Change the setting of PV from referancing SRCPV to using SRCREV.
Also drop the use of PREFERRED_VERSION. The existing TF-M recipe will
be selected automatically (1.4.1). Corstone1000 bbappend sets the SHA and
PV to 1.5
Change-Id: Id9332fd87e271608ba425e05e796f75fd1c0268d
Signed-off-by: Drew Reed <drew.reed@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove mock up backend for secure storage in se proxy
deployment and use instead the secure storage ipc backend with
openamp as rpc to secure enclave side.
Change-Id: I5225966ec621be9fa126b5af6ede0a1f6bbf469b
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add secure storage ipc ff-m implementation which may use
openamp as rpc to communicate with other processor.
Change-Id: I6707f3b0654fb255cacef930d9314662b106273c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for inter processor communication for PSA
including, the openamp client side structures lib.
Change-Id: Icb86045b7915c4b04d2ec73b88ed40a3d65be4af
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add PSA client definitions in common include to add future
ff-m support.
Change-Id: I0860fa347fd882d6e99da136a4273a0ef5d7d684
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The device tree is embedded in the u-boot binary
and located at the end of the DDR. Its address
is specified in fdtcontroladdr environment variable.
No need to use fdt_addr_r anymore.
Change-Id: I58b17fbcab36c7236d57eb2498c41b5f4960b6eb
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting stdout-path in the chosen node.
Change-Id: Ie0a6b140492f0c5fc323690d2f6bc921cbe76cb3
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The N1SDP build uses a non-standard FIP UUID, so explain where it comes
from.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The base recipe can install the required files, so this is redundant.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Using a path relative to a kas yaml file to include another kas yaml
file won't be supported in the future. This patch also updates the
documentation for fvp-baser to set the minimal supported version of kas
to 2.6.
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I757103c5433bca7af9ab024370cd1e994d59fe0e
Signed-off-by: Jon Mason <jon.mason@arm.com>
qemuarm64 fails to build since PLAT=invalid when MACHINE=qemuarm64
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit adds mhu driver (v2.1 and v2) to the secure
partition se_proxy and a conversion layer to communicate with
the secure enclave using OpenAmp.
Change-Id: I3d7893f2f52fdcfe6aae4c471c261b6ffd76b274
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit passes the platform name to CMake through the
configure task.
Change-Id: I7aaf10e3709507c65dd81c31e0301df57bbdf4fc
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to fetch and build openamp and libmetal
as part of SE proxy secure partitions
Change-Id: I251525f830535ceb1e1fc9f994c22a8b149fe7b6
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Moving dependencies to the BSP.
Change-Id: I32abd6c0568030550dda0442a2a4f624967b561c
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Keeping the recipe platform independent.
Additional components can be added at the platform level.
Change-Id: Ib1b0dd8d50486a037257dd99fea0d0ba2c80c7fb
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add following header file to optee-spdevkit
and these are required by openAMP:
* features.h
* error.h
Change-Id: I51b801911b5a0131bf938ac1d520c4818e416637
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to increase optee core heap size to 131072 bytes
from its default value to accomodate openAMP and smm-gateway
Change-Id: I40912334f59a50bb3baf853bb5ff4b01c3b23966
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Most BSPs don't need a specific release of TF-A, so add a bbappend for
TF-A 2.6 and remove the preferred version assignments.
Notable exceptions are TC0/TC1 and Corstone1000, which both are currently
using intermediate SHAs pre-2.6:
- TC0/TC1 fails to build with TF-A 2.6 as the binary doesn't fit in the
specific space.
- Corstone1000 patches need to be rebased on top of 2.6
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Keeping 2.5 around temporarily until all of the machines are ported.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The bbappend is fetching a specific SHA, so explicitly set the PV
to match.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of every versioned recipe setting this, move it to the common
include.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There's no need to use virtual/trusted-firmware-a, as there's only one
provider of trusted-firmware-a: trusted-firmware-a.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use a generic wildcard in the arm-bsp bbappend to avoid needing to rename
in the future.
Remove the N1SDP patch as this has now been merged upstream (c5e45a7).
Remove TC? overrides which pinned it to an intermediate SHA.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Drop a patch which was backported and is now included in 2.9.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This seems to be needing arm specific kernel headers, so I infer this
still is arm specific module
Fixes below error on non-arm hosts
/git/arm_ffa_user.c:12:10: fatal error: linux/arm_ffa.h: No such file or directory
| 12 | #include <linux/arm_ffa.h>
| | ^~~~~~~~~~~~~~~~~
| compilation terminated.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If we build aarch64 based machines living outside meta-arm then these
recipes report as unsupported e.g.
ERROR: Nothing PROVIDES 'optee-os-tadevkit' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb DEPENDS on or otherwise requires it)
optee-os-tadevkit was skipped: incompatible with machine rock-pi-4b (not in COMPATIBLE_MACHINE)
ERROR: Nothing RPROVIDES 'optee-ftpm' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'optee-ftpm'
NOTE: Runtime target 'optee-ftpm' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['optee-ftpm']
ERROR: Nothing RPROVIDES 'optee-ftpm-dev' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'optee-ftpm-dev'
NOTE: Runtime target 'optee-ftpm-dev' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['optee-ftpm-dev']
Therefore its better to limit this recipe to machines supporting
optee-os
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
edk2-firmware release builds with clang fail:
MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c:142:15:
error: variable 'Status' set but not used [-Werror,-Wunused-but-set-variable]
This is upstream as https://bugzilla.tianocore.org/show_bug.cgi?id=3758,
but until that is resolved we can just force debug builds with clang.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We set GCC5_AARCH64_PREFIX so the tools are prefixed correctly in GCC
builds, but didn't set CLANG38_AARCH64_PREFIX. This meant the clang build
used the host objcopy, which may not know about the target architecture.
Also these can just be the prefix and not a full path, as the binaries
are on $PATH.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the size of bl2_signed.bin and tfm_s_signed.bin
Change-Id: I8312dd6d50faff53e1ca489cbf73c5f25671b21c
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Secure enclave, based on the firmware update state of the
system, decides the boot bank. In this commit, u-boot
identifies the selected boot bank and loads the kernel
from it.
Change-Id: Ifcef126dc79c7808b30ef0319d83482d2d29fd13
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Secure enclave decide the boot bank based on the firmware update
state of the system and updated the boot bank information at a given
location in the flash. In this commit, bl2 reads the givev flash location
to indentify the bank from which it should load fip from.
Change-Id: I2f7518c82c1664355da2aa1596f4f65f7a49a53d
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Change-Id: I2d23d06099ffbf15458afaeb21c5dd4bcc4ffecb
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Change-Id: If6c048a6117023aae2e748c23ed52447857b0d04
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The patchset perform the following changes:
a. Disable secure debug by default.
b. OTA Firmware Update Agent implementation.
c. Implementation of boot index propagation mechanism.
d. Openamp version/commit hash correction.
e. Implementation of host watchdog interrupt handler.
Change-Id: Ie5e1028bb29ce337d51ad8ef47d2bd8175187402
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit implements distro_bootcmd in config_bootcommand in u-boot.
This command traverses all the USB devices connected to the board and
finds a usb device that has bootable image to boot from it. If it cannot
find a usb device with the bootable image, it will boot the system using
the existing flash.
Change-Id: Ia05ca02d6f490a1b51fcf377afcc86ea0ed4e19c
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit implements efi_reset_system for corstone1000 platform. In
order to reset the system, the host uses secure host watchdog to assert
an interrupt (WS1) on the secure-enclave side, then secure-enclave
resets the system.
Change-Id: I772181cd43e789f1d6508aaa433eb109d8f85b5d
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit enables PSCI Reset for corstone1000 platform. It configures
u-boot to use PSCI interfaces in efi_reset_system function.
Change-Id: I88ea55fde2b2c6e455a4b38e885e62a410b0b0e7
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch does three things:
- Add the CONFIG_EFI_PARTITION option to the corstone1000_defconfig
to allow u-boot to detect EFI filesystems.
- Add isp1760_get_max_xfer_size(), this fixes an issue where
GPT partition info could not be loaded.
- Fix the issue while detecting EFI filesystem, and loading GPT
partition info.
Change-Id: Ic04c8710f4ea7e156aca196d7e54f090b9376c49
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch updates shared buffer address, disables get/set of NV
variables, and invalidates the cache after write to shared buffer as the
SPs have cache disabled.
Change-Id: Iead01edf3011e192df205236df098415e5bde9a5
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Default to release builds and let machines enable debug builds if they
want that.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Abdellatif El Khlifi
Ross Burton
Drew Reed
Vishnu Banavath
Satish Kumar
Khem Raj
Hugo L'Hostis
Emekcan Aras
Harry Moulton
Gowtham Suresh Kumar