Update tf-a and mbedtls to the latest versions. Also, migrate the
previous version to meta-arm-bsp for corstone1000.
NOTE: in v2.10, the fiptool makefile was changed to reference LDOPTS
instead of LDLIBS.
NOTE: commit 408cde8a59080ac2caa11c4d99474b2ef09f90df in tf-a modifies
the qemu_sbsa starting offset, and per the commit comment, it requires
the edk2 same change. This is why the edk-platforms SHA has been
changed. There are only 19 patches between the previous SHA and this
one (most of which are adding a single platform). So, it shouldn't be
too impactful to bump the SHA (instead of making it a patch to apply
on top of the existing SHA).
NOTE: tf-a-tests added LDFLAGS to the makefile, causing the need for it
to be removed in the recipe.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Now that we've released 4.3 and branched, we can switch master CI back
to master.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We enable PAC/BTI out of the box, but all of the pieces (such as gcc and
glibc) need to support it for the final binary to be protected.
Add a minimal test recipe to verify that the "Hello, World" binary is
using PAC/BTI, and add it to oe-selftest.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Readthedocs server requires an absolute path from project's root
directory to find correct requirements.txt and conf.py.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Upgrade the Corstone-1000 YMLs as follows:
- Set the layers SHAs
- Align with Kas v4
- Update the layers list
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Add a note for Capsule update negative test scenario and fixes instructions
regarding distro-boot in Corstone-1000 user guide.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Delane Brandy <delane.brandy@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Adds creating an EFI System Partition for Corstone-1000.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
align the release note with the upcoming CORSTONE1000-2023.11 release
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Use Ethernet over VirtIO on FVP due to lan91c111 Ethernet driver support dropped from U-Boot.
This patch enables virtio-net device in u-boot to pass ACS tests related to
NIC and PXE. The current ethernet device still works in linux kernel and
corstone1000-mps3 Ethernet device is supported by u-boot, so no change is
required regarding existing Ethernet device.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Adds virtio-net configuration to use virtio-net in corstone1000-fvp.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Update the user guide to include Linux distro installation on fvp
Signed-off-by: Delane Brandy <delane.brandy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This fixes a race that is observed rarely in the FVP. It occurs in FVP
when tfm sends the notication ack in openamp, and then reset the access
request which resets the mhu registers before received by the host
processor. It implements the fix both in SE and the host processor openamp
wrapper. This solution enables polling on the status register of mhu until
the notificaiton is read by the host processor. (Inspired by
signal_and_wait_for_signal function in mhu_wrapper_v2_x.c in trusted-firmware-m
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/ext/target/arm/rss/common/native_drivers/mhu_wrapper_v2_x.c#n61)
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade the Arm binary toolchains to the latest version. Of note, the
untarred directory has camelcased the "R" in Rel (which was "rel" in the
previous versions).
Signed-off-by: Jon Mason <jon.mason@arm.com>
The fvp-base machine uses a v8.4 tune and the FVP itself is configured
to be v8.4, so also tell TF-A to use v8.4.
This is normally done in the TF-A board configuration, but the fvp board
is configurable.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We already tell the FVP to be v8.4 cores, so tell the compiler to
tune for that instruction set too.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This CVE is specific to NXP i.MX boards which are documented as being
shipped unsecure, as they're meant for development.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Changes ns-interrupt-action for corstone1000. This will enable
preemption in the SPs which is the default way to handle interrupts in
trusted-firmware and optee documentation.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When booting, the tee driver from kernel side
invokes a yielding call to OP-TEE, which gets
stuck because OP-TEE never sends Done response:
OPTEE_FFA_YIELDING_CALL_RETURN_DONE
This issue was previously resolved by introducing
an inappropriate patch to the kernel with 1 ms delay
in ffa_msg_send_direct_req.
Further investigation proved that OP-TEE doesn't
get enough processing time and is constantly interrupted
by the kernel requests. To remove this patch, TF-A logging
level is lowered to default (40 in debug builds and
20 in release builds), which eliminates the time consumed
previously by TF-A VERBOSE logs (giving OP-TEE more
processing time).
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone1000 capsule update implementation does not support use of
scatter_gather_list. This workaround passes 1 as scatter_gather_list value
to pass the NULL checks for scatter_gather_list while
CAPSULE_FLAGS_PERSIST_ACROSS_RESET flag is set (which is introduced lately to
align with UEFI specs). Since these flag checks are not implemented in u-boot
properly and corstone1000 does not support scatter_gather_list during capsule
update, this patch will skip the check only for on-disk capsule update.
This will be fixed with new capsule update design.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add an optional env argument to the run_fvp() function, and check that
DISPLAY is preserved.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The __main__ body used the return value of runfvp() as the exit code,
but this was never set.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Don't pass "" as the cwd as that fails, use None so the cwd doesn't get
changed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
add debug.yml to the build command so the debug-tweaks image feature
is enabled
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This is no longer needed as Nanbield uses ttyrun to avoid re-spawning
gettys.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
corstone1000's uboot uses efitools-native from meta-efi-secure-boot, so
add the layer dependency to make this clear.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use IMAGE_CLASSES rather than a direct INHERIT for fvpboot.
This is Yocto best practice as it is used to enable
functionality across all image recipes.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add systemready firmware, systemready ACS, systemready distros, and
fvp-base kas configurations. Update the README file with
instructions on how to build and run using them.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
1. Configure FVP base to allow Arm SystemReady IR ACS console access.
2. Configure FVP base Arm SystemReady IR ACS firmware build.
3. Add the machine-specific report.txt for FVP base.
4. Patch the check-sr-results.yaml and format-sr-results.yaml files
to handle the known differences between FVP base and the
expected ACS functionality.
5. Add a README with instructions of how to use the meta-arm-systemready
layer with fvp-base.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add the meta-arm-systemready layer. This provides the infrastructure to
load and run the Arm SystemReady IR ACS v2.0.0 prebuilt image and
analyze the results.
The recipes included are as follows:
1. arm-systemready-firmware: Enables the ARM_SYSTEMREADY_FIRMWARE machine
conf variable to be used to specify which firmware packages to deploy.
2. arm-systemready-ir-acs: Runs the Arm SystemReady IR ACS tests from
the pre-built images and checks the results adhere to the specification.
3. arm-systemready-linux-distros-[debian|opensuse]: Install the distro of
choice from CD/DVD image to target disk image.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Qi Feng <qi.feng@arm.com>
Signed-off-by: Robbie Cao <robbie.cao@arm.com>
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Signed-off-by: Vineeth Raveendran <vineeth.raveendran@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
For fvp-base, update the DEFAULT_TEST_SUITES to include
fvp_boot and fvp_devices. This is only the default behaviour;
individual recipes can override this using the TEST_SUITES
variable.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Comments were made after previous optee changes were committed.
Addressing those comments here.
Suggested-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update capsule document procedure and ACS image in user guide.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the recipes and patches for OP-TEE 4.0.0. Migrate the 3.22.0
recipe to meta-arm-bsp for corstone1000 and n1sdp.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Harsimran Singh Tungal
Jon Mason
Ross Burton
Emekcan Aras
Abdellatif El Khlifi
Delane Brandy
Mariam Elshakfy
Debbie Martin
Ali Can Ozaslan