Changes ns-interrupt-action for corstone1000. This will enable
preemption in the SPs which is the default way to handle interrupts in
trusted-firmware and optee documentation.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When booting, the tee driver from kernel side
invokes a yielding call to OP-TEE, which gets
stuck because OP-TEE never sends Done response:
OPTEE_FFA_YIELDING_CALL_RETURN_DONE
This issue was previously resolved by introducing
an inappropriate patch to the kernel with 1 ms delay
in ffa_msg_send_direct_req.
Further investigation proved that OP-TEE doesn't
get enough processing time and is constantly interrupted
by the kernel requests. To remove this patch, TF-A logging
level is lowered to default (40 in debug builds and
20 in release builds), which eliminates the time consumed
previously by TF-A VERBOSE logs (giving OP-TEE more
processing time).
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone1000 capsule update implementation does not support use of
scatter_gather_list. This workaround passes 1 as scatter_gather_list value
to pass the NULL checks for scatter_gather_list while
CAPSULE_FLAGS_PERSIST_ACROSS_RESET flag is set (which is introduced lately to
align with UEFI specs). Since these flag checks are not implemented in u-boot
properly and corstone1000 does not support scatter_gather_list during capsule
update, this patch will skip the check only for on-disk capsule update.
This will be fixed with new capsule update design.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
add debug.yml to the build command so the debug-tweaks image feature
is enabled
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
corstone1000's uboot uses efitools-native from meta-efi-secure-boot, so
add the layer dependency to make this clear.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
1. Configure FVP base to allow Arm SystemReady IR ACS console access.
2. Configure FVP base Arm SystemReady IR ACS firmware build.
3. Add the machine-specific report.txt for FVP base.
4. Patch the check-sr-results.yaml and format-sr-results.yaml files
to handle the known differences between FVP base and the
expected ACS functionality.
5. Add a README with instructions of how to use the meta-arm-systemready
layer with fvp-base.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
For fvp-base, update the DEFAULT_TEST_SUITES to include
fvp_boot and fvp_devices. This is only the default behaviour;
individual recipes can override this using the TEST_SUITES
variable.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Comments were made after previous optee changes were committed.
Addressing those comments here.
Suggested-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update capsule document procedure and ACS image in user guide.
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the recipes and patches for OP-TEE 4.0.0. Migrate the 3.22.0
recipe to meta-arm-bsp for corstone1000 and n1sdp.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Updating to the latest version of hafnium. Also, dropping tc patches,
as they are either experimental or a similar feature has been added.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Updates the status of the patches on the trusted-firmware-m for
corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
U-boot mkefitool creates capsule image without packed and byte-aligned structs.
This patch aligns the capsule-update structures and avoids crashes in case of
unaligned pointer access.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Platform-specific capsule-update feature in u-boot does not check the
capsule-update flags properly (as stated in UEFI specs). This patch fixes the
capsule flags checks in u-boot for corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enables on-disk capsule update feature for corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump kernel version to v6.5 and rebased N1SDP kernel PCIe quirk patches top of this new version.
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Configure grub as the EFI provider and remove the U-boot boot
args.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Configure FVP base to use vexpress_fvp_defconfig as the U-boot machine.
Configure U-boot:
1. Drop the patch to pick the DRAM size from the devicetree since
the FVP now specifies a devicetree.
2. Enable sysreset to reset by PSCI and patch the vexpress U-boot
machine to leave the reset to PSCI in this case.
3. Enable Virtio RNG and patch the U-boot Virtio RNG driver to
workaround an issue with the FVP that results in RNG calls
hanging.
4. Enable the Arm64 CRC-32 instruction by default and remove the now
redundant config setting.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Set the Trusted Firmware devicetree to fvp-base-gicv3-psci-1t. Patch the
devicetree to include: the stdout path for console access, a virtio net
node and a virtio rng node. This is necessary in the case that the
Trusted Firmware devicetree is passed to Linux from U-boot (rather than
sideloading).
Also rename the include file to change the suffix from "fvp" to "fvp-base".
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Merge the common FVP configuration in fvp-common.inc into
fvp-base.conf since that is the only place it is inherited.
Drop setting MACHINE_FEATURES to "optee" because there is no
optee machine feature.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Have separate machine include files rather than multiple
machine-specific settings in the same file.
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To allow running of the TF-A tests we need to be able to build the TF-A
test recipe for the N1SDP machine.
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change enables N1SDP cache to improve performance
by removing this patch:
HACK-disable-instruction-cache-and-data-cache.patch
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since the original location of OP-TEE in DDR3 observes
a HW issue when cache is enabled, this change moves OP-TEE
to run from DDR4. Patches are added to TF-A to reflect that
change and the used region is also reserved in UEFI (EDK2)
to protect against allocations by UEFI applications.
OP-TEE size is modified for consistency across all patches
to be 32 MB (0x02000000) instead of (0x02008000).
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
the configuration options corresponding to external system are removed
from the kernel and the defconfig is generated with with savedefconfig
bitbake task
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove the External system patches in uboot as they are not upstreamable.
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This support is for Cassini distro using Corstone-1000 platform.
When running parsec test, it reports an error
`PSA_ERROR_DATA_INVALID (-153)`.
This is related to `ITS_MAX_ASSET_SIZE` configuration which is been
set to 512 on the secure enclave (TF-M), which defines the max asset
size and it overflows when running the parsec tests.
The key is generated, but when it is asked to store via `psa_its_set`
it returns `PSA_ERROR_INVALID_ARGUMENT (-135)`, which then propagates
to `PSA_ERROR_DATA_INVALID (-153)`
Increasing the `ITS_MAX_ASSET_SIZE` to 2048 solves this issue.
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The v6.4 kernel is needed for some platforms in meta-arm-bsp.
Temporarily add it here to give those machines enough time to
update to the latest version. Also, add the patch to the
defconfig.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Multiple machines in meta-arm-bsp have need of the 2023.07.02 version of
u-boot. Temporarily add it here to give those machines enough time to
update to the latest version.
NOTE: MTD changes in u-boot require changes to the qemuarm config.
Specifically, not disabling it.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enables authenticated capsule update and makes necessary changes to
align with new capsule generation tool (mkeficapsule in u-boot).
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds signature to device-tree overlay and enables authenticated capsule
update in u-boot for corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Now that the apply_local_src_patches class supports being used with
multiple directories, use that instead of reimplementing the logic.
Also remove redundant patchdir assignments as these patches are against
the trusted-services repository, which is ${S}. I suspect these are
exposing a subtle bug in the core patching logic which meant the local
patches were not applying correctly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The fvp-baser-aemv8r64 machine will not be actively maintained.
Signed-off-by: Divin Raj <divin.raj@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove U-Boot specific DT nodes before passing the DT to Linux
This is needed to pass SystemReady IR 2.0 dt-schema tests
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The optee recipe installs the tee image using `${nonarch_base_libdir}`
If usrmerge is enabled this is `/usr/lib`, otherwise it is `/lib`
Several platforms (corstone1000, n1sdp, tc) look for tee-pager_v2.bin in
the hard-coded `/lib/firmware`, hence if usrmerge is enabled it won't be
found.
Fix these platforms by using `${nonarch_base_libdir}` instead of `/lib`
as per the qemu platform code in the generic recipe.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump kernel version to v6.4 and rebase the patches on
top of this new version.
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rationalise the port forwarding to be the same as the runqemu defaults,
so change the SSH port forward to be 2222=22 instead of 8022=22.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update to the latest versions of edk2 and edk2-platforms. This
necessitates updating the patches in sbsa-acs to apply cleanly to the
latest version of edk2.
Signed-off-by: Jon Mason <jon.mason@arm.com>
It's expected to exist multiple /dev/teepriv[0-9]* devices, and the
tee-supplicant service depends on them, which should be activated only
when the device is detected by the kernel using a udev rule.
Improve commit f02d065dce, where it's only considering a path creation
and not a device detection by the kernel.
Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since optee-os for N1SDP has been updated to 3.22,
this patch updates optee-os-tadevkit and optee-test
to match the same version.
Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Ross Burton
Emekcan Aras
Mariam Elshakfy
Abdellatif El Khlifi
Debbie Martin
Jon Mason
Ali Can Ozaslan
Xueliang Zhong
Drew Reed
Harsimran Singh Tungal
Vikas Katariya
Divin Raj
Adam Johnston
Javier Tia