Kas 3.3 uses branch and commit keys instead of a general-purpose
refspec. Change the base to use branch:mickledore and remove the
explicit use of master for meta-virtualization now that a mickledore
branch exists there too now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Kas 3.3 has the following new features:
- kas: Introduce commit and branch as alternative to refspec key
- kas: Warn if a repo uses legacy refspec
- kas: add support for lock files via dump plugin
- kas: track root repo dir config files of menu plugin
- kas: add support for --log-level argument
- kas: add GIT_CREDENTIAL_USEHTTPPATH environment variable
- kas: improve error reporting
- kas: drop support for Python 3.5
- kas-container: fix invocations with --isar for some layers
- kas-container: Purge tmp* on clean
- kas-container: enable colored logging
4.0 is basically the same but the Kas container uses Debian 12, which is
not yet supported as a tested platform. Until Debian 12 is tested we
should continue to use 3.3.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This will still emit the diagnostic but it wont break the build,
additionally pass it to CXXFLAGS since thats the right subset to
disable it for.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Same as for OP-TEE client, this eases debugging and is required to use
the OP-TEE symbolize.py script.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The TA builds always create ELF files, add them to the deploy dir to
ease debugging via the OP-TEE symbolize.py script.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The optee-os compilation provides not only the core files, TAs are also
usually build. Create a separate package which contains them, so they
can be installed.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-A version 2.8.6 hangs on boot for corstone1000 non-deterministically.
This sets TF-A version to v2.8.0 which is a tested working version for
corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds missing update service definitions for using stateless platform
services and initializes the capsule udpate provider in se-proxy-sp
for corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds missing compilation option to fix psa_raw_key_aggrement test for
corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
These 2 patches causes the secure world to enter into an infinite loop
when the PSA arch tests are triggered. This is a temporary fix and the
issue needs to be investigated before the patches can be enabled.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch is required to handle one of the corner cases of the
GetNextVariableName EFI service as specified in the UEFI spec.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
This patch adds the required configs to the corstone1000 u-boot
defconfig to enable the EFI services. This is done to fix the SCT
failure reported by the SetTime_Conf and SetTime_Func.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
The patch fixes the ACS InstallMultipleProtocolInterfaces_Conf failures
in corstone1000 platform by dropping a workaround u-boot patch. The NVMXIP
initialization had some issues during u-boot boot stage which led to the
workaround patch.
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
It's useful to have known good logs when debugging problems, so always
preserve the logs.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The previous commit fixed the build of GN with GCC 13, but broke it for
any other version.
Remove the patch and simply disable the fatal warning that causes the
breakage. Interestingly, this warning is already disabled for Windows
builds.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
EXTERNAL_TOOLCHAIN variable should provide absolute path to external Arm
toolchain install directory. So make that absolute path check explicit.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
CFG_MAP_EXT_DT_SECURE=y should be set per platform, as it requires CFG_DT=y
to also be set, which is not the case for all the platforms out there using
optee-os. Moreover CFG_MAP_EXT_DT_SECURE is already being set conditionally
in optee-os-ts.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe is a rebuild from source of the Arm GCC release, with
patches from oe-core added to make it work well in our environment.
Most people are happy with the GCC in oe-core, and this release is often
behind: at the time of writing oe-core has mainline GCC 13.1, but Arm
GCC is 12.2. Users who actually want the improvements in Arm GCC will
likely want to use the binary toolchain so that they can have support
from Arm, and they're welcome to do so via the "external-arm" binary
toolchain.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There are not any alternatives for the virtual/arm-non-eabi-gcc provider,
so just use the real recipe name.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The binary Arm compiler is based on GCC 12. Remove this GCC 13-specific
option until the next release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe uses the binary Arm compiler, which is based on GCC 12.
Remove this GCC 13-specific option until the next release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe uses the binary Arm compiler, which is based on GCC 12.
Remove this GCC 13-specific option until the next release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change from using a patched, intermediate SHA to the latest.
Unfortunately, the latest stable mbedtls doesn't boot on tc1.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update TF-A and fiptool (which is part of tf-a) to the latest stable version.
Also, use the tf-a tests lts branch (which is still at version 2.8.0).
Signed-off-by: Jon Mason <jon.mason@arm.com>
gcc-arm-none-eabi and gcc-aarch64-none-elf both fails when packaged as
RPM for sdk with
nothing provides libcrypt.so.1()(64bit) needed by nativesdk-gcc-arm-none-eabi-12.2.rel1-r0.x86_64_nativesdk
As we don't control the dependencies for prebuilt libraries we create a
workaround by skipping the FILEDEPS
Signed-off-by: Claus Stovgaard <claus.stovgaard@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-A has LTS releases, which are prefixed with lts- for some reason.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a link to the FVP EULA in LICENSE_FLAGS_DETAILS, so the user has
some context as to what they're agreeing to upfront.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
armcompiler was removed from meta-arm-toolchain (24c4cfa) so this isn't
needed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Even though corstone1000 platform does not support the entire PSCI APIs, it
relys on PSCI reset interface for system reset. The name of this config
changed in the new version of u-boot. This enables PSCI reset, so
the system can be resetted in u-boot again.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Split trusted-services.xml into qemuarm64-secureboot-ts.yml and
n1sdp-ts.yml as collection of Trusted Services which can be tested on
each platform has diverged.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Make sure we setup the new variable for the configuration
of the SE-Proxy service for our machine. This will trigger
the right configuration building trusted services and all
psa-arch test pass as before.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update Trusted Services and backport an OP-TEE update which allows
interrupting the SPs by NWd interrupts. This solves the kernel stall
problems which are due to long cryptographic operations being executed
in the SWd.
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The nanopb build step randomly fails in the yocto CI due to a race condition.
This change adds a patch file to disable parallel build for nanopb. This is a
temporary workaround and a proper fix will be up-streamed int he future.
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Patch related with the changes to support the in/out_vec modifications
in TF-M v1.7 was merged in upstream trusted-services integration branch.
So, drop this 3 out of tree patches not needed to be applied any more.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-A v2.8 does not support measured boot and FF-A which is mandatory for
PSA Initial Attestation SP to work correctly.
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add information related to SPMC tests and fix stale links.
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove already merged patches in trusted services integration
branch to avoid clash during apply patch stage and rebase the
remaining patches.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Abdellatif El Khlifi
Ross Burton
Khem Raj
Rouven Czerwinski
Tomás González
Emekcan Aras
Sumit Garg
Denys Dmytriyenko
Jon Mason
Claus Stovgaard
Adam Johnston
Rui Miguel Silva
Gyorgy Szing