Add support to permit FWU calls in RSE-COMMS Trusted-Firmware-M for Corstone-1000
This change is required to allow the transmission of PSA FWU related
calls between Cortex A and Cortex M side on Corstone-1000.
For every PSA call from A side, the RSE-COMMS at M side validates, if the
call is allowed or not.
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch has been dropped in the following commit:
f1fc5c53 - arm/hafnium: update to v2.12.0
Unfortunately the original issue is still present and the
patch is required for the successful build. Patch is
restored in this commit.
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
third_party/linux submodule has been removed from hafnium in the
following commit:
ddeedafa - chore: drop the third_party/linux submodule
Relevant patch can not be applied anymore. Patch is removed
from the recipe.
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
'qemu_aarch64' is not a valid hafnium platform. Supported platforms are:
* 'secure_rd_v3'
* 'secure_rd_v3_cfg1'
* 'secure_aem_v8a_fvp_vhe'
* 'aem_v8a_fvp_vhe'
* 'aem_v8a_fvp_vhe_ffa_v1_1'
* 'qemu_aarch64_vhe'
* 'secure_qemu_aarch64'
* 'rpi4'
* 'secure_tc'
Previusly selected 'qemu_aarch64' did not cause error because
it was NOT passed to make. It had no effect.
Within this commit, platform 'secure_qemu_aarch64' is selected
and passed to make.
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
hafnium is built by clang. Dependency is required for successful
build.
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
According to original commit, clang for other targets
like aarch64 were not available. This condition is not
present anymore therefore check for x86_64 can be removed.
This reverts commit 01a13b11ad.
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade trusted-firmware-a to 2.13.0 for Corstone-1000
Upgrade tf-a-tests to 2.13.0 for Corstone-1000
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Apply TF-M downstream patches in the main TF-M recipe, rather than doing
it in corstone1000 recipe.
Signed-off-by: Hamideh Izadyar <hamideh.izadyar@arm.com>
Cmake 4.0 dropped compatibility to cmake versions below 3.5. Update the
required version on the cmake file as a workaround.
Also update the component to use git am instead of apply.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Two variables are moved from the meta-arm-bsp layer to the Trusted-Services
Corstone-1000 platform CMake file so the MM communication buffer address and
page count can be configured from the CMake layer.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Patch "0003-optee-enable-clang-support" is no longer appropriate as the
feature the patch provides is no longer required.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
The external-system component was marked as a dependency for the
corstone1000-recovery image regardless of whether external-system was
requested or not. This ensures that is no longer the case.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Add some basic tunes for the newly added Arm architectures in GCC.
These will need to be further fleshed out before submitting this to OE
Core, but should be sufficient to use for machines that need them in the
interim.
Signed-off-by: Jon Mason <jon.mason@arm.com>
This CVE is fixed in optee 4.7, so backport for 4.6
For optee-ftpm, the change is submitted right after
the 4.6 tag, so update the SHA instead of holding an
out-of-tree patch.
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use Linaro's optee-ftpm fork instead of historical sample in
Microsoft's TPM reference.
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe has a second copy of QCBOR in SRC_URI, correct the reference
to its location in EXTRA_OECMAKE to fix builds with network isolation.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use UNPACKDIR directly instead of constructing it manually from WORKDIR.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The sources are not under WORKDIR/git, use UNPACKDIR.
Also use B instead of WORKDIR/build in case B changes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The sources are not under WORKDIR/git anymore, use UNPACKDIR. This
most likely isn't entirely correct but does remove build paths from the
binaries.
Also use TARGET_DBGSRC_DIR instead of constructing the target path
manually.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The caller should (and does) use ci/testimage.yml explicitly instead.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add recipes for OP-TEE v4.6.0
Upgrade Corstone-1000 OP-TEE revision from 4.4.0 to 4.6.0
Add patch to fix compilation issue with musl and optee-test 4.6.0.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upstream has removed the need for setting S to WORKDIR, and is throwing
an error if still doing so. Make the necessary changes.
From the upstream commit, much of the changes where made via:
sed -i "/^S = \"\${WORKDIR}\/git\"/d" `find . -name *.bb -o -name *.inc -o -name *.bbclass`
sed -i "s/^S = \"\${WORKDIR}\//S = \"\${UNPACKDIR}\//g" `find . -name *.bb -o -name *.inc -o -name *.bbclass`
Suggested-by: Marcin Juszkiewicz <marcin-oe@juszkiewicz.com.pl>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The network device and pflash can be modified to more correctly emulate
an actual system.
Suggested-by: Marcin Juszkiewicz <marcin-oe@juszkiewicz.com.pl>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The PS_NUM_ASSET is duplicated in the cmake.config and the config_tfm_target.h file
under Corstone-1000. The commit removes the one from the cmake.config and keeps the
one in the header file.
The whole rationale behind this is for the vendor to be able to override the
configuration using the cmake file.
Signed-off-by: Yogesh Wani <yogesh.wani@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
FILESEXTRAPATHS that have a prepend should have a trailing ':' to allow
for the follow-on modifications to the string. Add it here where
necessary.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The original patch was inadvertently removed by a subsequent commit.
This change restores the patch to fix failures in the PSA Crypto
Suite test on Corstone-1000.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The github URL where the image was located has gone away on the master
branch. Update the URL to point to the legacy branch, which should stay
around (according to the documentation).
Fixes: aebe535aa8 ("arm-systemready: Introduce the Arm SystemReady layer")
Signed-off-by: Jon Mason <jon.mason@arm.com>
Modify the upstream status of the patch to align a PSA crypto struct with
TF-M from Pending to Backport as it is included in TS v1.2.0 release candidate.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
BUILD_CC and friends are only needed for the build of BaseTools, so move
the assignments to that specific make call.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
GCC15 changed the behavior with how unions are initalized, which is
causing an issue with mbedtls in TS. Change the behavior to the
previous way of doing things until the fix has been released.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The test cases for fvp-base will not fully run because the trusted
servies ones are the only ones (instead of being appended to the list).
Correcting this issue so that all the tests can be run.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest version of edk2-firmware. The sgi issue has been
corrected upstream, so the patch can now be dropped. Also, no longer
seeing the RELEASE issue on qemuarm/qemuarm64, and removing that
workaround.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest version of SBSA ACS. Since 7.1.4, BSA things were
put in a separate git repo and it now has a dependency on that.
Also, address an issue with BSA, GCC15, and incompatible pointer type
errors.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The Yocto project changed the server name for sstate, though the
previous one does still appear to work. Update here to the one matching
the YP documentation.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove TF-A 2.11.0 Yocto recipe.
Remove patches that are now upstreamed in TF-A 2.12
Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade trusted-firmware-a to 2.12.1 for Corstone-1000
When GENERATE_COT is enabled, use the Yocto dependency cot-dt2c instead
of installing it with Poetry.
Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Backport patch to fix the following compilation issue:
| In file included from tftf/tests/runtime_services/realm_payload/host_realm_payload_simd_tests.c:21:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
| 6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
| 7 | #define HOST_REALM_COMMON_h
| In file included from tftf/tests/runtime_services/realm_payload/host_realm_simd_common.c:13:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
| 6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
| 7 | #define HOST_REALM_COMMON_h
| CC tftf/tests/runtime_services/secure_service/spm_test_helpers.c
| In file included from tftf/tests/runtime_services/realm_payload/host_realm_spm.c:20:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
| 6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
| 7 | #define HOST_REALM_COMMON_h
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_simd_common.o] Error 1
| make: *** Waiting for unfinished jobs....
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_spm.o] Error 1
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_payload_simd_tests.o] Error 1
| make: Leaving directory 'workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/git'
Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add recipe for the latest version of TF-A, which needs a newer version
of mbedtls as well. The license checksum updated due to hob code being
imported from edk2, which is BSD 2 Clause, which is already in the
license field for the recipe.
Updating the git recipe to use the latest version, and keeping LTS
versions.
sgi575 was removed from 2.13.0. So, pointing that to 2.12
Signed-off-by: Jon Mason <jon.mason@arm.com>
Seeing the following warnings:
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/conf/machine/include/corstone1000.inc:72 has a lack of whitespace around the assignment: 'SMMGW_AUTH_VAR="1"'
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/conf/machine/include/corstone1000.inc:74 has a lack of whitespace around the assignment: 'SMMGW_INTERNAL_CRYPTO="1"'
Add the necessary white space to address the issue.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Seeing warnings of:
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/libpsats_git.bb: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/libpsats_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/libpsats/${TS_ENV}"'
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/ts-sp-logging_git.bb: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/ts-sp-logging_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/logging/config/${TS_SP_LOGGING_CONFIG}-${TS_ENV}"'
Clean-up the white space to address the issue.
Signed-off-by: Jon Mason <jon.mason@arm.com>
