1
0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-07-18 04:27:08 +00:00

Compare commits

..

55 Commits

Author SHA1 Message Date
Prabin CA c4f04f3fb6 arm/trusted-firmware-a: add branch name for mbedtls
It appears that the mbedtls team have moved the SHA which
meta-arm was using from master branch. It is still present
in mbedtls-2.16 branch so this is now used.

Change-Id: If24915b1a1dc889d55b359863943439c76f6ca85
Signed-off-by: Prabin CA <prabin.ca@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-09-09 09:14:55 +01:00
Ross Burton 35d3511266 arm/trusted-firmware-a: add branch name for mbedtls
The mbedtls repository has had some branch/tag pruning so the tags we
were using are no longer on 'master'.  Set the right branch name so the
fetch is successful.

Change-Id: I07dc7045cd7784b7e93e14c3a24721a22b79da8a
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-09-09 09:14:55 +01:00
Diego Sueiro 104364df48 gem5: Backport pointer authentication fixes
Change-Id: I5152895f992e9bc85b24a9190e4affb3c74e44cd
Issue-ID: SCM-899
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-09-04 11:25:52 -04:00
Diego Sueiro 9b6a88dada arm-autonomy/gem5-aarch64-native: Set CPU and disable pointer authentication
When booting gem5-arm64 with Xen and Linux we need to set the cpu as Cortex A53
and remove support for pointer authentification.

Change-Id: Ib8ea61784f668bf88c1492e5e56737a0aa40d762
Issue-Id: SCM-899
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-09-04 11:25:52 -04:00
Diego Sueiro efcd8b225a arm-autonomy: Introduce arm-autonomy-host DISTRO_FEATURES_NATIVE
Some native recipes might want to apply specific settings when the
arm-autonomy-host or xen DISTRO_FEATURES is enable for the target build.
In this case the arm-autonomy-host needs to be also added to
DISTRO_FEATURES_NATIVE.

Change-Id: I11a8c4bbb99333d62520afc2c12a183cf08d6e1a
Issue-Id: SCM-899
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-09-04 11:25:52 -04:00
Ross Burton a0d4477bc2 arm/trusted-firmware-a: don't build all targets in parallel
There are build races in the Makefiles when you build all targets at
once (missing dependencies):

| tools/fiptool/fiptool create [...]
| ERROR: fopen WORKDIR/build/juno/debug/fdts/juno_fw_config.dtb: No such file or directory

These are non-trivial to fix so whilst upstream works on this we can
just build each target serially.

Change-Id: Iba0d0ae7de6faf199efea073135fd3b7232b81a1
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-31 11:28:16 -04:00
Ross Burton 6a0b2b0ebf arm/trusted-firmware-a: actually add mbedtls to SRC_URI
trusted-firmware-a.inc was conditionally adding the Mbed TLS tarball to
SRC_URI, but all of the versioned recipes subsequently assigned over the
top of it so the Mbed TLS tarball was never actually in SRC_URI.  This
resulted in machine overrides needing to add the tarball themselves.

Solve by using _append so that the SRC_URI is actually changed.

Change-Id: I05cf1dec2c6422a40a42c615fb2b9b6e8d6f1cb0
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-31 11:28:16 -04:00
Jon Mason 84dc212d9d arm: trusted-firmware-a variable name misuse
"processes" should be "processed" in trusted-firmware-a.inc, as it
signifies if the relevant part has been installed/processed.

Change-Id: I2d1ffbb0c6d14d280b6f9c9cc45c04c7c32409a7
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-31 11:28:16 -04:00
Khasim Mohammed e4c3de8a0a arm/trusted-firmware-a: add support to install dtb built as part of TFA
Device tree blobs (DTBs) generated as part of TFA were installed separately
in the platform specific TFA recipes, its redundant as each platform was
executing similar installation steps.

The patch avoids skipping dtb installation and adds support to check for
DTB entries in TFA_INSTALL_TARGET and install the same to respective deploy folder.

Change-Id: I0f8f5c39dc4b4931d202696990fa915ea7ed60eb
Issue-Id: PLATFORMS-3971
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-31 11:28:16 -04:00
Khasim Mohammed 3d97786ae4 arm/trusted-firmware-a: fix variable name typo
Variable name "processes" is wrongly mentioned as "processed", this patch
fixes the same.

Change-Id: Id9362f514861c75f8f6a727582e11b0e65736349
Issue-Id: PLATFORMS-3971
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-31 11:28:15 -04:00
Ross Burton 00e3238f87 arm/trusted-firmware-a: fix TC0 build when host doesn't have openssl-dev
The TC0 bbappend needs the cert_create tool to be built, which hard-codes the
fact that openssl is installed in /usr.

Change-Id: I8a7ed54fe7d75697509f7873e7d73b3bf1b2b903
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-31 11:28:15 -04:00
Ross Burton 69ac575db4 arm/trusted-firmware-a: do verbose builds
Verbose builds are useful when looking for compile problems, and as the logs
go directly to files we can simply turn them on by default.

Change-Id: I91c6314e331a5024543138ea77a111b1d59cf371
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-31 11:28:15 -04:00
Jon Mason 00fa6ce4e8 arm-bsp: yocto-check-layer fixes
Changes necessary to get yocto-check-layer to pass

Change-Id: Ie9ea5047ab1344d14a585552277fdbd6b2bc48ab
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-18 13:36:08 -04:00
Ross Burton 7904e364c3 arm-bsp/linux: remove redundant CONFIG_DRM_ARM
This config option was made redundant in 5.1, so remove it.

https://github.com/torvalds/linux/commit/37fc9bb022c654e261c5a7d2ce600c6ce26c022d

Change-Id: I12dd59e5405936aac2733354f4ff1e214571130d
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-10 12:15:55 +01:00
Ross Burton 8bb6d1b595 arm-bsp/linux: fix gem5-arm64 build
Similar to dcbabb, if meta-kernel is present when parsing then the
gem5-arm64 support tries appending some shell to a Python function,
which predictably then fails to parse.

Solve the same way, by turning a directory of files which are moved with
an append into a simple patch.

Change-Id: I1106c324c84f87f2d4e1f56fb2d5f2671f384f99
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-10 11:57:59 +01:00
Ross Burton 5b2d456093 arm-bsp/trusted-firmware-a: move machine customisations to the versioned appends
By having MACHINE_TFA_REQUIRE set and required in both the wildcard
bbappend and the versioned append, the same file can get included twice
which results in a warning from bitbake:

WARNING: trusted-firmware-a_2.3.bb: Duplicate inclusion for
trusted-firmware-a-juno.inc in trusted-firmware-a_2.3.bbappend

Move the customisations from the wildcard bbappend to the specific
version of trusted-firmware-a that is used for that platform to be clear
about what platforms are supported and remove this warning.

Change-Id: Ib220aedbf94fa11d21ddc6c5f9ac2c5de5c66b7a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-08 06:39:17 -04:00
Ross Burton 8b7ec0affa arm-bsp/trusted-firmware-a: move A5 DesignStart to 2.3
0001-plat-arm-a5ds-move-dtb-to-a-new-address.patch was never applied,
and has been merged upstream so drop it.

The recipe was using the _git.bb recipe and setting the SRCREV to a
commit 300+ commits past 2.2 but not quite 2.3.  Instead, just use 2.3.

Change-Id: I76aee592e7ce3ec23268872d7f202efa945e5e59
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-08 06:39:17 -04:00
Ross Burton 96248a0eac arm-bsp/trusted-firmware-a: consolidate FILESEXTRAPATHS
There's no need to set FILESEXTRAPATHS to "${THISDIR}/files/n1sdp:" when
n1sdp is the name of the current MACHINE as bitbake will search for
override-named directories automatically.

Instead just add ${THISDIR}/files and let bitbake do it's thing.

Change-Id: I0f58933ff9e56ee41a8fdd55f467d263c4e1b1e7
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-08 06:38:07 -04:00
Ross Burton dcbabb25dd arm-bsp/linux: simplify fvp-base DTS additions
Recent changes to meta-kernel meant that we cannot be sure that do_patch
is shell or Python, so doing do_patch_append() is unwise.

Frustratingly we can't just use subdir= in the SRC_URI to drop the files
into the right place as the kernel build is unexpectedly complex.

Instead, just add the files in a patch.  In the future these will be
provided by TF-A so mark as Inappropriate and Sign-off by the developer
who added them initially.

Change-Id: I5bc3483d92c8d3abe3e7fbdde26579b602124d39
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-08-07 18:40:40 -04:00
Usama Arif 9fed81cd52 arm-bsp/trusted-firmware: tc0: remove SHA for mbedtls
Use the default one from trusted-firmware-a_2.3

Change-Id: I496db01818b172b109e8dab04e39a66bafd35a2d
Signed-off-by: Usama Arif <usama.arif@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-06 14:19:10 +01:00
Usama Arif 3055c179c4 arm/trusted-firmware-a: add branch name for mbedtls
It appears that the mbedtls team have moved the SHA which
meta-arm was using from master branch. It is still present
in mbedtls-2.18 branch so this is now used.

Change-Id: Ie932f446067767e85a25583b1bdc02b4739e323f
Signed-off-by: Usama Arif <usama.arif@arm.com>
Signed-off-by: Prabin CA <prabin.ca@rm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-08-05 18:02:01 +01:00
Denys Dmytriyenko 3e8602af6f optee-os: replace old pycrypto with pycryptodome - a drop-in replacement
While pycryptodome is a drop-in replacement for the old pycrypto module,
pycryptodomex uses a separate namespace to not confict with pycrypto.
Unfortunately, optee-os uses both namespaces, hence both variants of
pycryptodome and pycryptodomex are needed.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-31 10:47:06 -04:00
Denys Dmytriyenko 9ec7bd7866 layer.conf: remove dependency on meta-python
Corresponding Python modules pycryptodome(x) and pyelftools, needed by optee,
were moved from meta-python to oe-core.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-23 09:33:35 -04:00
Jon Mason c576382359 arm-bsp: Migrate a5ds to meta-kernel for stable kernels
a5ds is having issues building its stable kernel on master.  Migrate to
meta-kernel to fix the build break.  This has the benefit of meta-arm
not having a unique stable kernel recipe to maintain and support.

Also, change the name of linux-yocto-arm-platforms to be more
generic, as it doesn't accurately reflect where it is currently being
used and can be used by different kernels going forward.

Change-Id: I4e76c7f1ee4b84641279a389820940fac7130df1
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-17 11:44:39 -04:00
Kamil Dziezyk 8f82b6fce1 arm-bsp/image_types_disk_img: do not force 'ext4' FS by default
In some cases user doesn't want to create any file system on a specific partition.

Change-Id: I4596d97b95034952436cfd0a267a3f6ae4c0401d
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-17 10:29:07 -04:00
Gabor Abonyi b35308f607 arm: trusted-firmware-m: Add recipe
Adds a recipe to pull down the trusted-firmware-m repository and the
ones it depends on. The recipe can either use gcc-arm-none-eabi-native
or armcompiler-native Clang toolchain to compile the firmware.

Change-Id: I37a4ba38982b5b1d387eccbb26bb5c79bddab0f7
Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-15 11:21:56 -04:00
Anders Dellien ada90a6cd3 arm-bsp: Move to newer kernel for fvp-base and foundation-armv8
Change fvp-base and foundation-armv8 kernel from linux-linaro-arm-4.19
to linux-yocto_5.4.
Also add the necessary DTS files.

Change-Id: I6aa2e7706a2f20904d2f7a2bbfb928f0e53eb1eb
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-15 10:25:54 -04:00
Usama Arif 2b8cd1b1c9 arm-bsp/u-boot: Updated platform port for TC0
This makes the platform port independent of vexpress board
so it applies cleanly on both u-boot 2019.07 (zeus) and
2020.01 (dunfell). The SRCREV that existed in u-boot-tc0.inc
for v2020.07-rc3 has been removed and the default SRCREV is
now used.

Change-Id: Ieb65cb666a1812eeeb2e3e306aec06b5e538cf06
Signed-off-by: Usama Arif <usama.arif@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2020-07-09 08:55:54 -04:00
Khasim Mohammed 51d310c4ef arm-bsp/grub: Add grub-efi support for N1SDP
grub-mkimage is used make a bootable image of GRUB,
grub-efi dependency in added to conf file.

Change-Id: Iaf08ed8b5e221003f10fceef9edffbe22b752534
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-09 08:55:54 -04:00
Khasim Mohammed e9645fe03e arm-bsp/wic: add default wks file to create EFI disk image
Creates a partitioned EFI disk image that the user
can directly dd to boot media. The selected bootloader is grub-efi.

Change-Id: I1a5e8bc953274cdcc1840b27351d8e6444b2c5ab
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-09 08:55:54 -04:00
Teo Couprie Diaz 8bd3600046 arm-bsp : Introduce TC0 platform and BSP
This patch introduces the Total Compute platform.
It adds support for the TC0 platform to the Android Common Kernel and
allows building all binaries needed to run Android on TC0.
It adds patches specific to TC0 for TF-A, SCP and U-Boot.

Change-Id: Ia83b79571c7381967c7449db031e3177b1990546
Signed-off-by: Teo Couprie Diaz <teo.coupriediaz@arm.com>
Signed-off-by: Usama Arif <usama.arif@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-01 09:42:07 -04:00
Teo Couprie Diaz ac0e929880 arm: Introduce 4.19 Android Common Kernel
This recipe targets machines based on arm64.
Change-Id: I9f9556c3ce3636a31fb3a6faf38494335be6b997
Signed-off-by: Teo Couprie Diaz <teo.coupriediaz@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-07-01 09:42:07 -04:00
Denys Dmytriyenko 9af4348fa0 gcc-x86host.inc: properly link triplet-prefixed binaries
Use the correct path for the binaries in ${datadir}, otherwise it results in a
single incorrect symlink like gcc-arm-none-eabi-*

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-25 12:23:45 -04:00
Denys Dmytriyenko d5bc2633f2 gcc-aarch64-none-elf: properly set ${S} that is different from default
Also use ${BINNAME} and ${PV} variables for automatic substitution.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-25 12:23:45 -04:00
Jon Mason dfafcf9ec2 arm-toolchain: merge binary toolchain recipes
Merge the majority of the binary toolchain recipes for building on an
x86 host into a common include file.

Also, found and fixed an error with both install commands where the name
was double nested on the copy.  For example,
/usr/share/arm-none-eabi/arm-none-eabi/ due to the way it was being
copied.

Signed-off-by: Jon Mason <jdmason@kudzu.us>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
2020-06-25 12:23:45 -04:00
Denys Dmytriyenko 24181d4708 arm-toolchain: gcc-aarch64-none-elf: Add recipe
Adds a recipe to pull down the prebuilt GCC for compiling bare-metal targets
for Aarch64 processors from ARM.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-25 12:23:45 -04:00
Jon Mason e6ff4eb1d6 arm-toolchain: gcc-arm-none-eabi-native: Add recipe
Adds a recipe to pull down the prebuilt GCC for compiling on Cortex-R
and Cortex-M processors from ARM. This toolchain is required to build
Arm Trusted Firmware for the Rockchip rk3399 SoC, since it must compile
some firmware for the M0 coprocessor.

This was originally taken from meta-rockchip, but has been modified from
mailing list feedback.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-25 12:23:45 -04:00
Khasim Mohammed d13eb333bf arm-bsp/scp-firmware: Build SCP MCP firmware for N1SDP
- Add bbappend recipe to build SCP and MCP firmware
  for N1SDP.
- Use fiptool to package the binary images
- Update machine conf to add image dependency
  for SCP-firmware components

Issue-Id: PLATFORMS-3134

Change-Id: I24bb427179f2fdee0a8351257c9088d8024ca6b8
Signed-off-by: Patrik Berglund <patrik.berglund@arm.com>
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed 9386db13df arm/scp-firmware : allow setting scp log level to INFO or WARN
SCP code has been updated with new logging framework. The patch
is to allow setting of log level parameter to INFO or WARN.

Change-Id: I20ec19a9aa1bdb7f59c067d2344c299c057a088b
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed 59ad28effc arm/fiptool : provides fiptool for packaging
Firmware Image Package (FIP), is a packaging format used
by TF-A to package the firmware images in a single binary,
this tool is used to package the binaries in FIP format.

Change-Id: Ie4108915c5d63be340d6f53148a6dff03d6d48e7
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed 3e11c65ede arm-bsp/edk2-firmware: fix destsuffix and PV for recursion error
Use relative paths in destsuffix as the paths are relative
to ${WORKDIR} and turn the existing PV ?= into PV =

Change-Id: Ib9367a15dde611e5b74c11eeff330d0b5a3de75d
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed ce613023d2 arm/edk2-firmware: fix passing of linker flags
The build initially worked because host machine had
util-linux-dev installed, the build failed otherwise.
This patch will fix the passing of linker flags.

Change-Id: If2f31e8e31109b9c8fd62b32d2f80902a1dd3cfd
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed d7487f96d9 arm-bsp: Build UEFI EDK2 firmware for N1SDP
- Add bbappend recipe to configure N1SDP specifics
- Enable UEFI EDK2 firmware build for N1SDP.
- Update machine conf to add dependency
  for EDK2 firmware components

Change-Id: I89d41c176f31bce6f1df7f3b3a7cd624b46c05e1
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Khasim Mohammed 7df67747d5 meta-arm: Add UEFI EDK2 support for Arm platforms
EDK2 Project is a modern, feature-rich, cross-platform
firmware development environment for the UEFI specifications
from www.uefi.org.

This patch adds a new recipe to fetch, configure and build
UEFI EDK2 firmware for Arm platforms.

Change-Id: Icfb157e5b68d87accfd4290f522fc529fe4e849e
Issue-Id: PLATFORMS-3134
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-24 14:57:09 -04:00
Diego Sueiro 0465b4c1e3 arm-autonomy, xenguest-manager: Guest creation failure cleanup
When the guest creation process fails, we need to perform a proper
cleanup on the system, like removing configuration files and detaching
the disk previously attached to Xen.

This patch also adds an extra failure condition when the partition
assigned to guests is already formatted with a filesystem and it is not
a lvm partition.

Change-Id: I36087bf95fb8ff093160a6df406920fa5f293e09
Issue-Id: SCM-996
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-22 09:39:56 -04:00
Diego Sueiro 4ef8eae21c arm-autonomy, xenguest: Fail if Dom0 is not properly initialized
During the xenguest initialization and when invoking the
xenguest-manager tool, abort the execution if Dom0 was not properly
initialized on top of Xen and with the proper kernel configurations.

Change-Id: I307c03e58a266a943968df1bc5ba39951912d2cb
Issue-Id: SCM-996
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-22 09:39:56 -04:00
luca fancellu 042b6c7aea arm-bsp: Move to linux-linaro-arm for fvp-base and foundation-armv8
Change fvp-base and foundation-armv8 kernel from linux-yocto_5.4
to linux-linaro-arm_4.19 because some drivers are not available.
Furthermore, for fvp-base the linaro kernel comes with the dts
file removing the needs to support it on our side.

Change-Id: I844d92f173406542c2bad8d89793513f8bc28fd1
Signed-off-by: luca fancellu <luca.fancellu@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-18 18:30:12 -04:00
Diego Sueiro 43daf992a5 trusted-firmware-a: fiptool build using BUILD_CFLAGS and BUILD_LDFLAGS
Since the TF-A fiptool is native tool we should be using the
BUILD_CFLAGS and BUILD_LDFLAGS flags to proper build and execute it.

Change-Id: I9634604dbc42ba7da85d9b9449f1ed94ecb38df2
Issue-Id: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-15 08:54:39 -04:00
Diego Sueiro d79ae6f8dd arm-bsp, gem5-arm64: Update to v20 version
This patch updates gem5-aarch64-bootloader and gem5-aarch64-native to
the release tag v20.0.0.1.

Also apply populate the right compiler and linker flags to get
gem5-aarch64-native properly building

Change-Id: Icc2203163105373cf030975c1b12f1d4f2fcb03c
Issue-Id: SCM-1014
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-11 11:22:02 -04:00
Diego Sueiro 3eb27429fe arm-autonomy, xenguest-network-bridge: Set bridge members per machine
By default, XENGUEST_NETWORK_BRIDGE_MEMBERS should be empty and only be
set per machine.

Change-Id: I67c56847eb785279c28757a6052f092c838babe0
Issue-Id: SCM-995
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-11 11:22:02 -04:00
Khasim Mohammed 530bd40794 meta-arm: Add SCP MCP build support
SCP-firmware provides a software reference implementation for
the System Control Processor (SCP) and Manageability Control
Processor (MCP) components found in several Arm Compute
Sub-Systems.

This patch set adds support to fetch and build SCP and MCP
firmware binaries

Issue-Id: PLATFORMS-3134

Change-Id: Ic7259bb430c9e7e9711c9c8bc3283aafaacdf707
Signed-off-by: Patrik Berglund <patrik.berglund@arm.com>
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-09 09:16:29 -04:00
Khasim Mohammed 426de565c3 arm-bsp: Add trusted firmware support for N1SDP
- Add new bbappend to fetch tfa ver 2.2 required for N1SDP
- Apply additional patch required for N1SDP
- Update machine conf to add image dependency for
  trusted firmware component

Issue-Id: PLATFORMS-3134
Change-Id: Ibf593c1818c9ea08acf71c6b5b80abc4aca79723
Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-09 09:16:29 -04:00
Diego Sueiro 0bd9c74026 arm-bsp, linux-linaro-arm: Don't perform SHA verification
Since the Linaro kernel-release repo doesn't have a master branch and
the branches are force pushed, we need to have the nobranch=1 setting
in the SRC_URI and have the SRCREV pointing to TAG commit SHA the will
not get modified.

Change-Id: Id1ad6b57a6f11ec4dadd3647043e6f2f48f498d4
Issue-ID: SCM-888
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-06-05 10:58:42 -04:00
Ralph Siemsen f8ea9ac3a0 arm-toolchain: set CVE_VERSION to fix cve-check warnings
Yocto cve-check currently produces numerous warnings like:
    WARNING: gcc-cross-arm-arm-8.3-r2019.03 do_cve_check: gcc:
    Failed to compare arm-8.3 < 10.0 for CVE-2019-15847
In turn this means that some potential CVEs are not reported.

This occurs because PV has been prefixed with "arm-", to allow for
multiple gcc implementations.

Fix this by setting CVE_VERSION to the non-prefixed version.

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-05-30 17:09:22 -04:00
Denys Dmytriyenko fa9abd9a6e trusted-firmware-a: re-enable generation of packages
There is no need to inherit nopackages. Even when the output binaries are being
consumed from deploy or sysroot, and the main binary package is not meant to be
installed in the rootfs, package generation is still useful for SDK use cases
and as a way to distribute sources (e.g. src.rpm/SRPM) in Distros.

Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2020-05-19 13:40:10 -04:00
838 changed files with 21096 additions and 33767 deletions
-2
View File
@@ -1,2 +0,0 @@
__pycache__
build
-355
View File
@@ -1,355 +0,0 @@
image: ${MIRROR_GHCR}/siemens/kas/kas:4.3.2
variables:
# These are needed as the k8s executor doesn't respect the container
# entrypoint by default
FF_KUBERNETES_HONOR_ENTRYPOINT: 1
FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0
# The default value for KUBERNETES_CPU_REQUEST
CPU_REQUEST: ""
# The default machine tag for the build jobs
DEFAULT_TAG: ""
# The machine tag for the ACS test jobs
ACS_TAG: ""
# The directory to use as the persistent cache (the root for DL_DIR, SSTATE_DIR, etc)
CACHE_DIR: $CI_BUILDS_DIR/persist
# The container mirror to use
MIRROR_GHCR: ghcr.io
# Whether to run the SystemReady ACS tests
ACS_TEST: 0
# The list of extra Kas fragments to be used when building
EXTRA_KAS_FILES: ""
# The NVD API key to use when fetching CVEs
NVDCVE_API_KEY: ""
stages:
- prep
- build
# Common job fragment to get a worker ready
.setup:
tags:
- $DEFAULT_TAG
stage: build
interruptible: true
variables:
KAS_WORK_DIR: $CI_PROJECT_DIR/work
KAS_REPO_REF_DIR: $CACHE_DIR/repos
SSTATE_DIR: $CACHE_DIR/sstate
DL_DIR: $CACHE_DIR/downloads
BB_LOGCONFIG: $CI_PROJECT_DIR/ci/logging.yml
TOOLCHAIN_DIR: $CACHE_DIR/toolchains
IMAGE_DIR: $CI_PROJECT_DIR/work/build/tmp/deploy/images
TOOLCHAIN_LINK_DIR: $CI_PROJECT_DIR/work/build/toolchains
before_script:
- echo KAS_WORK_DIR = $KAS_WORK_DIR
- echo SSTATE_DIR = $SSTATE_DIR
- echo DL_DIR = $DL_DIR
- rm -rf $KAS_WORK_DIR
- mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
# Must do this here, as it's the only way to make sure the toolchain is installed on the same builder
- ./ci/get-binary-toolchains $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
# Generalised fragment to do a Kas build
.build:
extends: .setup
variables:
KUBERNETES_CPU_REQUEST: $CPU_REQUEST
rules:
# Don't run MR pipelines
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
when: never
# Don't run pipelines for tags
- if: $CI_COMMIT_TAG
when: never
# Don't run if BUILD_ENABLE_REGEX is set, but the job doesn't match the regex
- if: '$BUILD_ENABLE_REGEX != null && $CI_JOB_NAME !~ $BUILD_ENABLE_REGEX'
when: never
# Allow the dev kernels to fail and not fail the overall build
- if: '$KERNEL == "linux-yocto-dev"'
allow_failure: true
# Catch all for everything else
- if: '$KERNEL != "linux-yocto-dev"'
script:
- KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
- echo KASFILES=$KASFILES
- kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
- kas build $KASFILES
- ./ci/check-warnings $KAS_WORK_DIR/build/warnings.log
artifacts:
name: "logs"
when: always
paths:
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/temp/log.do_*.*
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/testimage/*
#
# Prep stage, update repositories once.
# Set the CI variable CI_CLEAN_REPOS=1 to refetch the respositories from scratch
#
update-repos:
extends: .setup
stage: prep
allow_failure:
exit_codes: 128
script:
- |
flock --verbose --timeout 60 $KAS_REPO_REF_DIR ./ci/update-repos
# Only generate if doesn't already exist, to allow feature branches to drop one in.
if test -f lockfile.yml; then
echo Using existing lockfile.yml
else
# Be sure that this is the complete list of layers being fetched
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml:ci/meta-virtualization.yml | tee lockfile.yml
fi
artifacts:
name: "lockfile"
paths:
- lockfile.yml
#
# Build stage, the actual build jobs
#
# Available options for building are
# DISTRO: [poky, poky-tiny]
# KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
# TOOLCHAINS: [gcc, clang, external-gccarm]
# TCLIBC: [glibc, musl]
# FIRMWARE: [u-boot, edk2]
# TS: [none, trusted-services]
# VIRT: [none, xen]
# TESTING: testimage
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: fvp-base
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
# Validate layers are Yocto Project Compatible
check-layers:
extends: .setup
script:
- kas shell --update --force-checkout ci/base.yml:ci/meta-openembedded.yml:lockfile.yml --command \
"yocto-check-layer-wrapper $CI_PROJECT_DIR/$LAYER --dependency $CI_PROJECT_DIR/meta-* $KAS_WORK_DIR/meta-openembedded/meta-oe --no-auto-dependency"
parallel:
matrix:
- LAYER: [meta-arm, meta-arm-bsp, meta-arm-toolchain]
corstone1000-fvp:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
corstone1000-mps3:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [none, tftf]
- FIRMWARE: none
documentation:
extends: .setup
script:
- |
# This can be removed when the kas container has python3-venv installed
sudo apt-get update && sudo apt-get install --yes python3-venv
python3 -m venv venv
. ./venv/bin/activate
pip3 install -r meta-arm-bsp/documentation/requirements.txt
for CONF in meta-*/documentation/*/conf.py ; do
echo Building $CONF...
SOURCE_DIR=$(dirname $CONF)
MACHINE=$(basename $SOURCE_DIR)
sphinx-build -vW $SOURCE_DIR build-docs/$MACHINE
done
test -d build-docs/
artifacts:
paths:
- build-docs/
fvp-base:
extends: .build
parallel:
matrix:
- TS: [none, fvp-base-ts]
TESTING: testimage
- FIRMWARE: edk2
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: [fvp-base, corstone1000-fvp]
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
fvps:
extends: .build
genericarm64:
extends: .build
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
juno:
extends: .build
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
# What percentage of machines in the layer do we build
machine-coverage:
extends: .setup
script:
- ./ci/check-machine-coverage
coverage: '/Coverage: \d+/'
metrics:
extends: .setup
artifacts:
reports:
metrics: metrics.txt
script:
- kas shell --update --force-checkout ci/base.yml --command \
"$CI_PROJECT_DIR/ci/patchreview $CI_PROJECT_DIR/meta-* --verbose --metrics $CI_PROJECT_DIR/metrics.txt"
musca-b1:
extends: .build
musca-s1:
extends: .build
n1sdp:
extends: .build
parallel:
matrix:
- TESTING: [none, n1sdp-ts, n1sdp-optee, tftf]
pending-updates:
extends: .setup
artifacts:
paths:
- update-report
script:
- rm -fr update-report
# This configuration has all of the layers we need enabled
- kas shell --update --force-checkout ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/meta-secure-core.yml:lockfile.yml --command \
"$CI_PROJECT_DIR/scripts/machine-summary.py -t report -o $CI_PROJECT_DIR/update-report $($CI_PROJECT_DIR/ci/listmachines.py meta-arm meta-arm-bsp)"
# Do this on x86 whilst the compilers are x86-only
tags:
- x86_64
qemuarm64-secureboot:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TCLIBC: [glibc, musl]
TS: [none, qemuarm64-secureboot-ts]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm64:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm-secureboot:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TCLIBC: [glibc, musl]
TESTING: testimage
- TOOLCHAINS: external-gccarm
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarmv5:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
sbsa-ref:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
selftest:
extends: .setup
script:
- KASFILES=./ci/qemuarm64.yml:./ci/selftest.yml:lockfile.yml
- kas shell --update --force-checkout $KASFILES -c 'oe-selftest --num-processes 2 --select-tag meta-arm --run-all-tests'
sgi575:
extends: .build
toolchains:
extends: .build
@@ -1,79 +0,0 @@
From 42358d889ed652a8c386862f8c65e5fbe7484de2 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Fri, 26 Apr 2024 10:38:28 +0000
Subject: [PATCH] procps: fix build with new glibc but old kernel headers
If you're building procps with a newer glibc (with pidfd_open()) but
older kernel headers (say 4.x, before __NR_pidfd_open) then procps will
fail to build because of a typo in configure.ac.
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
.../procps/procps/pidfd.patch | 42 +++++++++++++++++++
meta/recipes-extended/procps/procps_4.0.4.bb | 1 +
2 files changed, 43 insertions(+)
create mode 100644 meta/recipes-extended/procps/procps/pidfd.patch
diff --git a/meta/recipes-extended/procps/procps/pidfd.patch b/meta/recipes-extended/procps/procps/pidfd.patch
new file mode 100644
index 00000000000..f5e8183e547
--- /dev/null
+++ b/meta/recipes-extended/procps/procps/pidfd.patch
@@ -0,0 +1,42 @@
+From c8f625e085b8249cc009e8b19c3a19100217eb35 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Thu, 25 Apr 2024 13:33:15 +0000
+Subject: [PATCH] Fix pidfd_open detection
+
+This check for pidfd_open uses AC_CHECK_FUNC which just runs the specified code, but
+src/pgrep.c checks HAVE_PIDFD_OPEN which will only be defined by AC_CHECK_FUNCS.
+
+Also pidfd_open is defined in sys/pidfd.h so that needs including.
+
+Upstream-Status: Pending
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+
+diff --git a/configure.ac b/configure.ac
+index fec27e3f..024731c7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -170,7 +170,7 @@ AC_TRY_COMPILE([#include <errno.h>],
+ AC_MSG_RESULT(yes),
+ AC_MSG_RESULT(no))
+
+-AC_CHECK_FUNC([pidfd_open], [enable_pidwait=yes], [
++AC_CHECK_FUNCS([pidfd_open], [enable_pidwait=yes], [
+ AC_MSG_CHECKING([for __NR_pidfd_open])
+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([
+ #include <sys/syscall.h>
+diff --git a/src/pgrep.c b/src/pgrep.c
+index d8e57dff..c5211aec 100644
+--- a/src/pgrep.c
++++ b/src/pgrep.c
+@@ -44,7 +44,9 @@
+
+ #ifdef ENABLE_PIDWAIT
+ #include <sys/epoll.h>
+-#ifndef HAVE_PIDFD_OPEN
++#ifdef HAVE_PIDFD_OPEN
++#include <sys/pidfd.h>
++#else
+ #include <sys/syscall.h>
+ #endif /* !HAVE_PIDFD_OPEN */
+ #endif
diff --git a/meta/recipes-extended/procps/procps_4.0.4.bb b/meta/recipes-extended/procps/procps_4.0.4.bb
index 800384f22f7..ec8c4b0261b 100644
--- a/meta/recipes-extended/procps/procps_4.0.4.bb
+++ b/meta/recipes-extended/procps/procps_4.0.4.bb
@@ -14,6 +14,7 @@ inherit autotools gettext pkgconfig update-alternatives
SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \
file://sysctl.conf \
+ file://pidfd.patch \
"
SRCREV = "4ddcef2fd843170c8e2d59a83042978f41037a2b"
--
2.34.1
+16 -52
View File
@@ -1,40 +1,23 @@
Introduction
------------
This repository contains the Arm layers for OpenEmbedded.
This repository contains Arm layers for OpenEmbedded
* meta-arm
meta-arm:
This layer provides support for general recipes for the Arm
architecture. Anything that's not needed explicitly for BSPs, the IOTA
distribution, or destined to be upstreamed belongs here.
This layer contains general recipes for the Arm architecture, such as firmware, FVPs, and Arm-specific integration.
meta-arm-bsp:
This layer provides support for Arm reference platforms
* meta-arm-bsp
meta-arm-iota:
This layer provides support for Arm's IOTA Linux Distribution
This layer contains machines for Arm reference platforms, for example FVP Base, N1SDP, and Juno.
meta-arm-toolchain:
This layer provides support for Arm's GNU-A toolset releases
* meta-arm-toolchain
This layer contains recipes for Arm's binary toolchains (GCC and Clang for -A and -M), and a recipe to build Arm's GCC.
Other Directories
-----------------
* ci
This directory contains gitlab continuous integration configuration files (KAS yaml files) as well as scripts needed for this
* kas
This directory contains KAS yaml files to describe builds for systems not used in CI
* scripts
This directory contains scripts used in running the CI tests
Mailing List
------------
To interact with the meta-arm developer community, please email the meta-arm mailing list at meta-arm@lists.yoctoproject.org
Currently, it is configured to only allow emails to members from those subscribed.
To subscribe to the meta-arm mailing list, please go to
https://lists.yoctoproject.org/g/meta-arm
meta-arm-autonomy:
This layer provides a reference stack for autonomous systems.
Contributing
------------
@@ -42,33 +25,14 @@ Currently, we only accept patches from the meta-arm mailing list. For general
information on how to submit a patch, please read
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
E-mail meta-arm@lists.yoctoproject.org with patches created using this process. You can configure git-send-email to automatically use this address for the meta-arm repository with the following git command:
$ git config --local --add sendemail.to meta-arm@lists.yoctoproject.org
Commits and patches added should follow the OpenEmbedded patch guidelines:
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
The component being changed in the shortlog should be prefixed with the layer name (without the meta- prefix), for example:
arm-bsp/trusted-firmware-a: decrease frobbing level
arm-toolchain/gcc: enable foobar v2
Releases and Release Schedule
--------------
We follow the Yocto Project release methodology, schedule, and stable/LTS support timelines. For more information on these, please reference:
https://docs.yoctoproject.org/ref-manual/release-process.html
https://wiki.yoctoproject.org/wiki/Releases
https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS
E-mail meta-arm@lists.yoctoproject.org with patches created using this process
Reporting bugs
--------------
E-mail meta-arm@lists.yoctoproject.org with the error encountered and the steps
to reproduce the issue.
to reproduce the issue
Maintainer(s)
-------------
* Jon Mason <jon.mason@arm.com>
* Ross Burton <ross.burton@arm.com>
-37
View File
@@ -1,37 +0,0 @@
# Reporting vulnerabilities
Arm takes security issues seriously and welcomes feedback from researchers and
the security community in order to improve the security of its products and
services. We operate a coordinated disclosure policy for disclosing
vulnerabilities and other security issues.
Security issues can be complex and one single timescale doesn't fit all
circumstances. We will make best endeavours to inform you when we expect
security notifications and fixes to be available and facilitate coordinated
disclosure when notifications and patches/mitigations are available.
## How to Report a Potential Vulnerability?
If you would like to report a public issue (for example, one with a released CVE
number), please contact the meta-arm mailing list at
meta-arm@lists.yoctoproject.org and arm-security@arm.com.
If you are dealing with a not-yet released or urgent issue, please send a mail
to the maintainers (see README.md) and arm-security@arm.com, including as much
detail as possible. Encrypted emails using PGP are welcome.
For more information, please visit https://developer.arm.com/support/arm-security-updates/report-security-vulnerabilities.
## Branches maintained with security fixes
meta-arm follows the Yocto release model, so see
[https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS Stable release and
LTS] for detailed info regarding the policies and maintenance of stable
branches.
The [https://wiki.yoctoproject.org/wiki/Releases Release page] contains a list of all
releases of the Yocto Project. Versions in grey are no longer actively maintained with
security patches, but well-tested patches may still be accepted for them for
significant issues.
-6
View File
@@ -1,6 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-firmware.yml
-18
View File
@@ -1,18 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-ir-acs.yml
env:
ACS_TEST: "0"
local_conf_header:
testimage: |
TESTIMAGE_AUTO = "${ACS_TEST}"
target:
- arm-systemready-ir-acs
- arm-systemready-linux-distros-debian
- arm-systemready-linux-distros-opensuse
-48
View File
@@ -1,48 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
distro: poky
defaults:
repos:
branch: scarthgap
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
layers:
meta:
meta-poky:
patches:
procps:
path: 0001-procps-fix-build-with-new-glibc-but-old-kernel-heade.patch
repo: meta-arm
env:
BB_LOGCONFIG: ""
TOOLCHAIN_DIR: ""
local_conf_header:
base: |
CONF_VERSION = "2"
setup: |
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG:remove:pn-qemu-system-native = "gtk+ sdl"
PACKAGECONFIG:append:pn-perf = " coresight"
INHERIT += "rm_work"
extrapackages: |
CORE_IMAGE_EXTRA_INSTALL += "perf opencsd"
CORE_IMAGE_EXTRA_INSTALL:append:aarch64 = " gator-daemon"
machine: unset
target:
- core-image-sato
-28
View File
@@ -1,28 +0,0 @@
#! /usr/bin/env python3
from pathlib import Path
import sys
from listmachines import list_machines
metaarm = Path.cwd()
if metaarm.name != "meta-arm":
print("Not running inside meta-arm")
sys.exit(1)
# Find all layers
layers = (p.name for p in metaarm.glob("meta-*") if p.is_dir())
# All machine configurations
machines = list_machines(layers)
# All kas files
kas = metaarm.glob("ci/*.yml")
kas = set(p.stem for p in kas)
missing = machines - kas
print(f"The following machines are missing: {', '.join(sorted(missing))}.")
covered = len(machines) - len(missing)
total = len(machines)
percent = int(covered / total * 100)
print(f"Coverage: {percent}%")
-19
View File
@@ -1,19 +0,0 @@
#! /bin/bash
# Expects the path to a log file as $1, and if this file has any content
# then display the contents and exit with an error code.
set -e -u
LOGFILE=$1
LINES=$(grep --invert-match "attempting MIRRORS if available" $LOGFILE | wc -l)
if test "$LINES" -ne 0; then
echo ==============================
echo The build had warnings/errors:
echo ==============================
cat $LOGFILE
exit 1
fi
exit 0
-21
View File
@@ -1,21 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
repos:
meta-clang:
url: https://github.com/kraj/meta-clang
local_conf_header:
toolchain: |
TOOLCHAIN = "clang"
PREFERRED_PROVIDER_llvm = "clang"
PREFERRED_PROVIDER_llvm-native = "clang-native"
PREFERRED_PROVIDER_nativesdk-llvm = "nativesdk-clang"
PROVIDES:pn-clang = "llvm"
PROVIDES:pn-clang-native = "llvm-native"
PROVIDES:pn-nativesdk-clang = "nativesdk-llvm"
# This is needed to stop bitbake getting confused about what clang/llvm is
# being used, see https://github.com/kraj/meta-clang/pull/766
BBMASK += "/meta/recipes-devtools/llvm/llvm.*\.bb"
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/meta-openembedded.yml
- ci/meta-secure-core.yml
- kas/corstone1000-image-configuration.yml
target:
- core-image-minimal
- perf
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- kas/corstone1000-firmware-only.yml
target:
- corstone1000-flash-firmware-image
- perf
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/corstone1000-common.yml
- ci/fvp.yml
machine: corstone1000-fvp
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/corstone1000-common.yml
machine: corstone1000-mps3
-21
View File
@@ -1,21 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cve: |
INHERIT += "cve-check"
# Allow the runner environment to provide an API key
NVDCVE_API_KEY = "${@d.getVar('BB_ORIGENV').getVar('NVDCVE_API_KEY') or ''}"
# Just show the warnings for our layers
CVE_CHECK_SHOW_WARNINGS = "0"
CVE_CHECK_SHOW_WARNINGS:layer-arm-toolchain = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-bsp = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-systemready = "1"
# Ignore the kernel, we sometime carry kernels in meta-arm
CVE_CHECK_SHOW_WARNINGS:pn-linux-yocto = "0"
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
# Add universally helpful features when testing boards
local_conf_header:
debug: |
EXTRA_IMAGE_FEATURES:append = " debug-tweaks"
-31
View File
@@ -1,31 +0,0 @@
#! /usr/bin/env python3
"""
Download the lockfile.yml produced by a CI pipeline, specified by the GitLab
server, full name of the meta-arm project, and the refspec that was executed.
For example,
$ ./download-lockfile.py https://gitlab.com/ rossburton/meta-arm master
SPDX-FileCopyrightText: Copyright 2023 Arm Limited and Contributors
SPDX-License-Identifier: GPL-2.0-only
"""
import argparse
import gitlab
import io
import zipfile
parser = argparse.ArgumentParser()
parser.add_argument("server", help="GitLab server name")
parser.add_argument("project", help="meta-arm project name")
parser.add_argument("refspec", help="Branch/commit")
args = parser.parse_args()
gl = gitlab.Gitlab(args.server)
project = gl.projects.get(args.project)
artefact = project.artifacts.download(ref_name=args.refspec, job="update-repos")
z = zipfile.ZipFile(io.BytesIO(artefact))
z.extract("lockfile.yml")
print("Fetched lockfile.yml")
-19
View File
@@ -1,19 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
bootfirmware: |
PREFERRED_PROVIDER_virtual/bootloader = "edk2-firmware"
MACHINE_FEATURES += "efi"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "grub-efi"
QB_DEFAULT_BIOS = "QEMU_EFI.fd"
WKS_FILE ?= "efi-disk.wks.in"
failing_tests: |
TEST_SUITES:remove = "xorg"
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cc: |
SKIP_RECIPE[gcc-cross-arm] = "Using external toolchain"
TCMODE = "external-arm"
EXTERNAL_TOOLCHAIN = "${TOPDIR}/toolchains/${TARGET_ARCH}"
# Disable ptest as this pulls target compilers, which don't
# work with external toolchain currently
DISTRO_FEATURES:remove = "ptest"
-34
View File
@@ -1,34 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/fvp-base.yml
- ci/meta-openembedded.yml
- ci/testimage.yml
local_conf_header:
trusted_services: |
# Enable the needed test suites
TEST_SUITES = " ping ssh trusted_services"
# Include all Secure Partitions into the image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its"
MACHINE_FEATURES:append = " ts-attestation ts-smm-gateway optee-spmc-test"
MACHINE_FEATURES:append = " ts-block-storage ts-fwu"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL += "optee-test"
# Set the TS environment
TS_ENV="sp"
# Enable and configure semihosting
FVP_CONFIG[cluster0.cpu0.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu1.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu2.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu3.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu0.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu1.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu2.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu3.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[semihosting-enable] = "True"
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/fvp.yml
machine: fvp-base
target:
- core-image-sato
- boot-wrapper-aarch64
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
testimagefvp: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
IMAGE_CLASSES += "fvpboot"
failing_tests: |
# This fails but we can't add to the ignorelist from meta-arm yet
# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14604
TEST_SUITES:remove = "parselogs"
TEST_SUITES:remove = "xorg"
-26
View File
@@ -1,26 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
# Simple target to build the FVPs that are publically available
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm64
local_conf_header:
license: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
sdk: |
SDKMACHINE = "x86_64"
target:
# Target packages to test aarch64
- fvp-base-a-aem
- fvp-corstone1000
# Nativesdk to test x86-64
- nativesdk-fvp-base-a-aem
- nativesdk-fvp-corstone1000
- nativesdk-fvp-n1-edge
- nativesdk-fvp-sgi575
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
toolchain: |
TOOLCHAIN = "gcc"
-18
View File
@@ -1,18 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
repos:
poky:
layers:
meta-yocto-bsp:
local_conf_header:
bootloader: |
# If running genericarm64 in a qemu we need to manually build the bootloader
EXTRA_IMAGEDEPENDS += "virtual/bootloader"
machine: genericarm64
-51
View File
@@ -1,51 +0,0 @@
#!/bin/bash
set -u -e
BASENAME=arm-gnu-toolchain
VER=${VER:-13.2.Rel1}
HOST_ARCH=${HOST_ARCH:-$(uname -m)}
# Use the standard kas container locations if nothing is passed into the script
DOWNLOAD_DIR="${1:-/builds/persist/downloads/}"
TOOLCHAIN_DIR="${2:-/builds/persist//toolchains/}"
TOOLCHAIN_LINK_DIR="${3:-build/toolchains/}"
# These should be already created by .gitlab-ci.yml, but do here if run outside of that env
mkdir -p $DOWNLOAD_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
download() {
TRIPLE=$1
URL=https://developer.arm.com/-/media/Files/downloads/gnu/$VER/binrel/$BASENAME-$VER-$HOST_ARCH-$TRIPLE.tar.xz
wget -P $DOWNLOAD_DIR -nc $URL
}
if [ $HOST_ARCH = "aarch64" ]; then
# AArch64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
elif [ $HOST_ARCH = "x86_64" ]; then
# x86_64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
# AArch64 GNU/Linux target
download aarch64-none-linux-gnu
else
echo "ERROR - Unknown build arch of $HOST_ARCH"
exit 1
fi
for i in arm aarch64; do
if [ ! -d $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*/ ]; then
if [ ! -f $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz ]; then
continue
fi
tar -C $TOOLCHAIN_DIR -axvf $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz
fi
# Setup a link for the toolchain to use local to the building machine (e.g., not in a shared location)
ln -s $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu* $TOOLCHAIN_LINK_DIR/$i
done
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
libc: |
TCLIBC = "glibc"
-43
View File
@@ -1,43 +0,0 @@
#! /bin/bash
# This script is expecting an input of machine name, optionally followed by a
# colon and a list of one or more parameters separated by commas between
# brackets. For example, the following are acceptable:
# corstone1000-mps3
# fvp-base: [testimage]
# qemuarm64-secureboot: [clang, glibc, testimage]
# This argument should be quoted to avoid expansion and to be handled
# as a single value.
#
# Any further arguments will be handled as further yml file basenames.
#
# Turn this list into a series of yml files separated by colons to pass to kas
set -e -u
# First, parse the GitLab CI job name (CI_JOB_NAME via $1) and accumulate a list
# of Kas files.
JOBNAME="$1"
shift
# The base name of the job
FILES="ci/$(echo $JOBNAME | cut -d ':' -f 1).yml"
# The list of matrix variations
for i in $(echo $JOBNAME | cut -s -d ':' -f 2 | sed 's/[][,]//g'); do
# Given that there are no yml files for gcc or glibc, as those are the
# defaults, we can simply ignore those parameters. They are necessary
# to pass in so that matrix can correctly setup all of the permutations
# of each individual run.
if [[ $i == 'none' ]]; then
continue
fi
FILES+=":ci/$i.yml"
done
# Now pick up any further names
for i in $*; do
FILES+=":ci/$i.yml"
done
echo $FILES
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: juno
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-dev"
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-rt"
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
-29
View File
@@ -1,29 +0,0 @@
#! /usr/bin/env python3
import pathlib
import typing
import sys
"""
List all of the machines available under the listed sub-layers of meta-arm.
"""
def list_machines(layers: typing.Sequence[str]) -> typing.Set[str]:
machines = set()
# We know we're in meta-arm/scripts, so find the top-level directory
metaarm = pathlib.Path(__file__).resolve().parent.parent
if metaarm.name != "meta-arm":
raise Exception("Not running inside meta-arm")
for layer in layers:
machines |= set(p.stem for p in (metaarm / layer / "conf" / "machine").glob("*.conf"))
return machines
if __name__ == "__main__":
if len(sys.argv) > 1:
machines = list_machines(sys.argv[1:])
print(" ".join(sorted(machines)))
sys.exit(0)
else:
print("Usage:\n$ %s [layer name ...] " % sys.argv[0])
sys.exit(1)
-13
View File
@@ -1,13 +0,0 @@
# Python logging configuration to write all warnings to a separate file
version: 1
handlers:
warnings:
class: logging.FileHandler
level: WARNING
filename: warnings.log
formatter: BitBake.logfileFormatter
loggers:
BitBake:
handlers: [warnings]
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
repos:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
layers:
meta-filesystems:
meta-networking:
meta-oe:
meta-python:
meta-perl:
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
repos:
meta-secure-core:
url: https://github.com/Wind-River/meta-secure-core.git
layers:
meta-secure-core-common:
meta-signing-key:
meta-efi-secure-boot:
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
repos:
meta-virtualization:
url: https://git.yoctoproject.org/meta-virtualization
-12
View File
@@ -1,12 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/meta-openembedded.yml
machine: musca-b1
target:
- trusted-firmware-m
-12
View File
@@ -1,12 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/meta-openembedded.yml
machine: musca-s1
target:
- trusted-firmware-m
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
libc: |
TCLIBC = "musl"
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
# Config specific for the optee-xtests
local_conf_header:
optee-test: |
# Include ARM FFA
MACHINE_FEATURES:append = " arm-ffa"
# Include trusted services
TEST_SUITES:append = " trusted_services"
# Include Optee xtests
IMAGE_INSTALL:append = " optee-test"
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
local_conf_header:
trusted_services: |
TEST_SUITES:append = " trusted_services"
# Include TS Crypto, TS Protected Storage, TS Internal and Trusted Storage SPs into optee-os image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
-12
View File
@@ -1,12 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: n1sdp
local_conf_header:
unsupported_trusted_services: |
MACHINE_FEATURES:remove = "ts-smm-gateway"
-286
View File
@@ -1,286 +0,0 @@
#! /usr/bin/env python3
#
# SPDX-License-Identifier: GPL-2.0-only
#
# TODO
# - option to just list all broken files
# - test suite
# - validate signed-off-by
import argparse
import collections
import json
import os
import re
import subprocess
status_values = (
"accepted",
"pending",
"inappropriate",
"backport",
"submitted",
"denied",
)
class PatchResult:
# Whether the patch has an Upstream-Status or not
missing_upstream_status = False
# If the Upstream-Status tag is malformed in some way (string for bad bit)
malformed_upstream_status = None
# If the Upstream-Status value is unknown (boolean)
unknown_upstream_status = False
# The upstream status value (Pending, etc)
upstream_status = None
# Whether the patch has a Signed-off-by or not
missing_sob = False
# Whether the Signed-off-by tag is malformed in some way
malformed_sob = False
# The Signed-off-by tag value
sob = None
# Whether a patch looks like a CVE but doesn't have a CVE tag
missing_cve = False
class Summary:
total = 0
cve_missing = 0
sob_missing = 0
sob_malformed = 0
status_missing = 0
status_malformed = 0
status_pending = 0
def blame_patch(patch):
"""
From a patch filename, return a list of "commit summary (author name <author
email>)" strings representing the history.
"""
return subprocess.check_output(("git", "log",
"--follow", "--find-renames", "--diff-filter=A",
"--format=%s (%aN <%aE>)",
"--", patch)).decode("utf-8").splitlines()
def patchreview(patches):
# General pattern: start of line, optional whitespace, tag with optional
# hyphen or spaces, maybe a colon, some whitespace, then the value, all case
# insensitive.
sob_re = re.compile(r"^[\t ]*(Signed[-_ ]off[-_ ]by:?)[\t ]*(.+)", re.IGNORECASE | re.MULTILINE)
status_re = re.compile(r"^[\t ]*(Upstream[-_ ]Status:?)[\t ]*(\w*)", re.IGNORECASE | re.MULTILINE)
cve_tag_re = re.compile(r"^[\t ]*(CVE:)[\t ]*(.*)", re.IGNORECASE | re.MULTILINE)
cve_re = re.compile(r"cve-[0-9]{4}-[0-9]{4,6}", re.IGNORECASE)
results = {}
for patch in patches:
result = PatchResult()
results[patch] = result
content = open(patch, encoding="ascii", errors="ignore").read()
# Find the Signed-off-by tag
match = sob_re.search(content)
if match:
value = match.group(1)
if value != "Signed-off-by:":
result.malformed_sob = value
result.sob = match.group(2)
else:
result.missing_sob = True
# Find the Upstream-Status tag
match = status_re.search(content)
if match:
value = match.group(1)
if value != "Upstream-Status:":
result.malformed_upstream_status = value
value = match.group(2).lower()
# TODO: check case
if value not in status_values:
result.unknown_upstream_status = True
result.upstream_status = value
else:
result.missing_upstream_status = True
# Check that patches which looks like CVEs have CVE tags
if cve_re.search(patch) or cve_re.search(content):
if not cve_tag_re.search(content):
result.missing_cve = True
# TODO: extract CVE list
return results
def analyse(results, want_blame=False, verbose=True):
"""
want_blame: display blame data for each malformed patch
verbose: display per-file results instead of just summary
"""
# want_blame requires verbose, so disable blame if we're not verbose
if want_blame and not verbose:
want_blame = False
summary = Summary()
for patch in sorted(results):
r = results[patch]
summary.total += 1
need_blame = False
# Build statistics
if r.missing_sob:
summary.sob_missing += 1
if r.malformed_sob:
summary.sob_malformed += 1
if r.missing_upstream_status:
summary.status_missing += 1
if r.malformed_upstream_status or r.unknown_upstream_status:
summary.status_malformed += 1
# Count patches with no status as pending
summary.status_pending += 1
if r.missing_cve:
summary.cve_missing += 1
if r.upstream_status == "pending":
summary.status_pending += 1
# Output warnings
if r.missing_sob:
need_blame = True
if verbose:
print("Missing Signed-off-by tag (%s)" % patch)
if r.malformed_sob:
need_blame = True
if verbose:
print("Malformed Signed-off-by '%s' (%s)" % (r.malformed_sob, patch))
if r.missing_cve:
need_blame = True
if verbose:
print("Missing CVE tag (%s)" % patch)
if r.missing_upstream_status:
need_blame = True
if verbose:
print("Missing Upstream-Status tag (%s)" % patch)
if r.malformed_upstream_status:
need_blame = True
if verbose:
print("Malformed Upstream-Status '%s' (%s)" % (r.malformed_upstream_status, patch))
if r.unknown_upstream_status:
need_blame = True
if verbose:
print("Unknown Upstream-Status value '%s' (%s)" % (r.upstream_status, patch))
if want_blame and need_blame:
print("\n".join(blame_patch(patch)) + "\n")
return summary
def display_summary(summary, verbose):
def percent(num):
try:
return "%d (%d%%)" % (num, round(num * 100.0 / summary.total))
except ZeroDivisionError:
return "N/A"
if verbose:
print()
print("""Total patches found: %d
Patches missing Signed-off-by: %s
Patches with malformed Signed-off-by: %s
Patches missing CVE: %s
Patches missing Upstream-Status: %s
Patches with malformed Upstream-Status: %s
Patches in Pending state: %s""" % (summary.total,
percent(summary.sob_missing),
percent(summary.sob_malformed),
percent(summary.cve_missing),
percent(summary.status_missing),
percent(summary.status_malformed),
percent(summary.status_pending)))
def generate_metrics(summary, output):
# https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md
# Summary attribute name, MetricPoint help
mapping = (
("total", "Total patches"),
("cve_missing", "Patches missing CVE tag"),
("sob_malformed", "Patches with malformed Signed-off-by"),
("sob_missing", "Patches with missing Signed-off-by"),
("status_malformed", "Patches with malformed Upstream-Status"),
("status_missing", "Patches with missing Upstream-Status"),
("status_pending", "Patches with Pending Upstream-Status")
)
for attr, help in mapping:
metric = f"patch_check_{attr}"
value = getattr(summary, attr)
output.write(f"""
# TYPE {metric} gauge
# HELP {help}
{metric} {value}
""")
output.write("\n# EOF\n")
def histogram(results):
import math
from toolz import dicttoolz, recipes
counts = recipes.countby(lambda r: r.upstream_status, results.values())
bars = dicttoolz.valmap(lambda v: "#" * int(math.ceil(float(v) / len(results) * 100)), counts)
for k in bars:
print("%-20s %s (%d)" % (k.capitalize() if k else "No status", bars[k], counts[k]))
def gather_patches(directories):
patches = []
for directory in directories:
filenames = subprocess.check_output(("git", "-C", directory, "ls-files", "recipes-*/**/*.patch", "recipes-*/**/*.diff")).decode("utf-8").split()
patches += [os.path.join(directory, f) for f in filenames]
return patches
if __name__ == "__main__":
args = argparse.ArgumentParser(description="Patch Review Tool")
args.add_argument("-b", "--blame", action="store_true", help="show blame for malformed patches")
args.add_argument("-v", "--verbose", action="store_true", help="show per-patch results")
args.add_argument("-g", "--histogram", action="store_true", help="show patch histogram")
args.add_argument("-j", "--json", help="update JSON")
args.add_argument("-m", "--metrics", type=argparse.FileType('w'), help="write OpenMetrics")
args.add_argument("dirs", metavar="DIRECTORY", nargs="+", help="directory to scan")
args = args.parse_args()
patches = gather_patches(args.dirs)
results = patchreview(patches)
summary = analyse(results, want_blame=args.blame, verbose=args.verbose)
display_summary(summary, verbose=args.verbose)
if args.json:
if os.path.isfile(args.json):
data = json.load(open(args.json))
else:
data = []
row = collections.Counter()
row["total"] = len(results)
row["date"] = subprocess.check_output(["git", "-C", args.dirs[0], "show", "-s", "--pretty=format:%cd", "--date=format:%s"]).decode("utf-8").strip()
for r in results.values():
if r.upstream_status in status_values:
row[r.upstream_status] += 1
if r.malformed_upstream_status or r.missing_upstream_status:
row["malformed-upstream-status"] += 1
if r.malformed_sob or r.missing_sob:
row["malformed-sob"] += 1
data.append(row)
json.dump(data, open(args.json, "w"))
if args.metrics:
generate_metrics(summary, args.metrics)
if args.histogram:
print()
histogram(results)
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
distro: poky-tiny
local_conf_header:
hacking: |
TEST_SUITES = "_qemutiny ping"
extrapackages: |
# Intentionally blank to prevent perf from being added to the image in base.yml
target:
- core-image-minimal
- perf
-6
View File
@@ -1,6 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
distro: poky
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm-secureboot
target:
- core-image-base
local_conf_header:
optee: |
IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
TEST_SUITES:append = " optee ftpm"
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
local_conf_header:
trusted_services: |
TEST_SUITES:append = " trusted_services"
# Include TS Crypto, TS Protected Storage, TS Internal Trusted Storage and SMM-Gateway SPs into optee-os image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its ts-smm-gateway"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm64-secureboot
target:
- core-image-base
local_conf_header:
optee: |
IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
TEST_SUITES:append = " optee ftpm"
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm64
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarmv5
-12
View File
@@ -1,12 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: sbsa-ref
target:
- core-image-sato
- sbsa-acs
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
setup: |
BB_LOGCONFIG = ""
SANITY_TESTED_DISTROS = ""
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: sgi575
-11
View File
@@ -1,11 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
sstate_mirror: |
BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687"
SSTATE_MIRRORS = "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
BB_HASHSERVE = "auto"
BB_SIGNATURE_HANDLER = "OEEquivHash"
-21
View File
@@ -1,21 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/debug.yml
local_conf_header:
testimage: |
IMAGE_CLASSES += "testimage"
TESTIMAGE_AUTO = "1"
kvm: |
QEMU_USE_KVM = ""
slirp: |
TEST_RUNQEMUPARAMS = "slirp"
sshd: |
IMAGE_FEATURES += "ssh-server-dropbear"
sshkeys: |
CORE_IMAGE_EXTRA_INSTALL += "ssh-pregen-hostkeys"
universally_failing_tests: |
TEST_SUITES:remove = "opkg"
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
tftf: |
TFA_UBOOT = "0"
TFA_UEFI = "0"
TFTF_TESTS = "1"
-20
View File
@@ -1,20 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
# Target is arm64 and SDK is x86-64 to ensure that we exercise both
# architectures
machine: qemuarm64
local_conf_header:
toolchains: |
SDKMACHINE = "x86_64"
target:
- gcc-aarch64-none-elf
- nativesdk-gcc-aarch64-none-elf
- gcc-arm-none-eabi
- nativesdk-gcc-arm-none-eabi
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
bootfirmware: |
PREFERRED_PROVIDER_virtual/bootloader = "u-boot"
TFA_UBOOT = "1"
TFA_UEFI = "0"
-56
View File
@@ -1,56 +0,0 @@
#! /usr/bin/env python3
# Update clones of the repositories we need in KAS_REPO_REF_DIR to speed up fetches
import sys
import os
import shutil
import subprocess
import pathlib
def repo_shortname(url):
# Taken from Kas (Repo.__getattr__) to ensure the logic is right
from urllib.parse import urlparse
url = urlparse(url)
return ('{url.netloc}{url.path}'
.format(url=url)
.replace('@', '.')
.replace(':', '.')
.replace('/', '.')
.replace('*', '.'))
repositories = (
"https://git.yoctoproject.org/git/poky",
"https://git.openembedded.org/meta-openembedded",
"https://git.yoctoproject.org/git/meta-virtualization",
"https://github.com/kraj/meta-clang",
)
if __name__ == "__main__":
if "KAS_REPO_REF_DIR" not in os.environ:
print("KAS_REPO_REF_DIR needs to be set")
sys.exit(1)
base_repodir = pathlib.Path(os.environ["KAS_REPO_REF_DIR"])
failed = False
for repo in repositories:
repodir = base_repodir / repo_shortname(repo)
if "CI_CLEAN_REPOS" in os.environ:
print("Cleaning %s..." % repo)
shutil.rmtree(repodir, ignore_errors=True)
if repodir.exists():
try:
print("Updating %s..." % repo)
subprocess.run(["git", "-C", repodir, "-c", "gc.autoDetach=false", "fetch"], check=True)
except subprocess.CalledProcessError as e:
print(e)
failed = True
else:
print("Cloning %s..." % repo)
subprocess.run(["git", "clone", "--bare", repo, repodir], check=True)
if failed:
sys.exit(128)
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-virtualization.yml
local_conf_header:
meta-virt: |
DISTRO_FEATURES:append = " virtualization xen"
target:
- xen-image-minimal
-49
View File
@@ -1,49 +0,0 @@
# OEQA on Arm FVPs
OE-Core's [oeqa][OEQA] framework provides a method of performing runtime tests on machines using the `testimage` Yocto task. meta-arm has good support for writing test cases against [Arm FVPs][FVP], meaning the [runfvp][RUNFVP] boot configuration can be re-used.
Tests can be configured to run automatically post-build by setting the variable `TESTIMAGE_AUTO="1"`, e.g. in your Kas file or local.conf.
meta-arm provides the OEFVPTarget which must be set up in the machine configuration:
```
TEST_TARGET = "OEFVPTarget"
TEST_SERVER_IP = "127.0.0.1"
TEST_TARGET_IP = "127.0.0.1:2222"
IMAGE_FEATURES:append = " ssh-server-dropbear"
FVP_CONFIG[bp.virtio_net.hostbridge.userNetPorts] ?= "2222=22"
FVP_CONSOLES[default] = "terminal_0"
FVP_CONSOLES[tf-a] = "s_terminal_0"
```
The test target also generates a log file with the prefix 'fvp_log' in the image recipe's `${WORKDIR}/testimage` containing the FVP's stdout.
OEFVPTarget supports two different test interfaces - SSH and pexpect.
## SSH
As in OEQA in OE-core, tests cases can run commands on the machine using SSH. It therefore requires that an SSH server is installed in the image.
This uses the `run` method on the target, e.g:
```
(status, output) = self.target.run('uname -a')
```
which executes a single command on the target (using `ssh -c`) and returns the status code and the output. It is therefore useful for running tests in a Linux environment.
For examples of test cases, see meta/lib/oeqa/runtime/cases in OE-Core. The majority of test cases depend on `ssh.SSHTest.test_ssh`, which first validates that the SSH connection is functioning.
## pexpect
To support firmware and baremetal testing, OEFVPTarget also allows test cases to make assertions against one or more consoles using the pexpect library.
Internally, this test target launches a [Pexpect][PEXPECT] instance for each entry in FVP_CONSOLES which can be used with the provided alias. The whole Pexpect API is exposed on the target, where the alias is always passed as the first argument, e.g.:
```
self.target.expect('default', r'root@.*\:~#', timeout=30)
self.assertNotIn(b'ERROR:', self.target.before('tf-a'))
```
For an example of a full test case, see meta-arm/lib/oeqa/runtime/cases/linuxboot.py This test case can be used to minimally verify that a machine boots to a Linux shell. The default timeout is 10 minutes, but this can be configured with the variable TEST_FVP_LINUX_BOOT_TIMEOUT, which expects a value in seconds.
[OEQA]: https://docs.yoctoproject.org/test-manual/intro.html
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[RUNFVP]: runfvp.md
[PEXPECT]: https://pexpect.readthedocs.io/en/stable/overview.html
-131
View File
@@ -1,131 +0,0 @@
# Running Images with a FVP
The `runfvp` tool in meta-arm makes it easy to run Yocto Project disk images inside a [Fixed Virtual Platform (FVP)][FVP]. Some FVPs, such as the [Arm Architecture Models][AEM], are available free to download, but others need registration or are only available commercially. The `fvp-base` machine in meta-arm-bsp uses one of these AEM models.
## Running images with `runfvp`
To build images with the FVP integration, the `fvpboot` class needs to be inherited. If the machine does not do this explicitly it can be done in `local.conf`:
```
INHERIT += "fvpboot"
```
The class will download the correct FVP and write a `.fvpconf` configuration file when an image is built.
To run an image in a FVP, pass either a machine name or a `.fvpconf` path to `runfvp`.
```
$ ./meta-arm/scripts/runfvp tmp/deploy/images/fvp-base/core-image-minimal-fvp-base.fvpconf
```
When a machine name is passed, `runfvp` will start the latest image that has been built for that machine. This requires that the BitBake environment has been initialized (using `oe-init-build-env` or similar) as it will start BitBake to determine where the images are.
```
$ ./meta-arm/scripts/runfvp fvp-base
```
Note that currently meta-arm's `scripts` directory isn't in `PATH`, so a full path needs to be used.
`runfvp` will automatically start terminals connected to each of the serial ports that the machine specifies. This can be controlled by using the `--terminals` option, for example `--terminals=none` will mean no terminals are started, and `--terminals=tmux` will start the terminals in [`tmux`][tmux] sessions. Alternatively, passing `--console` will connect the serial port directly to the current session, without needing to open further windows.
The default terminal can also be configured by writing a [INI-style][INI] configuration file to `~/.config/runfvp.conf`:
```
[RunFVP]
Terminal=tmux
```
Arbitrary options can be passed directly to the FVP by specifying them after a double dash, for example this will list all of the FVP parameters:
```
$ runfvp fvp-base -- --list-params
```
## Configuring machines with `fvpboot`
To configure a machine so that it can be ran inside `runfvp`, a number of variables need to be set in the machine configuration file (such as `meta-arm-bsp/conf/machine/fvp-base.conf`).
Note that at present these variables are not stable and their behaviour may be changed in the future.
### `FVP_EXE`
The name of the FVP binary itself, for example `fvp-base` uses `FVP_Base_RevC-2xAEMvA`.
### `FVP_PROVIDER`
The name of the recipe that provides the FVP executable set in `FVP_EXE`, for example `fvp-base` uses `fvp-base-a-aem-native`. This *must* be a `-native` recipe as the binary will be executed on the build host.
There are recipes for common FVPs in meta-arm already, and writing new recipes is trivial. For FVPs which are free to download `fvp-base-a-aem.bb` is a good example. Some FVPs must be downloaded separately as they need an account on Arm's website.
If `FVP_PROVIDER` is not set then it is assumed that `FVP_EXE` is installed on the host already.
### `FVP_CONFIG`
Parameters passed to the FVP with the `--parameter`/`-C` option. These are expressed as variable flags so individual parameters can be altered easily. For example:
```
FVP_CONFIG[bp.flashloader0.fname] = "fip-fvp.bin"
```
### `FVP_DATA`
Specify raw data to load at the specified address, passed to the FVP with the `--data` option. This is a space-separated list of parameters in the format `[INST=]FILE@[MEMSPACE:]ADDRESS`. For example:
```
FVP_DATA = "cluster0.cpu0=Image@0x80080000 \
cluster0.cpu0=fvp-base-revc.dtb@0x83000000"
```
### `FVP_APPLICATIONS`
Applications to load on the cores, passed to the FVP with the `--application` option. These are expressed as variable flags with the flag name being the instance and flag value the filename, for example:
```
FVP_APPLICATIONS[cluster0] = "linux-system.axf"
```
Note that symbols are not allowed in flag names, so if you need to use a wildcard in the instance then you'll need to use `FVP_EXTRA_ARGS` and `--application` directly.
### `FVP_TERMINALS`
Map hardware serial ports to abstract names. For example the `FVP_Base_RevC-2xAEMvA` FVP exposes four serial ports, `terminal_0` to `terminal_3`. Typically only `terminal_0` is used in the `fvp-base` machine so this can be named `"Console"` and the others `""`. When runfvp starts terminals it will only start named serial ports, so instead of opening four windows where only one is useful, it will only open one.
For example:
```
FVP_TERMINALS[bp.terminal_0] = "Console"
FVP_TERMINALS[bp.terminal_1] = ""
FVP_TERMINALS[bp.terminal_2] = ""
FVP_TERMINALS[bp.terminal_3] = ""
```
### `FVP_CONSOLES`
This specifies what serial ports can be used in oeqa tests, along with an alias to be used in the test cases. Note that the values have to be the FVP identifier but without the board prefix, for example:
```
FVP_CONSOLES[default] = "terminal_0"
FVP_CONSOLES[tf-a] = "s_terminal_0"
```
The 'default' console is also used when `--console` is passed to runfvp.
### `FVP_EXTRA_ARGS`
Arbitrary extra arguments that are passed directly to the FVP. For example:
```
FVP_EXTRA_ARGS = "--simlimit 60"
```
### `FVP_ENV_PASSTHROUGH`
The FVP is launched with an isolated set of environment variables. Add the name of a Bitbake variable to this list to pass it through to the FVP environment. For example:
```
FVP_ENV_PASSTHROUGH = "ARMLMD_LICENSE_FILE FM_TRACE_PLUGINS"
```
[AEM]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[tmux]: https://tmux.github.io/
[INI]: https://docs.python.org/3/library/configparser.html
-70
View File
@@ -1,70 +0,0 @@
# The Trusted Services: framework for developing root-of-trust services
meta-arm layer includes recipes for [Trusted Services][^1] Secure Partitions and Normal World applications
in `meta-arm/recipes-security/trusted-services`
## Secure Partitions recipes
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions.
These recipes produce ELF and DTB files for SPs.
These files are automatically included into optee-os image accordingly to defined MACHINE_FEATURES.
### How to include TS SPs
To include TS SPs into optee-os image you need to add into MACHINE_FEATURES
features for each [Secure Partition][^2] you would like to include:
| Secure Partition | MACHINE_FEATURE |
| ----------------- | --------------- |
| Attestation | ts-attesation |
| Crypto | ts-crypto |
| Firmware Update | ts-fwu
| Internal Storage | ts-its |
| Protected Storage | ts-storage |
| se-proxy | ts-se-proxy |
| smm-gateway | ts-smm-gateway |
| spm-test[1-4] | optee-spmc-test |
Other steps depend on your machine/platform definition:
1. For communications between Secure and Normal Words Linux kernel option `CONFIG_ARM_FFA_TRANSPORT=y`
is required. If your platform doesn't include it already you can add `arm-ffa` into MACHINE_FEATURES.
(Please see ` meta-arm/recipes-kernel/arm-tstee`.)
For running the `uefi-test` or the `xtest -t ffa_spmc` tests under Linux the `arm-ffa-user` drivel is required. This is
enabled if the `ts-smm-gateway` and/or the `optee-spmc-test` machine features are enabled.
(Please see ` meta-arm/recipes-kernel/arm-ffa-user`.)
2. optee-os might require platform specific OP-TEE build parameters (for example what SEL the SPM Core is implemented at).
You can find examples in `meta-arm/recipes-security/optee/optee-os_%.bbappend` for qemuarm64-secureboot machine
and in `meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc` and `meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc`
for N1SDP and Corstone1000 platforms accordingly.
3. trusted-firmware-a might require platform specific TF-A build parameters (SPD and SPMC details on the platform).
See `meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend` for qemuarm64-secureboot machine
and in `meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc` and
`meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc` for N1SDP and Corstone1000 platforms.
4. Trusted Services supports an SPMC agonistic binary format. To build SPs to this format the `TS_ENV` variable is to be
set to `sp`. The resulting SP binaries should be able to boot under any FF-A v1.1 compliant SPMC implementation.
## Normal World applications
Optionally for testing purposes you can add `packagegroup-ts-tests` into your image. It includes
[Trusted Services test and demo tools][^3] and [xtest][^4] configured to include the `ffa_spmc` tests.
## OEQA Trusted Services tests
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
See `ci/trusted-services.yml` for an example how to include them into an image.
------
[^1]: https://trusted-services.readthedocs.io/en/integration/overview/index.html
[^2]: https://trusted-services.readthedocs.io/en/integration/deployments/secure-partitions.html
[^3]: https://trusted-services.readthedocs.io/en/integration/deployments/test-executables.html
[^4]: https://optee.readthedocs.io/en/latest/building/gits/optee_test.html
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
repos:
meta-arm:
layers:
meta-arm-systemready:
distro: nodistro
target:
- arm-systemready-firmware
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
env:
TESTIMAGE_AUTO: "1"
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
target:
- arm-systemready-ir-acs
@@ -1,7 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
target:
- arm-systemready-linux-distros-debian
@@ -1,7 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
target:
- arm-systemready-linux-distros-opensuse
-53
View File
@@ -1,53 +0,0 @@
header:
version: 14
distro: poky
defaults:
repos:
branch: master
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
# commit: 2e9c2a2381105f1306bcbcb54816cbc5d8110eff
layers:
meta:
meta-poky:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
# commit: 1750c66ae8e4268c472c0b2b94748a59d6ef866d
layers:
meta-oe:
meta-python:
meta-perl:
meta-secure-core:
url: https://github.com/wind-river/meta-secure-core.git
# commit: e29165a1031dcf601edbed1733cedd64826672a5
layers:
meta-secure-core-common:
meta-signing-key:
meta-efi-secure-boot:
local_conf_header:
base: |
CONF_VERSION = "2"
setup: |
PACKAGE_CLASSES = "package_ipk"
BB_NUMBER_THREADS ?= "16"
PARALLEL_MAKE ?= "-j16"
PACKAGECONFIG:append:pn-perf = " coresight"
machine: unset
target:
- corstone1000-flash-firmware-image
-23
View File
@@ -1,23 +0,0 @@
---
header:
version: 14
local_conf_header:
firmwarebuild: |
BBMULTICONFIG:remove = "firmware"
# Need to ensure the rescue linux options are selected
OVERRIDES .= ":firmware"
# Need to ensure we build with a small libc
TCLIBC="musl"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
test-configuration: |
TEST_SUITES = "_qemutiny ping"
# Remove Dropbear SSH as it will not fit into the corstone1000 image.
IMAGE_FEATURES:remove = "ssh-server-dropbear"
CORE_IMAGE_EXTRA_INSTALL:remove = "ssh-pregen-hostkeys"
-23
View File
@@ -1,23 +0,0 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
local_conf_header:
testimagefvp: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
IMAGE_CLASSES += "fvpboot"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
machine: corstone1000-fvp
-49
View File
@@ -1,49 +0,0 @@
header:
version: 14
local_conf_header:
extrapackages: |
# Intentionally blank to prevent perf from being added to the image in base.yml
firmwarebuild: |
# Only needed as kas doesn't add it automatically unless you have 2 targets in seperate configs
BBMULTICONFIG ?= "firmware"
distrosetup: |
DISTRO_FEATURES = "usbhost ipv4"
initramfsetup: |
# Telling the build system which image is responsible of the generation of the initramfs rootfs
INITRAMFS_IMAGE_BUNDLE:firmware = "1"
INITRAMFS_IMAGE:firmware ?= "corstone1000-recovery-image"
IMAGE_FSTYPES:firmware:pn-corstone1000-recovery-image = "${INITRAMFS_FSTYPES}"
IMAGE_NAME_SUFFIX:firmware = ""
# enable mdev/busybox for init
INIT_MANAGER:firmware = "mdev-busybox"
VIRTUAL-RUNTIME_init_manager:firmware = "busybox"
# prevent the kernel image from being included in the intramfs rootfs
PACKAGE_EXCLUDE:firmware += "kernel-image-*"
# Disable openssl in kmod to shrink the initramfs size
PACKAGECONFIG:remove:firmware:pn-kmod = "openssl"
imageextras: |
# Don't include kernel binary in rootfs /boot path
RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base = ""
# all optee packages
CORE_IMAGE_EXTRA_INSTALL += "optee-client"
# TS PSA API tests commands for crypto, its, ps and iat
CORE_IMAGE_EXTRA_INSTALL += "packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL:firmware += "packagegroup-ts-tests-psa"
# external system firmware
CORE_IMAGE_EXTRA_INSTALL:firmware += "external-system-elf"
capsule: |
CAPSULE_EXTENSION = "uefi.capsule"
CAPSULE_FW_VERSION = "6"
CAPSULE_NAME = "${MACHINE}-v${CAPSULE_FW_VERSION}"
-8
View File
@@ -1,8 +0,0 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
machine: corstone1000-mps3
-43
View File
@@ -1,43 +0,0 @@
header:
version: 13
includes:
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
distro: poky
machine: fvp-base
defaults:
repos:
refspec: master
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
path: layers/poky
layers:
meta:
meta-poky:
local_conf_header:
base: |
CONF_VERSION = "2"
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG:remove:pn-qemu-system-native = "gtk+ sdl"
EXTRA_IMAGE_FEATURES:append = " debug-tweaks ssh-server-openssh"
CORE_IMAGE_EXTRA_INSTALL:append = " ssh-pregen-hostkeys"
IMAGE_CLASSES:append = " testimage fvpboot"
target:
- core-image-minimal
-5
View File
@@ -1,5 +0,0 @@
header:
version: 13
env:
ARM_FVP_EULA_ACCEPT:
-7
View File
@@ -1,7 +0,0 @@
header:
version: 9
local_conf_header:
tftf: |
TFA_UBOOT = "0"
TFTF_TESTS = "1"
+92
View File
@@ -0,0 +1,92 @@
meta-arm-autonomy Yocto Layer
=============================
Introduction
------------
This layer provides an hypervisor based solution (currently based on Xen) for
autonomous system. It contains recipes and classes to build host and guests
systems.
To start using this layer, please check the
[Quick Start Guide](documentation/arm-autonomy-quickstart.md).
Dependencies
------------
This layer depends on several other Yocto layers:
* meta-openembedded (https://git.openembedded.org/meta-openembedded)
* poky (https://git.yoctoproject.org/poky)
* meta-virtualization (https://git.yoctoproject.org/meta-virtualization)
Distribution Features
---------------------
This layer is adding the following Yocto DISTRO_FEATURES:
* arm-autonomy-host: this feature activates functionalities required to build
an autonomy host system. It is doing the following:
- add 'xen' and 'ipv4' to DISTRO_FEATURES.
- add xen backend drivers to linux kernel configuration.
- To reduce the root filesystem image size the kernel image is not installed.
* arm-autonomy-guest: this feature activates functionalities to run as guest
of an autonomy system. It is doing the following:
- add 'ipv4' to DISTRO_FEATURES.
- add xen frontend drivers to linux kernel configuration.
- add console on hvc0 during init.
Bitbake variables
-----------------
Some recipes and classes in this layer are introducing variables which can be
modified by the user in local.conf.
Each recipe introducing such variables has a chapter "Bitbake parameters" in
its documentation.
Those documentation files should be checked for variables:
- [xen-devicetree](documentation/xen-devicetree.md)
- [xenguest-manager](documentation/xenguest-manager.md)
- [xenguest-network-bridge](documentation/xenguest-network-bridge.md)
BSPs
----
This layer is adding the following machines:
* arm64-autonomy-guest: this machines creates a minimal BSP suitable to be used
as an autonomy guest. It is in fact only activating ARM64 architecture and
SMP in the linux kernel and is enabling the DISTRO_FEATURE
arm-autonomy-guest.
Images
------
This layer is adding the following images:
* arm-autonomy-host-image-minimal: this image includes all elements required
to create a minimal arm-autonomy-host system. This includes xen and tools to
manage xen guests. This image depends on 'arm-autonomy-host' distribution
feature.
Recipes and classes
-------------------
This layer is adding the following recipes and classes:
* [xen-devicetree](documentation/xen-devicetree.md): this is a recipe to modify
a device tree blob to add information required to boot xen and a Dom0 linux.
* [xenguest-mkimage](documentation/xenguest-mkimage.md): this is a tool to
create and modify images to be used as Xen guests.
* [xenguest-manager](documentation/xenguest-manager.md): this is a tool to
create/remove/start/stop xen guest generated using xenguest-mkimage.
* [xenguest-network-bridge](documentation/xenguest-network-bridge.md): this
recipe add tools and init scripts to create a bridge connected to the
external network on the host and allow guests to be connected to it.
Contributing
------------
This project has not put in place a process for contributions currently. If you
would like to contribute, please contact the maintainers
Maintainer(s)
-------------
* Bertrand Marquis <bertrand.marquis@arm.com>
* Filipe Rinaldi <filipe.rinaldi@arm.com>
@@ -0,0 +1,5 @@
# Include arm-autonomy distro config files if the distro features are set
require ${@bb.utils.contains('DISTRO_FEATURES', 'arm-autonomy-host', '${ARM_AUTONOMY_DISTRO_CFGDIR}/arm-autonomy-host.inc', '', d)}
require ${@bb.utils.contains('DISTRO_FEATURES', 'arm-autonomy-guest', '${ARM_AUTONOMY_DISTRO_CFGDIR}/arm-autonomy-guest.inc', '', d)}
@@ -0,0 +1,108 @@
# Create a xenguest image with kernel and filesystem produced by Yocto
# This will create a .xenguest file that the xenguest-manager can use.
inherit xenguest-image
# We are creating our guest in a local subdirectory
# force the value so that we are not impacted if the user is changing it
XENGUEST_IMAGE_DEPLOY_DIR = "${WORKDIR}/tmp-xenguest"
# Name of deployed file (keep standard image name and add .xenguest)
XENGUEST_IMAGE_DEPLOY ??= "${IMAGE_NAME}"
# Add kernel XENGUEST_IMAGE_KERNEL from DEPLOY_DIR_IMAGE to image
xenguest_image_add_kernel() {
srcfile="${1:-}"
if [ -z "${srcfile}" ]; then
srcfile="${DEPLOY_DIR_IMAGE}/${XENGUEST_IMAGE_KERNEL}"
fi
call_xenguest_mkimage partial --xen-kernel=$srcfile
}
# Add rootfs file to the image
xenguest_image_add_rootfs() {
call_xenguest_mkimage partial \
--disk-add-file=${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${IMAGE_TYPEDEP_xenguest}:rootfs.${IMAGE_TYPEDEP_xenguest}
}
# Pack xenguest image
xenguest_image_pack() {
mkdir -p ${IMGDEPLOYDIR}
rm -f ${IMGDEPLOYDIR}/${XENGUEST_IMAGE_DEPLOY}.xenguest
call_xenguest_mkimage pack \
${IMGDEPLOYDIR}/${XENGUEST_IMAGE_DEPLOY}.xenguest
}
#
# Task finishing the bootimg
# We need this task to actually create the symlinks
#
python do_bootimg_xenguest() {
subtasks = d.getVarFlag('do_bootimg_xenguest', 'subtasks')
bb.build.exec_func('xenguest_image_clone', d)
if subtasks:
for tk in subtasks.split():
bb.build.exec_func(tk, d)
bb.build.exec_func('xenguest_image_pack', d)
bb.build.exec_func('create_symlinks', d)
}
# This is used to add sub-tasks to do_bootimg_xenguest
do_bootimg_xenguest[subtasks] = ""
# Those are required by create_symlinks to find our image
do_bootimg_xenguest[subimages] = "xenguest"
do_bootimg_xenguest[imgsuffix] = "."
do_bootimg_xenguest[depends] += "xenguest-base-image:do_deploy"
# Need to have rootfs so all recipes have deployed their content
do_bootimg_xenguest[depends] += "${PN}:do_rootfs"
# This set in python anonymous after, just set a default value here
IMAGE_TYPEDEP_xenguest ?= "tar"
# We must not be built at rootfs build time because we need the kernel
IMAGE_TYPES_MASKED += "xenguest"
IMAGE_TYPES += "xenguest"
python __anonymous() {
# Do not do anything if we are not in the want FSTYPES
if bb.utils.contains_any('IMAGE_FSTYPES', 'xenguest', '1', '0', d):
# Check the coherency of the configuration
rootfs_needed = False
rootfs_file = ''
kernel_needed = False
rootfs_file = xenguest_image_rootfs_file(d)
if rootfs_file:
rootfs_needed = True
if d.getVar('XENGUEST_IMAGE_KERNEL') and not d.getVar('INITRAMFS_IMAGE'):
# If INITRAMFS_IMAGE is set, even if INITRAMFS_IMAGE_BUNDLE is not
# set to 1 to bundle the initramfs with the kernel, kernel.bbclass
# is setting a dependency on ${PN}:do_image_complete. We cannot
# in this case depend on do_deploy as it would create a circular
# dependency:
# do_image_complete would depend on kernel:do_deploy which would
# depend on ${PN}:do_image_complete
# In the case INITRAMFS_IMAGE_BUNDLE = 1, the kernel-xenguest class
# will handle the creation of a xenguest image with the kernel.
# In the other case the kernel can be added manually to the image.
kernel_needed = True
bb.build.addtask('do_bootimg_xenguest', 'do_image_complete', None, d)
if rootfs_needed:
# tell do_bootimg_xenguest to call add_rootfs
d.appendVarFlag('do_bootimg_xenguest', 'subtasks', ' xenguest_image_add_rootfs')
# do_bootimg_xenguest will need the tar file
d.appendVarFlag('do_bootimg_xenguest', 'depends', ' %s:do_image_tar' % (d.getVar('PN')))
# set our TYPEDEP to the proper compression
d.setVar('IMAGE_TYPEDEP_xenguest', 'tar' + (rootfs_file.split('.tar', 1)[1] or ''))
if kernel_needed:
# Tell do_bootimg_xenguest to call xenguest_image_add_kernel
d.appendVarFlag('do_bootimg_xenguest', 'subtasks', ' xenguest_image_add_kernel')
# we will need kernel do_deploy
d.appendVarFlag('do_bootimg_xenguest', 'depends', ' virtual/kernel:do_deploy')
}
@@ -0,0 +1,34 @@
# Create a xenguest image containing the kernel with initramfs when
# initramfs is activated
# This is done using kernel-fitimage as model
# To activate this, kernel-xenguest must be added to KERNEL_CLASSES
inherit xenguest-image
# use a local copy to pack all together
XENGUEST_IMAGE_DEPLOY_DIR = "${WORKDIR}/tmp-xenguest"
python __anonymous () {
# only if xenguest image type is present
if bb.utils.contains('IMAGE_FSTYPES', 'xenguest', '1', '0', d):
# only if initramfs bundle is activated
if d.getVar('INITRAMFS_IMAGE') and d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1":
if not bb.utils.contains('KERNEL_IMAGETYPES', 'Image', '1', '0', d):
bb.fatal("xenguest image type with initramfs require Image kernel image type")
bb.build.addtask('do_assemble_xenguest_initramfs', 'do_deploy', 'do_bundle_initramfs', d)
}
do_assemble_xenguest_initramfs() {
xenguest_image_clone
call_xenguest_mkimage partial --xen-kernel=${B}/${KERNEL_OUTPUT_DIR}/Image.initramfs
rm -f ${B}/${KERNEL_OUTPUT_DIR}/Image-initramfs.xenguest
call_xenguest_mkimage pack ${B}/${KERNEL_OUTPUT_DIR}/Image-initramfs.xenguest
}
do_assemble_xenguest_initramfs[depends] += "${INITRAMFS_IMAGE}:do_image_complete"
kernel_do_deploy_append() {
if [ -f "${B}/${KERNEL_OUTPUT_DIR}/Image-initramfs.xenguest" ]; then
install -m 0644 ${B}/${KERNEL_OUTPUT_DIR}/Image-initramfs.xenguest "$deployDir/Image-${INITRAMFS_NAME}.xenguest"
ln -snf Image-${INITRAMFS_NAME}.xenguest $deployDir/Image-${INITRAMFS_LINK_NAME}.xenguest
fi
}
@@ -0,0 +1,102 @@
# This class must be used to extend the xenguest image
# It provides variables to add init scripts, a dtb, xen files or disk files.
#
# The class is extending deploy function so you recipe must inherit deploy and
# have a do_deploy function (even if it is empty)
# Use standard xenguest-image
inherit xenguest-image
# Add a DTB file for the guest
# Only one file should be added, if this is set multiple times or in several
# recipes, the last recipe setting it will prevail.
XENGUEST_EXTRA_DTB ??= ""
# Append something to the guest xen configuration
# All files here will be merged together in the final xen configuration
# This can contain several files or be used in several recipes
XENGUEST_EXTRA_XENCONFIG ??= ""
# Add a xenguest init, init-pre or init-post script
XENGUEST_EXTRA_INIT_PRE ??= ""
XENGUEST_EXTRA_INIT ??= ""
XENGUEST_EXTRA_INIT_POST ??= ""
# Add xenguest files, (to be used in extra xen config for example)
# several files may be added, space separated, the path will be kept on the
# generated xenguest image (if dir1/file1 is added, it can be used as
# dir1/file1 file in the xen configuration).
XENGUEST_EXTRA_FILES ??= ""
# Add xenguest disk files (to be used as disk partition content)
# several files may be added, space separated, the path will be kept on the
# generated xenguest image (if dir1/file1 is added, it can be used as
# dir1/file1 file in the disk content parameters).
XENGUEST_EXTRA_DISK_FILES ??= ""
do_deploy_append() {
if [ -z "${XENGUEST_IMAGE_DEPLOY_DIR}" -o \
-z "${XENGUEST_IMAGE_DEPLOY_SUBDIR}" ]; then
die "Configuration error: XENGUEST_IMAGE_DEPLOY_DIR or XENGUEST_IMAGE_DEPLOY_SUBDIR is empty"
fi
rm -rf ${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
mkdir -p ${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
if [ -n "${XENGUEST_EXTRA_DTB}" ]; then
if [ ! -f ${XENGUEST_EXTRA_DTB} ]; then
die "xenguest-image: DTB file ${XENGUEST_EXTRA_DTB} does not exist"
fi
call_xenguest_mkimage partial --xen-device-tree=${XENGUEST_EXTRA_DTB}
fi
if [ -n "${XENGUEST_EXTRA_XENCONFIG}" ]; then
for f in ${XENGUEST_EXTRA_XENCONFIG}; do
if [ ! -f $f ]; then
die "xenguest-image: Xen config $f does not exist"
fi
call_xenguest_mkimage partial --xen-append=$f
done
fi
if [ -n "${XENGUEST_EXTRA_INIT_PRE}" ]; then
if [ ! -f ${XENGUEST_EXTRA_INIT_PRE} ]; then
die "xenguest-image: Init script ${XENGUEST_EXTRA_INIT_PRE} does not exist"
fi
call_xenguest_mkimage partial --init-pre=${XENGUEST_EXTRA_INIT_PRE}
fi
if [ -n "${XENGUEST_EXTRA_INIT}" ]; then
if [ ! -f ${XENGUEST_EXTRA_INIT} ]; then
die "xenguest-image: Init script ${XENGUEST_EXTRA_INIT} does not exist"
fi
call_xenguest_mkimage partial --init-script=${XENGUEST_EXTRA_INIT}
fi
if [ -n "${XENGUEST_EXTRA_INIT_POST}" ]; then
if [ ! -f ${XENGUEST_EXTRA_INIT_POST} ]; then
die "xenguest-image: Init script ${XENGUEST_EXTRA_INIT_POST} does not exist"
fi
call_xenguest_mkimage partial --init-post=${XENGUEST_EXTRA_INIT_POST}
fi
if [ -n "${XENGUEST_EXTRA_FILES}" ]; then
for f in ${XENGUEST_EXTRA_FILES}; do
if [ ! -f $f ]; then
die "xenguest-image: Xen file $f does not exist"
fi
call_xenguest_mkimage partial --xen-add-file=$f
done
fi
if [ -n "${XENGUEST_EXTRA_DISK_FILES}" ]; then
for f in ${XENGUEST_EXTRA_DISK_FILES}; do
if [ ! -f $f ]; then
die "xenguest-image: Disk file $f does not exist"
fi
call_xenguest_mkimage partial --disk-add-file=$f
done
fi
}
# Need to have xenguest-image tool
do_deploy[depends] += "xenguest-base-image:do_deploy"
@@ -0,0 +1,195 @@
# This class must be used to create, extend or pack a xenguest image.
# It is using xenguest-mkimage tool to do operations
DEPENDS += "xenguest-mkimage-native"
#
# Xenguest image parameters
# All the following parameters can be modified in local.conf or on recipes
# inheriting this class
#
# Guest memory size in MB
XENGUEST_IMAGE_MEMORY_SIZE ??= "512"
# Guest number of vcpus
XENGUEST_IMAGE_NUM_VCPUS ??= "1"
# Guest auto boot during init, set to 1 to have guest started during init or
# to 0 if the guest should not be auto started
XENGUEST_IMAGE_AUTOBOOT ??= "1"
# Partition containing the root file system
# Xen will actually add root=${XENGUEST_IMAGE_ROOT} to your guest kernel
# command line
# You can let this empty if the root filesystem is specified in an other way
# and have root= option added to the command line for example or if you don't
# need a root filesystem mounted for your guest (initrd for example)
XENGUEST_IMAGE_ROOT ??= "/dev/xvda1"
# Guest kernel command line arguments
XENGUEST_IMAGE_CMDLINE ??= "earlyprintk=xenboot console=hvc0 rw"
# Extra commands to add to xenguest-image when creating the image
XENGUEST_IMAGE_EXTRA_CMD ??= ""
# Kernel binary
# This value is used by the xenguest image type but is declared here to have
# all variables in the same place
# If this value is empty no kernel will be added to the image
XENGUEST_IMAGE_KERNEL ??= "Image"
# Size of the disk to create (if 0 no disk will be created and rootfs will not
# be included in the xenguest image)
XENGUEST_IMAGE_DISK_SIZE ??= "${@ '4' if not d.getVar('INITRAMFS_IMAGE') else '0'}"
#
# XENGUEST_IMAGE_DISK PARTITIONS is used to describe the partitions to setup
# and their content.
# It must be set to a space separated list of entries with each entry having
# the format num:sz:fs:[file] where:
# - num is a partition number
# - sz is the partition size in Gigabit
# - fs is the filesystem to use for the partition
# - file is optionally pointing to a file to use as content of the partition
# Please check image_types_xenguest.bbclass for rootfs handling of files
#
# Default value creates a partition 1 using the full disk, formated with ext4
# and containing the root filesystem produced by Yocto
XENGUEST_IMAGE_DISK_PARTITIONS ??= "1:${XENGUEST_IMAGE_DISK_SIZE}:ext4:rootfs.tar.gz"
# XENGUEST_IMAGE_NETWORK_BRIDGE can be set to 1 to have a network interface
# on the guest connected to host bridged network. This will provide the guest
# with a network interface connected directly to the external network
XENGUEST_IMAGE_NETWORK_BRIDGE ??= "1"
# Sub-directory in wich the guest is created. This is create in deploy as a
# subdirectory and must be coherent between all components using this class so
# it must only be modified from local.conf if needed
XENGUEST_IMAGE_DEPLOY_SUBDIR ?= "xenguest"
# Directory in which the xenguest should be deployed
# a sub-directory named ${XENGUEST_IMAGE_DEPLOY_SUBDIR} will be created there.
# This should be set to:
# - ${DEPLOYDIR} (default) if creating or extending the xenguest for a normal
# recipe.
# - something in ${WORKDIR} if you need to clone and manipulate an image
XENGUEST_IMAGE_DEPLOY_DIR ??= "${DEPLOYDIR}"
#
# Wrapper to call xenguest-mkimage
# It is using XENGUEST_IMAGE_DEPLOY_DIR and XENGUEST_IMAGE_DEPLOY_SUBDIR
# to find the image to operate on
#
# Usage: call_xenguest_mkimage [operation] [args]
call_xenguest_mkimage() {
local cmd="${1}"
local img="${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}"
shift
echo "xenguest-mkimage $cmd $img $@"
xenguest-mkimage $cmd $img $@
}
#
# Create an initial xenguest image.
# This is a task which must be added in a recipe inheriting deploy
# It is using XENGUEST_IMAGE_MEMORY_SIZE, XENGUEST_IMAGE_NUM_VCPUS,
# XENGUEST_IMAGE_AUTOBOOT, XENGUEST_IMAGE_ROOT, XENGUEST_IMAGE_EXTRA_CMD,
# XENGUEST_IMAGE_CMDLINE, XENGUEST_IMAGE_DISK_SIZE and
# XENGUEST_IMAGE_DISK_PARTITIONS to customize the initial guest
#
xenguest_image_create() {
if [ -z "${XENGUEST_IMAGE_DEPLOY_DIR}" -o \
-z "${XENGUEST_IMAGE_DEPLOY_SUBDIR}" ]; then
die "Configuration error: XENGUEST_IMAGE_DEPLOY_DIR or XENGUEST_IMAGE_DEPLOY_SUBDIR is empty"
fi
rm -rf ${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
mkdir -p ${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
# Create the image
call_xenguest_mkimage create --xen-memory=${XENGUEST_IMAGE_MEMORY_SIZE} \
--xen-vcpus=${XENGUEST_IMAGE_NUM_VCPUS} \
--xen-root=${XENGUEST_IMAGE_ROOT} \
${XENGUEST_IMAGE_EXTRA_CMD}
# add command line
if [ -n "${XENGUEST_IMAGE_CMDLINE}" ]; then
call_xenguest_mkimage update --xen-clean-extra
for arg in ${XENGUEST_IMAGE_CMDLINE}; do
call_xenguest_mkimage update --xen-extra=$arg
done
fi
# create disk if needed
disksize="${XENGUEST_IMAGE_DISK_SIZE}"
if [ -z "$disksize" ]; then
disksize="0"
fi
if [ $disksize -gt 0 ]; then
# setup disk size
call_xenguest_mkimage update --disk-reset-config --disk-size=$disksize
diskparts="${XENGUEST_IMAGE_DISK_PARTITIONS}"
if [ -n "$diskparts" ]; then
for arg in $diskparts; do
call_xenguest_mkimage update --disk-add-part=$arg
partnum="$(expr $partnum + 1)"
done
fi
fi
if [ "${XENGUEST_IMAGE_AUTOBOOT}" = "1" ]; then
call_xenguest_mkimage update --set-param=GUEST_AUTOBOOT=1
else
call_xenguest_mkimage update --set-param=GUEST_AUTOBOOT=0
fi
if [ "${XENGUEST_IMAGE_NETWORK_BRIDGE}" = "1" ]; then
call_xenguest_mkimage update --set-param=NETWORK_BRIDGE=1
else
call_xenguest_mkimage update --set-param=NETWORK_BRIDGE=0
fi
}
#
# Clone the current xenguest from deploy to manipulate it locally
# This is required if you need to change things before packing an image
# To set the local directory where to clone you must set
# XENGUEST_IMAGE_DEPLOY_DIR if you don't want to use do_deploy to modify the
# image
#
xenguest_image_clone() {
if [ -z "${XENGUEST_IMAGE_DEPLOY_DIR}" -o \
-z "${XENGUEST_IMAGE_DEPLOY_SUBDIR}" ]; then
die "Configuration error: XENGUEST_IMAGE_DEPLOY_DIR or XENGUEST_IMAGE_DEPLOY_SUBDIR is empty"
fi
if [ ! -f ${DEPLOY_DIR_IMAGE}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}/guest.cfg ]; then
die "xenguest-image: ${DEPLOY_DIR_IMAGE}/${XENGUEST_IMAGE_DEPLOY_SUBDIR} does not contain a valid guest"
fi
rm -rf ${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
mkdir -p ${XENGUEST_IMAGE_DEPLOY_DIR}
cp -rf ${DEPLOY_DIR_IMAGE}/${XENGUEST_IMAGE_DEPLOY_SUBDIR} \
${XENGUEST_IMAGE_DEPLOY_DIR}/${XENGUEST_IMAGE_DEPLOY_SUBDIR}
}
# Helper function to retrieve rootfs file if present in one partition
# This can return an empty string or rootfs.tar[.COMP]
def xenguest_image_rootfs_file(d):
disksize = d.getVar('XENGUEST_IMAGE_DISK_SIZE')
# if disksize is 0, we don't create anything
if not disksize or disksize == '0':
return ""
# Find first partition with file=rootfs.tar*
partlist = d.getVar('XENGUEST_IMAGE_DISK_PARTITIONS')
if partlist:
for partdesc in partlist.split():
partelems = partdesc.split(':', 3)
if partelems[3]:
if partelems[3].startswith('rootfs.tar'):
return partelems[3]
return ""
@@ -0,0 +1,11 @@
# This files is added when DISTRO_FEATURES contains arm-autonomy-guest
# We need to have ipv4 activated
DISTRO_FEATURES_append = " ipv4"
# Build a xenguest type image
IMAGE_CLASSES += "image_types_xenguest"
IMAGE_FSTYPES += "xenguest"
# xenguest kernel extension to handle initramfs
KERNEL_CLASSES += "kernel-xenguest"
@@ -0,0 +1,10 @@
# This files is added when DISTRO_FEATURES contains arm-autonomy-host
# We need to have xen and ipv4 activated
DISTRO_FEATURES_append = " xen ipv4"
DISTRO_FEATURES_NATIVE_append = " arm-autonomy-host"
# Don't include kernels in standard images when building arm-autonomy-host
# If the kernel image is needed in the rootfs the following should be set from
# a bbappend: RDEPENDS_${KERNEL_PACKAGE_NAME}-base = "${KERNEL_PACKAGE_NAME}-image"
RDEPENDS_${KERNEL_PACKAGE_NAME}-base ?= ""
+34
View File
@@ -0,0 +1,34 @@
# Add layer to BBPATH
BBPATH .= ":${LAYERDIR}"
# Add recipes-* directories to BBFILES
BBFILES += " \
${LAYERDIR}/recipes-*/*/*.bb \
${LAYERDIR}/recipes-*/*/*.bbappend \
"
BBFILE_COLLECTIONS += "meta-arm-autonomy"
BBFILE_PATTERN_meta-arm-autonomy = "^${LAYERDIR}/"
BBFILE_PRIORITY_meta-arm-autonomy = "6"
LAYERDEPENDS_meta-arm-autonomy = " \
core \
yocto \
openembedded-layer \
virtualization-layer \
"
LAYERSERIES_COMPAT_meta-arm-autonomy = "dunfell"
# We don't activate virtualization feature from meta-virtualization as it
# brings in lots of stuff we don't need. We need to disable the sanity check
# otherwise the user will see a warning on each build.
SKIP_META_VIRT_SANITY_CHECK = "1"
# Directory of our distro config files
ARM_AUTONOMY_DISTRO_CFGDIR = "${LAYERDIR}/conf/distro/include/"
# Add class to handle arm-autonomy distro extensions
USER_CLASSES_append = " arm-autonomy-features"
BBFILES_DYNAMIC += " \
meta-arm-bsp:${LAYERDIR}/dynamic-layers/meta-arm-bsp/*/*/*.bbappend \
"
@@ -0,0 +1,17 @@
#@TYPE: Machine
#@NAME: Autonomy Guest ARM64 machine
#@DESCRIPTION: Machine configuration for ARM64 Autonomy Guest
TUNE_FEATURES = "aarch64"
require conf/machine/include/arm/arch-armv8a.inc
KERNEL_IMAGETYPE = "Image"
IMAGE_FSTYPES += "tar.bz2"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
PREFERRED_VERSION_linux-yocto ?= "5.4%"
DISTRO_FEATURES += "arm-autonomy-guest"
@@ -0,0 +1,225 @@
arm-autonomy Quick Start
==================
This documentation is explaining how to quickly start with arm-autonomy layer
and the main features provided.
You will find in the documentation directory some more detailed documentation
for each of the functionalites provided by this layer.
What to use this layer for?
---------------------------
Using this layer, you can easily and rapidly create a system based on Xen with
one or more guests created using Yocto.
For this you will need to create at least 2 Yocto projects:
- a host project: This one will compile Xen and create a Linux system to be
used as Xen Dom0. The Linux system will contain all functionalities required
to start and manage guests.
- one or several guest projects: Those will create Linux systems with the
required Linux kernel configuration to run as Xen DomU.
Prepare your system
-------------------
First you must download the Yocto layers needed:
- [meta-openembedded](https://git.openembedded.org/meta-openembedded)
- [poky](https://git.yoctoproject.org/poky)
- [meta-virtualization](https://git.yoctoproject.org/meta-virtualization)
- [meta-arm](https://git.yoctoproject.org/meta-arm)
- all other layers you might want to use
For each of the downloaded layer make sure you checkout the release of Yocto
you want to use (for example zeus using `git checkout zeus`).
Please follow [Yocto documentation](https://www.yoctoproject.org/docs/latest/brief-yoctoprojectqs/brief-yoctoprojectqs.html)
in order to have the required dependencies.
Create a project
----------------
Here are the main steps to create an arm-autonomy project:
1. create a new Yocto project using `oe-init-build-env` in a new directory:
```
oe-init-build-env my-project
```
2. Add `meta-arm/meta-arm-autonomy` layer to the list of layers of your
project in the `conf/bblayers.conf`. Also add any other layers you
might need (for example `meta-arm/meta-arm-bsp` and `meta-arm/meta-arm` to
use Arm boards like Juno or FVP emulator). You can achieve this by using
the `bitbake-layers add-layer layerdir [layerdir ...]` command.
For example:
```
export LAYERDIR_BASE="/home/user/arm-autonomy/"
bitbake-layers add-layer $LAYERDIR_BASE/meta-poky $LAYERDIR_BASE/meta-yocto-bsp \
$LAYERDIR_BASE/meta-openembedded/meta-oe $LAYERDIR_BASE/meta-openembedded/meta-python \
$LAYERDIR_BASE/meta-openembedded/meta-filesystems $LAYERDIR_BASE/meta-openembedded/meta-networking \
$LAYERDIR_BASE/meta-virtualization $LAYERDIR_BASE/meta-arm/meta-arm-autonomy \
$LAYERDIR_BASE/meta-arm/meta-arm $LAYERDIR_BASE/meta-arm/meta-arm-bsp
```
Example of a `conf/bblayers.conf`:
```
BBLAYERS ?= " \
/home/user/arm-autonomy/poky/meta \
/home/user/arm-autonomy/poky/meta-poky \
/home/user/arm-autonomy/poky/meta-yocto-bsp \
/home/user/arm-autonomy/meta-openembedded/meta-oe \
/home/user/arm-autonomy/meta-openembedded/meta-python \
/home/user/arm-autonomy/meta-openembedded/meta-filesystems \
/home/user/arm-autonomy/meta-openembedded/meta-networking \
/home/user/arm-autonomy/meta-virtualization \
/home/user/arm-autonomy/meta-arm/meta-arm-autonomy \
/home/user/arm-autonomy/meta-arm/meta-arm \
/home/user/arm-autonomy/meta-arm/meta-arm-bsp \
"
```
Those steps will have to be done for each project you will have to create.
Host project
------------
The host project will build Xen and the Dom0 Linux. It will be the only project
that will be specific to the board (MACHINE) you will be running on.
To create a host project:
1. Follow the steps of "Create a project"
2. Add the layers in `bblayers.conf` required to build a Yocto project for the
board you want to use.
For example to use Arm FVP Base emulator, add `meta-arm/meta-arm` and
`meta-arm/meta-arm-bsp`.
3. edit conf/local.conf to add `arm-autonomy-host` to the DISTRO_FEATURES and
set MACHINE to the board you want to use.
For example, add the following lines:
```
MACHINE = "fvp-base"
DISTRO_FEATURES += "arm-autonomy-host"
```
4. build the image using `bitbake arm-autonomy-host-image-minimal`
The project will generate a Linux kernel, a root filesystem, a Xen binary and
a DTB modified to include the required entries to boot Xen and Linux as Dom0
(this DTB has the extension `-xen.dtb`).
To boot the system using an u-boot base board you will need to:
- Load the kernel (by default at 0x80080000 unless you modify
XEN_DEVICETREE_DOM0_ADDR value)
- Load the xen device tree (for example at 0x83000000)
- Load the xen-efi binary (for example at 0x84000000)
- run using `booti 0x84000000 - 0x83000000`
In this example the addresses might need to be adapted depending on your board.
Guest project
-------------
The guest projects are not target specific and will use a Yocto MACHINE defined
in meta-arm-autonomy to include only the Linux configuration required to run
a xen guest.
To create a guest project:
1. Follow the steps of "Create a project"
2. Optionaly add layers required to build the image and features you need.
3. edit conf/local.conf to add `arm-autonomy-guest` to the DISTRO_FEATURES and
set MACHINE to `arm64-autonomy-guest`:
```
MACHINE = "arm64-autonomy-guest"
DISTRO_FEATURES += "arm-autonomy-guest"
```
4. build the image you want.
For example `bitbake core-image-minimal`
The build will create a ".xenguest" image that can be use on an host project
with the xenguest-manager.
Include guests directly in the host image
-----------------------------------------
The layer provides a way to directly include in the host project one or several
images generated by guest projects.
To use this feature, you must edit your host project `local.conf` file and
add set ARM_AUTONOMY_HOST_IMAGE_EXTERN_GUESTS to the list of xenguest images
you want to include in your host. Each xenguest image must be given using a
full path to it.
For example:
```
ARM_AUTONOMY_HOST_IMAGE_EXTERN_GUESTS = "/home/user/guest-project/tmp/deploy/images/arm64-autonomy-guest/core-image-minimal-arm64-autonomy-guest.xenguest;guestname=myguest"
```
This will add the guest and name it `myguest` on the host project image and
the xenguest-manager will automatically boot it during startup.
Add support for your board
--------------------------
Most of arm-autonomy layer is board independent but some functionalities
might need to be customized for your board:
### Add the kernel configuration for the host
The layer is using KERNEL_FEATURES to add drivers required to be a Xen Dom0
system.
Depending on the kernel used by your BSP and how it is configured you might
need to add the required drivers to your kernel configuration:
- if KERNEL_FEATURES system is supported by your kernel, make sure that the
file `recipes-kernel/linux/linux-arm-autonomy.inc` from the layer is included
by your kernel recipe.
- if it is not supported, you must add the proper drivers inside your kernel
(modules are possible but they must be loaded before xenguest-manager is
started). You can find the complete list of the kernel configuration elements
required in `recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/xen-host.cfg`.
### Define the drive and partition to use for the LVM volume
The xenguest-manager is creating disk hard drive using LVM on an empty
partition. The default value is set to use /dev/sda2.
You can change this for your board by setting XENGUEST_MANAGER_VOLUME_DEVICE.
Check `recipes-extended/xenguest/xenguest-manager.bbappend` for examples.
Please also read xenguest-manager.md.
### Define the interface to add to xenguest network bridge
xenguest-network bridge is creating a bridge on the host and adds network
interfaces to it so that guest connected to it have access to external network.
By default `eth0` is set as the list of interfaces to be added to the bridge.
Depending on your board or use case you might want to use an other interface
or use multiple interfaces.
You can change this for your board by setting XENGUEST_NETWORK_BRIDGE_MEMBERS.
Check `recipes-extended/xenguest/xenguest-network-bridge.bbappend` for
exmaples.
Please also read xenguest-network-bridge.md.
### Define the network configuration of the xenguest network bridge
xenguest network bridge is putting the host network interfaces in a bridge
and is configuring it by default to use dhcp.
If you need a different type of configuration you can set
XENGUEST_NETWORK_BRIDGE_CONFIG in a xenguest-network-bridge.bbappend to use
a different file.
The recipe will look for the file in ${WORKDIR} so you will need to add it to
SRC_URI in your bbappend.
The recipe will also substitute `###BRIDGE_NAME###` with the bridge name
configured in ${XENGUEST_NETWORK_BRIDGE_NAME}.
You can find an example configuration file in
`recipes-extended/xenguest/files/xenguest-network-bridge-dhcp.cfg.in`.
Please also read xenguest-network-bridge.md.
### Customize Dom0 and Xen boot arguments for you board
xen-devicetree is writting inside the generated DTB Xen and Linux boot
arguments as long as the address where Dom0 Linux kernel can be found.
You might need to have different values for your board or depending on your
use case.
You can find examples to customize this in
`recipes-extended/xen-devicetree/xen-devicetree.bbappend`.
Please also read xen-devicetree.md.
@@ -0,0 +1,104 @@
Xen device tree
===============
Introduction
------------
xen-devicetree recipe can be used to modify an existing Device Tree Blob,
produced by Linux kernel or another recipe, to include in it entries required
to start Xen and a Dom0 Linux on top of it.
The recipe will do the following processing:
- generate a xen.dtsi file with entries required for xen based on parameters
- turn DTBs in ${XEN_DEVICETREE_DTBS} back to dts
- include in xen.dtsi and all other dtsi from
${XEN_DEVICETREE_DTSI_MERGE} (check Bitbake parameters for more information
on this).
- use dtc to create a new DTB file
The recipe will generate new files in deploy/images and name them with the
extension "-xen.dtb".
For example **machine.dtb** will generate **machine-xen.dtb**.
Entries added to the DTBs
-------------------------
When a DTB is processed by the recipe, the following block is added:
```
chosen {
xen,dom0-bootargs = "VAL";
xen,xen-bootargs = "VAL";
modules {
#size-cells = <0x00000001>;
#address-cells = <0x00000001>;
module@0 {
reg = <VAL VAL>;
compatible = "multiboot,module";
};
};
};
```
Each occurence of **VAL** is replaced by the content of the variables listed in
this documentation.
Bitbake parameters
------------------
Several parameters are available to configure the xen-devicetree during Yocto
project compilation (those can be set in your project local.conf, for exmple).
The following parameters are available:
- XEN_DEVICETREE_DEPEND: This variable can be used to indicate which recipe
task is generating the DTBs that xen-devicetree will modify. This makes sure
the xen devicetrees are properly regenerated if the source DTBs are changed.
This variable is set by default to "virtual/kernel:do_deploy" to use DTBs
generated during the compilation of the Linux kernel. This must be changed
if the machine your are using is not using a DTB listed in KERNEL_DEVICETREE.
- XEN_DEVICETREE_DTBS: This should be set to the list of DTBs you want to be
modified by xen-devicetree. Those must be files that xen-devicetree can find
in the ${DEPLOY_DIR_IMAGE} directory using only the basename of the entries.
For example "mydir/board.dtb" will make the recipe look for
${DEPLOY_DIR_IMAGE}/board.dtb.
This variable is set by default to "${KERNEL_DEVICETREE}" to process the DTBs
generated by the Linux kernel.
- XEN_DEVICETREE_DOM0_MEM: Memory size to allocate to Dom0.
This variable is only used if XEN_DEVICETREE_XEN_BOOTARGS has a value
containing "dom0_mem=${XEN_DEVICETREE_DOM0_MEM}" as the memory assigned to
dom0 is defined using Xen boot arguments.
This variable is set by default to "1024M".
- XEN_DEVICETREE_DOM0_BOOTARGS: Boot arguments to pass to Dom0 Linux when
booting it.
This variable is set by default to "console=hvc0 earlycon=xen".
- XEN_DEVICETREE_XEN_BOOTARGS: this variable should be set with the boot
arguments to be passed to Xen on boot.
This variable is set by default to
"noreboot dom0_mem=${XEN_DEVICETREE_DOM0_MEM}".
- XEN_DEVICETREE_DOM0_ADDR: This is the address from which the Linux kernel to
be used for Dom0 will be copied. When using u-boot, this is the address at
which you will load the kernel Image before starting Xen.
This variable is set by default to "0x80080000".
- XEN_DEVICETREE_DOM0_SIZE: This is the size of the kernel loaded at
${XEN_DEVICETREE_DOM0_ADDR}. Xen will copy this amount of data inside the
guest before starting it so the size must be at least equal to the kernel
size but can be bigger. You must be careful not to have a value too big as it
could slow down boot or copy other parts with it (like the DTB).
You might need to increase this if you use a kernel with a bundled initramfs.
This variable is set by default to "0x01000000".
- XEN_DEVICETREE_DTSI_MERGE: This variable contains the list of dtsi files that
must be included inside the generated DTB file. By default the only one
include is the "xen.dtsi" generated by the recipe.
If your board or project needs to include more fixes or entries in the DTB,
this variable can be appended from a bbappend file to include other dtsi. The
files must be inside the recipe workspace during Yocto compilation.
You can check xen-devicetree.bbappend for an example.
@@ -0,0 +1,67 @@
Xenguest Manager
================
Introduction
------------
xenguest-manager is a tool to manage Xenguest images generated by
[xenguest-mkimage](xenguest-mkimage.md).
On a Xen Dom0 system it will:
- create a xen guest from a xenguest image: extract its components, create a
disk for the guest using LVM volumes.
- start/stop a xen guest (during init or using xenguest-manager directly).
- check guest status
xenguest-manager is composed of 2 shell scripts:
- xenguest-manager which can be used from command line to start/stop/check
guests and create or remove guest using xenguest images.
- xenguest-init which is called during init to automatically create and start
some guests as part of the host init process.
Usage
-----
xenguest-manager must be called like this:
`xenguest-manager OPERATION [OPTIONS]`
The following operations are available:
- create XENGUEST_IMAGE [GUESTNAME]: create a guest from a xenguest image file
as guest GUESTNAME. If GUESTNAME is not given the image file name is used
without the xenguest extension.
- remove GUESTNAME: remove the guest GUESTNAME.
- start GUESTNAME: start the guest GUESTNAME.
- stop GUESTNAME: stop the guest GUESTNAME (this is using `xl stop` which is
sending a stop signal to the running guest).
- kill GUESTNAME: force stopping the guest GUESTNAME.
- list: list the available guests.
- status [GUESTNAME]: print the current status of GUESTNAME. If GUESTNAME is
not given, print the status of all guests.
For a detailed help on available options please use:
`xenguest-manager --help`
Bitbake parameters
------------------
Several parameters are available to configure the xenguest manager during Yocto
project compilation (those can be set in your project local.conf, for example).
The following parameters are available:
- XENGUEST_MANAGER_VOLUME_DEVICE: This is the device path used by the
xenguest-manager on the device to create LVM disks when guests have a disk
configuration.
This is set by default to "/dev/sda2".
- XENGUEST_MANAGER_VOLUME_NAME: This is the LVM volume name that the
xenguest-manager will create and use to create guest LVM disks.
This is set by default to "vg-xen".
- XENGUEST_MANAGER_GUEST_DIR: This is the directory on Dom0 where the
xenguest-manager will look for xenguest images to create during init. That's
the place where xenguest images can be added to have them automatically
created during next Dom0 boot. The xenguests found there will only be created
if they were not already before (the basename of the files is used as guest
name).
This is set by default to "/usr/share/guests".
@@ -0,0 +1,119 @@
Xenguest mkimage
================
Introduction
------------
xenguest-mkimage is a tool to create and modify images to be used as Guest with
Xen. It defines a format to store completely defined guests as a file or as
a directory and provides options to create and modify those images.
A xenguest image contains all elements required to create a xen guest.
This is the base elements like a Xen configuration and a Linux kernel binary
but also some more advanced elements like init scripts or a disk definition.
The format is made to be deployable easily by storing everything in a single
file and provide tools to easily manipulate the images. It can also easily be
extended to have features like encryption or signature of images, updates or
complex configurations by providing features to have init script that will be
executed on the host embedded inside the image.
Xenguest images content
-----------------------
### params.cfg
This file contains parameters that can be used by tools to configure some
functionalities on the host. This can be used by init scripts to have
configurable parameters as it is sourced before calling init scripts.
### guest.cfg and guest.d
guest.cfg is the main xen configuration and guest.d contains optional
configuration parts. All those will be merged into one final xen configuration
before starting the guest.
### files
This directory contains files that can be used by the xen configuration, for
example the binary of the kernel referenced in xen configuration).
This is where the kernel binary, the dtb or a ramdisk will be stored.
### init.pre, init.d and init.post
These directories contain init scripts that will be executed on the host
during the guest startup. Those must be shell scripts and each directory
contains scripts called at a different time:
- init.pre: scripts executed before the guest is created. This can be used
to prepare some features required to create the guest in xen or to
generate part of the xen configuration dynamically.
- init.d: scripts executed when the guest has been created but before it is
started. This can be used to do some xenstore operations or configure the
guest behaviour using xl, for example.
- init.post: scripts executed just after starting the guest. This can be
used to configure things created by xen for the guest like network
network interfaces.
When a directory contains several scripts, those will be called in alphabetical
order.
### disk.cfg and disk-files
disk.cfg contains the guest disk description (disk size and disk partitions).
The file contains the following entries:
- `DISK_SIZE=X`: size of the disk to create in GB
- `DISK_PARTX=SIZE:FS:CONTENT`: create a partition number X (1 to 4) with a
size of SIZE GB, format it with filesystem FS (can be ext2, ext3, ext4, vfat
or swap) and extract CONTENT as initial partition content
(.tar[.gz|.xz|.bz2] file or img[.gz|.bz2] file to be dumped in the partition). FS and
CONTENT can be empty.
The disk-files contain files to be used for initializing the disk partitions
content. Those should be used to create a LVM or a physical disk and initialize
it (create partitions, format them and put the initial content).
Usage
-----
xenguest-mkimage is a shell script which must be called like this:
`xenguest-mkimage OPERATION XENGUEST [OPTIONS]`
### Operations
- create: create a xenguest image. If XENGUEST is an existing empty directory,
the image is created as a directory otherwise it will be created as a file.
- check: verify that XENGUEST is a valid xenguest image.
- update: modify a xenguest image (see --help for a list of operations).
- pack: pack a xenguest image directory into a xenguest image file. The file to
be created must be given as 3rd argument.
- extract: extract a xenguest image file into a directory. The destination
directory must be given as 3rd argument.
- dump-xenconfig: dump xenguest image xen configuration.
- dump-diskconfig: dump xenguest image disk configuration.
- dump-paramsconfig: dump xenguest image parameters configuration.
For a detailed help on available operations, please use:
`xenguest-mkimage --help`
### Options
- --kernel=FILE: add kernel FILE as guest kernel. This is both adding the file
to the image and modifying the xen configuration to use it.
- --xen-memory=SIZE: set the guest memory size in MB.
- --xen-extra: add a kernel command line argument. This can be called several
times to add several command line options.
- --xen-device-tree=FILE: add dtb FILE as device tree. This both adding the
file to the image and modifying the xen configuration to use it.
- --init-script=FILE: add guest init script. The script is embedded inside the
image file. Several script can be added and the basename of FILE is used to
distinguish them (calling the option twice with the same file will update the
script in the image with the second one).
--disk-size=SIZE: set the guest disk size to SIZE in GB. Calling this with 0
disable the guest disk.
- --disk-add-part=NUM:SIZE:FS:CONTENT: This is adding a partition to the
xenguest image disk. The partition is described with the arguments:
- NUM: partition number.
- SIZE: partition size in GB.
- FS: filesystem to format the partition with. This can be ext2, ext3, ext4,
vfat of swap. If empty the partition is not formated.
- CONTENT: tar of img file to use to initialize the partition. The file must
be added to the image using --disk-add-file=FILE:CONTENT.
For a detailed help on available options, please use:
`xenguest-mkimage OPERATION --help`
@@ -0,0 +1,49 @@
xenguest network bridge
=======================
Introduction
------------
xenguest-network-bridge is creating a network bridge to allow some guests to
have a direct connection to the external network.
To do this, a bridge is created on the host using brctl with the network
interfaces added to it so that the bridge is connected to the external network.
It is also adding a guest init script which will, for guests configured to use
it, create a virtual network interface for the guest and connect it to the
network bridge on the host.
Usage
-----
On the host the package xenguest-network-bridge must be included in your image.
On the xenguest image of your guest, the parameter NETWORK_BRIDGE must be set
to 1 (using xenguest-mkimage --set-param=NETWORK_BRIDGE=1).
Bitbake parameters
------------------
Several parameters are available to configure the xenguest network bridge
during Yocto project compilation (those can be set in your project local.conf,
for example).
The following parameters are available:
- XENGUEST_NETWORK_BRIDGE_NAME: This variable defines the name of the network
bridge that is created on the host during init.
This is set by default to "xenbr0".
- XENGUEST_NETWORK_BRIDGE_MEMBERS: This variable defines the list of network
interfaces that are added to the bridge when it is created on the host during
init.
This is set by default to "eth0".
- XENGUEST_NETWORK_BRIDGE_CONFIG: This variable defines the configuration file
to use to configure the bridge network. By default it points to have file
configuring the network using dhcp.
You can provide a different file using a bbappend and make this variable
point to it if you want to customize your network configuration.
- XENGUEST_IMAGE_NETWORK_BRIDGE: This variable can be set to 0 or 1 on guest
projects to enable or not the connection of the guest to the host bridge.
This is set by default to "1".
@@ -0,0 +1,32 @@
# Use OVERRIDES to minimize the usage of
# ${@bb.utils.contains('DISTRO_FEATURES', 'xen', ...
OVERRIDES_append = "${@bb.utils.contains('DISTRO_FEATURES', 'xen', ':xen', '', d)}"
# Xen image to put in the image
# This should point to a file in the deploy image directory
BOOT_WRAPPER_AARCH64_XEN ??= "xen-${MACHINE}"
# Xen command line for the image
BOOT_WRAPPER_AARCH64_XEN_CMDLINE ??= "noreboot dom0_mem=256M"
BOOT_WRAPPER_AARCH64_XEN_CMDLINE_gem5-arm64 = "noreboot dom0_mem=256M console=dtuart \
dtuart=/uart@1c090000 bootscrub=0"
# Fix command line in the axf file for gem5-arm64 when Xen is present
BOOT_WRAPPER_AARCH64_CMDLINE_xen_gem5-arm64 = "console=hvc0 root=/dev/vda rw"
# Image generated by boot wrapper when Xen is present
BOOT_WRAPPER_AARCH64_IMAGE_xen ?= "xen-system.axf"
EXTRA_OECONF_append_xen = " \
--with-xen=${WORKDIR}/kernel/arch/arm64/boot/Image \
--with-xen-cmdline="" \
"
EXTRA_OEMAKE_append_xen = " \
XEN_IMAGE=${DEPLOY_DIR_IMAGE}/${BOOT_WRAPPER_AARCH64_XEN} \
XEN_CMDLINE="${BOOT_WRAPPER_AARCH64_XEN_CMDLINE}" \
"
# We need xen if it is activated
do_deploy[depends] += "${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'xen:do_deploy', '', d)}"
@@ -0,0 +1,21 @@
# Use OVERRIDES to minimize the usage of
# ${@bb.utils.contains('DISTRO_FEATURES', 'xen', ...
OVERRIDES_append = "${@bb.utils.contains('DISTRO_FEATURES', 'xen', ':xen', '', d)}"
FILESEXTRAPATHS_prepend_xen := "${THISDIR}/${PN}:"
DEPLOY_EXTRA_DEPS ??= ""
DEPLOY_EXTRA_DEPS_xen = "xen:do_deploy xen-devicetree:do_deploy"
do_deploy[depends] += "${DEPLOY_EXTRA_DEPS}"
do_deploy_prepend_xen() {
# To avoid dependency loop between firmware-image-juno:do_install,
# xen:do_deploy and xen-devicetree:do_deploy when
# INITRAMFS_IMAGE_BUNDLE = "1", we need to handle the xen and
# xen-devicetree binaries copying in the do_deploy task.
cp ${DEPLOY_DIR_IMAGE}/xen-${COMPATIBLE_MACHINE}.efi \
${D}/${UNPACK_DIR}/SOFTWARE/xen
cp ${DEPLOY_DIR_IMAGE}/*xen.dtb \
${D}/${UNPACK_DIR}/SOFTWARE/
}
@@ -0,0 +1,78 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 11 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x02700000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-xen.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x01D00000 ;Image Flash Address
NOR4FILE: \SOFTWARE\xen ;Image File Name
NOR4NAME: xen
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x025C0000 ;Image Flash Address
NOR5FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x03E40000 ;Image Flash Address
NOR6FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BF00000 ;Image Flash Address
NOR7FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR7NAME: startup.nsh
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR8FILE: \SOFTWARE\blank.img ;Image File Name
NOR8NAME: BOOTENV
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x02600000 ;Image Flash Address
NOR9FILE: \SOFTWARE\selftest ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
NOR10UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR10ADDRESS: 0x02780000 ;Image Flash Address
NOR10NAME: uEnv.txt
NOR10FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR10LOAD: 00000000 ;Image Load Address
NOR10ENTRY: 00000000 ;Image Entry Point
@@ -0,0 +1,78 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 11 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x02700000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r1-xen.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x01D00000 ;Image Flash Address
NOR4FILE: \SOFTWARE\xen ;Image File Name
NOR4NAME: xen
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x025C0000 ;Image Flash Address
NOR5FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x03E40000 ;Image Flash Address
NOR6FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BF00000 ;Image Flash Address
NOR7FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR7NAME: startup.nsh
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR8FILE: \SOFTWARE\blank.img ;Image File Name
NOR8NAME: BOOTENV
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x02600000 ;Image Flash Address
NOR9FILE: \SOFTWARE\selftest ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
NOR10UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR10ADDRESS: 0x02780000 ;Image Flash Address
NOR10NAME: uEnv.txt
NOR10FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR10LOAD: 00000000 ;Image Load Address
NOR10ENTRY: 00000000 ;Image Entry Point
@@ -0,0 +1,78 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 11 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x02700000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r2-xen.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x01D00000 ;Image Flash Address
NOR4FILE: \SOFTWARE\xen ;Image File Name
NOR4NAME: xen
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x025C0000 ;Image Flash Address
NOR5FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x03E40000 ;Image Flash Address
NOR6FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BF00000 ;Image Flash Address
NOR7FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR7NAME: startup.nsh
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR8FILE: \SOFTWARE\blank.img ;Image File Name
NOR8NAME: BOOTENV
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x02600000 ;Image Flash Address
NOR9FILE: \SOFTWARE\selftest ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
NOR10UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR10ADDRESS: 0x02780000 ;Image Flash Address
NOR10NAME: uEnv.txt
NOR10FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR10LOAD: 00000000 ;Image Load Address
NOR10ENTRY: 00000000 ;Image Entry Point
@@ -0,0 +1,15 @@
xen_name=xen
xen_addr=0x84000000
uenvcmd=run mybootcmd
mybootcmd=echo Loading custom boot command; \
echo Loading kernel; \
afs load ${kernel_name} ${kernel_addr} ; \
if test $? -eq 1; then echo Loading ${kernel_alt_name} instead of ${kernel_name}; afs load ${kernel_alt_name} ${kernel_addr}; fi; \
echo Loading device tree; \
afs load ${fdtfile} ${fdt_addr}; \
if test $? -eq 1; then echo Loading ${fdt_alt_name} instead of ${fdtfile}; \
afs load ${fdt_alt_name} ${fdt_addr}; fi; fdt addr ${fdt_addr}; fdt resize; \
echo Loading Xen; \
afs load ${xen_name} ${xen_addr}; \
if test $? -eq 0; then echo Booting Xen; bootefi ${xen_addr} ${fdt_addr}; fi;
@@ -0,0 +1,7 @@
# When booting gem5-arm64 with Xen we need to set the cpu as Cortex A53 and
# remove support for pointer authentification
GEM5_RUN_EXTRA_append = " \
${@bb.utils.contains('DISTRO_FEATURES_NATIVE', 'arm-autonomy-host', \
'--param=system.cpu_cluster[0].cpus[0].isa[0].midr=0x410fd030 \
--param=system.cpu_cluster[0].cpus[0].isa[0].id_aa64isar1_el1=0x0', \
'', d)}"

Some files were not shown because too many files have changed in this diff Show More