TFM repos do not use release branches. TFM-test repo does not use master
branch and use detached head for the 1.6 release. This commits makes necessary
changes to be able to build tfm and tfm-test again for langdale.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
For some reason the kas 3.2.1 container fails:
No such file or directory: '/builds/engineering/yocto/meta-arm/ci/ci/base.yml'
Note the repeated /ci/, which is wrong.
Pin the kas container to 3.2 for now until this is resolved.
Signed-off-by: Ross Burton <ross.burton@arm.com>
A recent commit compressed the kernel image (to Image.gz) and
by default enabled an initramfs image. In the case for when
such that (initramfs) is not desirable, the deploy step of the
Juno firmware will still try to install the Image file, (not
Image.gz), so this fails:
ERROR: firmware-image-juno-1.0-r0 do_deploy: ExecutionError('/oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/temp/run.do_deploy.360477', 1, None, None)
ERROR: Logfile of failure stored in: /oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/temp/log.do_deploy.360477
Log data follows:
| DEBUG: Executing python function sstate_task_prefunc
| DEBUG: Python function sstate_task_prefunc finished
| DEBUG: Executing shell function do_deploy
| cp: cannot stat '/oe/build/tmp-glibc/deploy/images/juno/Image': No such file or directory
| WARNING: /oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/temp/run.do_deploy.360477:152 exit 1 from 'cp -L -f /oe/build/tmp-glibc/deploy/images/juno/Image /oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/image/juno-firmware-19.06/SOFTWARE/'
| WARNING: Backtrace (BB generated script):
| #1: do_deploy, /oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/temp/run.do_deploy.360477, line 152
| #2: main, /oe/build/tmp-glibc/work/juno-oe-linux/firmware-image-juno/1.0-r0/temp/run.do_deploy.360477, line 163
NOTE: recipe firmware-image-juno-1.0-r0: task do_deploy: Failed
ERROR: Task (../meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb:do_deploy) failed with exit code '1'
This updates the else case for when an initramfs image is not
in use so that the right kernel image is deployed, by using
the KERNEL_IMAGETYPE variable, to use either version of the
kernel image.
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
For models that require a license, ARMLMD_LICENSE_FILE is used to define
the location of a license file or server. If the variable is not set in
Bitbake it will not be set in the model environment.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
FVP_ENV_PASSTHROUGH may contain variables that have not been set.
d.getVar returns None in this case. Detect this and skip setting the
variable in the model environment.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Define FVP_ENV_PASSTHROUGH's vardeps to equal itself, so that the
fvpconf is regenerated if any of the defined variables change.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
aa89fe3f ensured environment variables necessary for GUI applications
are passed through to the model despite runfvp env var restrictions. Add
XAUTHORITY to this list. This is useful when doing X-forwarding with
Kas, which creates its own home directory.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change u-boot and machine config to default to booting a compressed
initramfs. This allows for easier testing. A compressed image is
needed as the image is too big for the storage, and the error notifying
of such is vague.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The libts recipe assumes generated cmake file will be suffixed with
'-noconfig'. This is only true when building with the default type
i.e. "".
Check which target cmake file has been generated before trying to
patch it. This fixes 'no such file' error when building with an
explicit type (Debug, Release, etc).
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The SCP-firmware CMake compile step automatically attempts to execute
cppcheck if both:
* cppcheck can be located using find_program
* DISABLE_CPPCHECK is not defined
cppcheck is not readily available in OE-core and is not an essential
part of the compilation process for end-users, so explicitly disable the
cppcheck step by passing DISABLE_CPPCHECK to CMake.
Additionally, because the OE-core CMake toolchain file cannot be used,
find_program may locate cppcheck on the host machine, which will cause
the build to fail if it is not the recommended version (as it is in
recent Linux distros).
Issue-Id: SCM-5864
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ia87a0cbbb67ac1d6f3b26cfb5747a85b46131f81
Signed-off-by: Jon Mason <jon.mason@arm.com>
If CMAKE_BUILD_TYPE=debug (lowercase), SCP-firmware builds with debug
compiler flags but BUILD_MODE_DEBUG is not defined in C code so features
that are conditionally enabled/disabled in debug mode are not active.
Pass capitalized "Debug" and "Release" strings to CMAKE_BUILD_TYPE to
ensure Debug mode is fully enabled when SCP_BUILD_RELEASE = "0".
SCP_BUILD_RELEASE = "1" (the default) for all machines in meta-arm-bsp
so they are unaffected.
Issue-Id: SCM-5864
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I93220420eedd2e3e6c169679efcaf4642dd5bc51
Signed-off-by: Jon Mason <jon.mason@arm.com>
apply_local_src_patches.bbclass was added in a previous patch to handle
the application of patch files located inside the fetched source code.
find is used to collect the patch files which does not guarantee the
order of its output. Pipe the output of find into sort to ensure patch
files are applied in the correct order.
Issue-Id: SCM-5864
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I1082fb7a726a7745289a5aa8bb6447bef57a94b0
Signed-off-by: Jon Mason <jon.mason@arm.com>
meta-clang has a langdale branch now, so use that instead of master.
linux-yocto needs to use non-clang objcopy, apply the change locally
until the commit has been merged into meta-clang's langdale branch.
perf needs some patches backported to langdale, until that has been done
use gcc to build perf.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Timing Annotation is a feature of the model that enables high-level
performance estimations to be made [1]. It is not needed to demonstrate
a functioning software stack so set FASTSIM_DISABLE_TA to 1 in the model
environment to disable this feature. This also improves model
performance.
[1] https://developer.arm.com/documentation/100965/1119/Timing-Annotation
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
DEFAULT_TAG and CPU_REQUEST are being used to help with internal Gitlab
pipeline setups know which type of machines to run on, but has no value
outside of Arm Corp. Gitlab CI allows for variables to be overridden
by default. So, we can give it a default value of NULL/empty and have
everything work internally and externally by default.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Tag all jobs with the DEFAULT_TAG variable so each instance can control
what tags the jobs have, whilst still explicitly tagging the jobs which
need specific tags (such as x86_64 for jobs which need to run x86-only
binaries)
Signed-off-by: Ross Burton <ross.burton@arm.com>
The Kas container needs to use the entrypoint as that is where the user
changes from root to a normal user.
Also set the KUBERNETES_CPU_REQUEST to the variable CPU_REQUEST as this
needs to be tuned per-deployment.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Update version in documentation.
Issue-Id: SCM-4874
Signed-off-by: Robbie Cao <robbie.cao@arm.com>
Change-Id: Ic66bdcdc5c6309331f80faab6eaf2e3e936a5da4
Signed-off-by: Jon Mason <jon.mason@arm.com>
Ensure meta-atp recipes are only performed if a compatible machine is
selected.
Signed-off-by: Adrián Herrera Arcila <adrian.herrera@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Previously, meta-atp extended the original gem5 recipe to add the ATP
Engine models; the .bbappend was complex, because it pulled from two
sources, and it was not possible to make machine-based overrides, as it
is a native recipe.
To solve this, we use the recent EXTRAS feature to add the gem5 models
from a different recipe.
Signed-off-by: Adrián Herrera Arcila <adrian.herrera@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The m5 readfile recipe provides general utility for gem5 users to
run any script on OS boot. We hence move it to the meta-gem5 layer.
Signed-off-by: Adrian Herrera <adrian.herrera@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
By making m5readfile into its own recipe, we avoid modifications to the
m5ops recipe when using the meta-atp layer, which break the Yocto
compatibility of the layer.
Signed-off-by: Adrian Herrera <adrian.herrera@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Test failed because there was no reference to maintainers in the
meta-atp README.
Following the common structure of other layers in the meta-arm
repository, the README in meta-atp now refers to the top-level README,
and a documentation directory contains the guidance that was present in
the original meta-atp README.
Signed-off-by: Adrián Herrera Arcila <adrian.herrera@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
N1SDP has 2 DRAM's. This change is to register 2nd DRAM which starts at
0x8080000000. Linux uses 1KB of this memory to share data with optee-os.
Signed-off-by: Jon Mason <jon.mason@arm.com>
721bec25 "arm/fvp: Join cli arguments in verbose logging" changed the
verbose output of FVPRunner to print the generated arguments using
shlex.join instead of as a list. However, this function is only
available in Python >= 3.8, whereas OE-core currently supports Python
3.6.
To fix this, backport its one-line implementation to a local function
shlex_join and update the call site.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I56cab9dddcd0a91272464be15742a6ee726dad41
Signed-off-by: Jon Mason <jon.mason@arm.com>
As TF-M ships patches that it needs applied to mbedcrypto, we apply them as
part of do_patch by using a postfunc. There is an issue when do_patch is
executed after do_deploy_source_date_epoch_setscene and apply_local_patches
tries to apply the patches already applied.
To fix this, make usage of the apply_local_src_patches bbclass.
Change-Id: Ia115b540b37ad3a2cce30e1e0461abd1f5a6ccc1
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This class is to be inherited by recipes where there are patches located inside
the fetched source code which need to be applied.
The following variables need to be set:
LOCAL_SRC_PATCHES_INPUT_DIR is the directory from where the patches are located
LOCAL_SRC_PATCHES_DEST_DIR is the directory where the patches will be applied
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I8f9c16a5fbc9d5569cba60136560f1951408bd60
Signed-off-by: Jon Mason <jon.mason@arm.com>
Start a new thread to simultaneously log the output of FVP and the
telnet output if the --verbose flag is passed to runfvp. So that
ConsolePortParser can read the same stream, use itertools.tee to
temporarily duplicate the stream.
Use a custom log format string with an escape character to ensure that
log output always starts at the beginning of a line when interleaved
with console output.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I3e815d9d899425e0d2af619524f09f2eda87562c
Signed-off-by: Jon Mason <jon.mason@arm.com>
It is often useful to inspect the FVP output after running the tests.
Refactor OEFVPSerialTarget._create_logfile into
OEFVPSSHTarget._create_log_filename, so that all FVP test controllers
are able to create secondary log files.
Pass a filehandle to the stdout argument of run_fvp so that the FVP
output is asynchronously logged to a file. Change the port parsing logic
to read back from the same log file instead of reading the stdout
directly.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I2ddb423fa0d896c13d3e96884858c680c4d34555
Signed-off-by: Jon Mason <jon.mason@arm.com>
To simplify the FVPRunner class, create a separate ConsolePortParser
class to handle reading an iterator of lines and parsing port numbers
for FVP consoles. Use this in runfvp and the test targets.
This refactor also allows the stream being monitored to be changed more
easily, e.g. to a log file.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Iade3a4c803fb355b04af7afa298d0a41fe707d94
Signed-off-by: Jon Mason <jon.mason@arm.com>
FVPRunner relies heavily on asyncio, despite there being very little
concurrent work happening. Additionally, while the runfvp entry point
starts an asyncio runner, it is not practical to have a single asyncio
runtime during testimage, which is fully synchronous.
Refactor to use subprocess.Popen and related functionality. The process
object has a similar interface to its async equivalent.
Cascade the API changes to runfvp and the test target classes.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I3e7517e8bcbb3b93c41405d43dbd8bd24a9e7eb8
Signed-off-by: Jon Mason <jon.mason@arm.com>
It is sometimes helpful to copy and paste the cli arguments from the
verbose runfvp output (e.g. to test with a development FVP build), but
currently the arguments are printed as a Python list. Use
shlex.join(cli) to safely join the arguments together in form that can
be reused directly in a shell.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ibb5c5ed45d02e241cb3858f68740fb9d4e89357a
Signed-off-by: Jon Mason <jon.mason@arm.com>
Sets refspec for meta-openembedded and poky for upcoming
Corstone1000 release. These SHAs are tested.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Aligning the user guide with the latest Corstone1000 SW updates.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrades the Corstone1000 FVP to the latest release
version.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Aligning the release notes with the latest Corstone1000 SW updates.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There are some cases where PN is not expanded into linux-yocto in the
arm-ffa-transport.inc file required from linux-yocto_%.bbappend,
because of the := usage, in those cases PN gets "defaultpkgname".
To fix the issue, rename "linux-yocto" folder into "files" and adjust
ARMFILESPATHS to point to that in linux-yocto_%.bbappend, prepend
ARMFILESPATHS to FILESEXTRAPATHS in arm-ffa-transport.inc.
Remove ARMFILESPATHS prepend from FILESEXTRAPATHS for corstone1000 in
meta-arm-bsp, because the platform has always the "arm-ffa" in
MACHINE_FEATURES, which causes ARMFILESPATHS to be prepended.
While there, remove the FILESEXTRAPATHS prepend of ARMFILESPATHS for
the n1sdp that will be added by arm-ffa-transport.inc only when
needed.
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use --prefix instead of --root when installing the Python modules to
ensure that build paths are not embedded in the compiled .pyc files.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Without virtio-rng enabled kernel 5.19 takes ages to finish
random number generator initialisation which causes
issues with ssh and other crypto related services.
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
when NameSize is smaller than the actual NameSize. It
currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
max_name_len incorrectly. This fixes max_name_len error by
replacing it with actual NameSize request by u-boot.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As in EDK-2 and EDK-2 test code, setVariable() with 0
attributes means a delete variable requiest. Currently,
smm gateway doesn't handle this scenario. This commit
adds that support
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enabling ESRT in trusted services increased the need for more
assets at protected storage level, since we now save FMP data
, capsule update, like Image Info as non volatile EFI
variables.
So, just change the default configuration for the corstone1000
to handle this.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Reorder patch list headers, move psa api test patch that
should be applied to all psa api test from a crypto specific
directory to a more generic "psa-apitest" directory.
Create a inc file for the psa api test to make sure all out of
tree patches from trusted services are applied to all test
source directories, and move mm communicator buffer details to
each SP, and finally set it up differently as it
should/is expected to be at libts.
With this setup all psa-api test for crypto and attestation
passed.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
At the apply ts patch stage, first check if they are patches
to be applied. Because if not, this would break the apply
patch stage with an error.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bitbake variables were being set in KAS for the unique Gitlab CI
configuration being used internally. While this should not have been
significantly detrimental for other setups, this shouldn't be necessary
with proper runner setup. Removing them here to all for a more generic
CI experience.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Apply shared patch to trusted services that is used to compile
psa crypto api tests to include change in packed-c request
message in the eaed update structure to be in sync with the
serialize/deserialize in TS side.
As at it, move the other corstone1000 specific patch file to
meta-arm-bsp where it should be.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to add support for readthedocs for
corstone1000 platform. readthedocs server traces
any changes to to corstone1000 documents and will trigger
a build which will generate html file which can will be
rendered by corstone1000.docs.arm.com server
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to pass appropriate MMC card configuration to
corstone1000 FVP.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Port crypto config to psa arch test api suite.This
needs to move to arm-bsp since is corstone1000 specific
configuration
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This FVP doesn't support TC1, so remove it now that we don't support TC0.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These patches are specific to TC0, and are not needed for TC1.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The Total Compute 2020 BSP is obsolete and unsupported, so remove it
from meta-arm. The Total Compute team would like TC1 to be available in
langdale, but removed in mickledore.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add ARMFILESPATHS into serach path
for linux for N1SDP target.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for libmetal and openamp as backend for se-proxy
and smm-gateway SP. For that also introduce a change to newlib
in memcpy optimization to avoid unaligned data-aborts in
__packed structures handling.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add log handler for SP sending logs over ffa to spmc.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Fixes the Tee driver bug in corstone1000. It adds a
delay to fix a possible race-condition occurs during
FF-A calls. This is a temporary fix for the upcoming
release.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of checking out code through internal cmake,
the patch explicitly checkout the psa-adac code.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The patch corrects the source dir for libmetal and openamp.
Devtool modify on tf-m will work after this fix.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The patch bumps the tfm SHA to
b065a6b28cc6c692b99e4f7e9387d96f51bf4d07
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If a process is terminated using a signal, in Python its return code is
-N, where N is the signal number (e.g. -15 for SIGTERM). Currently, all
non-zero return codes are printed using logger.info, which gives the
impression of an abnormal termination even when the process was
explicitly terminated by FVPRunner.
Instead, only log return codes greater than zero.
Issue-Id: SCM-5314
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I1a1e9d8aa3f26c14b48be718498bcb14707950b7
Signed-off-by: Jon Mason <jon.mason@arm.com>
On large systems, using all of the CPUs and 50% of the RAM when xz
compressing packages is actively harmful because it will happily use up
to that limit.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since meta-zephyr is doing CI, there is no need to replicate that here.
Remove all of the zephyr references.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update ACK to 5.15 and remove the 5.10 recipe
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: I7d86367533248312bb7a54ba39166ddee5a025ef
Signed-off-by: Jon Mason <jon.mason@arm.com>
Some of the removed tests are now working and some of the systems are
not testing against sato (as being done in base.yml). Update these and
add some comments.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The rpmsg_chrdev driver has been replaced
by the rpmsg_ctrl driver. This commit
updates the defconfig to align with the
change.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to upgrade kernel to 5.19 for corstone500 target
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to upgrade the Linux kernel version to 5.19 for N1SDP
target to align with post N1SDP-2022.06.22 refresh
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The "secure parition development kit" is obsolete, newlib is used instead.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump the kernel version to 5.19.9, remove backported ffa
related patch to previous version and fix issues in the arm
rpmsg driver.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable support for 11.3.rel1 binary toolchain release. Also, update CI
to use it.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Along with that add a new variable ARM_GCC_SUB_VERSION as newer clubbed
Arm GNU toolchain releases includes a sub-version like the current
release being 11.3.rel1 where ARM_GCC_SUB_VERSION=rel1.
Also, update CI to this release.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Move the features uniquely needed for system images to the testimage
file. This should reduce the image size and amount of things needing to
be built for machines that do not run testimage.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Move the FVP include file to the include directory, matching what is
done for corstone1000 and other machines in meta-arm-bsp.
Signed-off-by: Jon Mason <jon.mason@arm.com>
secure-partitions recipe is replaced with the new design of
trusted services recipes.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Trusted Services PSA API tests commands allow testing the following
SE Proxy services: crypto, its, ps and iat
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
removing the following packages:
ffa-debugfs-mod
secure-partitions-psa-api-tests
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
increase the size of the initramfs bundle used in the boot command
The new trusted services support increases the rootfs size.
When decompressed the initramfs bundle size is around 15M.
u-boot boot command needs to be updated with this size to be able to load
all the initramfs bundle.
When compressed the initramfs bundle size is around 5.4M
(Image.gz-initramfs--5.15.59)
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
The prevoius commit refactored trusted-firmware-m-sign-host-images.inc
into tfm_sign_image.bbclass.
Move the image signing logic from the TF-M bbappend to
corstone1000-image.bb, using the new bbclass.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ib76dce2ba9102e343d0611d929250d1d8aee518b
Signed-off-by: Jon Mason <jon.mason@arm.com>
Introduce a new recipe for the TF-M signing scripts.
To make the functionality easier to reuse, move the logic that is
currently in trusted-firmware-m-sign-host-images.inc to
tfm_sign_image.bbclass. This bbclass DEPENDS on
trusted-firmware-m-scrpits-native.
tfm_sign_image.bbclass can be inherited in image recipes to sign
artifacts.
Issue-Id: SCM-4964
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I74aaab5db1a43fedf13ea2564c2f31af207ae924
Signed-off-by: Jon Mason <jon.mason@arm.com>
In order to support overriding the branch names in other layers, extract
the branch name for each repository and set using default assignment.
Issue-Id: SCM-4964
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I09d0c1f1d012c1abb84648ad974883bbdaa1db7a
Signed-off-by: Jon Mason <jon.mason@arm.com>
Migrating RTX repo to a new namespace under
arm reference solution. The new repo also adds
corstone1000 as a product so this commits
also changes the PRODUCT variable.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Migrating the test repo to a new namespace under
arm reference solution.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove microbit-v1, qemu-cortex-a53, qemu-cortex-m3, and qemu-cortex-r5
from CI (and the tree in general). These machines are part of the
meta-zephyr CI now and keeping them here is redundant. However, keeping
zephyr builds for machines that also have TF-M.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update TF-A version to align with post-N1SDP-2022.06.22 refresh
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This is to align edk2/edk2-platforms with N1SDP-2022.06.22 release
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update edk2/edk2-platforms versions to align with N1SDP-2022.06.22 release.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since 820a55d3 the environment that the FVPs run in is limited, however
this broke the use of GUI applications for the terminals.
Passthrough DISPLAY and WAYLAND_DISPLAY automatically so these continue
to work.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since U-Boot 2022.04 the host tool mkeficapsule requires gnutls.
Thus adding it to the dependency.
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: I8eff2e9bb9752bea5b885fcf3a69bf79c4f0c215
Signed-off-by: Jon Mason <jon.mason@arm.com>
This does not build with clang from meta-clang and also does not build
with gcc either
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds the external system test application and the relevant
recipe into the corstone1000 initramfs image.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds a linux userspace test application and a recipe
to build it to test external system in corstone1000
platform.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The newly added clang patch does not apply cleanly to the tc version of
hafnium. Since there are no plans to use clang on tc, remove it for
this platform.
Also, use devtool to clean-up the clang patch in question.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable tee and arm-ffa driver on qemuarm/qemuarm64 by default
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds out-of-tree rpmsg_arm_mailbox driver patches into linux
kernel to communicate with external system using MHUs in
corstone1000 platform. The host can communicate with external
system using the driver under /dev/rpmsg0_ctrl0.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The host uses MHUs to send/receive data from the external system
in corstone1000. This commit adds MHU mailbox bindings into the
u-boot device tree to enable data communication between the host
and external system.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
A new update to clang is causing warnings (which are errors because edk2
was Werror by default). The error is:
clang-15: error: '-x c' after last input file has no effect [-Werror,-Wunused-command-line-argument]
Work around it by disabling this specific error. Also, use devtool to
update the patch.
Signed-off-by: Jon Mason <jon.mason@arm.com>
It installs arm_ffa_user.h and so does arm-ffa-user recipe, lets not
build ffa-debugfs-mod in world builds since it does not appear as much
in other package dependencies as arm-ffa-user
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These recipes are not buildable with clang in its current state
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
3.18 builds are failing since the section stuff is also done in
core_mmu_v7.c therefore extend the patch to include this file as well
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Only corstone1000 is using the legacy version of optee-client. Move it
there to keep corstone1000 working, while removing it from meta-arm to
discourage use of the non-latest version.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The CPU issue that pinned qemuarm-secureboot is no longer present.
Remove the logic in the conf file that held it back to the older
version.
Signed-off-by: Jon Mason <jon.mason@arm.com>
ARMv7 does not have fixes for the clang issues already fixed for ARMv8.
Make the necessary changes in that patch for it to work. Also, update
the patches (via devtool).
Signed-off-by: Jon Mason <jon.mason@arm.com>
The configure sed operation will not behave as expected because '*'
match misses a preceeding '.'.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adds external system device driver into linux.
User applications can control the external system
using the driver under /dev/extsys_ctrl in
corstone1000 platform.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone1000 needs a kernel driver to control the
external system (turn on/off, reset). This commit
adds the external system driver binding to the
u-boot device tree for corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
It is sometimes useful to be able to configure the behavior of FVPs
using environment variables, e.g. for licensing or plugins.
Add a new FVP option: FVP_ENV_PASSTHROUGH, which allows the Bitbake
variables to be passed to the environment to be specified explicitly (in
a similar way to BB_ENV_PASSTHROUGH). This ensures that:
* FVPs launched via runfvp have a reproducable environment
* FVPs launched via testimage (which run from an isolated Bitbake task)
can receive environment variables
Change the self-tests to use cwd instead of PATH to find the mock FVPs,
as the PATH environment variable is no longer passed through.
Issue-Id: SCM-4964
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Idf6ac6d41fda4cd5f950bc383c2fc1fa1acdf4e3
Signed-off-by: Jon Mason <jon.mason@arm.com>
Historically external-arm-toolchain recipe packaged all gcc headers from
${libdir}/gcc/${TARGET_SYS}/${BINV}/include - some would be picked up by
packages like gcc-sanitizers, libssp-dev. libquadmath-dev or libgomp-dev.
The rest would fall into catch-all libgcc-dev package.
Unfortunately, that could result in a conflict with a target gcc, which
also packages some of those files, like unwind.h or stddef.h, among others.
The conflict could be seen with this config:
EXTRA_IMAGE_FEATURES += "dev-pkgs tools-sdk"
TCMODE = "external-arm"
EXTERNAL_TOOLCHAIN = "/OE/toolchains/gcc-arm-11.2-2022.02-x86_64-aarch64-none-linux-gnu"
And the error message is:
Error: Transaction test error:
file /usr/lib/gcc/aarch64-poky-linux/11.2.1/include/stddef.h conflicts between attempted installs of libgcc-s-dev-11.2.1-r0.1.cortexa57 and gcc-arm+11.2-r2022.02.1.cortexa57
file /usr/lib/gcc/aarch64-poky-linux/11.2.1/include/unwind.h conflicts between attempted installs of libgcc-s-dev-11.2.1-r0.1.cortexa57 and gcc-arm+11.2-r2022.02.1.cortexa57
Modify external-arm-toolchain recipe according to how libgcc in OE-Core
handles those header files by removing and not packaging them:
https://git.openembedded.org/openembedded-core/tree/meta/recipes-devtools/gcc/libgcc-common.inc#n40
Also need to adjust gcc recipe to pick up unwind.h from EXTERNAL_TOOLCHAIN
location now, since libgcc-dev no longer carries it, and install it into
STAGING_LIBDIR_NATIVE, where OE-Core gcc-target.inc expects it from
gcc-cross:
https://git.openembedded.org/openembedded-core/tree/meta/recipes-devtools/gcc/gcc-target.inc#n164
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to enable build and installing external-system firmware
for corstone1000 platform.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The corstone1000 optee files have an underbar when it should have a
hyphen in the naming scheme. Change this to match other files.
Signed-off-by: Jon Mason <jon.mason@arm.com>
A optee-os v3.10 recipe is necessary for corstone100, as it is actually
using 3.10 SHA and then trying to apply patches for 3.14 (which is
causing fuzz errors). Create this and use it to avoid these issues.
Signed-off-by: Jon Mason <jon.mason@arm.com>
With the latest gcc, there were some unresolved symbols on
opemamp linkage, add the implementation of that symbol for the
outline of atomics.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade to the latest 5.4 release (.205), and backport two patches to
fix buildpath errors:
File /usr/src/debug/linux-yocto/5.4.205+gitAUTOINC+e8c675c7e1_8a59dfded8-r0/lib/oid_registry_data.c in package linux-yocto-src contains reference to TMPDIR
File /usr/src/debug/linux-yocto/5.4.205+gitAUTOINC+e8c675c7e1_8a59dfded8-r0/drivers/tty/vt/consolemap_deftbl.c in package linux-yocto-src contains reference to TMPDIR [buildpaths]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
In complex stacks, e.g. with many cores or many init scripts, the time
to Linux shell may be more than 10 minutes. Make the boot timeout
configurable using TEST_FVP_LINUX_BOOT_TIMEOUT, leaving the default
value at 10 minutes.
Issue-Id: SCM-4958
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ie074acd4b4509d0230d1f77a2a527d497bb295ce
Signed-off-by: Jon Mason <jon.mason@arm.com>
qemuarm64-secureboot-ts pipeline is based on qemuarm64-secureboot machine
and additionaly includes:
- TS Crypto, Storage, ITS, Attestation and SMM-Gateway SPs into optee-os image
- TS demo/test tools
- TS psa-arch-tests
This commit also includes Trusted Services OEQA tests
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We define dedicated recipes for all supported TS SPs.
The recipes produce stripped.elf and DTB files for SPs.
These files are automatically included into optee-os image.
See meta-arm/recipes-security/trusted-services/optee-os-ts.inc
This approach allows us to:
- include only required SPs into an optee-os image using MACHINE_FEATURES
- use Yocto cmake bbclass
- fetch and build only required dependencies
- use simple SP specific bbapend files if required
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These recipes produce only -dev and -staticdev packages
which are used for building other TS recipes.
Nothing from these recipes is included into the final image.
Using dedicated recipes for dependencies allows us:
- fetch sources and build dependencies only once and only the required ones.
- simplify the dependencies recipes and use Yocto cmake bbclass
- troubleshoot/fix/update dependencies builds separately
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To fit the kernel image into the allotted space, a compressed kernel
image is now needed. Use the Image.gz from the kernel build process
and change the relevant places to use the new image name. This also
necessitates adding an unzip command to u-boot to uncompress it to
memory (and the loadm is still needed to setup the efi mem boot device).
Also, the unzipped image is larger than before. So, increase the size
that loadm is copying.
This change shrinks the kernel image size from 7.8MB to 3.2MB
Signed-off-by: Jon Mason <jon.mason@arm.com>
When building for arm32 with GNU binutils 2.39, the linker outputs
warnings when generating some TEE core binaries.
arm-poky-linux-gnueabi-ld.bfd: warning: atomic_a32.o: missing .note.GNU-stack section implies executable stack
arm-poky-linux-gnueabi-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
NOTE: recipe optee-os-tadevkit-3.18.0-r0: task do_compile: Failed
These patches are backport from upstream [1]
There are two versions of patches: for optee-os 3.14 and 3.18 to avoid patch fuzz warnings.
[1] https://github.com/OP-TEE/optee_os/pull/5499
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add yocto kernel cache bluetooth entries for platforms that have that
machine feature enabled. This is necessary, as kernel warnings about it
not being enabled are now occurring.
Signed-off-by: Jon Mason <jon.mason@arm.com>
These were integrated into the 2.7.0 release, but were not removed when
the recipe was upgraded.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to add support to build optee-os for N1SDP target.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to bump the TF-A hash which has changes required
for optee-os to boot. Also, drop patch related to bl size as the
changes are already merged to upstream TF-A.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update all of the 3.17 recipes to 3.18 and remove the already upstreamed
patch. optee-os was already at 3.18. So, we only need to remove the
3.17 recipe.
Signed-off-by: Jon Mason <jon.mason@arm.com>
package is always inheritted by the base classes so the recipe does not
need to do this. This became an error with recent bitbake changes, fix
things by removing it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The newly added vmalloc entry in qemuarm is causing issues with graphics
on qemuarm-secureboot. Remove that by setting +QB_KERNEL_CMDLINE_APPEND
to empty.
Signed-off-by: Jon Mason <jon.mason@arm.com>
SCMI support was added to the latest kernel (kernel commit
96bb0954860a4c8b8c77d59fc53cd4cafac914f5). So, remove this patch, as it
is no longer necessary
Signed-off-by: Jon Mason <jon.mason@arm.com>
This kernel config variable has been removed from newer kernels (v5.19)
and is logging a warning of:
[INFO]: the following symbols were not found in the active configuration:
- CONFIG_OPTEE_SHM_NUM_PRIV_PAGES
Remove the entry, as it is no longer needed
Signed-off-by: Jon Mason <jon.mason@arm.com>
In newer kernels, vexpress has been rolled under the versatile umbrella.
Update the patch to refer to the new location
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rebase the u-boot patches on top of current u-boot supported
version in poky, needed some adjustments at efi loader.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add documentation for how to use the OEQA framework to test targets in
meta-arm. Include instructions on using OEFVPTarget as well as the
OEFVPSerialTarget introduced by the recent refactor of runfvp.
Issue-Id: SCM-4954
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I146ec1c82214471fe9d18a999fd92efb38f652f9
Signed-off-by: Jon Mason <jon.mason@arm.com>
The runfvp refactor to enable OEFVPSerialTarget created FVP_CONSOLES
which maps the names used for serial ports in test cases to the names
used for serial ports in the FVP stdout.
Refactor the FVP_CONSOLE section -> FVP_CONSOLES, noting the the
'default' console is still used for the --console runfvp flag.
Issue-Id: SCM-4954
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ieb13d74cfd425900f44b4b2e6d125393e7b456ad
Signed-off-by: Jon Mason <jon.mason@arm.com>
The dropped u-boot patches are not required as the bug is
from the SMM Gateway SP. A patch for the secure partitions
has been added to fix the SMM Gateway behaviour. Patch
0048-Fix-UEFI-get_variable-with-small-buffer.patch has been
added in commit "arm-bsp/secure-partitions: fix SMM gateway
bug for EFI GetVariable()".
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The efiGetVariable() function when called from uboot with data size
set to 0 should return only the data size and not the actual data in
the end of the buffer based on the EFI 2.9 spec. This patch fixes
the bug.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
At the moment, when using the --console flag, if telnet is shut down
cleanly (i.e. by typing "quit" at the prompt instead of Ctrl+C), runfvp
still waits on the FVP to exit of its own accord, so hangs.
Move the fvp.run() call so that when telnet quits, it immediately
proceeds to shut down the FVP.
Issue-Id: SCM-4954
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I2169c99586a1eebc2c6ab4b2e15fb0c769fc81a8
Signed-off-by: Jon Mason <jon.mason@arm.com>
Run command: bitbake optee-os && bitbake lib32-optee-os
bitbake lib32-optee-os will fail with following error since
bitbake optee-os already deploy same file under the path.
RROR: lib32-optee-os-3.12.0+gitAUTOINC+3d47a131bc-r0 do_deploy: The recipe lib32-optee-os is trying to install files into a shared area when those files already exist. Those files and their manifest location are:
/build/tmp-glibc/deploy/images/qemuarm64/optee/tee.elf
(matched in manifest-qemuarm64-optee-os.deploy)
Fix by deploy them to differernt dir
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Current secure-partitions patches do not apply cleanly with devtool.
Update them with the necessary changes to address this issue, and
regenerate them via devtool.
Signed-off-by: Jon Mason <jon.mason@arm.com>
- 0001-vexpress64-Add-BASER_FVP-vexpress-board-variant.patch
Change to 0002-vexpress64-add-MPU-memory-map-for-the-BASER_FVP.patch.
Only MPU memory map is preserved, other parts have been upstreamed.
- 0007-vexpress64-Configure-memory-using-device-tree.patch
Deleted. Upstreamed in commit 1a1143a45457161e90ea4cd5f3b0561d924ed8fe
Signed-off-by: Qi Feng <qi.feng@arm.com>
Issue-Id: SCM-5030
Change-Id: I4aab3bab545e64e3a4a3a3fd67bcef79acdc41be
Signed-off-by: Jon Mason <jon.mason@arm.com>
bundled libcrypto.a in optee-test sources is built using glibc based
toolchain and expects foritied _chk version of the libc functions e.g. __sprintf_chk
which wont work for musl. Therefore rely on freshly built openssl by OE
instead
Fixes errors like
arm-yoe-linux-musleabi/gcc/arm-yoe-linux-musleabi/12.1.0/ld: ../openssl/lib/arm/libcrypto.a(dso_dlfcn.o): in function `dlfcn_name_converter':
dso_dlfcn.c:(.text+0x19e): undefined reference to `__sprintf_chk'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add yocot recipe to support optee-os
3.18.0 version.
Also, move the SRC_URI:append and DEPENDS to optee-os.inc
as these are common accross different optee versions.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade the FVPs to the latest releases, and do some cleanups for future
changes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The linuxboot test case prints the following in log.do_testimage, only
when executing testimage without a pycache:
linuxboot.py:18: DeprecationWarning: invalid escape sequence \:
self.target.expect(self.console, "login\:", timeout=10*60)
Fix the warning by escaping the ':' character correctly in the pexpect
regex.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I8ad54c7df6b7d1d1ddeab31cf66daff1ab84e227
Signed-off-by: Jon Mason <jon.mason@arm.com>
When enabling trusted boot, the UEFI binary was replaced with a FIP image (which
contains the UEFI binary), therefore the SD card image should depend on
trusted-firmware-a rather than edk2-firmware.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upstream has updated u-boot to v2022.07, but the update is causing
problems with some machines. Temporarily add a v2022.04 recipe until
the issues can be resolved.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change to use sato by default. Unfortunately, there are some bugs found
by this change. For those systems, change it back to base until the
issues can be resolved.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The common test has a timing issue, causing it to intermittently fail.
Since it is not unique to our environment, remove it to prevent false
positive regressions.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Backport two patches from upstream to ensure the build doesn't contain
build paths.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has enabled the buildpaths QA check, which warns if the
build paths are present inside binaries. This is because build paths in
deployed binaries is both information leakage and non-reproducible.
Until this is fixed in edk2-firmware, skip this check.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If clang builds assembler code the debug symbols contain unmapped build
paths which trigger the buildpaths QA check. This bug has been filed
with upstream:
https://github.com/llvm/llvm-project/issues/56609
Until it is fixed, exclude buildpaths from clang builds so that CI can
pass.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When used in a non-interactive context, apt prints a warning:
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
Use apt-get directly to avoid putting warnings in the logs.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
NT_FW_CONFIG DTB contains platform information passed by TF-A boot
stage. This information is used for Virtual memory map generation
during PEI phase and passed on to DXE phase as a HOB, where it is used
in ConfigurationManagerDxe.
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
We have encountered intermittent hanging during FVP shutdown, so improve
the termination logic by first issuing a terminate(), waiting a bit
then, if necessary, issuing a kill().
Move returncode logic to after the telnet/pexpect cleanup so it
actually runs.
Move pexpect.EOF logic into FVPRunner.stop so that it executes before
closing the pexpect handle.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Iebb3c3c89367256b1e116e66ffdb6b742358bce4
Signed-off-by: Jon Mason <jon.mason@arm.com>
Create a new "linuxboot" test that uses the pexpect methods on
OEFVPSerialTarget to wait for a Linux login shell.
Switch to this test method for fvp-baser-aemv8r64, corstone500 and
corstone1000.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Idd749652ee72e244b7a3831dd2295e0bfaed3bfa
Signed-off-by: Jon Mason <jon.mason@arm.com>
Refactor OEFVPTarget into new base class, OEFVPSSHTarget. OEFVPTarget
extends OEFVPSSHTarget and additionally waits for a Linux login prompt
for compatibility with tests in OE-core.
OEFVPSerialTarget also extends OEFVPSSHTarget. It also exposes the
entire API of pexpect, with the first argument being the
FVP_TEST_CONSOLE varflag key. It logs each console output to separate
files inside the core-image-minimal work directory.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I1b93f94471c6311da9ee71a48239640ee37de0af
Signed-off-by: Jon Mason <jon.mason@arm.com>
So that the test target can connect to the desired console(s) as soon
as they appear in the FVP stdout, add the variable FVP_CONSOLES to the
fvpconf as a replcaement for FVP_CONSOLE. The varflags of this variable
define a mapping between FVP console names (e.g. terminal_0) and console
names in the tests (e.g. 'zephyr'). The console defined in
FVP_CONSOLE is automatically mapped as 'default' for backwards
compatibility.
This also enables greater reuse of test cases, as the "default" console
name can be remapped on a per-machine basis.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I9d88b172bfc5a5459b9f5132f287c70816d7fb55
Signed-off-by: Jon Mason <jon.mason@arm.com>
Refactor OEFVPTarget to use the FVPRunner in meta-arm/lib instead of
calling runfvp in a new process.
Use pexpect to wait for the login prompt instead of parsing the FVP
output manually.
This patch introduces a dependency on pexpect for the meta-arm test
targets. It is already in the Yocto host dependency list and the Kas
container image, but may need to be installed on development machines.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I7200e958c5701d82493287d021936afcf2f2bac9
Signed-off-by: Jon Mason <jon.mason@arm.com>
Create basic tests for conffile and runner in meta-arm/lib/fvp
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I1684b0c99fb4fd5299df19f00abb30e8faab3495
Signed-off-by: Jon Mason <jon.mason@arm.com>
Refactor runfvp into a "fvp" library inside meta-arm. Split into
terminal, conffile and runner.
Issue-Id: SCM-4957
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I797f9a4eab810f3cc331b7db140f59c9911231fd
Signed-off-by: Jon Mason <jon.mason@arm.com>
When runfvp is spawned from an other process (for example except), it is
throwing a permission error.
To solve the problem, surround the call to setpgid with a try/except and
ignore the permission errors.
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit configures N1SDP firmware for TBBR bootflow as follows:
* uefi.bin replaced with with fip.bin
* load address adjusted for FIP image
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit configures scp-firmware for TBBR bootflow as follows:
* Updates SCP FW to master
* BL31 replaced in the SCP firmware image with BL1
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit configures trusted-firmware-a for TBBR bootflow on N1SDP as follows:
* Trusted boot is enabled.
* Generation of root-of-trust is enabled
* All TB images (BLx, DTBs) are built
* uefi.bin is specified as the BL33 image
* BL2, BL31, BL33 are signed and stored in the FIP
* N1SDP platform sources are patched to increase max size BL2 and reduce max size of BL1
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add basic support for running edk2 on qemuarm and qemuarm64. This
necessitated the need to add ACPI and EFI to the default kernel configs
for these machines.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Arm generic timer provides different timers for different exception
levels and different secure states. Because Armv8-R AArch64 has secure
state only, the valid timer for hypervisor in EL2 is secure hypervisor
physical timer. But for platform fvp-baser-aemv8r64, before FVP 11.18,
the secure hypervisor physical timer could not work well in EL2, so we
had been using Non-secure physical timer in EL2 for hypervisor as a
workaround.
Since secure hypervisor physical timer issue has been fixed from FVP
11.18, we can use this correct timer in EL2 for hypervisor now. So we
update the device tree timer node to use secure hypervisor physical
timer interrupt for hypervisor.
About the interrupt assignments of FVP, please refer to
https://developer.arm.com/documentation/100964/latest/Base-Platform/Base---interrupt-assignments
Issue-Id: SCM-4596
Signed-off-by: Jiamei Xie <jiamei.xie@arm.com>
Change-Id: I9d4b9f4e0ed14c6c1567269c83696ceb9ff84ac8
Signed-off-by: Jon Mason <jon.mason@arm.com>
The new FVP includes the arch in the download filename, so refactor
FVP_ARCH in fvp-common.inc to make "Linux64" available in the recipe
file.
Update version and EULA URL in documentation.
Issue-Id: SCM-4388
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I3ddc29cd444b78634086f2aefe4f52799eb937b1
Signed-off-by: Jon Mason <jon.mason@arm.com>
N1SDP board cannot boot after recent TF-A 2.7 update in meta-arm. This
is due to TF-A 2.7 not configured correctly for N1SDP board to support
trusted boot feature.
This patch temporarily brings back TF-A 2.6 recipes for fixing the N1SDP
boot.
A proper fix is in work progress to configure TF-A 2.7 correctly to
support trutsed boot on N1SDP.
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
zephyr uses icount to improve test accuracy on virtual hardware. Do
the same here for the same reason for the platforms that actually test.
Also, the common test now appears to work for microbit-v1 and poll doe
snot work for qemu-cortex-m3
Signed-off-by: Jon Mason <jon.mason@arm.com>
The upstream version is 2.7.0, so use that name instead of just 2.7.
Also remove the unversioned bbappend which simply extended
FILESEXTRAPATHS, there's no need for this split now that we aim to have
~1 version of TF-A in the tree.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The SGI-575 build is successful with branch protection enabled, so remove
this workaround.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To allow bitbake including the 'generic-arm64-standard.scc' into the kernel
configuration, it has to be included as a kmeta type source to the SRC_URI.
Issue-Id: SCM-4394
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: Iaebd0c7758038843a1d0f37decbef057629bf0bb
Signed-off-by: Jon Mason <jon.mason@arm.com>
Binaries shouldn't be in datadir, and now the RPATHs are being cleared
we can put them in libexecdir.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As per [1], target builds of androidclang produce useless-rpath errors.
/usr/share/clang-r416183b/python3/lib/python3.9/lib-dynload/_posixsubprocess.cpython-39-x86_64-linux-gnu.so
contains probably-redundant RPATH /../lib [useless-rpaths]
Those RPATHs are of no use, so we can remove them entirely.
[1] https://errors.yoctoproject.org/Errors/Details/640604/
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a patch to fix uninitialized varibles, detected by Clang when
building for Juno. However, whilst it now compiles it can't generate
firmware images correctly, so it has to remain forcing GCC.
Remove the workaround to force debug builds when using Clang, as this is
now fixed.
Drop upstreamed patches from sbsa-acs.
Signed-off-by: Ross Burton <ross.burton@arm.com>
This is not a clean rebase. The patch had to be modified to apply and
work on v2022.04. It is not very elegant, but it is functional.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Recent modifications in u-boot moved the default location of the FDT.
Update the runfvp parameters to match this new location.
Signed-off-by: Jon Mason <jon.mason@arm.com>
As far as we know nobody is actually using the Arm Compiler recipe: 6.17
does a network operation on every call to check the license and this
fails with the network isolation that do_compile has in kirkstone, and
6.18 is behind a loginwall so we cannot download it in a recipe.
Unless we have actual users asking for a recipe, remove it from the layer
to avoid confusion.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The recipe supports the use of both Arm's binary GCC (aka GNU Arm
Embedded Compiler, or gnu-rm) and binary Clang (aka Arm Compiler).
However, armcompiler was never tested and doesn't work: 6.17 does a
network operation on every call to check the license which fails with
the network isolation in do_compile tasks, and 6.18 is behind a
loginwall so we can't automatically fetch it in a recipe.
Simplify the recipe to hardcode the use of gnu-rm, and remove the clang
support.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Our CI is now running on Broadwell+ cores, so the 11.2 release of GCC
should work.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add parameters required to boot with cache_state_modelled enabled:
* bp.virtio_net.secure_accesses=1
* bp.virtio_rng.secure_accesses=1
* bp.virtioblockdevice.secure_accesses=1
* cci400.force_on_from_start=1
Add bp.ve_sysregs.exit_on_shutdown=1 to match fvp-base.
Remove parameters that are not required to boot or are setting the
default value.
Alphabetize list.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I0a696eff5bb83206e5501f651c487f16f695aa4c
Signed-off-by: Jon Mason <jon.mason@arm.com>
Running the FVP_Base_AEMv8R model with the cache_state_modelled
parameter enabled exposed some defects in the U-Boot BSP patches for the
fvp-baser-aemv8r64:
* The MPU memory attributes are inconsistent with the existing MMU
attributes, causing a model hang when sending packets using
virtio-net in U-Boot.
* The instruction cache was left disabled after booting an EFI payload
at S-EL1, causing some EFI apps (e.g. Grub) to hang when attempting
to use dynamically loaded modules.
The cache_state_modelled FVP parameter is enabled by default in the
model (for simulation accuracy) but is disabled by default in the
machine conf (for simulation speed).
Add two additional machine-specific U-Boot patches to fix the above
issues.
Issue-Id: SCM-4641
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I5ab13c9fdadd82456ac3f3e3703df36590d52fb7
Signed-off-by: Jon Mason <jon.mason@arm.com>
The backports are now merged, so remove patches 1 through 5 and
renumber.
Upstream now requires CONFIG_DEFAULT_DEVICE_TREE to be defined, even if
unused, so backport relevant portions of upstream BASER_FVP patch into
the board suppport patch.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I327e8aba3463f088bba40e83893c6f15beabb250
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upstream has updated u-boot to v2022.04, but the update is causing
problems with some machines. Temporarily add a v2022.01 recipe until
the issues can be resolved.
u-boot and zephyr hacking
Signed-off-by: Jon Mason <jon.mason@arm.com>
GCC 12 is causing problems in newlib, which is causing problems for
zephyr. Add a workaround until those issues can be resolved.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Build all the things that qemuarm64-secureboot builds, removing those
that fail to compile. Unfortunately, musl doesn't play nicely with
optee-test.
Signed-off-by: Jon Mason <jon.mason@arm.com>
This appears to be historical from when the toolchain was in meta-linaro.
It isn't needed anymore, there's one bbappend in meta-arm-toolchain for
grub which is part of oe-core, so will never be dangling.
This variable has a global effect, so leaving it in here has a negative
impact on users.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The only user of the old 5.4 kernel is meta-gem5, so move it into that
layer to keep it separate.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The new mbedtls version (v2.28) increase the size of TF-A slightly.
This commit increases the size of BL2 for TC, so that TF-A with updated
mbedtls version can fit.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
FF-A version is defined 1.1 in corstone1000_spmc_manifest.dts. However, SPMC
does not support FF-A version 1.1 at the moment. This commit fixes FF-A version
issue by defining 1.0 again.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The latest TF-A version requires mbedtls v2.28. This
commit upgrades mbedtls to v2.28 for TF-A recipe.
An upstreamed patch included to the base recipe from TF-A master
that fixes the build issues beween TF-A 2.6 and Mbedtls 2.28.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
I misunderstood how the external-arm-toolchain recipes were working, the
latest revision of the recipe works with both 10.3 and 11.2.
Clean up my mess by dropping the PREFERRED_VERSION from the CI, and revert
the addition of versioned recipes. Simply using the right tarball is
sufficient.
Thanks to Sumit Garg for noticing my mistake.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The 11.2 release of the Arm GCC uses Broadwell-onwards instructions, but
our CI (and many other users) have pre-Broadwell hardware.
Until 11.3 is released which fixes this, go back to using 10.3 for our CI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We need to support multiple versions of external-arm-toolchain, partly as
different versions have different layouts on disk, and partly because
11.2 doesn't work on pre-Broadwell hardware.
Rename this recipe so the version is in the filename, and dynamically
set PKGV instead of PV so PREFERRED_VERSION is easier to use.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The boot crash that appears to be triggered by the ZONE_DMA patches has
been root-caused, so work around the problem whilst upstream figure out
the best way to fix.
Also, upgrade qemuarm64-secureboot to 5.15 instead of pinning back to
5.10.
Signed-off-by: Ross Burton <ross.burton@arm.com>
FFA secure partitions aren't supported on 32-bit Arm currently
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone-1000 and TotalCompute uses 3.14, so remove the 3.16 bbappend.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The 3.14 bbappend sets DEPENDS which are redundant as they're already
set in the base recipe.
Remove the unused 3.16 bbappend.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The corstone1000 build of optee-os has a bbappend which uses a specific
non-upstream branch of optee-os which is actually based on 3.10, so set
PV appropriately in the recipe and update the PREFERRED_VERSION in
corstone1000.inc.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TFTF is TF-A tests that runs at NS-EL2. This is primarily developed to
test the TF-A interfaces exposed to NS code.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This option is used to find the right path and file name of the C
runtime e.g. libgcc or compiler-rt, when using clang it needs to know if
compiler is using hard-float or not, since the compiler-rt file names
are different for these two ABIs libclang_rt.builtins-arm.a or libclang_rt.builtins-armhf.a
The option is computed in HOST_CC_ARCH for OE, this fixes build with
clang+llvm-runtime
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a new 32 bit target as "qemuarm-secureboot" on similar lines as
"qemuarm64-secureboot". The boot flow looks like:
BL1 (TF-A) -> BL2 (TF-A) -> OP-TEE -> u-boot -> Linux
Along with this enable support for OP-TEE based firmware TPM.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We don't want world builds failing as they try to build these for machines
other than Corstone 1000.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use PRIVATE_LIBS to ensure that the Arm binary toolchains don't provide
their own libraries to the entire system.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
* Removed 0001-tc0-fix-sensor-data-api-call.patch as it has now been upstreamed.
* updated 0003-tc0-rename-platform-variant-to-platform-feature-set.patch to fix merge error.
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: I71eafbea9e1f0b9f01a504fe0c8b81e43c24d613
Signed-off-by: Jon Mason <jon.mason@arm.com>
Backport of trusty driver. This adds Trusty driver from
android-trusty-5.10
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I5477ecfc1b67fc3786dbd062711d8cc8d4963744
Signed-off-by: Jon Mason <jon.mason@arm.com>
This updates the existing FFA driver to the latest upstream version.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: Idabf2d97cd497edc6c41e7132e1e82be8e717c59
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch updates the SHA and include patches that enables Trusty
to run as SP on SEL2 SPMC.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I5586bb3aa592658be9421a4de23f44a69bfb0b2e
Signed-off-by: Jon Mason <jon.mason@arm.com>
- Upgrade U-boot to 2022.01
- Remove 8GB DRAM increase patch that is merged
- Add patch that update secure DRAM size
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I32735cb5e8cba67ac1c6082aadf9a55f7bf51e8a
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add back v3.14 optee-examples, optee-test, and optee-os-tadevkit for
TC platform compatibility. These files were removed as part of v3.16
upgrade.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: Ia12774125909e7f8bfc20a9797c25b04dd850ae7
Signed-off-by: Jon Mason <jon.mason@arm.com>
Move the TFM_PLATFORM assignment to the bbappend.
Drop the SRCREV changes, these are all incorporated into the 1.6.0
release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade all SRCREVs, and drop the merged patch to use cbor2.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
commit ab339b24d4 removed the reference to
these patches but did not remove them. Removing now to clean-up the
tree.
Signed-off-by: Jon Mason <jon.mason@arm.com>
commit 24db3b56ba removed references to
the patches, but did not remove the patches.
Suggested-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Arm GCC 11.2 binary release has completely changed the way how libc was
packaged in earlier binary releases. So adjust do_install() accordingly
to support Arm GCC 11.2 as well as earlier binary releases.
Along with this update CI as well to point at Arm GCC 11.2 binary
releases.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Arm GCC 11.2 binary release has moved away from keeping libc library
versioning info as libc-{EAT_VER_LIBC}.so. So rather switch to
retrieving libc version by parsing output from "$ ldd --version".
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Until we have released and branched meta-arm we're tracking kirkstone, not
master. oe-core has branched and master is changing fast, so switch
the default branch now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
ffa-debugfs-mod provides arm_ffa_user.h needed by psa-arch-tests source-code.
This commit sets the sysroot tasks dependencies.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We already install ssh-server-openssh with the default Kas config for
the fvp-baser-aemv8r64, so install ssh-pregen-hostkeys too to improve
boot time.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I08962585efb88ea56d8ff7b5a34c4a1beda2e3e3
Signed-off-by: Jon Mason <jon.mason@arm.com>
This ensures that builds do not break with usrmerge distro feature
Fixes
ERROR: QA Issue: optee-ftpm: Files/directories were installed but not shipped in any package:
/lib
/lib/optee_armtz
/lib/optee_armtz/bc50d971-d4c9-42c4-82cb-343fb7f37896.ta
/lib/optee_armtz/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable the OF_LIBFDT_OVERLAY configuration flag so that U-Boot can apply
fdt overlays using the "fdt apply" command.
This can be used to modify the device tree at runtime to boot a
different payload without changing the firmware.
Issue-Id: SCM-4386
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I6e32c5ce833ca7c61f0f73fc256031564e55f1b8
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add additional fvp-baser-aemv8r64-specific patch for U-Boot, which fixes
an issue where U-Boot was ignoring the `memory` node in the device tree.
Issue-Id: SCM-4386
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I1382992fffa159c4bd6325db4f1b26c6478cf391
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add additional fvp-baser-aemv8r64-specific patches for
boot-wrapper-aarch64. These patches add a "function call" entry point
for the PSCI services, so that payloads starting at S-EL2 (e.g. Xen) can
boot the secondary cores.
Issue-ID: SCM-4386
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I961c78352987f711664e06ab39b00f6eb97a81de
Signed-off-by: Jon Mason <jon.mason@arm.com>
The final firmware design for the fvp-baser-aemv8r64 is pending further
discussion, so the current implementation contains several "temporary"
patches which are likely to be removed or replaced in the future. These
are already marked as "Inappropriate" to upstream, but amend the reason
to "Implementation pending further discussion" to avoid confusion.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I7dc6eae73fbb18f4b7b63540fb45b6a62d455093
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add test configuration to machine config. Add testimage to Kas file, so
that testimage works out of the box.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I27dc9760a2c58f43ea557efdc97d363b0d3c1447
Signed-off-by: Jon Mason <jon.mason@arm.com>
The FVP_Base_AEMv8R tarball is now available to download directly from
developer.arm.com without logging in. Therefore, remove the
FVP_BASE_R_AEM_TARBALL_URI env var (and references in the documentation)
and update the SRC_URI in the recipe.
Move fvpboot and userNetPorts to the machine conf, now that the
FVP configuration is no longer dependent on an external tarball.
Clarify the currently supported FVP version in the documentation.
Put the current PV in the recipe filename.
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I776277c690bf4466445ca2df17eedb202f172f58
Signed-off-by: Jon Mason <jon.mason@arm.com>
To prevent a collision with u-boot, add the same PROVIDES from it. The
PROVIDES name need improvement, but this will work in the interim.
This causes a need for making TF-A more flexible. Add the ability to
reference the UEFI binary for the BL33 portion of the TF-A build
command. SGI575 is already doing this. So, it is really just making it
more generic for others to use.
Signed-off-by: Jon Mason <jon.mason@arm.com>
To setup juno to use either u-boot or edk2 in CI, abstract out the
relevant parts and setup the parts to allow for it to be done
dynamically.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting LIC_FILES_CHKSUM with some anonymous Python to dynamically fetch
the right checksum is pointless when the right values are assigned with
overrides in the first place.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The recipe right now is using https://github.com/microsoft/MSRSec.
However this is the initial reference implementation from Microsoft and
things have been moved into https://github.com/microsoft/ms-tpm-20-ref/
(in the directory Samples). Switch to new and currently maintained branch
Testing against real hardware (the SynQuacer DeveloperBox and a rockpi4)
didn't sound any alarms
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Bump version of u-boot from 2021.10 to 2022.01, as at it, take
the chance to squash some patches and reduce the number of
them.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Not that we're not forcing TAP networking the SSH connections work, so
we can run the full test suite.
We have to skip parselogs currently as there is an error:
software IO TLB: Cannot allocate buffer
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There's no need to set append in the extlinux.conf, as the kernel will
pull the settings passed from runqemu via the DeviceTree.
By explicitly setting append here the kernel doesn't look in the DT, and
the extlinux.conf hardcoded a TAP network configuration which meant that
networking fails for runqemu using slirp.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The default root device is /dev/vda, because typically a bare filesystem
is mounted there.
However, qemuarm64-secureboot uses a disk image with partitions, so this
should be /dev/vda2. Currently this works because qemuarm64-secureboot
has an extlinux.conf which explicitly sets the root device, but we're
working at removing that.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rename the fragment that installs a SSH daemon to 'sshd' instead of the
generic 'packages'.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When using -machine=virt,secure=on KVM cannot be used and will cause an
error, so forcibly disable the use of KVM.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As we're in a CI environment there's no need to generate unique SSH keys
on boot. Installing the pregenerated SSH keys means they don't need to
be generated, which saves a reasonable amount of boot time due to the
lack of entropy if virtio-rng isn't available.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a new recipe for SCP Firmware 2.10.
As we're late in the release cycle, keep 2.9 in the tree so that BSPs
that can't be tested in time can stay with 2.9 for now.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
In preparation for SCP Firmware 2.10 being integrated, make this append
version-specific so that BSPs can select which SCP release they have
been tested with.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
A virtio-rng is available from FVP_BaseR_AEMv8R version 11.17, so add
to the device tree and enable the correpsonding FVP configuration flag.
This improves the boot time and removes the following warning in the
boot log:
random: udevd: uninitialized urandom read (16 bytes read)
Issue-Id: SCM-4304
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ic935d0b935e21965a489a55db09c4a5f9ac51366
Signed-off-by: Jon Mason <jon.mason@arm.com>
$datadir is for architecture-independent files, and a compiler is not
that.
Install to $libexecdir, and clean up the installation commands whilst
there.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update corstone500 documentation to reflect the new build
infrastructure (kas) and the in tree run of the fvp using the
runfvp command.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add kas and ci, including testimage support for corstone500
platform. And for all to work add also the FVP setup.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add final wic image that is provider by corstone500-image
target. As at it, remove unnecessary specific filesystem
types.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Now that we have the wic_nopt class in meta-arm we can add the
the wks file to create the final image for this platform.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Machines which don't have working network stacks in a FVP can still run
a useful testimage, because it will validate that the machine will boot
to a login prompt on the console.
However, we can't set TEST_SUITES to "" because testimage assumes that
was a mistake, so add a no-op test case for use in these situations.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Currently this just executes the runfvp tests, but we can extend it over
time.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Split the base local.conf configuration into base (absolutely needed)
and setup (typical configuration). This is needed as oe-selftest needs a
minimal configuration to execute in, for example doesn't inherit
rm_work.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Until testimage tells the controller the basename of the image, make sure
to strip all suffixes from the image name to get the base name, not just
one. Machines such as corstone500 have images called .wic.nopt, so just
stripping one isn't sufficient.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Check for telnet on startup to avoid mysterious failures later when
telnet isn't available.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
runfvp could encounter an error but the exit code remained as 0.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We were accidentally assigning instead of adding to INHERIT.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The 64-bit fvp-base machine uses the upstream fvp-base-recv devicetree,
but fvp-base-arm32 was accidentally using the old
fvp-base-gicv3-psci-custom that we patch into the kernel.
As the only difference between these platforms at a "hardware" level is
whether the cores boot in 32- or 64-bit mode, they should both use
fvp-base-revc.
This isn't trivial as devicetree files need to be under the correct
arch/ directory, so we need to symlink into arch/arm the right files
from arch/arm64.
This has several improvements, but primarily virtio networking works so
we can now use testimage with fvp-base-arm32.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
fvp-base pulls in features/net/net.scc, so fvp-base-arm32 should too.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add more helper variables for the FVP version to help construct URLs.
If PV is 1.2.3, then VERSION is 1.2 and BUILD is 3.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use wildcards in the FVP_ARCH assignment, as older FVPs use _GCC-6.4
whilst newer FVPs use _GCC-9.3.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the Arm GCC source to the latest version. Also, update the GCC
patches to apply cleanly, removing those that are no longer relevant.
Add the CVEs from Sumit Garg's series.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Create a job artifact containing all of the task logs if the job fails.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Explicitly enable use of CRC instructions: we configure fvp-base to have
armv8.4 cores, but the default uboot config disables crc (see uboot 51d8367d8).
Keep fvp-base-arm32 on 2021.10 as the arm32-specific patches need
rebasing, and a trivial rebase doesn't boot successfully.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The bulk of the FVP_* variables are common, so move them into
fvp-common.inc.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If the FVP fails to boot, the last 20 lines may just be a stack trace.
Show the last 200 lines for further context.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Set PV to 2.9.0+git instead of 2.9+git so the version comparisons are
reliable.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit remove meta-arm-image from the yml file and adds
necessary image configuration to meta-arm-bsp/recipes-bsp/images.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- Removes upstreamed patches for optee-examples
- Fixes optee-examples installation
- Includes new python3-cryptography dependency
- Removes older cryptography backend dependencies
- Fixes python3-cryptography to work with openssl
- Keeps optee-client and optee-os v3.1.4 for corstone1000 compatibility
Tested on qemuarm64-secureboot via optee-examples and xtest -l 15
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The use of pyasn1 was replaced with python3-cryptography in mcuboot
ebd050. This is part of mcuboot 1.3.1 onwards, and TF-M 1.5.0 uses
mcuboot 1.8.0.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone500 and Corstone1000 use wic_nopt.bbclass. This commit creates
this class for Corstone500 and Corstone1000 in meta-arm classes to remove
the need for meta-arm-image repo.
Signed-off-by: Emekcan Aras emekcan.aras@arm.com
Signed-off-by: Jon Mason <jon.mason@arm.com>
To make it easier for users to test and evaluate the FVP, including
testing inbound network connections, enable the openssh SSH server by
default and map to port 8022 on the host.
Update fvp-baser-aemv8r64 documentation accordingly in new "Networking"
section.
Issue-Id: SCM-3881
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I88329731418e198e2ef5d3449bfb38fde5ae77bb
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit includes :
- Rebased and fixed N1SDP kernel 5.4 PCIe quirk patches to apply on 5.15
- Removed 5.10 kernel recipe for N1SDP
- Dropped RT kernel support, as it is no longer supported on N1SDP
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
* Include `--upgrade` in pip3 command to ensure latest kas version is
installed
* Ensure all underscores are either quoted or escaped
* Fix P9 example command
Issue-Id: SCM-3881
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ie460dbd6b1f87f5f9ca2966329341d22da3606d3
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update linux yocto version in configure file for the
corstone500 platform from 5.4 to 5.15
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update patches and recipes to bump u-boot version used in
corstone500 from 2020.07 to 2022.01.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the sha for meta-arm-image in the corstone1000 kas file to
add support for kirkstone. Without this support corstone1000 does
not build.
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the URL and checksums for the new Corstone1000 FVP version 11.17.23.
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
poky master has changed a variable name to BB_ENV_PASSTHROUGH_ADDITIONS.
Support for this has been added in Kas 3.0
Issue-Id: SCM-3881
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ib42f79d144422272b2dd17fe0515da96909219eb
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch is now merged upstream in 7285daac, 5.15.25 onwards.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Also update version and download link in meta-arm-bsp fvp-baser-aemv8r64
documentation
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I92ec616d25703ff74ed063918a1e4811bac9ff3f
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add more details about the cache_state_modelled limitation, which can
be worked around by setting cci400.force_on_from_start=1
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Idde23278a87316dae842c6c3793b9836482e8c3a
Signed-off-by: Jon Mason <jon.mason@arm.com>
We were pinning generic-arm64 to 5.10 because 5.14 was hanging during
boot in qemu, but this appears to have been fixed in 5.15.
Unpin the kernel to use 5.15, and drop the defconfig patch which has
been upstreamed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If any of the path computation goes wrong (for example, the compiler
changed so FVP_ARCH needs updating) for the real FVP binaries then
bindir contains broken link called FVP_*.
Solve this by checking that the directory contains FVP binaries and
error out if not.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit updates Tfa SHA to remove the patches from the
recipe since all of them are upstreamed now.
Signed-off-by: Emekcan Aras emekcan.aras@arm.com
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update linux-yocto to the latest version for cs1k.
There is a bug in the kernel version 5.15. Following
patch is applied to fix this issue and will be
upstreamed soon (https://lkml.org/lkml/2022/2/18/475).
Signed-off-by: Emekcan Aras emekcan.aras@arm.com
Signed-off-by: Jon Mason <jon.mason@arm.com>
This is a prebuilt stuff, better to ignore its guts.
Fixes
androidclang: /usr/share/clang-r416183b/python3/lib/python3.9/lib-dynload/_posixsubprocess.cpython-39-x86_64-linux-gnu.so contains probably-redundant RPATH /../lib [useless-rpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
python3-wheel is now in oe-core, so we need to use the meta-oe without
python3-wheel.
This reverts commit 5e59ebf2d3.
Signed-off-by: Ross Burton <ross.burton@arm.com>
* Add clarification on how to mount p9 device
* Remove instruction to use ctrl + c to stop FVP
* Add cache_state_modelled to Known Issues
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I122c5ae5b3ceee1d106205d93a006f75bdbfa2bf
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commits updates the SHA of SCP-firmware and include required
patches to build SCP firmware with experimental features
MPMM/POWER/PERFORMANCE for TC0 platform.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I263b484a467636154b70805f920bb53c6fe2026c
Signed-off-by: Jon Mason <jon.mason@arm.com>
Run check-layer and coverage jobs after the building tasks, as we want
to start compiling sooner and not wait for check-layer to finish before
compiling.
Signed-off-by: Ross Burton <ross.burton@arm.com>
As BitBake has renamed BB_ENV_EXTRAWHITE to BB_ENV_PASSTHROUGH_ADDITIONS
the SSTATE_DIR and DL_DIR variables don't get passed from the
environment to bitake anymore.
This is fixed in Kas's git repo, so use :latest until a release is made.
Signed-off-by: Ross Burton <ross.burton@arm.com>
We only build with our binary GCC right now, so disable clang from
trying to get involved. This solves the missing strip problem where
do_populate_sysroot wants to use llvm-strip but it hasn't been added
to the sysroot.
Signed-off-by: Ross Burton <ross.burton@arm.com>
The latest Clang produced unaligned access warnings, which EDK2 promotes
to errors with -Werror.
edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:78:47:
error: field Guid within 'FPDT_GUID_EVENT_RECORD' is less aligned than 'EFI_GUID'
and is usually due to 'FPDT_GUID_EVENT_RECORD' being packed, which can lead to
unaligned accesses [-Werror,-Wunaligned-access]
This has been reported upstream so for now ignore this warning.
Signed-off-by: Ross Burton <ross.burton@arm.com>
We currently disable release builds with Clang, but it appears the
underlying issue has been fixed upstream so make a note that we should
be able to turn release builds back on with EDK2 202202.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Commit 53a40b1 updates the license names to use the SPDX terms, but as
intermediate variables are used in this recipe a few instances were
missed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
* openembedded-core/scripts/contrib/convert-spdx-licenses.py .
...
All files processed with version 0.01
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
This commit moves all the trusted-services patches to a new
corstone1000 directory.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit updates the meta-arm-image SHA to drop psa-arch-test
from the build.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to build and install psa-arch-tests using
trusted-services code and drop psa-arch-tests recipe.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to update TF-M git SHA to fix
psa-arch-tests test case failures.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit replaces mbedcrpyto with mbedtls on the trusted-service
recipe.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Document U-Boot addition, add new architecture section and update the
change log.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ie0e1ff35ade634f2b523c14bb058c9d775802632
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable the bp.refcounter.use_real_time option, so that the CNTPCT_EL0
increments in real-time instead of simulator time.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I197d6de4a7316e5299aee34e64e149cbd3d515a9
Signed-off-by: Jon Mason <jon.mason@arm.com>
The FVP default configuration has bp.dram_size=4, which is sufficient
for development and testing purposes, so remove the FVP_CONFIG
override and set to 4 Gb in the device tree.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I4a96062c9e94d36f5459f33c86aab4d4885bab43
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch introduces U-Boot into the fvp-baser-aemv8r64 boot flow,
providing EFI services.
The fvp-baser-aemv8r64 does not have an EL3, so the system starts at
S-EL2. For now, U-Boot is running at S-EL2, alongside boot-wrapper.
Enable the --enable-keep-el option in boot-wrapper-aarch64 so that it
boots the next stage (U-Boot) at S-EL2. Additionally, tell
boot-wrapper-aarch64 to bundle U-Boot instead of the kernel.
Linux only supports booting from S-EL1 on the fvp-baser-aemv8r64, so
U-Boot is configured with CONFIG_SWITCH_TO_EL1, so that booti or bootefi
switch to S-EL1 before booting the EFI payload (unless an enviornment
variable - armv8_switch_to_el1 - is set to 'n').
Add patches to U-Boot, which:
* Add board support for the fvp-baser-aemv8r64 (with a memory map
which is inverted from the fvp-base).
* Enable the configuration of U-Boot using the device tree passed from
boot-wrapper-aarch64.
* Enable virtio-net.
* Disable setting the exception vectors at S-EL2 so that the PSCI
vectors pass through to Linux.
* Set up system registers at S-EL2 for Linux.
* Configure the S-EL2 MPU for the EFI services.
* Allows bootefi to switch to EL1 before booting Linux.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I229d14b0717df412c1fe33772230ca779f79b32d
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the machine-specific patches, which makes the following changes:
* Add PSCI services to /memreserve/ in the device tree using libfdt.
* Add --enable-keep-el option, which allows boot-wrapper-aarch64 to
boot the next stage at the same exception level.
* Update the counter frequency to 100 MHz.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I41843e958cf629d69de644bb57b660fb542fc8b7
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade boot-wrapper-aarch64 to 1044c77062573985f7c994c3b6cef5695f57e955
Hold back gem5 at 8d5a765251d9113c3c0f9fa14de42a9e7486fe8a in bbappend.
Issue-Id: SCM-3871
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ia5ccca2234dd117d530970f9f90469dacbb778e3
Signed-off-by: Jon Mason <jon.mason@arm.com>
The contents of GEM5_RUN_CMDLINE is passed via --command-line, so there
is no need to include --command-line in it.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Set a default target in meta-zephyr.yml to avoid duplication now that
most configurations build zephyr-kernel-test-all.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
corstone500 was the only user of this and now uses 5.4, so this can be
removed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade from 5.3.18 to to 5.4, a maintained stable release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
trusted-services and psa-arch-tests both use FetchContent to download
more source during configure, and they can't easily be seeded with the
correct sources in advance (unlike TF-M).
Until this is fixed upstream, allow network use during do_configure.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-M for corstone1000 uses libmetal and open-amp, downloaded during
configure by FetchContent. This is bad form, so add these sources and
license statements to the recipe so the fetch doesn't need to happen.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-M uses FetchContent to download further sources at configure time, but
this is bad form as the sources and licenses are not tracked or archived.
This should now be blocked by the network isolation but as this doesn't
work in some environments (such as Docker containers) we can tell cmake
to never fetch to be sure that all of the sources used are declared in
SRC_URI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Consolidate the CS1K kas files into a common file, and respect the
platform policy by setting the DISTRO to poky-tiny. Also add the
CS1K-specific recipes psa-arch-tests and ffa-debugfs-mod to the build.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of adding perf to the target: list, add it to
CORE_IMAGE_EXTRA_INSTALL. This means that machine configurations which
need to change the target don't need to also build perf explicitly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
It was used by SGI575, but it is now tracking the latest
release in oe-core.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe simply repacks existing artefacts, so there's no need to
depend on the toolchain.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The default kernel is now 5.15, so remove the preferred version
assignment.
The mailbox patches went upstream in a different form, so we can drop
the patches and drop in a customised Devicetree file required to use the
new drivers.
In the future we can possibly drop the devicetree patch if it is provided
by firmware, but for now this is known to work.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of pinning the kernel to 5.7, use the latest default version.
There are no patches, so this shouldn't be a problem.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
KMACHINE defaults to MACHINE, so remove the redundant assignments.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The CS1K kernel used overrides to empty the kernel-image package, so
the initramfs didn't contain a kernel image.
The initramfs contained a kernel via a bad dependency in ffa-debugfs-mod,
but now that has been worked around we can remove the CS1K workaround.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
CS1K wants to put the ffa-debugfs kernel module into the initramfs, but
this pulls in the kernel image too because kernel modules depend on the
kernel image (via kernel-module-split.bbclass). Arguably this should be
controllable somehow, as it's not mandatory to have an image on the same
file system as the modules: initramfs or separate /boot partitions being
notable cases.
Until this is resolved upstream[1] we can work around it by removing the
RDEPENDS on the kernel from the kernel module. As the package is
generated during do_package this can't be a simple RDEPENDS:remove, but
has to be another package split function which runs after the module
splitting function.
[1] https://lore.kernel.org/openembedded-core/20220209173036.3823144-1-ross.burton@arm.com/T/#t
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There's no need for ffa-debugfs-mod to RPROVIDE
kernel-module-arm-ffa-user, as this is provided by a sub-package of this
recipe already.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Move TC to an intermediate SHA based on 2.6. This SHA includes
patches for:
* Support for 8GB DRAM
* Support for GPU
* Removal of kernel command-line (not needed, kept in U-Boot)
Also removed patch that fixes build problems as the problem has
been solved in the updated SHA.
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: Ic8c4ef35e8e7ed25711ff0813abab6b6c8564ef3
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the zephyr testcases to be the ones that build and pass tests
(where testing possible). Also, add comment to qemu-cortex-a53 about
not passing tests.
Signed-off-by: Jon Mason <jon.mason@arm.com>
When multiple threads are allowed xtest will fail and
leave the system in a bad state after repeated runs.
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Change-Id: I16f07df1a362540560975deaa5a291a68c332bfb
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable coresight components in the config and also port the patches
which were upstreamed in later version of the linux kernel.
Change-Id: I27983abd5f2945328f7465cc1b2af4f8e848b69b
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If we don't specify a tag name GitLab uses the 'latest' tag, which for
Kas is moved whenever an image build is made.
Instead explicitly use the latest-release tag, which is only updated
when a release is made.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
imgtool from mcuboot uses python3-cryptography-native, and the latest
python3-cryptography explicitly loads the legacy provider, which is a
separate shared object in OpenSSL 3. The search path for providers is
hard-coded into the library so the wrong path is searched and the module
is not found.
Set OPENSSL_MODULES so the right path, so that the legacy module is
found. In the future we may be able to be removed this if the explict
use of legacy algorithms is removed
(https://github.com/pyca/cryptography/issues/6809).
This also means we can remove the downgrades of python3-crytography that
were being carried in meta-arm.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Enable memory-resident bitbake by setting the server timeout to 60s.
For most builds this doesn't have an impact as bitbake is ran once, but
this reduces the time for the pending-upgrades report from 10 minutes to
3 minutes, as it doesn't need to constantly restart bitbake.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add links from the patch names to the patches in cgit for ease of
inspection.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As this can get called lots but the data doesn't change, cache
the responses. Also return a pathlib.Path, as this is 2022.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of simply adding a tag saying "Patched", include the patch count
and make a judgement call on whether the patches are "safe" or not. For
example, patches which are entirely backports or inappropriate are
"safe", pending and denied patches are not.
Signed-off-by: Ross Burton <ross.burton@arm.com>
yocto-check-layers is very greedy when searching for layers, and will
find the test layers in Bitbake if given the chance, for example:
bitbake/lib/layerindexlib/tests/testdata/layer4
This layer has the collection name openembedded-layer and is only
compatible with Sumo. The selection of layer from collection name is
not deterministic, so it's possible that this layer is selected which
then fails the check as it isn't compatible.
Solve this by restricting the dependency layers in meta-arm to just
meta-arm/meta-*, so it doesn't recurse into meta-arm/work/poky/bitbake.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As of meta-zephyr dde88ba the layer is structured different, split into
meta-zephyr-core and meta-zephyr-bsp.
As we define our own machines for use with Zephyr, we can just use
meta-zephyr-core.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Don't use SRCREV in the PV, but use SRCPV as this truncates the SHA.
Also bump to 1.2+git, as the psa-arch-tests project does tag releases.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
corstone1000 currently has a git snapshot of optee-os, so that the
version number is managable use SRCPV instead of SRCREV.
Also fix whitespace in SRC_URI.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
corstone1000 currently has a git snapshot of TF-M, so that the version
number is managable use SRCPV instead of SRCREV.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
It's not recommended to use ${S} in SRC_URI as S contains references
to the version which results in a circular list of variable lookups.
destsuffix is relative to WORKDIR and defaults to git/, so use relative
paths with the same result.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Corstone 700 is end-of-life, so remove it from meta-arm master.
It will remain in the stable branches for existing users, but new users
are encouraged to use Corstone 1000 instead.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since 10e60cc the terminal_map doesn't exist, this piece of code wasn't
updated.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If wait_for_login() times out then it raises an exception instead of
passing back return values, so the bootlog is never assigned.
We always want a boot log, so initialise it outside of wait_for_login and
pass it in.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of patching a file we patched, integrate the changes directly
into the first patch.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The check-layers task takes longer than any of the individual tests
running. Split this up to take advantage of parallelism and speed up
the overall runs.
Signed-off-by: Jon Mason <jon.mason@arm.com>
As the latest python3-crytography breaks TF-M builds, downgrade those
machines using TF-M (musca and corstone) to python3-crytography-native
3.3.2 temporarily.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
meta-python has upgraded to python3-cryptography 36, which has a problem
when used in native recipes:
cryptography.exceptions.InternalError: Unknown OpenSSL error
This causes all builds of TF-M to fail.
Until this error is fixed, add the old version of python3-cryptography.
A BBMASK is set so that it has to be explicitly opted-in, as it DEPENDS
on recipes from meta-python which isn't a hard dependency for meta-arm.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Rename the updates.html format to just 'report'.
This report has the existing overview as the index.html, and then
per-machine files are written with the patch breakdown.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As well as storing the truncated PV, also store the original PV and
whether the recipe needs updating, to avoid the templates needing to
do that logic.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
To prepare for future expansion, refactor the output code to be delegated
to Format subclasses.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of just putting whether there are patches or not into the
context, store the list of patches, the layer they came from, and the
upstream status.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Refactor the script somewhat, and detect whether the starting directory
is a single layer, or a collection of layers.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Recently the way of handling Secure Partitions UUID changed in TF-A
and that needs corresponding changes in required components. Hence
changing them for optee and linux kernel.
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
master branch is renamed to main on psa-arch-tests github
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I6bd49c68aa1a2358c976a3eb0adc5b2a9c5edb94
Poky, etc master branches updated the u-boot recipes to use 2022.01,
causing bbappends for 2021.10 to no longer function. Create a temporary
recipe for 2021.10 until all the BSPs can update to support the latest
version.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Move to newer tag of ACK as well as update to the latest gki_defconfig
using fragments to support TC.
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I71fe31730ce063e9604b8adc879e0a626b3320e7
This commit introduces a configuration variable, LINUX_ACK_TOOLCHAIN_CLANG,
that (if set) switches the kernel build to use the Android Clang compiler
Change-Id: Iab362916159bf6e8096061f1b7281a7513001d61
This Clang version is present in Android master
(as of October 8, 2021)
Signed-off-by: Usama Arif <usama.arif@arm.com>
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I957742ee943ef68119fd7c7e2bd8ee62b717b31c
This change is to upgrade TF-M to latest git hash which contains
fix for capsule instability issue for corstone1000 platform.
Latest TF-M would also require v3.1 mbedtls. Also updated git hash
for mbedtls repo.
By having the generic-arm64 machine using the same kernel config as the
linux-yocto standard kernel type, application layers can rely on the same base
configuration, independently of the target machine.
Also, the kernel-yocto.bbclass searches for .scc files in the FILESEXTRAPATHS.
Hence, we don't need to list generic-arm64-standard.scc in the SRC_URI.
Issue-Id: SCM-3910
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Change-Id: I46889ce38b32521d8350534cc590b57b158ad573
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change ftpm to install embeddable (stripped) version to sysroot. When
building optee-os pick up from sysroot instead of DEPLOY_DIR_IMAGE.
This fixes a build race condition where DEPENDS was only waiting for
optee-ftpm:do_populate_sysroot instead of do_deploy.
Signed-off-by: Ryan Fairfax <rfairfax@microsoft.com>
distutil warnings are causing CI to fail. This is caused by changes
outside of meta-arm, and are not relevant for anything present in
meta-arm. Temporarily ignore these until they can be handled upstream.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The Linux kernel expects the peripheral ID register to be just below the
end of the address range, which for the PL011 and SP805 is at 0xFE0 not
0xFFE0, so set the size to 0x1000.
Issue-Id: SCM-3881
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Iada28e8192d72b1647822c33d13deffe507043b5
So that all possible combinations are built, add edk2-firmware to the
default image dependencies too.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This doesn't build successfully with Clang, so for now the build forces
the use of GCC.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Explicitly set the level of parallelisation instead of letting build.sh
determine it.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The optee-os recipe was recently split into optee-os and
optee-os-tadevkit.
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Change-Id: Id9794b7c4a7e2f3fac4286498fa44c35fd8aaa0b
Signed-off-by: Jon Mason <jon.mason@arm.com>
The Armcompiler-* licenses are specific to a single release of the
Arm Compiler, so remove them from the layer and use NO_GENERIC_LICENSE
to extract them from the source directly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
On corstone1000 platform, Secure Enclave will be expecting
an event from uboot when it performs capsule update. Previously,
an event is sent at exitbootservice level. This will create a problem
when user wants to interrupt at UEFI shell, hence, it is required
to send an uboot efi initialized event at efi sub-system initialization
stage.
Change-Id: I7d16e184675d537d790365e1b03a414ac802694a
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upgrade TC's TF-A from a post-2.5 snapshot to the 2.6 release.
This means increasing the maximum size of BL31.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The TC appends include a long sgdisk invocation which can be made a lot
clearer by using the full option names (e.g. --change-name) instead of
short (e.g. -c).
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
UEFI spec says that if 0 is passed in the attributes filed in
setVariable() API, it means that it's a delete variable call.
Currently smm gateway doesn't handle this case. This change
is to add above mentioned check.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: Id3a54601d403102da5c5617d7b4da8ec51029200
Signed-off-by: Jon Mason <jon.mason@arm.com>
When a getVariable() call is made with data size set to 0,
mm_communicate should return EFI_BUFFER_TOO_SMALL. This is
an expected behavior. There should not be any failure logs
in this case. So the error log is commented here.
Change-Id: Id5b36928b1450ef9f83d34a3ab7feb4839ff9734
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch is cherry-picked from upstream to fix misalignment
of efi load image
Change-Id: If64e635a80cd0b6ecb8f09c62aa2b248d0e36f4e
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Embed an improved patchreview tool which can generate metrics.txt files,
and run that as part of the CI. This means that every merge request
will include a section if the metrics change, so it is easy to spot if
patches with bad headers are added.
The changes to patchreview will merge into oe-core soon, so when that
happens we can drop the copy.
Signed-off-by: Ross Burton <ross.burton@arm.com>
These changes are to add
* ethernet device SMC911x device and this is required to support
bootfromnetwork SCT
* also enabled other config options to fix SCT issues
Change-Id: Ic6112c019cb08f77e29508ad47980f851f79088c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
This patch fixes the SCT errors seen for setVariable() and
getNextVariableName() functions. The existing implementation of these
functions does not cover certain error conditions which are listed in
the uefi specification. This patch adds these changes.
Change-Id: Idcddc799588339de6729b73c0ceada5c2018dd4b
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
This patch fixes the os_indications setVariable() failure. The variable
index UID in SMM gateway which was 1 is changed in this patch. TFM has a
special usage for variable with UID 1, which makes it write once only.
This is not required for SMM variable index.
Change-Id: I50d60b87d3ef44ffd50e71ec4f20d31fdacf7acd
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Rewrite the terminal code to have a priority list of terminals when
selecting a default, allow the user to pick a default with a
configuration file, and add gnome-terminal to the list.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Only pass a console_cb if we're hooking up a console, so that the output
from the FVP is visible on the terminal.
Signed-off-by: Ross Burton <ross.burton@arm.com>
These changes are to support populating corstone1000 image_info
to ESRT table
Change-Id: I6e5cdd8a3477fbf3c480bf7a725198841ed79796
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
This patch removes the CONFIG_CMD_DHCP and CONFIG_CMD_PING
config parameters from the defconfig. It also reverts the workaround
patch which disabled NV get and set on u-boot.
Change-Id: I80f41235dbca2e76003c28164b42f4403dadc499
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
This patch will add a macro to configure the volatile and
non volatile storage in SMM gateway. Few useful logs are
also added to the secure world.
Change-Id: Ifdb405a09a9a72718df8b335b9f42509dd8c850c
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Setting the model script SHA to use the right FVP
options.
Change-Id: I7f92fb97466bf4f5f48b8d184a396bf87bdeb401
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Zephyr supports musca-s1 boards. Add support in the machine config file
and the relevant CI entries to build it.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Ninja is a better Make. Add progress feedback and parallelisation
options, reducing the time to build TF-M on my machine from 100s to 6s.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update tfm-tests and mcuboot SHAs. mbedtls is still recommended to be
at 3.0.0, newer releases do not build.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch should have been removed as part of the 1.2.0 upgrade.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to update TF-M SHA which has fixes for capsule update.
Change-Id: I016381c2a95fcdd9629772671143a1e7332196e5
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch will fix the ffa mm communicate function behavior as
expected by efi_get_var() and also fix the com buffer size used by
u-boot.
Change-Id: I8ce28a2e51b8f52856d81ea6e3c1e2e72cfaa362
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The efi_get_var() expects EFI_BUFFER_TOO_SMALL return value
from efi_get_variable_int() to just read the size of the data.
So when comm buffer is smaller than received buffer,
efi_get_variable_int is expected to return error code. This
functionality will be fixed in future patches.
Change-Id: I3e5119b1fdf18c965cc2ebc11056b6ca70d57e0f
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add capsule update interface to SE proxy SP.
This interface sends following events to secure enclave
* firmware update request - SE will read the capsule and will flash the
image to flash to previous active bank
* kernel boot event - SE will delete timer on reciption of this event and
marks all the images as accepted if in trial state
Change-Id: I7cf9b729128d1e07e891253661fcd891191e8024
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The maximum number of UEFI variables that can be supported by SMM
gateway is currently 40. When more than 40 variables are written,
or read SMM gateway returns error code. Currently this value is
increased to 100 to support more UEFI variables.
Change-Id: I3ebef8052fd01c5b1c19cdfe71ab3c02447a005b
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit configures crypto and attestation tests for Corstone1000
platform.
It also fixes CMake issues on the current trusted-service CMake source
files to enable this configuration.
Change-Id: I334d661c1bc349e03f92611d6010360c08e6cc89
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting the last master branch SHA for openamp changes.
Change-Id: I58bc0a1adb7754af901fc1734ffeb92aad191fe5
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add psa ipc crypto backend and attach it to se proxy
deployment.
Change-Id: I072cd3f0661be33773a2132c2222dc4c7b8c6cb4
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Implement attestation client API as psa ipc and include it to
se proxy deployment.
Change-Id: I0a1130d2013717c6499da5bb2cd6cd11a752bcce
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since secure enclave is 32bit and we 64bit there is an issue
in the protocol communication design that force us to handle
on our side the manipulation of address and pointers to make
this work.
Change-Id: Icb29fdec6928dba6da7e845b3a13d8a3560c5fe1
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Fixes needed to run psa-arch-test
Change-Id: Iba090e151298a216f8f1bf81a72bba4587bec389
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
add the do_write_fvpboot_conf function into IMAGE_POSTPROCESS_COMMAND
so that this function can be called after the build system created the
final image output files.
It's possible that bitbake doesn't run start from the do_rootfs task but
run start from do_image_<type> at the stage of image generation.
For example, there are multiple partitions in the wic file and the
grub.cfg file is placed to the first partition and the rootfs is placed
to the second partition. At this time, if we change the content of
the grub.cfg file resided in the related recipe's directory and build,
the do_rootfs task won't be run by bitbake but a new wic file will be
generated. In this situation, the fvpconf file also won't be updated and
the 'bp.virtioblockdevice.image_path' is still pointing to a old image
file.
Issue-Id: SCM-3724
Signed-off-by: Huifeng Zhang <Huifeng.Zhang@arm.com>
Change-Id: I7a41afa1d7471d09b60d118c4a6c99c57a6b548c
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adding to SRCREV_FORMAT the names of the repos fetched.
Change-Id: Idf80065c39b2124bf384d0dbb4028138b27c1e10
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Aligning to the last meta-arm-image version to
add psa-arch-tests to the rootfs.
Change-Id: I40e945f814df4b6f7c30772d3dd6f91e6b6fcafc
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit adds support for building/installing the test
application.
Also fixing CMake issues on the current trusted-service CMake source files.
Change-Id: Iae0fc9bf9362cf5b7d65cd7b9f0445f62f3b83eb
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit adds a recipe for psa-arch-tests linux
userspace application.
Included tests are; crypto, protected_storage,
internal_trusted_storage and attestation.
Change-Id: I6285aa2a6ae8fdd25f4327f1d301c59a88bce775
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
EXTRA_OEMAKE is not needed since we are using CMake.
Change-Id: Ifc0dcc9313fe4e473cbba8eb3b716e11cf8e45ee
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Remove a backported patch which has been incorporated in this release.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
edk2-firmware is machine-specific, but this is a generic binary so we
can reset PACKAGE_ARCH to the tune.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The invalidate_dcache_all function has been implicitly declared.
This commit fixes that.
Change-Id: I83e985e219af8687c0679045f6a979c91923be69
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When the GENMASK used is above 16-bits wide a u16 cast will cause
loss of data.
This commit fixes that.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: I72e5e42971a50ce167500a92cc529c5cb3ff781f
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to delete a separate check for guid for corstone1000
target. Generic check of fmp guid check should suffice.
Change-Id: Idec92c9307f903e52985057404daac2e40d05295
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Changing where to pass the SE Proxy interface and event IDs.
Now they are passed to the SE Proxy in register w4.
The events involved are kernel started and buffer ready
events.
Change-Id: Ib60897e9f01cd87b9923892198f8868e02cc830d
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
No need to set again the same SHA as the one provided
by the recipe.
Change-Id: I034aca31c1cc30868552be67a04400db20ad59b2
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Moving common settings that can be used by other
components to a common file: secure-partitions.inc
Change-Id: I81691ee52bef3dfbd72c59afe20b01a5cf2222ea
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch fixes the GetVariable() issue which causes
mm_communicate failure when called with 0 data size. The comm buffer
is set to maximum size when 0 data size request is made to handle the
MM response from the secure world. This is a generic fix but used by
corstone1000.
Change-Id: Id50619816a924b4fa7597295f89d54827191fbb5
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to fix missing error check during sp init
and add support for defining memory regions
Change-Id: I381ff9805288590809471494bdff5e7f62232f7c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes is to rebase patches to latest
SHA(a365a04f937b9b76ebb2e0eeade226f208cbc0d2) of integration branch.
Also cherry-picked other bug fixes with the exemption of adding
newlib changes. newlib changes brakes the build because of musl
libc, hence dropped those changes for now
Change-Id: If0131d00e63eb0f574fa41dd95cfee4351e696e8
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When using devtool the S is no longer an unpack location.
Let's use the default unpack location WORKDIR that works
whether devtool is used or not.
Change-Id: I34dfb53feddddfba82ff68a43b6cfe89a60c7701
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Change the setting of PV from referancing SRCPV to using SRCREV.
Also drop the use of PREFERRED_VERSION. The existing TF-M recipe will
be selected automatically (1.4.1). Corstone1000 bbappend sets the SHA and
PV to 1.5
Change-Id: Id9332fd87e271608ba425e05e796f75fd1c0268d
Signed-off-by: Drew Reed <drew.reed@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Remove mock up backend for secure storage in se proxy
deployment and use instead the secure storage ipc backend with
openamp as rpc to secure enclave side.
Change-Id: I5225966ec621be9fa126b5af6ede0a1f6bbf469b
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add secure storage ipc ff-m implementation which may use
openamp as rpc to communicate with other processor.
Change-Id: I6707f3b0654fb255cacef930d9314662b106273c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for inter processor communication for PSA
including, the openamp client side structures lib.
Change-Id: Icb86045b7915c4b04d2ec73b88ed40a3d65be4af
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add PSA client definitions in common include to add future
ff-m support.
Change-Id: I0860fa347fd882d6e99da136a4273a0ef5d7d684
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The device tree is embedded in the u-boot binary
and located at the end of the DDR. Its address
is specified in fdtcontroladdr environment variable.
No need to use fdt_addr_r anymore.
Change-Id: I58b17fbcab36c7236d57eb2498c41b5f4960b6eb
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Setting stdout-path in the chosen node.
Change-Id: Ie0a6b140492f0c5fc323690d2f6bc921cbe76cb3
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The N1SDP build uses a non-standard FIP UUID, so explain where it comes
from.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The base recipe can install the required files, so this is redundant.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Using a path relative to a kas yaml file to include another kas yaml
file won't be supported in the future. This patch also updates the
documentation for fvp-baser to set the minimal supported version of kas
to 2.6.
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I757103c5433bca7af9ab024370cd1e994d59fe0e
Signed-off-by: Jon Mason <jon.mason@arm.com>
qemuarm64 fails to build since PLAT=invalid when MACHINE=qemuarm64
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit adds mhu driver (v2.1 and v2) to the secure
partition se_proxy and a conversion layer to communicate with
the secure enclave using OpenAmp.
Change-Id: I3d7893f2f52fdcfe6aae4c471c261b6ffd76b274
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit passes the platform name to CMake through the
configure task.
Change-Id: I7aaf10e3709507c65dd81c31e0301df57bbdf4fc
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to fetch and build openamp and libmetal
as part of SE proxy secure partitions
Change-Id: I251525f830535ceb1e1fc9f994c22a8b149fe7b6
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Moving dependencies to the BSP.
Change-Id: I32abd6c0568030550dda0442a2a4f624967b561c
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Keeping the recipe platform independent.
Additional components can be added at the platform level.
Change-Id: Ib1b0dd8d50486a037257dd99fea0d0ba2c80c7fb
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to add following header file to optee-spdevkit
and these are required by openAMP:
* features.h
* error.h
Change-Id: I51b801911b5a0131bf938ac1d520c4818e416637
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This change is to increase optee core heap size to 131072 bytes
from its default value to accomodate openAMP and smm-gateway
Change-Id: I40912334f59a50bb3baf853bb5ff4b01c3b23966
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Most BSPs don't need a specific release of TF-A, so add a bbappend for
TF-A 2.6 and remove the preferred version assignments.
Notable exceptions are TC0/TC1 and Corstone1000, which both are currently
using intermediate SHAs pre-2.6:
- TC0/TC1 fails to build with TF-A 2.6 as the binary doesn't fit in the
specific space.
- Corstone1000 patches need to be rebased on top of 2.6
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Keeping 2.5 around temporarily until all of the machines are ported.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The bbappend is fetching a specific SHA, so explicitly set the PV
to match.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Instead of every versioned recipe setting this, move it to the common
include.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There's no need to use virtual/trusted-firmware-a, as there's only one
provider of trusted-firmware-a: trusted-firmware-a.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Use a generic wildcard in the arm-bsp bbappend to avoid needing to rename
in the future.
Remove the N1SDP patch as this has now been merged upstream (c5e45a7).
Remove TC? overrides which pinned it to an intermediate SHA.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Drop a patch which was backported and is now included in 2.9.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This seems to be needing arm specific kernel headers, so I infer this
still is arm specific module
Fixes below error on non-arm hosts
/git/arm_ffa_user.c:12:10: fatal error: linux/arm_ffa.h: No such file or directory
| 12 | #include <linux/arm_ffa.h>
| | ^~~~~~~~~~~~~~~~~
| compilation terminated.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If we build aarch64 based machines living outside meta-arm then these
recipes report as unsupported e.g.
ERROR: Nothing PROVIDES 'optee-os-tadevkit' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb DEPENDS on or otherwise requires it)
optee-os-tadevkit was skipped: incompatible with machine rock-pi-4b (not in COMPATIBLE_MACHINE)
ERROR: Nothing RPROVIDES 'optee-ftpm' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'optee-ftpm'
NOTE: Runtime target 'optee-ftpm' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['optee-ftpm']
ERROR: Nothing RPROVIDES 'optee-ftpm-dev' (but /mnt/b/yoe/master/sources/meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'optee-ftpm-dev'
NOTE: Runtime target 'optee-ftpm-dev' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['optee-ftpm-dev']
Therefore its better to limit this recipe to machines supporting
optee-os
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
edk2-firmware release builds with clang fail:
MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c:142:15:
error: variable 'Status' set but not used [-Werror,-Wunused-but-set-variable]
This is upstream as https://bugzilla.tianocore.org/show_bug.cgi?id=3758,
but until that is resolved we can just force debug builds with clang.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We set GCC5_AARCH64_PREFIX so the tools are prefixed correctly in GCC
builds, but didn't set CLANG38_AARCH64_PREFIX. This meant the clang build
used the host objcopy, which may not know about the target architecture.
Also these can just be the prefix and not a full path, as the binaries
are on $PATH.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update the size of bl2_signed.bin and tfm_s_signed.bin
Change-Id: I8312dd6d50faff53e1ca489cbf73c5f25671b21c
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Secure enclave, based on the firmware update state of the
system, decides the boot bank. In this commit, u-boot
identifies the selected boot bank and loads the kernel
from it.
Change-Id: Ifcef126dc79c7808b30ef0319d83482d2d29fd13
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Secure enclave decide the boot bank based on the firmware update
state of the system and updated the boot bank information at a given
location in the flash. In this commit, bl2 reads the givev flash location
to indentify the bank from which it should load fip from.
Change-Id: I2f7518c82c1664355da2aa1596f4f65f7a49a53d
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Change-Id: I2d23d06099ffbf15458afaeb21c5dd4bcc4ffecb
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Change-Id: If6c048a6117023aae2e748c23ed52447857b0d04
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The patchset perform the following changes:
a. Disable secure debug by default.
b. OTA Firmware Update Agent implementation.
c. Implementation of boot index propagation mechanism.
d. Openamp version/commit hash correction.
e. Implementation of host watchdog interrupt handler.
Change-Id: Ie5e1028bb29ce337d51ad8ef47d2bd8175187402
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit implements distro_bootcmd in config_bootcommand in u-boot.
This command traverses all the USB devices connected to the board and
finds a usb device that has bootable image to boot from it. If it cannot
find a usb device with the bootable image, it will boot the system using
the existing flash.
Change-Id: Ia05ca02d6f490a1b51fcf377afcc86ea0ed4e19c
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit implements efi_reset_system for corstone1000 platform. In
order to reset the system, the host uses secure host watchdog to assert
an interrupt (WS1) on the secure-enclave side, then secure-enclave
resets the system.
Change-Id: I772181cd43e789f1d6508aaa433eb109d8f85b5d
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit enables PSCI Reset for corstone1000 platform. It configures
u-boot to use PSCI interfaces in efi_reset_system function.
Change-Id: I88ea55fde2b2c6e455a4b38e885e62a410b0b0e7
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch does three things:
- Add the CONFIG_EFI_PARTITION option to the corstone1000_defconfig
to allow u-boot to detect EFI filesystems.
- Add isp1760_get_max_xfer_size(), this fixes an issue where
GPT partition info could not be loaded.
- Fix the issue while detecting EFI filesystem, and loading GPT
partition info.
Change-Id: Ic04c8710f4ea7e156aca196d7e54f090b9376c49
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This patch updates shared buffer address, disables get/set of NV
variables, and invalidates the cache after write to shared buffer as the
SPs have cache disabled.
Change-Id: Iead01edf3011e192df205236df098415e5bde9a5
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Default to release builds and let machines enable debug builds if they
want that.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Building edk2-firmware needs explicit configuration for the target
machine, so set an invalid COMPATIBLE_MACHINE to stop edk2-firmware
building for, example, qemumips.
sbsa-acs is an application, so unset COMPATIBLE_MACHINE in that recipe
as it will work on all aarch64 targets.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Group the qemuarm64-secureboot and qemu-generic-arm64 overrides so that
they are easier to read.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
There is only a limited number of EDK2 architectures, so we can set
the architecture using overrides in the base recipe instead of every
machine customisation needing to set it explicitly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These patches have been merged into edk2-platforms bd53d309 onwards,
which is built with edk2-firmware 202111.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Set the default platform name/descriptor to 'unset' so that build.sh fails
with obvious errors, instead of generic argument parsing failures.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
QEMU_USE_KVM needs to be empty, not 0. Otherwise, it doesn't catch and
runs KVM anyway (which breaks inside our docker containers).
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit enables smm-gateway in optee-os by making the following changes:
- Updating the existing SP manifest file with a combined manifest file
that includes information about both se-proxy and SMM gateway SP.
- Including the SMM gateway SP makefile in optee include file
to embed smm gateway sp binary into optee image.
Change-Id: Iebcf2c534a9e9ced411c943ff583b522ad9d69fa
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
smm-gateway secure partition is a slim version of StMM for low memory
devices.
This commit adds support for smm-gateway for corstone1000 at the
secure partitions level by making the following changes:
- Configure TS_DEPLOYMENTS to include SMM Gateway SP, SMM gateway to use
device region for shared buffer, and set the NV store macro.
- Updating secure partitions recipe to point to HEAD of integration
branch to fetch stmm-gateway changes.
Change-Id: I56ff325cca250749448364e12ac06e3ea289fa29
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit introduces a new kernel patch that aligns the FF-A
versions checks according to the FF-A specification v1.0.
Without this fix, the FF-A bus fails to initialize when the FF-A
framework is version 1.1 (comes with the latest TF-A).
The bus driver which is v1.0 rejects the framework v1.1 despite
the fact they are compatible according to the specification.
This kernel patch changes the logic of the version checking based on
the specification.
Change-Id: If9d7b6c0d5e24e73d4f42c6532cd56ff2d05fcec
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit implements capsule update for Corstone-1000.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: I3031018eebb9aaae56c0823d24ee5c148857f2fa
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit provides these new generic u-boot features:
- The FF-A low-level driver implementing Arm Firmware Framework for Armv8-A (FF-A)
- MM communication using FF-A (compatible with StandaloneMM and smm-gateway)
- A new armffa command and a test module to test the FF-A helper functions to
communicate with secure world.
It also enables FF-A and MM communication for the Corstone-1000 platform.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: Ic71dcae2411aefae00557284c08be662bfe80b98
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to add a rule in optee-os Makefile to include
secure partitions as part of optee-os image
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I2f6f93ffca9a2332cbe9ffe4e9903b8ec524df51
Signed-off-by: Jon Mason <jon.mason@arm.com>
oe-core c2a2d47 changed the default of QEMU_USE_KVM to 1, so qemu will
want to use KVM and will error if it can't. Our CI runners don't have
KVM, so we need to disable this.
In the long term this should be more intelligent as some workers have
KVM and some don't, but this will get successful builds again.
Signed-off-by: Ross Burton <ross.burton@arm.com>
To ensure that optee-spdevkit works in all configurations, but it in the
CI for qemuarm64 not just corstone1000.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe was setting a default SRCREV which doesn't contain the
Secure Partition devkit, as this is only in the psa-development branch
on the trustedfirmware.org mirror which is set by the corstone1000
bbappend.
Use this branch/revision by default, and set the PV correctly: this
branch is currently based on optee-os 3.10 not 3.14.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
No need for this to be versioned as it complicates upgrades.
Remove the explicit post-2.5 SRCREV now that the recipe has upgraded to
2.6, and remove assignments which are already the default for
conciseness.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Hafnium can do a qemu/aarch64 build, so enable that for future testing
purposes.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
hashbang.patch isn't needed anymore, and rebase the other patches.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Interchangable firmware isn't really a workable concept, so there's no
real need to have a virtual name.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Firmware isn't arbitarily interchangable as by definition it is specific
to the platform, so use the real recipe name instead of a virtual name.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Now that the TA devkit has been split out of optee-os, the build
dependencies of optee-test need to be updated too.
Signed-off-by: Ross Burton <ross.burton@arm.com>
These changes are to add support to build TrustedServices.
corstone1000 platfrom uses optee-sp option which will include
secure partitions into optee Image
Following changes are made to trusted-services code
* TS_PLATFORM should be set at the external build system level.
* fix EARLY_TA_PATHS environment variable
* se-proxy string and make it as child node
Change-Id: I58d76b5e25e7f285794c93dc92c1b93fdd77cfb9
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Add support for corstone1000-mps3 machine which have a cortex-a35
aarch64, this will boot till u-boot prompt.
Change-Id: Ifdd81d35a5409cdd1563388a841885c14b748cad
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Separate recipe for TA devkit is needed to solve
circular dependency to build TAs with the devkit
and integrate it inside optee-os.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These tasks made some limited sense when there was only one runner, but
in a setup where there are N runners they arere pretty useless as you
can't control which runner is executing the jobs.
Disk usage should be managed out-of-band, so delete the jobs.
Signed-off-by: Ross Burton <ross.burton@arm.com>
The public sstate server isn't up to the load just yet and often-enough
will take a very long time to respond, causing build failures.
Signed-off-by: Ross Burton <ross.burton@arm.com>
lnr is deprecated and will be removed soon, so replace it with `ln -rs`
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Migrate the qemuarm64-sbsa machine to use the generic-arm64 machine as a
base. This new qemu-generic-arm64 should contain only the parts
necessary to boot the generic-arm64 in qemu (using the SBSA machine).
This allows for a single generic image with testing for SBSA compliance.
NOTE: a unique WIC file is needed due to the inability to pass kernel
bootargs (due to needing DHCP for testimage).
Signed-off-by: Jon Mason <jon.mason@arm.com>
The build is successful without this, so presumably it's obsolete.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
No point checking that a directory exists before installing from it, as
it will fail immediately anyway if the files are not present.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The corstone1000 customisations override the test-* PACKAGECONFIGs to
always disable the tests, even when they're enabled.
The proper way to do this is to not enable the tests in the first place,
and the tests are not enabled.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This BSP sets an intermediate SHA that is newer than the 1.4.1, but the
branch needs specifying now.
Also remove SRCREV_FORMAT, the PV doesn't include SRCPV so it isn't being used.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Extract the TF-M branch name as a variable, as BSPs may wish to use
intermediate SHAs.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Seeing error of
WARNING: ZEPHYRTESTS:remove += is not a recommended operator combination, please replace it.
Correcting the issue by changing it accordingly.
Signed-off-by: Jon Mason <jon.mason@arm.com>
We don't have any invasive kernel patches for the FVP machines anymore,
so remove the PREFERRED_VERSION and track the default version of
linux-yocto instead.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This recipe was used by trusted-firmware-m and python3-imgtool, both of
which now use python3-cbor2.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Backport a patch to switch from the unmaintained python3-cbor module to
the active python3-cbor2 module.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
We need to be sure that the host linker flags are passed to the kernel
build, as otherwise it is possible that binaries are incorrectly linked.
For example:
HOSTCC scripts/extract-cert
ld: .../recipe-sysroot-native/usr/lib/pkgconfig/../../../usr/lib/libcrypto.so: undefined reference to `pthread_once@GLIBC_2.34'
Signed-off-by: Ross Burton <ross.burton@arm.com>
Patch in BUILD_LDFLAGS into the cert_create Makefile so that the -rpath
arguments are passed to the native build, meaning it can find libssl
correctly. This somewhat worked previously as the host libssl and
sysroot libssl matched, but now that OE has OpenSSL 3 that often isn't
the case.
Signed-off-by: Ross Burton <ross.burton@arm.com>
gem5 imported collections.Mapping, but this was deprecated in 3.3 and
removed in 3.10.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add recipe to generate GPT with FIP and metadata.
Add Python script to generate the FWU metadata.
Signed-off-by: Tudor Cretu <tudor.cretu@arm.com>
Change-Id: Icfe3d1491442af17aa5300d8ff8654ac65ae30aa
Signed-off-by: Jon Mason <jon.mason@arm.com>
Since we are using TESTIMAGE_AUTO, providing the target field in the
testimage yml file is no longer necessary. This allows for multiple
payloads to be built, while still allowing for testing.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Changes necessary to get the u-boot version 2020.10. TC patches are no
longer necessary, as they are upstreamed.
Signed-off-by: Jon Mason <jon.mason@arm.com>
The meta-arm-autonomy layer is being deprecated from master, with bug fixes
only being applied to the following branches. Additionally, all support and
maintenance of meta-arm-autonomy will stop as per the schedule below.
honister: End-of-life scheduled to June 2022
hardknot: End-of-life scheduled to December 2021
gatesgarth: End-of-life scheduled to October 2021
dunfell: End-of-life scheduled to October 2021
master: End-of-life scheduled to October 2021 and code removed
Issue-Id: SCM-3552
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Change-Id: I3ca58f8c13b1ecb3dbaf0d60f0f52b016292633d
Signed-off-by: Jon Mason <jon.mason@arm.com>
Adding ci and yaml files to support
corstone1000-fvp.
Change-Id: I74ebc3570d4b0c8abae58be5ef69064fc33e5bea
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
- This commit provides a recipe for the FF-A Debugfs Linux
driver v2.1.0.
The driver is an out-of-tree loadable modules. It exposes
FF-A operations to user space and only used for development
purposes.
- Create a dev package for ffa-debugfs-mod
ffa-debugfs-mod recipe provides arm_ffa_user.h header for
other recipes that need it at build time.
The header is put in ffa-debugfs-mod-dev package.
Change-Id: I92f33e20b5fdfc9a32cff03ae2a137150d0328db
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit adds the Arm Firmware Framework for Armv8-A to the v5.10 kernel.
The integrated patches are cherry-picked from kernel v5.14-rc2 and
compatible with SMCCCv1.2
Change-Id: If8964b94ed83caa5e0fc5d2a8a9b6a21f8b378ec
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit allows to sign trusted-firmware-a BL2 and FIP using MCUBOOT
tools.
Change-Id: Ide3045982f5f8515c1ccd59b6b0d29816fbfdd68
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Until this is integrated into meta-python, hold a copy of
python3-imgtool in meta-arm-bsp used by trusted-firmware-m.
Change-Id: I2e86be503bee03de549f5714dc52921165afa2bf
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
In an effort to setup capsule update and efi runtime service
handlers, enable the correspondent efi config options.
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Change-Id: Ib068448564268dcacb9bcad3667a3b293f177a83
Signed-off-by: Jon Mason <jon.mason@arm.com>
enable efi boot including secure config options, add a
load command which integrate with efi subsystem.
And as at it, enable the efi capsule options for future
use.
Change-Id: Iced8ab2b9bca41805f6201150760692b4b716d7d
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
These changes are to add corstone1000-fvp machine
to optee-os.
Change-Id: I9ddfaca476234c0307a89d5444ae2d0e688a9b59
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit enables TF-A v2.5 with Trusted Board Boot support for the
Corstone1000 64-bit platform.
Disables Non-Volatile counters in the TBB.
Change-Id: Idb9e18df7066cb617df72b2e147147ce49db292c
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add support for corstone1000-fvp machine which have a cortex-a35
aarch64, this will boot till u-boot prompt.
Remove kernel devicetree configuration and add the devicetree here and
enable it in the diphda defconfig.
Adds the build options required to support an RTC emulator which in
turn is required to support the UEFI functions GetTime()
and SetTime().
Change-Id: I0d66ece1193494bd2f59a9800d802dff1c4a0db6
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Whilst we have just one version of edk2-firmware, there is no reason to
select a preferred version.
Change-Id: I816de3b7dbcfc543307c792bcd16a5d69f5f4f2d
Signed-off-by: Ross Burton <ross.burton@arm.com>
Take a patch that is heading upstream to pass OPENSSL_DIR to the fiptool
build, removing the need to alter the Makefiles at build time.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Take a patch that is heading upstream to pass OPENSSL_DIR to the fiptool
build, removing the need to alter the Makefiles at build time.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
The commit provides the v2.5 recipe for fiptool-native
and removes the older versions.
Change-Id: Ie87ca97bc63bfe7ba2337b1bf05d9658921bab83
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TF-A 1.5 is very old, remove. People who still need 1.5 will likely be
using older releases.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
TARGET_FPU passed to TF-A Makefile but is not used in TF-A source code.
Change-Id: I7c275711ed1e9fb9ee4e4df2b9c1606cacc4138c
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
If the FVP has already quit when we're stopping an exception is raised,
so catch that and do nothing.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
When a new process group is created, it is launched in the background
and any attempt to access the session terminal triggers a SIGTTIN (for
stdin) or SIGTTOU (for stdout) signal. These are ignored in an
interactive shell, but the default signal behavior in a new job is to
send a SIGTSTP to the whole process group. This causes runfvp to hang
when executed via a subprocess when stdin is accessed.
After creating a new process group, use tcsetpgrp to make the new group
the foreground process for the terminal associated with stdin/stdout,
but only if stdin is a tty.
The documentation for tcsetgrp states that tcsetpgrp itself raises a
SIGTTOU signal, so set this signal to SIG_IGN.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I349a825df7fcb8a3cedb81762b901c6f50fa53b5
Signed-off-by: Jon Mason <jon.mason@arm.com>
With trusted-firmware-m 1.4 the platform names have changed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Update TF-M to version 1.4.0, mbed TLS to 3.0.0, TF-M tests to 1.4.0,
and MCUBoot to TF-Mv1.4-integ tag.
Change-Id: I9172ed9fbf6c6c2ed88303256ef2452dafc665be
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Toolchain files toolchain_GNUARM.cmake and toolchain_ARMCLANG.cmake are
located at trusted-firmware-m source directory.
This commit sets that.
Change-Id: If9c26f65b0c8111a6ff1f1a7d56610563efd501b
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
In case of CMake, PACKAGECONFIG configs take effect when passing
PACKAGECONFIG_CONFARGS to the configure task.
Change-Id: I126ba089c9a5db8e895b8a9545e96ef9fa98ce0d
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
As multiple paths can and do provide modules under oeqa.controllers, all
of these paths need to call pkgutil.extend_path() so the lookup works
correctly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
The sstate mirrors are not available over HTTPS currently due to a
certificate problem, so use plain HTTP instead.
Change-Id: I5b974d67bc13f7c7234927c6bc62a8c733e454c3
Signed-off-by: Ross Burton <ross.burton@arm.com>
Inherit fvpboot so that the FVP binary is fetched and configuration
generated.
Configure the FVP to forward host port 8022 to port 22 locally, and
tell testimage to SSH to localhost:8022. This has the limitation that
only one testimage can run per machine, but this will be removed shortly.
Disable the parselogs test case, as there are some harmless warnings in
the dmesg which cause it to fail. Currently meta-arm can't extend the
whitelist of ignorable warnings.
The FVP binaries are x86-64 only, so tag the job appropriately.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
runfvp currently needs telnet to communicate with the guest, so install
telnet into the image.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Set TEST_TARGET so that all FVP machines use the new FVP target out of
the box, instead of attempting to use qemu.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
All FVPs can use virtio networking devices, so enable virtio in all of
the FVP kernels.
Remove our fvp/fvp-virtio.cfg as there's cfg/virtio.scc we can use.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Add a new oeqa.core.target.OETarget subclass for testimage which starts
a FVP using runfvp. This uses --console to connect to the console so
telnet is needed on the host.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
So that it is easy to kill runfvp and everything it starts (such as
telnet or the FVP itself), reset the process group on startup.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Latest oe-core has less implicit DEPENDS, so gem5 fails to configure:
Error: Can't find version of M4 macro processor. Please install M4 and try again.
Explicitly add m4-native to DEPENDS.
Change-Id: I2e107ea6448eec399619e0d1922fd29930a95fd8
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-10-18 10:00:11 -04:00
889 changed files with 73518 additions and 37529 deletions
@@ -20,7 +20,7 @@ This repository contains the Arm layers for OpenEmbedded.
* meta-atp
This layer contains recipes for the Adaptive Traffic Generation integration into meta-gem5.
This layer contains recipes for the [AMBA Adaptive Traffic Profiles (ATP)](https://developer.arm.com/documentation/ihi0082/latest) generation integration into meta-gem5.
OE-Core's [oeqa][OEQA] framework provides a method of performing runtime tests on machines using the `testimage` Yocto task. meta-arm has good support for writing test cases against [Arm FVPs][FVP], meaning the [runfvp][RUNFVP] boot configuration can be re-used.
Tests can be configured to run automatically post-build by setting the variable `TESTIMAGE_AUTO="1"`, e.g. in your Kas file or local.conf.
There are two main methods of testing, using different test "targets". Both test targets generate an additional log file with the prefix 'fvp_log' in the image recipe's `${WORKDIR}/testimage` containing the FVP's stdout.
## OEFVPTarget
This runs test cases on a machine using SSH. It therefore requires that an SSH server is installed in the image.
In test cases, the primary interface with the target is, e.g:
```
(status, output) = self.target.run('uname -a')
```
which runs a single command on the target (using `ssh -c`) and returns the status code and the output. It is therefore useful for running tests in a Linux environment.
For examples of test cases, see meta/lib/oeqa/runtime/cases in OE-Core. The majority of test cases depend on `ssh.SSHTest.test_ssh`, which first validates that the SSH connection is functioning.
This runs tests against one or more serial consoles on the FVP. It is more flexible than OEFVPTarget, but test cases written for this test target do not support the test cases in OE-core. As it does not require an SSH server, it is suitable for machines with performance or memory limitations.
Internally, this test target launches a [Pexpect][PEXPECT] instance for each entry in FVP_CONSOLES which can be used with the provided alias. The whole Pexpect API is exposed on the target, where the alias is always passed as the first argument, e.g.:
For an example of a full test case, see meta-arm/lib/oeqa/runtime/cases/linuxboot.py This test case can be used to minimally verify that a machine boots to a Linux shell. The default timeout is 10 minutes, but this can be configured with the variable TEST_FVP_LINUX_BOOT_TIMEOUT, which expects a value in seconds.
The SSH interface described above is also available on OEFVPSerialTarget to support writing a set of hybrid test suites that use a combination of serial and SSH access. Note however that this test target does not guarantee that Linux has booted to shell prior to running any tests, so the test cases in OE-core are not supported.
The `runfvp` tool in meta-arm makes it easy to run Yocto Project disk images inside a [Fixed Virtual Platform (FVP)][FVP]. Some FVPs, such as the [Arm Architecture Models][AEM], are available free to download, but others need registration or are only available commercially. The `fvp-base` machine in meta-arm-bsp uses one of these AEM models.
## Running images with `runfvp`
To build images with the FVP integration, the `fvpboot` class needs to be inherited. If the machine does not do this explicitly it can be done in `local.conf`:
```
INHERIT += "fvpboot"
```
The class will download the correct FVP and write a `.fvpconf` configuration file when an image is built.
To run an image in a FVP, pass either a machine name or a `.fvpconf` path to `runfvp`.
When a machine name is passed, `runfvp` will start the latest image that has been built for that machine. This requires that the BitBake environment has been initialized (using `oe-init-build-env` or similar) as it will start BitBake to determine where the images are.
```
$ ./meta-arm/scripts/runfvp fvp-base
```
Note that currently meta-arm's `scripts` directory isn't in `PATH`, so a full path needs to be used.
`runfvp` will automatically start terminals connected to each of the serial ports that the machine specifies. This can be controlled by using the `--terminals` option, for example `--terminals=none` will mean no terminals are started, and `--terminals=tmux` will start the terminals in [`tmux`][tmux] sessions. Alternatively, passing `--console` will connect the serial port directly to the current session, without needing to open further windows.
The default terminal can also be configured by writing a [INI-style][INI] configuration file to `~/.config/runfvp.conf`:
```
[RunFVP]
Terminal=tmux
```
Arbitrary options can be passed directly to the FVP by specifying them after a double dash, for example this will list all of the FVP parameters:
```
$ runfvp fvp-base -- --list-params
```
## Configuring machines with `fvpboot`
To configure a machine so that it can be ran inside `runfvp`, a number of variables need to be set in the machine configuration file (such as `meta-arm-bsp/conf/machine/fvp-base.conf`).
Note that at present these variables are not stable and their behaviour may be changed in the future.
### `FVP_EXE`
The name of the FVP binary itself, for example `fvp-base` uses `FVP_Base_RevC-2xAEMvA`.
### `FVP_PROVIDER`
The name of the recipe that provides the FVP executable set in `FVP_EXE`, for example `fvp-base` uses `fvp-base-a-aem-native`. This *must* be a `-native` recipe as the binary will be executed on the build host.
There are recipes for common FVPs in meta-arm already, and writing new recipes is trivial. For FVPs which are free to download `fvp-base-a-aem.bb` is a good example. Some FVPs must be downloaded separately as they need an account on Arm's website, `fvp-base-r-aem.bb` is a good example of those.
If `FVP_PROVIDER` is not set then it is assumed that `FVP_EXE` is installed on the host already.
### `FVP_CONFIG`
Parameters passed to the FVP with the `--parameter`/`-C` option. These are expressed as variable flags so individual parameters can be altered easily. For example:
Specify raw data to load at the specified address, passed to the FVP with the `--data` option. This is a space-separated list of parameters in the format `[INST=]FILE@[MEMSPACE:]ADDRESS`. For example:
Applications to load on the cores, passed to the FVP with the `--application` option. These are expressed as variable flags with the flag name being the instance and flag value the filename, for example:
Note that symbols are not allowed in flag names, so if you need to use a wildcard in the instance then you'll need to use `FVP_EXTRA_ARGS` and `--application` directly.
### `FVP_TERMINALS`
Map hardware serial ports to abstract names. For example the `FVP_Base_RevC-2xAEMvA` FVP exposes four serial ports, `terminal_0` to `terminal_3`. Typically only `terminal_0` is used in the `fvp-base` machine so this can be named `"Console"` and the others `""`. When runfvp starts terminals it will only start named serial ports, so instead of opening four windows where only one is useful, it will only open one.
For example:
```
FVP_TERMINALS[bp.terminal_0] = "Console"
FVP_TERMINALS[bp.terminal_1] = ""
FVP_TERMINALS[bp.terminal_2] = ""
FVP_TERMINALS[bp.terminal_3] = ""
```
### `FVP_CONSOLES`
This specifies what serial ports can be used in oeqa tests, along with an alias to be used in the test cases. Note that the values have to be the FVP identifier but without the board prefix, for example:
```
FVP_CONSOLES[default] = "terminal_0"
FVP_CONSOLES[tf-a] = "s_terminal_0"
```
The 'default' console is also used when `--console` is passed to runfvp.
### `FVP_EXTRA_ARGS`
Arbitrary extra arguments that are passed directly to the FVP. For example:
```
FVP_EXTRA_ARGS = "--simlimit 60"
```
### `FVP_ENV_PASSTHROUGH`
The FVP is launched with an isolated set of environment variables. Add the name of a Bitbake variable to this list to pass it through to the FVP environment. For example:
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.