Corstone-1000 uses trusted-firmware-m as secure enclave software
component. Due to the changes in TF-M 2.0, psa services requires
a seperate client_id now. This commit adds smm-gateway-sp client id to
the FMP services since FMP structure accessed by u-boot via
smm-gateway-sp.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable the patch-status warning for meta-arm and meta-arm-bsp.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The user guide document for Corstone-1000 has been updated to reflect
the changes required following the multiconfig changes as well as now
running the fvp within the kas shell to ensure all environment variables
are picked up correctly.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The 2 Corstone-1000 kas files files are updated following the
multiconfig changes. The pinned commits have been commented out and
the default branch changed to master to allow the file to build valid
images.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Fix the build with DISTRO_FEATURES containing "usrmerge":
make: *** No rule to make target '/.../optee-os/4.1.0/recipe-sysroot/lib/optee_armtz/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf', needed by '/.../optee-os/4.1.0/build/core/early_ta_bc50d971-d4c9-42c4-82cb-343fb7f37896.c'. Stop.
Fixes: 6a105f47b9 ("optee-ftpm: Install artifacts into nonarch_base_libdir")
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@siemens.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To ensure the psa and optee tests are included in the initramsfs based
rootfs included within the flash image so the tests can be run.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
To allow us to continue to ship Corstone-1000 releases that only include
the firmware with the built in Linux image we need a way to build it
outside of the multiconfig builds.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
By building the Corstone-1000 firmware under the firmware multiconfig we
can also build a minimal standard core image to be mounted in the fvp as
a mass storage device.
To do this we had to enable the MMC card interface in the Corstone-1000
kernel configuration.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
To enable building rescue or bootstrap images that can be included into
firmware a "firmware" multiconfig option is required to allow the
building with different options to any mass storage image they may also
be built.
As this multiconfig build will occur under a different TMPDIR, we also
provide a deployment image to allow easy copying of the firmware into
another deploy dir.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
The TF-M configuration step can fail if the doxygen executable is found.
This commit disables the doc generation until this is fixed in the
upstream repos.
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Bumped kernel version to v6.6 and rebased N1SDP kernel PCIe quirk patches on top of this new version.
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
Since there are no platforms using this version, the related files can
be removed.
Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com>
As we intend to build 2 Corstone-1000 disk images, one for the firmware
in flash and an external mass storage image the existing
corstone1000-image.bb file has been renamed to
corstone1000-flash-firmware-image.bb to make it clear what it's for.
The wks file for specifing the image layout has also been renamed to
make its purpose clearer.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
We can now use the standard poky distro configured to be small by
switching distrobution and using the standard minimal image
from poky.
To do this we also remove and image configuration options from the
machine config and apply them in the kas files.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
Moves a number of setting from the machine definition to the actual
recipes they apply too.
Added image configuration and dependancies to the flash image definition
file.
Reordered the settings in the machine definition to group them by
component that are related to.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
Moved the U-Boot configuration items from the machine definition to the
Corstone-1000 specific U-Boot append file as it makes it easier to the
U-Boot configuration for a machine in one place and to make it more
consistant with other platforms.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
The capsule_cert and capsule_key file generated by u-boot for
corstone1000 do not get deployed correctly since writingh the output directly
to ${DEPLOY_DIR_IMAGE} causes the sstate mechanism to malfunction
especially in the CI builds. This patch fixes the issue and deploy the
generated files correctly.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Setting an API key means we get higher rate limits. Because keys are
private, the key must be set in the environment of the runner.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This changeset fix the tftf tests issue on n1sdp. Before this change, the tftf tests were getting stuck on n1sdp.
The following changes have been done:
1. There were some tftf tests based on multicore which involve powering up the other cores. These tests were creating
issues and the same thing has already been mentioned in the tests-to-skip.txt file for n1sdp platform in tftf source.
Those tests are skipped while executing tftf and patch has been created.
2. The TFTF_MODE variable added for tftf v2.10 recipe file, as did earlier for tftf v2.9. With the help of this, we can
enable debug or relase mode. The configuration based on this has been added for n1sdp in the corresponding bbappend file.
3. Add PREFERRED_VERSION_tf-a-tests for v2.10.
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a Kas fragment to enable the CVE checker. Disable warnings by
default but show them for the layers in meta-arm, because we only care
about meta-arm issues in this CI.
Explicitly hide kernel warnings as the kernel typically has tens of open
CVEs, and if we're carrying a kernel explicitly then it's typically an
interim kernel between releases.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Extend jobs-to-kas so the first argument is still the GitLab job name,
but allow further arguments to specify extra Kas files to use in
addition.
Then add a variable EXTRA_KAS_FILES to the CI configuration that
defaults to the empty string and pass this to jobs-to-kas.
This lets specific pipeline runs add extra Kas files, for example to use
experimental branches or enable extra features without touching the CI
directly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Linux 6.1 will be removed from oe-core master shortly, so whilst we
still have BSPs that use it (specifically, n1sdp) carry a 6.1 recipe in
meta-arm-bsp.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since there are no platforms using this version, this reciepe can
be removed.
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since linux yocto kernel 6.5 is EOL and other layers like
meta-virtualization dropping support for it, it would be
sensible to downgrade the kernel to 6.1 which is a LTS.
This is a temporary change and later we would move to 6.6 when its
officially supported on N1SDP.
This revert the following commits:
* 1fe76c893c
* 21df60b921
Signed-off-by: Jon Mason <jon.mason@arm.com>
Updated to the latest version. Corstone1000 doesn't seem to boot. So,
pull back the old version to meta-arm-bsp for it to use temporarily.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Changes were needed due to the 2.0.0 version not being available for
download at pypi (though listed as the latest version there).
Signed-off-by: Jon Mason <jon.mason@arm.com>
Ali Can Ozaslan
Jon Mason
Ross Burton
Drew Reed
Emekcan Aras
Delane Brandy
Alexander Sverdlin
Bence Balogh
Anusmita Dutta Mazumder
Khem Raj
Harsimran Singh Tungal
Vincent Stehlé
Vikas Katariya