Clone all trusted-services dependencies into the TS source tree under
ts-external/ instead of ${UNPACKDIR}
This alignes the layout with devtool git-submodule handling.
NOTICE: we can't clone in external as TS already contains files there
and it would conflict.
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the corstone1000 variant to apply its psa-adac patches
against the new external/ directory.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Clone all trusted-firmware-m dependencies into the tfm source
tree under external/ instead of ${UNPACKDIR}.
This aligns the layout with devtool git-submodule handling,
ensuring the recipe sees a consistent source tree at build time
and allowing dependencies to be patched via devtool in the same
way as the main tf-m repository.
(reworked to avoid use internal variables for checkout)
to clone tf-m dependencies use hardcoded path for reproductibility
and avoid using BB_GIT_DEFAULT_DESTSUFFIX which may depend on
yocto version.
Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We currently don't have coverage for trusted-firmware-m 2.1.x, which is
the LTS. Since musca-b1 and musca-s1 are essentially the same, use b1
for the LTS coverage.
Signed-off-by: Jon Mason <jon.mason@arm.com>
For some reason, sgi575 won't boot to shell with
core-image-full-cmdline, but it will with other images. Since we're
going to drop this machine soon (as it has been EOL'ed), modify the
image type for CI to core-image-base (As that one appears to boot
faster).
Signed-off-by: Jon Mason <jon.mason@arm.com>
* Set Linux kernel preferred version for Corstone-1000 to 6.18
* Update Corstone-1000 user guide.
* Recent kernel versions removed the deprecated CONFIG_LIBCRC32C
Kconfig symbol as part of the CRC library cleanup.
Replace CONFIG_LIBCRC32C with CONFIG_CRC32, which provides the
generic CRC32/CRC32C library support used by in-kernel consumers.
* The ext3 driver was removed historically and ext4 carries
compatibility for ext3 on-disk format.
* Amend External System patch to adhere to Kernel v6.18 RemoteProc
API.
* Add #address-cells and #size-cells parameters to ethosu dts node
No functional change intended.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
meta-arm-systemready was intended to allow people writing BSPs to run
the SystemReady Architecture Compliance Suite[1] within the Yocto build
environment. However, whilst this seems like a good idea, there are
several problems:
- This layer only supports the IR band and v2 of the ACS. The ACS is now
at v3 and the bands altered, so there is no value in running obsolete
tests.
- Execution of the tests takes a long time, we have integration to run
the tests on a virtual fvp-base machine but execution takes many tens
of hours (our CI times out after 12, on a high-performance worker).
Running the tests in CI, and in particular inside BitBake, isn't
obviously the right thing to do.
- Execution on the tests on real hardware is not trivial, as testimage
has virtual targets as a primary usecase. It is unclear if anyone has
managed to use this layer on physical hardware.
Because of these issues, remove the layer. There are better integration
points for automated ACS testing, and this integration is obsolete.
[1] https://github.com/ARM-software/arm-systemready
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The downloads page for FVPs is broken down into sub-pages for each
"Ecosystem". Organize this file to match that. Also, rename fvp-v3-r1
to "rd" to make more obvious what this refers to.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The corstone1000-a320 FVP is a unique download and should be treated as
such in our CI. Split the relevant parts off, add it to the fvps.yml
file, workaround the staticdev and useless-rpath errors that were
present in the FVP tarball, and the correct depends in the machine
config file.
Also, add this machine to the CI so that any issues can be found with
this unique configuration.
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch ignores the built-in FVP UART name when setting the terminal
names on tmux.
The rationale is that appending FVP UART name takes a lot of space
making it unusable on complex platforms with many terminals.
Signed-off-by: Filipe Rinaldi <filipe.rinaldi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The removed patch file breaks the U-Boot efi_selftest utility and has
been denied by upstream in any event. All subsequent patches renumbered.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
All patches have been rebased onto the v2025.10 release branch, with the
changes primarily being updating of offsets and surrounding code in each
hunk.
One minor change between v2024.04 and v2025.10 is that a
CONFIG_BOARD_INIT option was added and must be enabled in order to link
in the `board_init()` symbol. As such, the firmware update patch adding
`board_init()` has been modified to enable this option as well.
The patch that enabled OF_UPSTREAM has been modified slightly in order
to incorporate upstream changes between versions: the SMP changes to the
Corstone1000 FVP device tree were incorporated into the Linux kernel so
are no longer needed in the U-Boot specific device tree. As such, the
patch adding A320 support adds these CPU nodes in order to override them
where appropriate.
In the process, signatures are removed from each patch.
Beyond this, the directory in which U-Boot searches for the EFI capsule
CRT file changed from object tree to source tree, so the recipe is
updated to reflect that.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This fixes a build error due to:
patching file Makefile
Hunk #1 FAILED at 12.
1 out of 1 hunk FAILED -- rejects in file Makefile
Patch 0001-Makefile-Avoid-variable-override.patch can be reverse-applied
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We have a newer gcc-arm-none-eabi now, so this can be removed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Make changes across U-Boot, and OP-TEE OS to swap
the GIC-600 for GIC-700 as the latest version of the FVP
swaps the GIC.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump Corstone-1000 machine OP-TEE version from 4.7.0
to version 4.9.0.
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update Corstone-1000 documentation to reflect 2026 copyright and
current supported host environment.
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-A has a number for variables to control how host binaries are built:
- Our BUILD_CC is HOSTCC; this is set in the recipes
- Our BUILD_CFLAGS is HOSTCCFLAGS; this is not set
- Our BUILD_LDFLAGS has no corresponding variable
However when uninative is enabled we really need to pass BUILD_LDFLAGS
as otherwise there can be link problems:
ld: libcrypto.so: undefined reference to `__isoc23_strtol@GLIBC_2.38'
Patch into the TF-A makefiles support for HOSTLDFLAGS and ensure that we
set all three of the relevant BUILD_ variables.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2 of the fvp-base specific u-boot patches were merged in the 2026.01
release. Remove those, as they are no longer necessary.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The kernel upgrades are now in oe-core, so we can drop this workaround.
This reverts commit 341a0fd976.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The linux-yocto kernel has strict configuration warnings enabled and this
often causes warning, for example with 6.18.3:
[INFO]: the following symbols were not found in the active configuration:
- CONFIG_SND_SOC_ROCKCHIP
- CONFIG_SLIM_QCOM_CTRL
For these machines we're using the upstream defconfig and not a config
file that we're maintaining, so fixing these problems upstream is slower
than one would like.
As we don't maintain the config, we can disable the checker for these
two machines. This is _not_ precedence for disabling the audit for any
machines where we're not simply using the upstream defconfig without any
changes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The path changed when the trusted-firmware-m recipe began to inherit
firmware.bbclass.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The paths for these files has changed due to the change to the
trusted-firmware-m recipe now using the custom firmware.bbclass.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
For builds using multiconfig, all of the firmware binaries listed were
being placed in the ${DEPLOYDIR} directly without preserving their
directory hierarchy. This meant that paths to firmware binaries relative
to the ${DEPLOYDIR} differed between builds depending on whether
multiconfig was enabled or not.
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update edk2-firmware and edk2-basetools to the 202511 stable release.
Patches from upstream were needed to get it compiling with clang.
edk2 dropped support for 32bit arm and x86, see
https://edk2.groups.io/g/devel/topic/rfc_remove_ovmf_ia32_and/114152215
Therefore, we're dropping qemuarm edk2 testing and relevant bits
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for v2.14.0, and update corstone1000 config and patches to
use it. TF-A seems to have changed their poetry settings from POETRY to
host-poetry (when specifying an alternative location/disabling). So, it
is necessary to modify that for all platforms using COT and v2.14.0
NOTE: sbsa-ref is having issues with fip.bin being too large. So, set
the version to the LTS until that is resolved.
Signed-off-by: Jon Mason <jon.mason@arm.com>
In master, xen images fail to build as the xt-masquerade module is not
built by the kernel. This has been fixed in the linux-yocto 6.18.3
upgrade but that is not yet merged.
Until it is merged, we can temporarily update the kmeta in our CI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Allow TF-M v2.2.2 to boot with Secure Debug enabled on Corstone-1000 and
align the driver implementation with the current psa-adac library.
- Add missing DRBG macros to fix the
"Failed to generate challenge!" error during Secure Debug.
- Fix an unintended platform reset occurring immediately after setting
the debug enable bits in the dcu_en register while in SE LCS.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The PCI subsystem with 6.18 is now warning on boot:
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
Until this can be root-caused, ignore it.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
With kernel 6.18 the kernel will now warn if it tries to run a command
from a ramdisk but it cannot be found[1]. This happens with the
qemuarm64-secureboot machine (but not qemuarm64) because u-boot appears
to be populating the devicetree with a ramdisk entry:
loading kernel to address 40400000 size 1702a00
1 qfw ready qfw 0 qfw
** Booting bootflow 'qfw' with qfw
## Flattened Device Tree blob at 7e659890
Booting using the fdt blob at 0x7e659890
Working FDT set to 7e659890
Loading Ramdisk to 7bcfd000, end 7d3ffa00 ... OK
Loading Device Tree to 000000007d621000, end 000000007d626534 ... OK
Working FDT set to 7d621000
Starting kernel ...
The kernel tries to mount and boot this ramdisk but fails because it
isn't a valid initrd or initramfs. The boot continues as usual, but this
warning in the logs triggers parselogs.
Until the boot flow is properly resolved, ignore the message.
[1] linux 98aa4d5d242d ("init/main.c: add warning when file specified in rdinit is inaccessible")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The TF-A can install files with dtb extension. This is not handled in
the firmware.bbclass so append it here.
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Replace inherit deploy with firmware.
Initialize TFM_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
TFM_PLATFORM with FIRMWARE_PLATFORM.
Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration.
Refactor corstone1000 config files to use ${FIRMWARE_DIR} and the
base do_install.
Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Replace inherit deploy with firmware.
Initialize SCP_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
SCP_PLATFORM using the FIRMWARE_PLATFORM variable.
Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration.
Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Replace inherit deploy with firmware.
Initialize TFA_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
TFA_PLATFORM with FIRMWARE_PLATFORM.
Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration. Drop the redundant ${TFA_PLATFORM} suffixes.
Update BSP conf files to use the new deploy location, including
symlinking back to ${DEPLOYDIR} where necessary.
Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There are now a handful of firmware component recipes in meta-arm, each
of which does its own (slightly different) deployment handling.
Introduce a bbclass to standardize this, with the aim of cleaning up the
DEPLOY_DIR_IMAGE. Crucially, each firmware component deploys into a
${PN} subdirectory of DEPLOY_DIR_IMAGE. This has a few advantages:
* Many Arm components have the same or similar binary names (BL1, BL2
etc). This ensures unique naming and avoids confusion.
* Recipes can afford to be less picky about which binaries are deployed.
This simplifies component recipes.
* It is easier to deploy debug symbols in a common way to an expected
location.
* It keeps the DEPLOY_DIR_IMAGE clean in the face of ever-increasing
firmware complexity.
The bbclass also provides a FIRMWARE_DEBUG_BUILD variable to control the
build type of the firmware in one place, defaulting to the global
DEBUG_BUILD. This should allow BSPs in meta-arm-bsp to more easily
provide a release build by default (by providing an easy switch for
development purposes when needed).
Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There are times where we need to produce multiple versions of the
trusted-firmed binaries in a given build, but the names for the binaries
are hard-coded in the Makefile and do_install().
This patch adds a new variable, TFA_INSTALL_SUFFIX, that is added to
do_install() that can uniquely name the resulting binaries. By default,
the suffix is empty so that default behavior is not changed.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When the git version of this recipe was created, the application of local
patches was left out.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Arthur Cassegrain
Clement Faure
Jon Mason
Hugues KAMBA MPIANA
Ross Burton
Filipe Rinaldi
Frazer Carsley
Jan Luebbe
Michael Safwat
Devaraj Ranganna
Bence Balogh
Peter Hoyes
Ryan Eatmon