EDK2 Project is a modern, feature-rich, cross-platform
firmware development environment for the UEFI specifications
from www.uefi.org.
This patch adds a new recipe to fetch, configure and build
UEFI EDK2 firmware for Arm platforms.
Change-Id: Icfb157e5b68d87accfd4290f522fc529fe4e849e
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rebase a5ds u-boot patches so, they apply clean in top of
latest u-boot.
Change-Id: I12e596ef8460429b540777e2a8646ed64f81fbac
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use the correct path for the binaries in ${datadir}, otherwise it results in a
single incorrect symlink like gcc-arm-none-eabi-*
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Also use ${BINNAME} and ${PV} variables for automatic substitution.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Compiling on the target using runtime libs from external-arm-toolchain
requires libgcc.a, as libgcc_s.so explains:
/* GNU ld script
Use the shared library, but some functions are only in
the static library. */
GROUP ( libgcc_s.so.1 -lgcc )
Otherwise it results in errors like:
| /usr/lib/gcc/arm-linux-gnueabi/9.2.1/../../../../arm-linux-gnueabi/bin/ld: cannot find -lgcc
| /usr/lib/gcc/arm-linux-gnueabi/9.2.1/../../../../arm-linux-gnueabi/bin/ld: cannot find -lgcc
| collect2: error: ld returned 1 exit status
This already has been fixed before in this commit:
https://git.linaro.org/openembedded/meta-linaro.git/commit/?id=91ea4d017bf0598e49944e76c889e66d58c066ce
But then it got broken/undone here w/o due review:
https://git.linaro.org/openembedded/meta-linaro.git/commit/?id=b43d5f0ce431ba1e242504641266a63293ded5db
Even though it's a static library, we want it to be in libgcc-dev as it's
not optional, but rather required for development.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corresponding Python modules pycryptodome(x) and pyelftools, needed by optee,
were moved from meta-python to oe-core.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
SCP-firmware provides a software reference implementation for
the System Control Processor (SCP) and Manageability Control
Processor (MCP) components found in several Arm Compute
Sub-Systems.
This patch set adds support to fetch and build SCP and MCP
firmware binaries
Issue-Id: PLATFORMS-3134
Change-Id: Ic7259bb430c9e7e9711c9c8bc3283aafaacdf707
Signed-off-by: Patrik Berglund <patrik.berglund@arm.com>
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- Add new bbappend to fetch tfa ver 2.2 required for N1SDP
- Apply additional patch required for N1SDP
- Update machine conf to add image dependency for
trusted firmware component
Issue-Id: PLATFORMS-3134
Change-Id: Ibf593c1818c9ea08acf71c6b5b80abc4aca79723
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since the Linaro kernel-release repo doesn't have a master branch and
the branches are force pushed, we need to have the nobranch=1 setting
in the SRC_URI and have the SRCREV pointing to TAG commit SHA the will
not get modified.
Change-Id: Id1ad6b57a6f11ec4dadd3647043e6f2f48f498d4
Issue-ID: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Merge the majority of the binary toolchain recipes for building on an
x86 host into a common include file.
Also, found and fixed an error with both install commands where the name
was double nested on the copy. For example,
/usr/share/arm-none-eabi/arm-none-eabi/ due to the way it was being
copied.
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
When building for a5ds dunfell, I am seeing the following error:
fatal: unable to access 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux/': server certificate verification failed. CAfile: none CRLfile: none
I do not see this error when using git instead of https to access the
tree. So, change to that access method (and it should be faster too).
Change-Id: I8e793ece68edaaa918ed3c3a0e9b4e195775828f
Signed-off-by: Jon Mason <jon.mason@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
The original fix for compiling with GCC 10 had to be reverted because it
failed on older versions. Upstream resolved this and re-instituted the
fix, so backport that patch series
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Yocto cve-check currently produces numerous warnings like:
WARNING: gcc-cross-arm-arm-8.3-r2019.03 do_cve_check: gcc:
Failed to compare arm-8.3 < 10.0 for CVE-2019-15847
In turn this means that some potential CVEs are not reported.
This occurs because PV has been prefixed with "arm-", to allow for
multiple gcc implementations.
Fix this by setting CVE_VERSION to the non-prefixed version.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds a recipe to pull down the prebuilt GCC for compiling bare-metal targets
for Aarch64 processors from ARM.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds support for booting AArch64 Qemu machines using TF-A + optee +
u-boot. Most of the changes are applicable to any AArch64 qemu target,
and a reference machine called qemuarm64-secureboot has been added that
show how to enable support for it.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds a sysVinit service to start tee-supplicant so that the optee-client
package can be used on distros where systemd is not used. Also does some
cleanup of the recipe including:
1) Using @path@ tokens for replacemane in the .service file instead of
paths
2) Replacing tokens in the .service file after it is installed instead
of editing the source file in ${WORKDIR}
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Modifies the optee recipes to all build out of tree. This is cleaner and
helps prevent build error from stale builds when dependencies change.
Also allows the elimination of the OPTEEOUTPUTMACHINE variable in
optee-os.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There is no need to inherit nopackages. Even when the output binaries are being
consumed from deploy or sysroot, and the main binary package is not meant to be
installed in the rootfs, package generation is still useful for SDK use cases
and as a way to distribute sources (e.g. src.rpm/SRPM) in Distros.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds a patch to fix compiles with GCC 10 due to the way that libgcc
detects LSE support using __getauxval().
V2: Incorporate patch changes suggested by upstream
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
All SRC_URIs for trusted-firmware-a now use git and checksums are not needed.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds a recipe to pull down the prebuilt GCC for compiling on Cortex-R
and Cortex-M processors from ARM. This toolchain is required to build
Arm Trusted Firmware for the Rockchip rk3399 SoC, since it must compile
some firmware for the M0 coprocessor.
This was originally taken from meta-rockchip, but has been modified from
mailing list feedback.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
While pycryptodome is a drop-in replacement for the old pycrypto module,
pycryptodomex uses a separate namespace to not confict with pycrypto.
Unfortunately, optee-os uses both namespaces, hence both variants of
pycryptodome and pycryptodomex are needed.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Some platforms expect canonical names, like bl31.bin, instead of bl31-<plat>.bin
Provide symlinks for those as well.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Installing and deploying .bin and .elf shouldn't be mutually exclusive.
There are scenarios where both can be useful - .bin for booting and .elf
for debugging.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Some platforms use Secure Payload Dispatcher - allow selecting one with TFA_SPD.
Official SPD description:
/*******************************************************************************
* This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
* plug-in component to the Secure Monitor, registered as a runtime service. The
* SPD is expected to be a functional extension of the Secure Payload (SP) that
* executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
* the Trusted OS/Applications range to the dispatcher. The SPD will either
* handle the request locally or delegate it to the Secure Payload. It is also
* responsible for initialising and maintaining communication with the SP.
******************************************************************************/
Clean other EXTRA_OEMAKE to remove leading space not needed with +=
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Some platforms can have multiple board configurations, passed as TARGET_BOARD=""
that also becomes an extra directory level in the build output hierarchy.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The ELF files produced are in a subdirectory named by the build target
(e.g. "bl31/bl31.elf") instead of the BUILD_PLAT directory.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use the BUILD_BASE variable to specify an out-of-tree build. Eliminates
the need to set the TFA_BUILD_DIR.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Switch gem5 to use current HEAD version of the staging 20.0 branch to
solve compilation issues related to the move to python3
Create a link named python to python3 as some of gem5 python scripts
are looking for python and are compatible with both python2 and
python3.
Change-Id: I59256a8a6783a9614f5a2d5d760fada5bd6d0337
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We don't want to build firmware blobs into the kernel binary. Also,
add linux-firmware-rtl8168 package to MACHINE_ESSENTIAL_EXTRA_RDEPENDS
to have it installed in any image by default.
Change-Id: If8a88a4ccbc6d474438a2555498989695a4b19dc
Issue-Id: SCM-954
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To keep consistency with trusted-firmware-a and optee recipes we should
use softer assignment to "invalid" for COMPATIBLE_MACHINE.
Change-Id: I57d0b220d92c4546e0539f95a54d391935f995fc
Issue-Id: SCM-954
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add basic recipes for TF-A versions 2.2 and 2.3. Also, rearrange fields
in the various TF-A recipes to make them uniform and move the
do_compile_prepend to the inc file.
Change-Id: I85e4ac7bdc44ed85449e40fd2c94d73bf3e7d9e8
Signed-off-by: Jon Mason <jon.mason@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
xenguest-manager now can create guest partition
using compressed images like *.img.gz or *.img.bz2.
Change-Id: Ifaec0b7c301b2b316ebccdd0ca85083262f2714c
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch includes the following changes for n1sdp:
* Add the Xen defconfig and early printk setting;
* Setting the proper Xen device-tree boot args;
* Remove some entries in xen devicetree (PM and SMMU) to make is
compatible with XEN and extra registers settings required for PCI
quirks to communicate with SCP.
Change-Id: Ic968728115787de8d9bfcaaf883fd8573ff6c9c9
Issue-Id: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The CONFIG_MD (Multiple Devices) and CONFIG_BLK_DEV_DM (Device Mapper)
kernel configs are needed for LVM2, so add them in xen-host.cfg to be
included in the kernel configuration for DOM0.
Change-Id: Ib5f4f4d767751615ee1239e95da7a7d56cbbc2dc
Issue-Id: SCM-996
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update both machine configuration and kernel recipe to
support Linux Kernel device-tree compilation.
Change-Id: I01fa654bd88e0d2b7a4bfcc7cb60222c120a0473
Issue-Id: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When calling `bitbake virtual/kernel -c menuconfig` it fails if the
ncurses-dev package is not installed on the host machine.
This patch makes usage of the ncurses library built by yocto if it
is present.
Change-Id: I261578f2934b225956e77ca4038a2df5603cc1b1
Issue-Id: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- Add support for N1SDP platform.
- Build Linux 5.4 from linaro tree for N1SDP platform.
Change-Id: I12e5169da9c2bab946eb7e49fe6cc7bbb07d182b
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- Add support to fetch and build linaro-arm linux version 5.4 for N1SDP platform
- Add addtional N1SDP specific changes as patches
- Include intree default config
Change-Id: I3b4cf4b1de509beaa3862e1cad37ec2d88b7054d
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If the guest image copy fails we need to abort the do_image execution.
Change-Id: I3785a0828e271ed27eb7f9212804b5b9b39f79ac
Issue-Id: SCM-990
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change Xen package to be machine specific.
This is solving issues encountered when building 2 projects with the
same xen configuration but different machines.
In that case one of the project did not have a xen binary in the deploy
directory.
Change-Id: I2575d91b57455ab690eec9c51e07415673242c06
Issue-Id: SCM-815
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To reduce final image size, remove the kernel-modules package from
IMAGE_INSTALL.
Change-Id: I61d7d2ea87c3007af1c8f7b4917e9692a1f9e001
Issue-Id: SCM-813
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When xen is in DISTRO_FEATURES no audio support is needed. This will
helps reducing the final image size.
Change-Id: I50d83cfe007c3f30a8303dcad66abb188559713c
Issue-Id: SCM-813
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To reduce arm-autonomy-host images size we don't include the Kernel
image.
Change-Id: Ibcadf873fc71f3793b2824e5169a777ee8a0ece6
Issue-Id: SCM-813
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When xen is in DISTRO_FEATURES we split the qemu package and install
only the qemu-xen with /usr/bin/qemu-system-i386 binary in the image
to reduce its size.
Change-Id: I460e959eb87a180b1baa5a11dbbe7df100d5e6a6
Issue-Id: SCM-813
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
All meta-arm-bsp machines specific settings should live at
meta-arm-autonomy/dynamic-layers/meta-arm-bsp/ and only be included if
meta-arm-bsp layer is present.
Change-Id: Ice8a301db85b5186384d602d9e3bedb909183320
Issue-Id: SCM-984
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rework the initramfs support in xenguest FSTYPE to be compatible with
Dunfell and remove an error with non existing recipeinfo during build.
- remove initramfs support in FSTYPE and do_deploy function
- create a KERNEL CLASS to create a xenguest image containing the kernel
bundle with initramfs during kernel compilation (only done if FSTYPE
contain xenguest and initramfs bundle is activated)
- add kernel-xenguest to KERNEL_CLASSES when autonomy-guest
DISTRO_FEATURE is activated
- remove unused parameters from xenguest-image class
Change-Id: If163aa74a2bbbd4f22651abefe8d2ab4677e82b0
Issue-Id: SCM-990
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The do_deploy task depends on xen-devicetree:do_deploy in order to
include the generated xen dtbs in the firmware image.
To avoid dependency loop between firmware-image-juno:do_install,
xen:do_deploy and xen-devicetree:do_deploy when
INITRAMFS_IMAGE_BUNDLE = "1", we need to handle the xen and
xen-devicetree binaries copying in the do_deploy task.
Also Use OVERRIDES to minimize the usage of
"@bb.utils.contains('DISTRO_FEATURES', 'xen', ..."
Change-Id: I8da476435de73445fb6d895ec418d85861b8c46c
Issue-Id: SCM-990
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- make xenguest-manage rdepend on xen-tools to adapt to recipe
modifications in meta-virtualization
- add xen to IMAGE_EXTRADEPENDS to build xen binary when build
autonomy-host-image
- switch arm64-autonomy-machine to use Linux 5.4
- remove trace patch for xen as meta-virtualization is now using a xen
release which has this fixed
- rework xen bbappends to adapt to changes done in xen recipes
Change-Id: I439bde0df2c0a16f529436b65f1a96af5a2981af
Issue-Id: SCM-833
Signed-off-by: Vineeth Raveendran <vineeth.raveendran@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Khasim Mohammed
Rui Miguel Silva
Denys Dmytriyenko
Diego Sueiro
Jon Mason
Jon Mason
Joshua Watt
Khem Raj
Ralph Siemsen
Bertrand Marquis
Kamil Dziezyk
Vineeth Raveendran