts in the
future, create a common .inc file with the non-version-specific
configuration.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To simplify adding support for new versions of TF-M in the future,
create a common .inc file with the non-version-specific configuration.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To try and prevent trusted-firmware-m and trusted-firmware-m-scripts
from becoming out of sync in the future, create a common
trusted-firmware-m-1.7.0-src.inc which defines all the repositories and
their SHAs for both. Include this file in both recipes.
Add a SUMMARY and DESCRIPTION to trusted-firmware-m-scripts.
Update mbedtls to 3.2.1 (the recommended version for TF-M 1.7.0)
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Factor out the image signing arguments in tfm_image_sign.bbclass into
its own variable, TFM_IMAGE_SIGN_ARGS, so that it can be customized on a
per-machine basis if necessary.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the TF-M image signing scripts to use the TF-M 1.7.0 sources, so
it is in sync with the TF-M recipe itself.
Synchronize the trusted-firmware-m and -scripts Python dependencies
with the in-repo requirements.txt files. This requires a recipe to be
carried for pyhsslms.
1.7.0 introduces the --measured-boot-record argument to the image
signing script, which is required to maintain existing behavior. Add it
to the arguments in the tfm_sign_image bbclass.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-M provides IPC as a SPM backend which gives SPM and each Secure Partition
it's own execution context. And provides higher isolation levels.
corstone1000 isolation level is 2. Hence, switching to IPC backend.
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change adds patches to align psa crypto client of TS with TF-Mv1.7
running on secure enclave of corstone1000
The patches updating
- PSA Crypto SID defines values
- psa_ipc_crypto_pack_iovec structure
- Fix inputs and outputs passed to in/out_vec to match crypto service
expectations
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Mirrors of meta-arm may have the persistent cache directory mounted in a
different place. To make it easier to configure, define this location
using a single $CACHE_DIR variable.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This repository doesn't tag releases, so just track the latest SHA.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
IMAGE_TYPES += "wic.nopt" is effective if the bbclass is included
using IMAGE_CLASSES, but not if included directly (using inherit) due to
file parse ordering.
To support applying wic_nopt locally (i.e. for certain image recipes but
not others), change to use :append.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To support using the wic_nopt bbclass from BSP layers other than
meta-arm-bsp, move it to meta-arm.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch uses the json config file for UEFI capsule generation
as this is efficient and easily scalable to generate multiple
capsules.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The BBCLASSEXTEND configuration can generate native sdk and target
recipes as well. The cp command used in do_install will
create host contamination issues for these recipes, so this patch
makes the recipe native only.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Inherits the UEFI capsule generation class and configures the capsule
variables for the wic.nopt image
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This class currently supports only a single firmware binary. The
required capsule parameters needs to be set, if not the build fails.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The native recipe installs the UEFI capsule generation tool
along with the other base tools to native sysroot.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-M does not use persistent release branches and the release-* branches
have been removed from the repository, so switch the branches to master.
Also update the tf-m-tests SRVREV to the 1.7.0 tag, not the RC2.
99% based on a patch by Peter Hoyes <Peter.Hoyes@arm.com>.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This bbappend is only used by qemuarm*, which now use 6.1, so this can
be removed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Satish Kumar
Rui Miguel Silva
Adam Johnston
Ross Burton
Jon Mason
Abdellatif El Khlifi
Xueliang Zhong
Gowtham Suresh Kumar
Peter Hoyes
Mohamed Omar Asaker