1
0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-07-17 16:17:09 +00:00

Compare commits

...

481 Commits

Author SHA1 Message Date
Jon Mason 28606c7215 CI: fix sstate-mirror
We should be using OE_FRAGMENTS for the upstream sstate mirror, and
BB_HASHSERVE is in base.yml

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 12:00:03 -04:00
Jon Mason b4fbbaf196 arm/optee-ftpm: update recipe name
optee-ftpm tagged the 4.10 release, but had no functional changes (that
is, they tagged the same commit of 4.9.0 with 4.10.0).  Update the
recipe name to match the latest version, and not have people think that
one package was held back.

Also, modify the version checking to be less incorrect

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 10:00:08 -04:00
Jon Mason c2a169b18e arm/opencsd: update to 1.8.3
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 10:00:08 -04:00
Jon Mason ea93de35ae arm-bsp/external-system: update to the latest commit
The source tree is question is not tagged or branched with any version.
Update to the latest commit, change the recipe name to denote it is
'git' and not versioned, and fix the upgrade-status.  Also, update the
git URL.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 10:00:05 -04:00
Jon Mason 82711f1a48 arm-bsp/corstone1000-external-sys-tests: update to the latest commit
The source tree is question is not tagged or branched with any version.
Update to the latest commit, change the recipe name to denote it is
'git' and not versioned, and fix the upgrade-status.  Also, update the
git URL.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 10:00:05 -04:00
Jon Mason 451dfc3712 arm-toolchain: Update to new toolchain version
Update the recipes to the newest release.  Also, Arm Binary Toolchains
have moved to https://gitlab.arm.com/tooling/gnu-toolchains-for-arm

The new location has a new layout, which means the upstream version
check needs to change.  Unfortunately, they are not using tags, but do
seem to use branch names like a tag.  So, using that for the version
check.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-14 10:00:03 -04:00
Jon Mason 9607ed4eee arm-bsp: Lengthen Boot timeout for rdv2/rdn2
CI is seeing intermittent boot test timeout errors, where the FVP is
almost to shell but times out before getting there.  To get around this,
lengthen the timeout to allow for more opportunity to complete
successfully.

By default, the timeout is 600 seconds.  Increase this by 50% to 900.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-07-07 10:00:04 -04:00
Harsimran Singh Tungal 94e19cb2b9 ci: enable testimage coverage for Corstone-1000 A320 FVP
Update the Corstone-1000 A320 FVP CI matrix to run testimage jobs.

This enables testimage coverage for both the firmware-only and no-firmware
entries.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-30 09:00:03 -04:00
Harsimran Singh Tungal 589e16aebc fvp:corstone1000-a320: update Corstone-1000 A320 FVP to 11.31
Update the Corstone-1000 with Cortex-A320 FVP recipe to use the
11.31.cs1000_a320_2 release from Arm Developer.

Switch the source URL to the new package layout, add the architecture-specific
download tokens, and update the x86_64 and aarch64 SHA256 checksums.

The new package extracts directly into the FVP install directory, so update the
install step and license paths accordingly.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-30 09:00:03 -04:00
Harsimran Singh Tungal 793354dbf2 arm-bsp/documentation: corstone1000-a320: update 2026.05 wrynose release documentation
Update the Corstone-1000 with Cortex-A320 changelog, release notes,
user guide, tests documentation and metadata for the 2026.05 release.

Add the new 2026.05 changelog entry for the Corstone-1000 with
Cortex-A320 specific updates and align the component version tables and
Yocto distribution component versions with the current release content.

Refresh the user guide and tests documentation to align with the
2026.05 release state, including release tag references, recipe version
references, report links

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-30 09:00:03 -04:00
Harsimran Singh Tungal c6febbdd02 arm-bsp/documentation: corstone1000: update 2026.05 wrynose release documentation
Update the Corstone-1000 changelog, release notes and user guide for
the 2026.05 wrynose release.

Add the new 2026.05 changelog entry and capture the main release work,
including the component upgrades, TF-M GPT and PSA FWU changes, and the
updated SSH-enabled build flow.
Refresh the component version tables and Yocto distribution component
versions in changelog for the new release.

Update the user guide to align with the 2026.05 release branch and
documentation state, including the Yocto release name, recipe version
references, release tag references, and related asset and report links.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-30 09:00:03 -04:00
Jon Mason 847af9c082 arm/u-boot: fix uefi-secureboot on u-boot v2026.04
u-boot v2026.04 changed to kbuild 6.1, which broke how ubootefi.var is
used.  Apply patch from u-boot mailing list to address the issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-25 18:00:03 -04:00
Jon Mason 3681201897 arm/optee: update to 4.10.0
Update the recipes to 4.10.0 and update the git recipes to 4.10.0
Since corstone1000 is still using 4.9.0, move that to meta-arm-bsp

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:49 -04:00
Jon Mason 9014a4e935 arm/opencsd: upgrade to v1.8.2
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:49 -04:00
Jon Mason 200ccaa637 arm/uefi: update edk2-firmware to 202605
Update edk2-firmware to the latest release.
Of note, GCC5 make variable has been removed.  Use the GCC make variable
instead.  Also, these changes caused the need to modify the sbsa-acs
patches.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:49 -04:00
Jon Mason cef3e3a22c arm/trusted-firmware-a: Update git recipe to the latest commit
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:49 -04:00
Jon Mason dd460eb29d arm/trusted-firmware-a: Update LTS to 2.14.2
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:49 -04:00
Jon Mason 66c46946f5 arm/trusted-firmware-a: remove older LTS versions
The policy in meta-arm is to only have the latest version and the
latest LTS version.  Remove all of the older LTS versions to comply with
this policy.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:46 -04:00
Jon Mason f1098681f4 arm/trusted-firmware-a: Add support for v2.15.0
Add support for the newest release of TF-A.
mnedtls was made a git submodule, and moved location.  Given that this
will be the location going forward, I thought it best to change inc file
to point by default to the new location, and have the LTS versions to
point to the old location in their recipes.

Also, seeing some weird behavior with CPUs not coming on line in
sbsa-ref and qemuarm-secureboot.  So, pinning those back to the LTS
until they can be sorted out.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-18 09:50:03 -04:00
Arthur Cassegrain 8df56513d9 arm/trusted-services: enable devtool modify for ts-psa-api-test
Place psa-arch-tests under ${S}/ts-external/psatest and update the
recipe paths to match.

This keeps the external source layout aligned with trusted-services,
updates the Corstone-1000 patch locations, and lets devtool modify work
against the same psa-arch-tests tree that CMake and
apply_local_src_patches use.

Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-17 09:13:31 -04:00
Jon Mason d718d02774 arm/trusted-firmware-m: remove 2.1.4
Remove the older LTS, since there is a policy of the most recent release
and the previous LTS.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-17 09:13:31 -04:00
Jon Mason c5df984862 arm/trusted-firmware-m: Add 2.3.0 Support
Add recipes for newest version of tf-m.  Of note, mbedtls has been
removed in favor of the TF-PSA-Crypto library.  This is having a cascade
into the other recipes, with a removal from the core inc file and add of
the individual lines to the specific versions.

TF-PSA-Crypto is Apache 2.0 licensed.  So, no need to change the recipe
license field.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-17 09:13:31 -04:00
Jon Mason 22de042eaf CI: use Musca S1 for LTS testing
In TF-M 2.3.0, Musca S1 was removed, but B1 is still present.  In an
effort to keep coverage, swapping S1 and B1.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-17 09:13:31 -04:00
Ross Burton fe60f0804e CI: add option to control whether warnings should be fatal or not
Warnings being always fatal is quite anti-social because sometimes there
are temporary warnings that we don't want to break the CI.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-06-16 16:51:12 +01:00
Ross Burton dea9d913d8 CI: use a single multiline script statement in .build
No change to the script, just formatting.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-06-16 16:48:01 +01:00
Ross Burton c53fcf76e2 CI: default CACHE_DIR to CI_PROJECT_DIR
Set the default cache directory to be the build tree so we don't assume
anything about the runner environment by default.

After this change, runners that don't set CACHE_DIR will need to set it
explicltly in their variables.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-06-16 16:42:24 +01:00
Ross Burton ab0930aa96 CI: remove cve.yml and NVDCVE_API_KEY
This yml fragment wasn't actually used by our CI, and the cve-check class
no longer exists.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-06-16 16:39:25 +01:00
Jon Mason 9aaee17adb arm/scp-firmware: add CVE_PRODUCT
Per https://nvd.nist.gov/products/cpe/detail/593B1385-F4BE-452B-AE3B-51627F6CAE45
add CVE_PRODUCT entry.  Since there wasn't one existing, there is no
need to remove anything.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-11 10:12:32 -04:00
Jon Mason d0b93e582c arm/trusted-firmware-m: add CVE_PRODUCT
Per https://nvd.nist.gov/products/cpe/detail/C0F7CF14-9ACD-42C5-A1F8-839937F8C4DC
add CVE_PRODUCT entry.  Since there wasn't one existing, there is no
need to remove anything.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-11 10:12:32 -04:00
Jon Mason e2e63f20b5 arm/trusted-firmware-a: modify CVE_PRODUCT
Per https://nvd.nist.gov/products/cpe/detail/2E1BD3E8-DF65-42E3-A0BA-747137D6DEF2
Adding "trustedfirmware:trusted_firmware-a"

We can probably remove "arm:trusted_firmware-a", since it has been
depreciated.  Fearing unintended issues, leaving it in for now.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-11 10:12:32 -04:00
Jon Mason 81f5a92193 arm/optee: modify CVE_PRODUCT
Per https://nvd.nist.gov/products/cpe/detail/EB42962B-24FD-4716-B3E2-69F3258A57CF
adding "trustedfirmware:op-tee"

We can probably remove "linaro:op-tee", since it has been depreciated.
Fearing unintended issues, leaving it in for now.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-11 10:12:32 -04:00
Jon Mason 02d361b435 arm/ts-sp-common: Workaround unused-but-set-variable errors
With the new GCC, we're seeing the following error:
| In file included from /builder/meta-arm/build/tmp/work/armv8-5a-poky-linux/ts-sp-smm-gateway/git/sources/ts/components/common/dlmalloc/malloc_wrapper.c:62:
| /builder/meta-arm/build/tmp/work/armv8-5a-poky-linux/ts-sp-smm-gateway/git/sources/ts/components/common/dlmalloc/malloc.c: In function 'add_segment':
| /builder/meta-arm/build/tmp/work/armv8-5a-poky-linux/ts-sp-smm-gateway/git/sources/ts/components/common/dlmalloc/malloc.c:4002:7: error: variable 'nfences' set but not used [-Werror=unused-but-set-variable=]
|  4002 |   int nfences = 0;
|       |       ^~~~~~~

To workaround this issue, add "-Wno-error=unused-but-set-variable" to TARGET_CFLAGS

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-02 09:00:04 -04:00
Jon Mason f23b86a59c arm/tf-a-tests: Workaround GCC errors for 'unused-but-set-variable'
New GCC is logging errors for unused-but-set-variable in
tftf/tests/runtime_services/standard_service/psci/api_tests/psci_stat/test_psci_stat.c

Workaround this by adding -Wno-unused-but-set-variable to the Makefile
Refer to https://github.com/TrustedFirmware-A/tf-a-tests/issues/4
For the upstream resolution, if/when that arrives.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-06-02 09:00:04 -04:00
Michael Safwat 6e6567869f arm-bsp/docs: corstone1000-a320: Add standalone A320 documentation
Add a separate Corstone-1000 Armv9-A Edge-AI documentation
set for the Cortex-A320 platform.

Populate the new documentation tree with the initial index,
user guide, software architecture, release notes, change log,
and supporting images.

Keep common Corstone-1000 material in the existing documentation
set and move A320-specific content into the new standalone
document set.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Lisa Durbin <lisa.durbin@arm.com>
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
2026-05-28 09:47:59 -04:00
Michael Safwat 6ab14ea640 runfvp: add --dry-run option
Add a --dry-run option to scripts/runfvp to print the constructed
FVP command line and exit without launching the model.

This is useful for checking parameters and reusing them with different
FVP binaries.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-28 05:00:03 -04:00
Gyorgy Sarvari 3c07303388 arm/trusted-firmware-a: don't set LD if LTO is enabled
Some platforms (like Allwinner A64/sun50i_a64) have LTO enabled
in the Makefiles, which causes a linking error when using ld:

| [...]/aarch64-oe-linux/aarch64-oe-linux-ld: -f may not be used without -shared

Add an option to be able to indicate in the recipe if the plaform has LTO enabled,
and only pass LD to make in case LTO is disabled, otherwise let it use $CC (as set by the Makefile).

The option is disabled by default to keep the existing behavior.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-24 07:00:05 -04:00
Alex Chapman ce5b4c4b0a arm/edk2-basetools-native: Add missing libuuid dependency
GenFv requires libuuid in the native sysroot.

Add util-linux-libuuid-native and pass required flags through to the
BaseTools makefiles. This can be missed on machines with libuuid
headers installed, as the build may find the host copy instead.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-20 10:00:03 -04:00
Marek Bykowski e04ac672d5 arm-bsp: use IMAGE_LINK_NAME for FVP disk image path
${IMAGE_NAME} expands to a timestamped filename which gets written into
the .fvpconf. A mismatch occurs when do_image reruns (regenerating the
.fvpconf with a new timestamp) but do_image_wic hits sstate (leaving the
old .wic on disk), causing the FVP to fail at startup with:

  Can't stat <image>-<timestamp>.wic! (error 2)

Use IMAGE_LINK_NAME instead, which is the stable symlink that always
points to the most recently built .wic.

Signed-off-by: Marek Bykowski <marek.bykowski@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-19 12:00:03 -04:00
Michael Safwat 33cc743536 arm-bsp/docs: corstone1000: Drop A320 content from base documentation
Remove Cortex-A320-specific content from the base Corstone-1000
documentation.

Drop the A320-only sections, commands, notes, and subsystem image from
the shared Corstone-1000 software architecture and user guide now that
the platform is documented in its own standalone document set.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 15:00:03 -04:00
Hugues KAMBA MPIANA dd2437f8d6 ci: Add Corstone-1000 with Cortex-A320 builds
Add CI coverage for the Corstone-1000 with Cortex-A320 FVP machine.

Build the Corstone-1000 with Cortex-A320 FVP with the firmware-only
configuration and run both `none` and `tftf`.
Also run `none` for the no-firmware build.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 15:00:03 -04:00
Alex Chapman 7ea8654517 arm-bsp:corstone1000: Create a standalone corstone1000-a320-fvp machine
Add `corstone1000-a320-fvp` as a dedicated machine instead of enabling
the Cortex-A320 variant through a kas overlay on `corstone1000-fvp`.

Move the A320-specific machine features, overrides, FVP executable
selection, and Ethos-U85 configuration into the new machine
configuration. Keep the generic `corstone1000-fvp` machine focused on
the base FVP platform.

Update the A320 kas to use `corstone1000-a320-fvp` directly, and
allow pregenerated SSH host keys for the new virtual machine.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 15:00:03 -04:00
Alex Chapman faaa3b84a4 arm-bsp/docs,kas:corstone1000: Add SSH image build support
Add a shared Corstone-1000 kas configuration for building SSH-enabled
mass storage images across the supported Corstone-1000 machines.

Enable Dropbear SSH in the mass storage OS image, add pregenerated SSH
host keys for FVP builds, and document the SSH image build flow in the
user guides.

SSH support is too large for the flash OS image, so provide a dedicated
`core-image-minimal` kas configuration for SSH-enabled mass storage
images instead.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 15:00:03 -04:00
Alex Chapman 3f14fc635c arm-bsp/tf-a: corstone1000: Fix Cortex-A320 errata override
Fix the Corstone-1000 with Cortex-A320 override for the
Trusted Firmware-A errata list.
The override was misspelled as
`ENABLE_CORTEX_A35_ERRATA:cortexta320` instead of
`ENABLE_CORTEX_A35_ERRATA:cortexa320`.

Rename the list to `ENABLE_CORTEX_A_ERRATA`, since it is shared by
the Cortex-A35 and Cortex-A320 variants.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 15:00:03 -04:00
Ross Burton 120782d5fe CI: use kas 5.2
Upgrade to the latest version of Kas.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-18 12:00:03 -04:00
Harsimran Singh Tungal 1843e9e2eb arm-bsp: corstone1000: Enable FF-A-backed EFI runtime variables and selftests
This series wires up Arm FF-A support for EFI runtime services by
factoring runtime-safe helpers into the FF-A bus, layer the EFI
variable TEE transport on top, and then rehome the helper exports
so there’s a single implementation shared between boot and
runtime paths. Corstone1000 enables the self-test command and
expands the runtime variable selftest so it exercises non-volatile
storage across reboots.

Key Changes
===========
 - Add the FF-A runtime transport patch stack to the corstone1000
   U-Boot recipe.

 - Enable EFI runtime variable handling over FF-A and include the
   bootefi selftests and sandbox FF-A runtime transport test.

 - Increase the FIP partition sizes from 2MiB to 2.5MiB
   and update TFA_FIP_RE_SIGN_BIN_SIZE from 0x00200000 to 0x00280000
   to reflect the new allocation. The size of u-boot-EFI-2025.10-r0.bin
   has increased from ~707KB to ~944KB following the FF-A/EFI runtime
   related changes. As this binary is packaged within the FIP, the
   overall signed FIP size has grown accordingly.

 - Add a Yocto patch to increase the FIP partition size from
   2MB to 2.5MB in the TF-M flash layout for Corstone-1000.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-12 12:00:04 -04:00
David Hu da39013db9 arm/trusted-firmware-m: Enable regression test build
TF-M build system has introduced a ground-breaking change since v2.0.0.
Enable TF-M regression test build, following build instructions in TF-M
document [1].

Add the BUILD_REGRESSION_TESTS variable to enable regression test
builds. Individual regression test suites can be selected by
passing the appropriate TF-M CMake options through EXTRA_OECMAKE.
If regression test is enabled, build TF-M and tests from tf-m-tests
directory.

The build files for Normal World build will be installed.

[1]: https://trustedfirmware-m.readthedocs.io/en/latest/building/tests_build_instruction.html

Signed-off-by: David Hu <david.hu2@arm.com>
Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-11 08:00:04 -04:00
Jon Mason 4112fda50b arm-bsp/edk2-firmware: workaround apcica changes
With the latest version of acpica (20260408), the following error is
being encountered in edk2 platforms for Arm SGI

| "iasl"  -p/builder/meta-arm/build/tmp/work/rdn2-poky-linux/edk2-firmware/202602/build/Build/RdN2/DEBUG_GCC5/AARCH64/Platform/ARM/SgiPkg/AcpiTables/RdN2AcpiTables/OUTPUT/./SsdtEvents.aml /builder/meta-arm/build/tmp/work/rdn2-poky-linux/edk2-firmware/202602/build/Build/RdN2/DEBUG_GCC5/AARCH64/Platform/ARM/SgiPkg/AcpiTables/RdN2AcpiTables/OUTPUT/./SsdtEvents.iiii
| /builder/meta-arm/build/tmp/work/rdn2-poky-linux/edk2-firmware/202602/build/Build/RdN2/DEBUG_GCC5/AARCH64/Platform/ARM/SgiPkg/AcpiTables/RdN2AcpiTables/OUTPUT/./SsdtEvents.iiii     61:       Printf ("GPIO0 Pin0 Toggled")
| Error    6010 -                                                                                                                                                                                  Internal compiler error ^  (Invalid parse opcode in OpcGenerateAmlOpcode)

Since this appears to be a debug message, and the relevant platforms are
a work in progress.  Work around this issue by removing the printf.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-05 13:11:15 -04:00
Jon Mason f3a2db0561 arm-bsp/u-boot: Update fvp-base, juno, corstone1000 patches
Fuzz detected when applying patch.  Use devtool to update and clean-up
the relevant patches.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-01 10:00:10 -04:00
Alex Chapman 3aa085566e arm-bsp/docs:corstone1000: Reduce sudo dependency in OOB tests
- Add `wic`` image manipulation requirement, `mtools`, to prerequisites
- switch the `kas` install step to a user-local virtual environment
  removing `sudo` requirement
- Add `wic` install step
- replaced the mount/unmount acs_results and capsule staging steps
  with non-`sudo` wic-based image manipulation.
- Adds guidance for using serial-console without `sudo`
- Standardise capsule transfer to the root of the BOOT partition
- Update docs to align with new non-`sudo` requirement for
  `create_keys_and_sign.sh` interactive script.

These updates remove several unnecessary `sudo`` dependencies when
running OOB CS1K testing.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-01 10:00:03 -04:00
Alex Chapman 85bd24f7b0 arm-bsp/docs:corstone1000: Fix secure boot script path
- Use the correct `${WORKSPACE}` script path without the stray `./` prefix.

This avoids an invalid command path.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-05-01 10:00:03 -04:00
Michael Safwat eb9b2afff9 arm-bsp/u-boot: corstone1000: disable EFI debug support
Add a U-Boot patch to disable CONFIG_EFI_DEBUG_SUPPORT in the
Corstone1000 defconfigs.

EFI debug support is now enabled by default and changes the EFI memory
layout. On Corstone1000 this can cause a boot failure after
ExitBootServices(), reproduced on the Cortex-A320 FVP path with MTE
enabled.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-27 09:00:03 -04:00
Michael Safwat 325134ea69 arm-bsp/u-boot: fix Corstone1000 FVP detection in patch set
Update the Corstone1000 U-Boot patches to detect FVP platforms
by matching "fvp" in the device tree name instead of relying on
the exact arm/corstone1000-fvp string.

This fixes FVP-specific handling for Corstone1000 variants,
including capsule image selection and virtio setup.

Also restore CONFIG_BOARD_LATE_INIT in the Corstone1000
defconfigs, since the virtio probing runs from
board_late_init() and would otherwise never execute.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-27 09:00:03 -04:00
Frazer Carsley 78354ba272 arm-bsp/trusted-firmware-m:cs1k: Use new GPT duplicate functionality
Uses the new GPT duplicate operation during a firmware update. This also
adds flash erase protections so that the operation is not too slow and
erasing flash multiple times redundantly.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-24 12:00:05 -04:00
Frazer Carsley 1eaa431ff3 arm-bsp/trusted-firmware-m:cs1k: Add extra GPT library operations
These patches add functionality to duplicate GPT partition entries. This
combines a "create-write" into a single step, letting the GPT library
handle it, useful for the Corstone1000 firmware update process.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-24 12:00:05 -04:00
Frazer Carsley 9af92ed09e arm-bsp/trusted-firmware-m:cs1k: Add fixes for GPT library
These patches backport bug fixes for the GPT library in TF-M.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-24 12:00:05 -04:00
Gyorgy Szing 4526637250 scripts/runfvp: fix exception handling
Returning from the finally block at the end of the start_fvp() function
is discarding exceptions. Since start_fvp() is near to the top off the
call tree, this hides uncaught exceptions thrown by most of the code,
which makes detecting and debugging issues hard.

This is resolved by removing the return statement from the finally
block, allowing exceptions to propagate normally.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-23 12:00:04 -04:00
Gyorgy Szing 9aedfffcfc scripts/runfvp: add Screen support
Add support for Screen the GNU terminal multiplexer. The -t/--terminal
option now accepts "screen" as a terminal type. When selected, the tool
must be run from within an existing Screen session, and each FVP
terminal is opened in a new Screen window.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-23 12:00:04 -04:00
Gyorgy Szing 2b0fbab119 scripts/runfvp: check available terminal types
Improve usability by detecting which terminal types are available on the
system.

Extend the terminal abstraction to support checking whether a terminal
can be executed, and add basic validation for all terminal types. Update
the documentation to reflect the new behavior.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-23 12:00:04 -04:00
Frazer Carsley 9d1070b435 arm-bsp/packagegroup-core-boot:cs1k: Remove GRUB from initramfs
The initramfs for Corstone1000 is based on core-image-minimal, which has
GRUB included as a package. Corstone1000 uses U-Boot's efiloader to load
the initramfs and kernel and therefore does not require GRUB for boot.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-23 10:00:03 -04:00
Roger Knecht 8eb10af809 scripts/runfvp: fix silent failure when FVP is missing
Print an error message if the FVP binary cannot be found, instead of
failing silently.

Signed-off-by: Roger Knecht <roger.knecht@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-16 04:00:03 -04:00
Kevin Hao 6e1cea024a arm/generate_capsule_json_multiple: Fix --selected_components default behavior
When --selected_components is not specified, the script should include
all components as documented in the help text. However, the current
implementation skips all components when the parameter is empty,
resulting in an error.

Fix the filtering logic to only apply when --selected_components is
explicitly provided with values.

Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-16 03:00:06 -04:00
Ross Burton 3b7f4ccf38 CI: remove meta-virtualization references
Now that Xen has been removed, clean up the remaining references to
the meta-virtualization layer.

This was done as a separate commit to make reverting easier in the
future in case we need to add back meta-virtualization for some other
builds.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-15 18:00:02 -04:00
Ross Burton 5ad64ce756 CI: remove Xen jobs
We originally added Xen builds to our CI to exercise Xen on Arm. Now
that the Yocto autobuilder has jobs that test Xen on qemuarm/qemuarm64
we no longer need the builds in meta-arm as they don't provide any more
coverage.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-15 18:00:02 -04:00
Michael Safwat 01abd473bc arm-bsp/docs: corstone1000: Drop A320 reboot workaround note
Remove the user-guide warning and rebuild steps for the
disable_module_autoloading workaround on Corstone-1000 with Cortex-A320.

With the NPU reset issue fixed, this workaround is no longer
needed.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-14 08:00:03 -04:00
Michael Safwat 2318956135 arm-bsp/trusted-firmware-m: corstone1000: Drive NPU reset via ext sys ctrl
- Derive host base addresses from offsets and add ext sys reset bitfields
- Deassert CPUWAIT with a bitmask
- Enable ext sys boot handling for Corstone1000 with Cortex-A320
- Add the new downstream TF‑M patches to the recipe

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-14 08:00:03 -04:00
Jose Quaresma d987a59458 wic: move to files/wic
Signed-off-by: Jose Quaresma <jose.quaresma@oss.qualcomm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-08 14:00:06 -04:00
Alex Chapman 7d5317afc1 arm-bsp/docs:corstone1000: Update systemready-patch refs
- Replace `systemready-patch` with `iot-platform-assets` in the guide.
- Update the Corstone-1000 asset paths and U85 kas command examples.

Align the user guide with the renamed asset repository, avoiding
stale commands and broken paths.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-07 10:00:04 -04:00
Jon Mason cab9d2db3f arm-bsp/edk2-firmware: remove 202408
Nothing in meta-arm-bsp is using this version anymore.  Drop it and the
related patches.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-07 08:58:11 -04:00
Jon Mason 116c26c803 arm-bsp/sbsa-ref: workaround CPU topology warning
To workaround the CPU topology issue with edk2-firmware, we can specify
the number of processors being used, which seems to setup the CPU
topology mask correctly (and thus no errors).  With this addressed, we
can use the latest edk2 firmware, which allows us to use the latest TF-A
version.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-07 08:58:11 -04:00
Jon Mason ed7a9378e1 arm-bsp: remove rdv1
rdv1 has been EOLed, and requires keeping around some recipes because
of its removal.  Also, the FVP is x86 only, thus limiting CI.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-06 12:00:11 -04:00
Jon Mason 4257c9856e arm-bsp: remove sgi575
sgi575 has been EOLed, and requires keeping around some recipes because
of its removal.  Also, the FVP is x86 only, thus limiting CI.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-04-06 12:00:11 -04:00
Jon Mason efbc6b618e arm-bsp/rdv2: add support
Add support for Neoverse Reference Design version 2

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Jon Mason 6dfff7d39a arm-bsp/rdn2: add support
Add support for Neoverse Reference Design N2
Use the rdinfra sources to get it booting

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Jon Mason 9003bdc6ae arm-bsp/rdv1: add support
Add support for Neoverse Reference Design version 1

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Jon Mason 166d6d7942 arm/fvps: rename rdv3-r1
Rename rdv3-r1 to be more consistent with other machines and match
documentation/website.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Jon Mason 45f2311d32 Revert "arm/execstack: remove, no longer needed"
Some of the soon-to-be-added FVPs have the execute issue still.  So,
re-add this until it can be resolved.  Also, address S issue that
changed upstream between the original removal and now.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Jon Mason ae3532c239 CI: use core-image-base for faster boot
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-31 10:00:05 -04:00
Michael Safwat f081128883 arm-bsp/docs: corstone1000: switch Ethos-U85 test flow to test_teflon
Update the Corstone-1000 user guide to reflect the current Ethos-U85
test and workaround flow.

As the Corstone-1000 software stack moves to the in-tree ethosu
driver, switch the Ethos-U85 test instructions from delegate_runner to
Mesa's test_teflon application. Also update the guide to use the
renamed ethos-u85-test kas fragment and to apply the Mesa patch needed
to package test_teflon into the image.

Also replace the disable_module_autoloading kas fragment in the A320
workaround instructions with the disable-ethosu patch, to align with
the workaround flow used in systemready-patch.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Michael Safwat 41fbac9b61 arm-bsp/docs: corstone1000: document Cortex-A320 SMP support
Corstone-1000 with Cortex-A320 FVP now supports SMP, so update the
documentation to reflect the current status.

Update the user guide to state that SMP is supported on Corstone-1000 with
Cortex-A35 FVP and on Corstone-1000 with Cortex-A320 FVP.
Add the Cortex-A320 multicore build and run commands.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Michael Safwat 6df28b9cd9 arm-bsp/corstone1000-a320: Drop meta-ethos dependency
Corstone1000 with Cortex A320 now uses the in-tree ethosu driver, so the
external meta-ethos layer (and its meta-sca dependency) is no longer needed.

Remove meta-ethos and meta-sca from the Corstone-1000 A320 kas
config, drop the layer dependency on meta-ethos, and stop
installing arm-npu-ethosu. Update the Corstone-1000
change log to reflect the removed layers.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Michael Safwat 2c81c14c5b arm-bsp/u-boot: cs1k: Align Ethos-U85 DT with in-tree driver
Align the Corstone1000 Ethos-U85 device tree to match the upstream
bindings used by the in-tree Ethos-U DRM accel driver.

- Rework the Corstone1000 U-Boot patch to replace the legacy arm,ethosu-direct
  node with an upstream-style Ethos-U85 node (arm,ethos-u85), add the
  required clocks/clock-names, and switch the SRAM description to
  mmio-sram.

- Drop meta-ethos specific properties (reserved-memory/dma-ranges,
/region-cfgs/mem-config) from the U-Boot DT.

- Enable required kernel options for the in-tree driver and SRAM provider:
  - CONFIG_SRAM
  - CONFIG_DRM
  - CONFIG_DRM_ACCEL
  - CONFIG_DRM_ACCEL_ARM_ETHOSU

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Michael Safwat c2258d460f arm-bsp/corstone1000: Add linux-yocto 6.19 kernel recipe
linux-yocto does not currently ship a 6.19 recipe, so add a
meta-arm-bsp linux-yocto_6.19.bb that tracks linux-yocto-dev v6.19/base.

Pin SRCREV_machine to fixed revision to keep builds reproducible.

Update Corstone-1000 to prefer linux-yocto 6.19 and align
the user guide pointers accordingly.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Frazer Carsley 4414e4d2a0 arm-bsp/u-boot:cs1k: Split Cortex-a320 device tree
The U-Boot maintainers rejected the previous patch [1] for two primary
reasons:

1. The Cortex-A320 changes should be considered a separate platform
2. The NPU node bindings do not match those in the Linux kernel

The former is handled by this commit. The latter point has not been
resolved, hence marking the newly added patch as Inappropriate. This is
simply the first step in resolving the comments.

[1] https://lore.kernel.org/all/20251127154752.589691-1-frazer.carsley@arm.com

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Frazer Carsley 73cde0a9ec arm-bsp/u-boot:cs1k: Rework CONFIG_OF_UPSTREAM patch
Rework the patch that enables the OF_UPSTREAM config option to split
off the extra device tree nodes into their own dtsi files, making it
easier to combine them in different ways. The rest of the patches have
changed only so that they can be applied cleanly.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-30 07:00:04 -04:00
Frazer Carsley 1778b36d66 arm-bsp/tf-m:cs1k: modified mcuboot to use GPT library
Corstone1000 used to use its own implementation of a GPT parser for use
in a capsule update. The patches in this commit replace what exists with
the generic GPT library, as well as other minor self-explanatory fixes.
The wic file has undergone two changes as a result of this:

1. The partition type GUID of each of the four partitions that can be
   updated by a capsule update must match the GUID of each capsule. This
   allows for the existing partition to be matched with its updated
   image. Different machines (e.g. MPS3 vs FVP) have different GUIDs for
   these images hence the need for separate files.
2. The second bank has been removed from provisioning. Because the
   library supports dynamic creation of partitions, the second bank no
   longer needs to be provisioned at build time. However, a small
   reserved partition is still created above the 32KiB mark to force
   wic to size the disk as 64KiB and write this into the GPT header
   for the library to read on initialisation.

Finally, the size of bl1_1 is reduced by one of the patches in this
commit, so this is also reflected in the recipe.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:54:02 -04:00
Frazer Carsley 5fc4c29db9 arm-bsp/tf-m:cs1k: Add GPT library
The patches added in this commit add a generic GPT library for use in
flash devices. Corstone1000 could use these to manage partitions during
a firmware update.

The patches are all backports from trusted-firmware-m (TF-M) main
branch and can be removed if Corstone1000 upgrades when the next version
of TF-M is released.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:54:02 -04:00
Jon Mason 7b687574a1 arm/optee: add UPSTREAM_CHECK_COMMITS for git recipes
Seeing UNKNOWN_BROKEN in the OP-TEE git recipes.  Add
UPSTREAM_CHECK_COMMITS to address this issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:46:36 -04:00
Jon Mason eb14d855e9 arm/scp-firmware: add git recipe
Split off the main portion of the SCP firmware recipe into an include
file and create a git versioned recipe.  This allows for building and
testing the latest sources.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:46:36 -04:00
Jon Mason 0d6405b268 arm/fvps: update to newer versions
New versions of the FVPs have been released.  Update the recipes to use
them.  License SHA changes caused by 3rd party software versions used
being modified and white space changes.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:46:36 -04:00
Jon Mason e9b1f3bbbd arm/fvp-base-a-aem: update to 11.31.28
Massive layout changes inside the FVP tarball.  The files are not
located in *_FVP anymore, including the license files, which were in 2
locations in previous releases.  The tarball changed from
Linux64/Linux64_armv8l to Linux_x86/Linux_armv8.  It hchanged extention
from tgz to tar.gz

Also, adding skip of dev-so, due to libstdc++.so and libsystemc.so being
symlinks and fvps being a binary.

NOTE: the license file changes are due to version bumps for sdl, ffmpeg,
libvpx, and python.  The license changes in the managements utilities
was version changes in clang and golang, and removal of wxWidgets,
libstdc++-6.dll, libgcc_s_seh-1.dll, and libwinpthread-1.dll

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:46:26 -04:00
Alex Chapman 37d31f41a8 arm-bsp/trusted-firmware-m: corstone1000: Remove FVP requirement for TF-M multicore
To improve portability, testing coverage, and future platform enablement.

- Replace FVP-only multicore checks with platform-generic checks.
- Add the corresponding TF-M patch to the Corstone-1000 recipe.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-19 10:07:30 -04:00
Alex Chapman 79cea5a02a arm-bsp/trusted-firmware-a: corstone1000: Remove FVP requirement for TF-A multicore
To improve portability, testing coverage, and future platform enablement.

- Replace FVP-only multicore guards with platform-generic guards.
- Add the corresponding TF-A patch to the Corstone-1000 recipe.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-19 10:07:26 -04:00
Alex Chapman 4eb08a8541 arm-bsp: corstone1000: Make multicore configuration platform-agnostic
To improve portability, testing coverage, and future platform enablement.

- Gate multicore on `MACHINE_FEATURES += "corstone1000_smp"`.
- Change recipe overrides from `:corstone1000-fvp` to `:corstone1000`.
- Update the Corstone-1000 multicore kas/doc references.

Signed-off-by: Alex Chapman <alex.chapman@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-19 10:07:22 -04:00
Igor Opaniuk 990f2fa7e8 arm/edk2-basetools-native: build C host tools (GenFfs, GenFv)
The recipe previously only copied the Python BaseTools into the native
sysroot, which was sufficient for capsule signing but not for Firmware
Volume (FV) creation. Downstream recipes that build UEFI capsule
update images for embedded platforms need GenFfs and GenFv to assemble
FV images - a key component of the UEFI Capsule Update format used for
system firmware updates.

Add the brotli submodule source (build-time dependency of both tools),
build the C BaseTools (Common, BrotliCompress, GenFfs, GenFv) and
install the binaries into ${bindir} together with GenerateCapsule.py
and the Common Python library so that capsule-generating recipes can
consume them from the native sysroot.

Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-19 05:00:04 -04:00
Ross Burton 930a65579d layer.conf: update compatibility to wrynose
The oe-core master branch just switched from whinlatter to wrynose[1] so
follow this change in our layers.

[1] oe-core cd1179544d7 ("layer.conf: Update to wrynose")

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-03-18 11:11:28 +00:00
Michael Safwat f4118f9b86 arm-bsp/trusted-firmware-m: corstone1000: Add AO lock write barrier
Add the corstone1000 patch that inserts a compiler barrier before the
first HOST_AO_LOCK_BITS write in CC_LibInit().

On corstone1000-mps3 with GCC 15.x, TF-M can HardFault on that first
AO lock register update. Adding the barrier avoids the fault.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-16 15:00:04 -04:00
Ross Burton 3afd7461b1 arm-bsp/edk2-firmware: fix build on newer hosts
Compiles of edk2-firmware with GCC 15 on the host will fail:

main.c: In function ‘ProcessArgs’:
| main.c:163:42: error: too many arguments to function ‘p->process’; expected 0, have 2
|   163 |                                         (*p->process)( *argv, *(argv+1) );
|       |                                         ~^~~~~~~~~~~~  ~~~~~

We actually already had the fix for this, but were doing SRC_URI +=
_before_ the include file did SRC_URI =, so the patch was never applied.

Move the require to the top of the recipe so this ordering problem does
not happen, and fix the line-endings in the patch that never got applied.

[ YOCTO #16116 ]

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-13 13:47:13 -04:00
Ross Burton df572b4d53 CI: allow hashserver to be specified in environment
If the sstate is being mounted into the container then the hashserver
also needs to be shared, and not stored inside the build tree. Mark
BB_HASHSERVE as being set via an environment variable so the GitLab
runner environment can set the correct location.

This fixes a long-standing problem causing substandard reuse, which now
is detected and causes a warning in oe-core[1].

[1] oe-core 491de0db64a ("sanity.bbclass: warn when sstate is outside of
    build dir, but hash equiv database is inside it")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-13 10:00:05 -04:00
Ross Burton 2f6824ddca CI: remove last traces of TOOLCHAIN_DIR
When the binary toolchain support was removed[1] we no longer used this
variable, but a few instances of it was left behind.

[1] meta-arm 03af0c72f1 ("arm-toolchain: remove external-arm-toolchain")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-13 10:00:05 -04:00
Jon Mason 6182cec88c arm/qemuarm64-secureboot: get edk2 and trusted-firmware a working
Do the changes necessary to get qemuarm64-secureboot to work with edk2
firmware, and add it to CI.  The CI changes needed to make it dynamic
based on edk2.yml or u-boot.yml required moving the relevant parts into
inc files.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-11 09:00:05 -04:00
Jon Mason 53ccc1ba35 arm/qemuarm64: fix edk2 and test it
edk2 has been broken on qemuarm64 for an unknown amount of time.  Add it
to CI to prevent this from happening (until edk2 works on
qemuarm64-secureboot).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-11 09:00:05 -04:00
Jon Mason 65c98dfef3 arm-bsp/sbsa-ref: fix qemu warning
Make the relevant correction for the following warning in qemu:
	warning: short-form boolean option 'readonly' deprecated
	Please use readonly=on instead

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-11 09:00:05 -04:00
Jon Mason 0e7aa859f5 arm-bsp/trusted-firmware-a: remove unnecessary FILESEXTRAPATHS
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-11 09:00:05 -04:00
Jon Mason 7f7b065c61 CI/uefi-secureboot: remove duplicate entry
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-11 09:00:05 -04:00
Ross Burton a4a555ef93 arm/fvp-corstone-1000-a320: trim Python install instead of using INSANE_SKIP
The INSANE_SKIPs were not sufficient because the chrpath code used in
nativesdk builds still warns, so instead of hiding the warnings fix them
instead: remove the pointless RPATHs in the embedded Python libaries,
and delete the static libraries.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-03-10 12:55:45 +00:00
Ross Burton 8c6b5e4114 arm/trusted-services: upgrade in-tree nanopb
Trusted Services uses nanopb 0.4.8 but this imports pkg_resources from
setuptools, which has been deprecated since 2023[1] and was finally
removed in setuptools 82.

This was fixed in nanopb some time ago[2] so upgrade the recipe from
nanopb 0.48 to 0.49.1.

[1] https://setuptools.pypa.io/en/latest/deprecated/pkg_resources.html
[2] https://github.com/nanopb/nanopb/commit/7961a939ebeeb27631c6def44f3452522264c64b

Signed-off-by: Ross Burton <ross.burton@arm.com>
2026-03-10 12:55:45 +00:00
Gyorgy Szing 8a5b2d5ed2 arm/trusted-services: update documentation
Change the layout to enhance readability and add TS fTPM related
information.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-04 04:00:05 -05:00
Gabor Toth 315d4e139e arm/trusted-services: Enable tpm2-tool self tests
Enable execution of the tpm2-tools self-test against the Trusted
Services fTPM SP. The test is integrated into OEQA but is disabled by
default due to its long execution time (over three hours on fvp-base)
and inconsistent results. While individual tests pass when run in
isolation, running the full suite results in failures. Despite this,
it remains the most comprehensive verification currently available.
Testing can be enabled by setting the RUN_TPM2_TESTS variable.

Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szint@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-04 04:00:05 -05:00
Gabor Toth 7601b7e0db arm/trusted-services: Enable the fTPM SP
Trusted Services has introduced a Firmware TPM (fTPM) secure partition.
This change enables building and deploying the fTPM SP through meta-arm.

The secure partition is based on the TPM2 reference implementation,
msp-tpm20-ref, which has been patched to use MbedTLS as its
crypto backend and psa-its for non-volatile storage.

Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-04 04:00:05 -05:00
Gyorgy Szing 4e94b90c1c arm-bsp/corstone1000: Rebase TS patches.
Remove patches merged upstream and rebase remaining patches.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-04 04:00:05 -05:00
Gyorgy Szing 0646047f39 arm/trusted-services: Update to v1.3.0
Update to latest TS release.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-04 04:00:05 -05:00
Ross Burton 2027a7a0da arm/python3-pydevicetree: don't install non-namespaced tests
The wheel includes the tests which are in a non-namespaced module, and
will then conflict with other recipes (such as python3-cryptography) that
also install non-namespaced tests.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-03 09:00:03 -05:00
Jan Kiszka 1eec18f88c optee-client: Make include reusable outside of meta-arm
Set FILESEXTRAPATHS so that artifacts that meta-arm injects can still be
found when using the include from a different layer.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-02 14:00:05 -05:00
Jon Mason dcc34c19fe CI: add LTS versions for testing
Add a CI test for the LTS versions of recipes currently supported.
Use fvp-base, since that provides good coverage and is being used for
the latest version testing.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-02 12:00:07 -05:00
Jon Mason b5207f77a6 arm/trusted-firmware-a: update LTSes
Update the TF-A recipes to the latest stables/LTS versions.  Not all of
the versions updated the version of mbedtls being used (and even the
updates didn't update to the latest stable version of mbedtls).  We're
using the mbedtls version specified in
docs/getting_started/prerequisites.rst, not the latest available.

Also, update the related fiptools and tf-a-tests (which don't map to the
same releases, but were all verified to be at the latest versions).
No real change in cot-dt2c code, but updating the SHA to the latest.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-02 12:00:07 -05:00
Clement Faure 46e0a21bdb arm/classes: fix quilt-native dependency
quilt-native is required by do_apply_local_src_patches task.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-02 12:00:05 -05:00
Jon Mason b00fe8862b arm/trusted-firmware-m: workarounds for new(er) toolchains
GCC 15 (and GCC 14, and probably others) are finding new problems in
trusted-firmware m, and these cannot simply be ignored (as they are
fatal build errors).  Clear the ld security flags to get around those
issues, backport a couple of patches for fixes that have been addressed
upstream, and create a patch to work around some casting issues in
functions that are removed in newer versions of the code.  This
refactoring caused some minor clean up of existing corstone1000 tfm
patches.

Also, use size based optimization for corstone1000.  With this, the bl1
is too big to fit into flash.  The correct way to solve this would be to
remove TFA_DEBUG, but that causes a rabbit hole of problems related to
heap being enabled or not.  This works around the issue until it can be
resolved properly.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-27 12:00:02 -05:00
Jon Mason 40d015d780 arm/edk2-firmware: Update to 202602
Update edk2, edk2-platforms, and sbsa-acs to the latest versions/SHAs.
A bleeding edge patch from upstream is needed to correct a build race in
antlr, and the latest SHA for edk2-platforms is needed to work around
some compilation issues with ENABLE_TPM in fvp-base.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-27 11:56:17 -05:00
Jon Mason c0416d7426 arm-toolchains: Update to 15.2
Update the pre-build Arm GNU toolchain to 15.2 (from 13.3)

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-27 11:53:07 -05:00
Ross Burton 3c92c9950f CI: don't testimage core-image-initramfs-boot
A recent change to image dependencies in oe-core master[1] means that
TESTIMAGE_AUTO tries to test more images than before.

Explicitly reset TESTIMAGE_AUTO for core-image-initramfs-boot so that it
doesn't try to testimage an initramfs.

[1] oe-core b75c21fb950 ("image_types_wic.bbclass: add depend on initramfs")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-27 09:00:06 -05:00
Arthur Cassegrain be64772664 arm/trusted-services: clone dependencies under ts source tree
Clone all trusted-services dependencies into the TS source tree under
ts-external/ instead of ${UNPACKDIR}

This alignes the layout with devtool git-submodule handling.

NOTICE: we can't clone in external as TS already contains files there
and it would conflict.

Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-26 06:00:04 -05:00
Arthur Cassegrain d5b265ecfd arm-bsp/trusted-firmware-m: fix psa-adac patch paths for corstone1000
Update the corstone1000 variant to apply its psa-adac patches
against the new external/ directory.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-26 06:00:04 -05:00
Clement Faure f0cd8c56d2 arm/trusted-firmware-m: clone dependencies under tfm source tree
Clone all trusted-firmware-m dependencies into the tfm source
tree under external/ instead of ${UNPACKDIR}.

This aligns the layout with devtool git-submodule handling,
ensuring the recipe sees a consistent source tree at build time
and allowing dependencies to be patched via devtool in the same
way as the main tf-m repository.

(reworked to avoid use internal variables for checkout)
to clone tf-m dependencies use hardcoded path for reproductibility
and avoid using BB_GIT_DEFAULT_DESTSUFFIX which may depend on
yocto version.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Arthur Cassegrain <arthur.cassegrain@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-26 06:00:04 -05:00
Jon Mason 1aed815677 CI/musca-b1: use LTS tf-m
We currently don't have coverage for trusted-firmware-m 2.1.x, which is
the LTS.  Since musca-b1 and musca-s1 are essentially the same, use b1
for the LTS coverage.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-23 09:00:04 -05:00
Jon Mason 907645a0fc arm*/layer.conf: drop walnascar
walnascar compatibility isn't tested and isn't supported with whinlatter
or later, drop it.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-23 09:00:04 -05:00
Jon Mason 1e3d3f8b38 arm-bsp/sgi575: change target image for CI
For some reason, sgi575 won't boot to shell with
core-image-full-cmdline, but it will with other images.  Since we're
going to drop this machine soon (as it has been EOL'ed), modify the
image type for CI to core-image-base (As that one appears to boot
faster).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-23 09:00:04 -05:00
Hugues KAMBA MPIANA 8ef2258ec7 arm-bsp/linux-yocto: corstone1000: Update to v6.18
* Set Linux kernel preferred version for Corstone-1000 to 6.18
* Update Corstone-1000 user guide.
* Recent kernel versions removed the deprecated CONFIG_LIBCRC32C
  Kconfig symbol as part of the CRC library cleanup.
  Replace CONFIG_LIBCRC32C with CONFIG_CRC32, which provides the
  generic CRC32/CRC32C library support used by in-kernel consumers.
* The ext3 driver was removed historically and ext4 carries
  compatibility for ext3 on-disk format.
* Amend External System patch to adhere to Kernel v6.18 RemoteProc
  API.
* Add #address-cells and #size-cells parameters to ethosu dts node

No functional change intended.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-16 11:00:04 -05:00
Ross Burton ad92b47668 Remove meta-arm-systemready
meta-arm-systemready was intended to allow people writing BSPs to run
the SystemReady Architecture Compliance Suite[1] within the Yocto build
environment. However, whilst this seems like a good idea, there are
several problems:

- This layer only supports the IR band and v2 of the ACS. The ACS is now
  at v3 and the bands altered, so there is no value in running obsolete
  tests.

- Execution of the tests takes a long time, we have integration to run
  the tests on a virtual fvp-base machine but execution takes many tens
  of hours (our CI times out after 12, on a high-performance worker).
  Running the tests in CI, and in particular inside BitBake, isn't
  obviously the right thing to do.

- Execution on the tests on real hardware is not trivial, as testimage
  has virtual targets as a primary usecase. It is unclear if anyone has
  managed to use this layer on physical hardware.

Because of these issues, remove the layer. There are better integration
points for automated ACS testing, and this integration is obsolete.

[1] https://github.com/ARM-software/arm-systemready

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-12 08:00:04 -05:00
Jon Mason 98b105ce06 arm/fvps: reorganize CI into segments
The downloads page for FVPs is broken down into sub-pages for each
"Ecosystem".  Organize this file to match that.  Also, rename fvp-v3-r1
to "rd" to make more obvious what this refers to.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-11 11:00:04 -05:00
Jon Mason d8c879b9e3 arm/corstone1000-a320: split off FVP into a unique file and add to CI
The corstone1000-a320 FVP is a unique download and should be treated as
such in our CI.  Split the relevant parts off, add it to the fvps.yml
file, workaround the staticdev and useless-rpath errors that were
present in the FVP tarball, and the correct depends in the machine
config file.

Also, add this machine to the CI so that any issues can be found with
this unique configuration.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-11 11:00:04 -05:00
Jon Mason 832ce9bca3 CI/fvp: made the default target core-image-full-cmdline
No need to have the full graphics stack for FVP images.  Slim the image
down by default.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-11 11:00:04 -05:00
Filipe Rinaldi f87babe3f8 lib/fvp: remove FVP buit-in portion of the terminal name
This patch ignores the built-in FVP UART name when setting the terminal
names on tmux.
The rationale is that appending FVP UART name takes a lot of space
making it unusable on complex platforms with many terminals.

Signed-off-by: Filipe Rinaldi <filipe.rinaldi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-11 08:00:03 -05:00
Frazer Carsley 8c8e2a5dbb arm-bsp/u-boot: Remove v2025.04 recipe
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-10 15:42:51 -05:00
Frazer Carsley 7ab5353f1c arm-bsp/u-boot:cs1k: Remove broken patch
The removed patch file breaks the U-Boot efi_selftest utility and has
been denied by upstream in any event. All subsequent patches renumbered.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-10 15:42:51 -05:00
Frazer Carsley 0a8d300b52 arm-bsp/u-boot:cs1k: Upgrade to v2025.10
All patches have been rebased onto the v2025.10 release branch, with the
changes primarily being updating of offsets and surrounding code in each
hunk.

One minor change between v2024.04 and v2025.10 is that a
CONFIG_BOARD_INIT option was added and must be enabled in order to link
in the `board_init()` symbol. As such, the firmware update patch adding
`board_init()` has been modified to enable this option as well.

The patch that enabled OF_UPSTREAM has been modified slightly in order
to incorporate upstream changes between versions: the SMP changes to the
Corstone1000 FVP device tree were incorporated into the Linux kernel so
are no longer needed in the U-Boot specific device tree. As such, the
patch adding A320 support adds these CPU nodes in order to override them
where appropriate.

In the process, signatures are removed from each patch.

Beyond this, the directory in which U-Boot searches for the EFI capsule
CRT file changed from object tree to source tree, so the recipe is
updated to reflect that.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-10 15:42:51 -05:00
Jon Mason 50f14fa9bd arm-bsp/fvp-base: add MMC and 9P to kernel config
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-10 15:42:51 -05:00
Jan Luebbe fbb2c0f772 arm/arm-bsp: optee-examples: drop patch included in 4.9.0
This fixes a build error due to:
 patching file Makefile
 Hunk #1 FAILED at 12.
 1 out of 1 hunk FAILED -- rejects in file Makefile
 Patch 0001-Makefile-Avoid-variable-override.patch can be reverse-applied

Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-06 14:00:04 -05:00
Ross Burton 320301be3d arm-bsp/external-system: remove redundant DEBUG_PREFIX_MAP fiddling
We have a newer gcc-arm-none-eabi now, so this can be removed.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-06 10:00:04 -05:00
Hugues KAMBA MPIANA be599f9523 arm-bsp: corstone1000: Swap GIC-600 for GIC-700 for Cortex-A320 variant
Make changes across U-Boot, and OP-TEE OS to swap
the GIC-600 for GIC-700 as the latest version of the FVP
swaps the GIC.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-02-04 06:00:06 -05:00
Hugues KAMBA MPIANA 38d2046583 arm/arm-bsp: optee: drop version 4.7.0
Drop support for OP-TEE version 4.7.0 from the layer as
version 4.9.0 is present.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-27 14:30:50 -05:00
Hugues KAMBA MPIANA 955cd40e15 arm-bsp/corstone1000: move to support OP-TEE version 4.9
Bump Corstone-1000 machine OP-TEE version from 4.7.0
to version 4.9.0.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-27 14:30:50 -05:00
Hugues KAMBA MPIANA 4981dca139 arm/arm-bsp: optee: add version 4.9.0
OP-TEE version 4.9.0 has been released on 2026-01-16 [1].

Add OP-TEE recipes to point to version 4.9.0

Link: [1]: https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md#op-tee---version-490-2026-01-16

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Tested-by: Quentin Schulz <quentin.schulz@cherry.de> # xtest on PX30, RK3399, RK3588
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-27 14:30:50 -05:00
Michael Safwat d9eac47e30 arm-bsp/docs:corstone1000: Update copyright and host tool versions
Update Corstone-1000 documentation to reflect 2026 copyright and
current supported host environment.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-23 08:00:04 -05:00
Ross Burton c3c97a6b8f arm-bsp/trusted-firmware-a: ensure native tools respect BUILD_LDFLAGS
TF-A has a number for variables to control how host binaries are built:

- Our BUILD_CC is HOSTCC; this is set in the recipes
- Our BUILD_CFLAGS is HOSTCCFLAGS; this is not set
- Our BUILD_LDFLAGS has no corresponding variable

However when uninative is enabled we really need to pass BUILD_LDFLAGS
as otherwise there can be link problems:

  ld: libcrypto.so: undefined reference to `__isoc23_strtol@GLIBC_2.38'

Patch into the TF-A makefiles support for HOSTLDFLAGS and ensure that we
set all three of the relevant BUILD_ variables.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-22 13:00:04 -05:00
Hugues KAMBA MPIANA de6e6fe7d5 arm-bsp/docs:corstone1000: Update copyright notice
Update the copyright notice year.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-20 15:40:32 -05:00
Jon Mason 755287ed33 arm-bsp/u-boot: remove upstreamed fvp-base patches
2 of the fvp-base specific u-boot patches were merged in the 2026.01
release.  Remove those, as they are no longer necessary.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-15 17:49:51 -05:00
Ross Burton f36c9add46 Revert "CI: work around xen failures until fixed upstream"
The kernel upgrades are now in oe-core, so we can drop this workaround.

This reverts commit 341a0fd976.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-15 17:00:04 -05:00
Ross Burton 6aef0d46a9 arm-bsp/linux-yocto: disable kconfig checking for sbsa-ref and sgi575
The linux-yocto kernel has strict configuration warnings enabled and this
often causes warning, for example with 6.18.3:

[INFO]: the following symbols were not found in the active configuration:
     - CONFIG_SND_SOC_ROCKCHIP
     - CONFIG_SLIM_QCOM_CTRL

For these machines we're using the upstream defconfig and not a config
file that we're maintaining, so fixing these problems upstream is slower
than one would like.

As we don't maintain the config, we can disable the checker for these
two machines. This is _not_ precedence for disabling the audit for any
machines where we're not simply using the upstream defconfig without any
changes.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-15 10:00:04 -05:00
Frazer Carsley 568b3622cd arm-bsp/conf:corstone1000: update bl1.bin path
The path changed when the trusted-firmware-m recipe began to inherit
firmware.bbclass.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-14 05:00:04 -05:00
Frazer Carsley 514061a36e arm-bsp/docs:corstone1000: update paths
The paths for these files has changed due to the change to the
trusted-firmware-m recipe now using the custom firmware.bbclass.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-14 05:00:04 -05:00
Frazer Carsley 604c7e9a4e arm/images: ensured consistent firmware deployment
For builds using multiconfig, all of the firmware binaries listed were
being placed in the ${DEPLOYDIR} directly without preserving their
directory hierarchy. This meant that paths to firmware binaries relative
to the ${DEPLOYDIR} differed between builds depending on whether
multiconfig was enabled or not.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-14 05:00:04 -05:00
Jon Mason f6c78d2770 arm/edk2-firmware: update to edk2-stable202511
Update edk2-firmware and edk2-basetools to the 202511 stable release.

Patches from upstream were needed to get it compiling with clang.

edk2 dropped support for 32bit arm and x86, see
https://edk2.groups.io/g/devel/topic/rfc_remove_ovmf_ia32_and/114152215
Therefore, we're dropping qemuarm edk2 testing and relevant bits

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-12 15:37:28 -05:00
Jon Mason a95040828c arm/trusted-firmware-a: add v2.14.0 support
Add support for v2.14.0, and update corstone1000 config and patches to
use it.  TF-A seems to have changed their poetry settings from POETRY to
host-poetry (when specifying an alternative location/disabling).  So, it
is necessary to modify that for all platforms using COT and v2.14.0

NOTE: sbsa-ref is having issues with fip.bin being too large.  So, set
the version to the LTS until that is resolved.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-12 15:37:18 -05:00
Ross Burton 341a0fd976 CI: work around xen failures until fixed upstream
In master, xen images fail to build as the xt-masquerade module is not
built by the kernel. This has been fixed in the linux-yocto 6.18.3
upgrade but that is not yet merged.

Until it is merged, we can temporarily update the kmeta in our CI.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-12 14:00:05 -05:00
Jon Mason 955b1d8e69 arm/boot-wrapper-aarch64: update to latest commit
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-10 12:00:04 -05:00
Jon Mason fbf30c96c3 arm/machine-summary: remove gn
gn was moved to oe-core.  So, we no longer need to track it as part of
the meta-arm CI machine-report

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-10 12:00:04 -05:00
Jon Mason 0d8f1d5fd0 arm/opencsd: update to 1.7.1
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-10 12:00:04 -05:00
Jon Mason 767839df35 arm/hafnium: update to 2.14.0
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-10 12:00:04 -05:00
Jon Mason ae8bf4970e arm/trusted-firmware-m: drop unreferenced patch
Forgot to remove this patch in the previous commit.  Removing now.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-10 12:00:04 -05:00
Hugues KAMBA MPIANA 9d3e85c7d8 docs:corstone1000: Update user guide
- Replace openSUSE Tumbleweed with openSUSE Leap.
- Ensure correct component versions are listed.
- Update changelog and release notes for C25Q4 release.
- Add Positive partial capsule update test.
- Improve user guide for consistency and clarity.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-08 15:00:05 -05:00
Devaraj Ranganna e8ffad9ef3 arm-bsp: corstone1000: Enable secure debug on TF-M v2.2.x
Allow TF-M v2.2.2 to boot with Secure Debug enabled on Corstone-1000 and
align the driver implementation with the current psa-adac library.

- Add missing DRBG macros to fix the
  "Failed to generate challenge!" error during Secure Debug.
- Fix an unintended platform reset occurring immediately after setting
  the debug enable bits in the dcu_en register while in SE LCS.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-07 09:00:04 -05:00
Ross Burton d908c2bc5f meta-arm-bsp/oeqa: ignore new PCI warnings
The PCI subsystem with 6.18 is now warning on boot:

   PCI: OF: of_root node is NULL, cannot create PCI host bridge node

Until this can be root-caused, ignore it.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-06 12:00:04 -05:00
Ross Burton 54d84b7900 meta-arm/oeqa: ignore initrd warning in qemuarm64-secureboot
With kernel 6.18 the kernel will now warn if it tries to run a command
from a ramdisk but it cannot be found[1]. This happens with the
qemuarm64-secureboot machine (but not qemuarm64) because u-boot appears
to be populating the devicetree with a ramdisk entry:

    loading kernel to address 40400000 size 1702a00
      1  qfw          ready   qfw          0  qfw
    ** Booting bootflow 'qfw' with qfw
    ## Flattened Device Tree blob at 7e659890
       Booting using the fdt blob at 0x7e659890
    Working FDT set to 7e659890
       Loading Ramdisk to 7bcfd000, end 7d3ffa00 ... OK
       Loading Device Tree to 000000007d621000, end 000000007d626534 ... OK
    Working FDT set to 7d621000

    Starting kernel ...

The kernel tries to mount and boot this ramdisk but fails because it
isn't a valid initrd or initramfs. The boot continues as usual, but this
warning in the logs triggers parselogs.

Until the boot flow is properly resolved, ignore the message.

[1] linux 98aa4d5d242d ("init/main.c: add warning when file specified in rdinit is inaccessible")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-06 12:00:04 -05:00
Bence Balogh 9f2a8ed5eb arm/trusted-firmware-a: Include *.dtb in package
The TF-A can install files with dtb extension. This is not handled in
the firmware.bbclass so append it here.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-19 11:00:04 -05:00
Peter Hoyes 30d4078278 arm/trusted-firmware-m: Use firmware.bbclass
Replace inherit deploy with firmware.

Initialize TFM_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
TFM_PLATFORM with FIRMWARE_PLATFORM.

Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration.

Refactor corstone1000 config files to use ${FIRMWARE_DIR} and the
base do_install.

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-16 12:48:34 -05:00
Peter Hoyes 02608a6cb1 arm/scp-firmware: Use firmware.bbclass
Replace inherit deploy with firmware.

Initialize SCP_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
SCP_PLATFORM using the FIRMWARE_PLATFORM variable.

Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration.

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-16 12:48:33 -05:00
Peter Hoyes 7bce36a2c6 arm/trusted-firmware-a: Use firmware.bbclass
Replace inherit deploy with firmware.

Initialize TFA_DEBUG using the FIRMWARE_DEBUG_BUILD variable. Initialize
TFA_PLATFORM with FIRMWARE_PLATFORM.

Refactor do_install to use ${FIRMWARE_DIR} and remove now redundant
configuration. Drop the redundant ${TFA_PLATFORM} suffixes.

Update BSP conf files to use the new deploy location, including
symlinking back to ${DEPLOYDIR} where necessary.

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-16 12:48:30 -05:00
Peter Hoyes fff0756d6e arm/classes-recipe: Introduce firmware.bbclass
There are now a handful of firmware component recipes in meta-arm, each
of which does its own (slightly different) deployment handling.

Introduce a bbclass to standardize this, with the aim of cleaning up the
DEPLOY_DIR_IMAGE. Crucially, each firmware component deploys into a
${PN} subdirectory of DEPLOY_DIR_IMAGE. This has a few advantages:

 * Many Arm components have the same or similar binary names (BL1, BL2
   etc). This ensures unique naming and avoids confusion.
 * Recipes can afford to be less picky about which binaries are deployed.
   This simplifies component recipes.
 * It is easier to deploy debug symbols in a common way to an expected
   location.
 * It keeps the DEPLOY_DIR_IMAGE clean in the face of ever-increasing
   firmware complexity.

The bbclass also provides a FIRMWARE_DEBUG_BUILD variable to control the
build type of the firmware in one place, defaulting to the global
DEBUG_BUILD. This should allow BSPs in meta-arm-bsp to more easily
provide a release build by default (by providing an easy switch for
development purposes when needed).

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-16 12:42:49 -05:00
Ryan Eatmon 55d3afbd12 arm/trusted-firmware-a: Add TFA_INSTALL_SUFFIX to install targets
There are times where we need to produce multiple versions of the
trusted-firmed binaries in a given build, but the names for the binaries
are hard-coded in the Makefile and do_install().

This patch adds a new variable, TFA_INSTALL_SUFFIX, that is added to
do_install() that can uniquely name the resulting binaries.  By default,
the suffix is empty so that default behavior is not changed.

Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-16 09:54:00 -05:00
Ross Burton 1589336148 arm/trusted-firmware-m: apply local patches in the git version
When the git version of this recipe was created, the application of local
patches was left out.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-15 14:00:04 -05:00
Jon Mason fd4fa45a08 arm/trusted-firmware-m: update 2.2.x to latest hotfix release
Update TF-M to the latest hotfix release and rebase the Corstone1000
patches, and drop
0008-Platform-Corstone1000-Increase-BL1-size-and-align-bi.patch
0009-Platform-CS1K-Adapt-ADAC-enabled-build-to-the-new-BL.patch
as they are in the TF-Mv2.2.2 release

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-15 10:00:04 -05:00
Jon Mason 6680b3b376 arm/trusted-firmware-m: update 2.1.x to latest hotfix release
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-15 10:00:04 -05:00
Jon Mason 1baab23041 arm-bsp: add git recipe versions
Add git recipe versions that track the latest git versions of u-boot and
the various OP-TEE recipes.  This, in combination with the previously
existing trusted firmware a and m recipes, allows for using the latest
code in platform development and testing (as part of CI).

For CI usage, a KAS yml file has been created to allow for those recipes
to be used, and an entry for fvp-base has been added to the gitlab CI
yml file.

NOTE: the wildcard for corstone1000 u-boot PREFERRED_VERSION was causing
it to pick-up the newest version (and failing to apply the patches).
The wildcard is unnecessary, since it is using a layer supplied package.
So, remove it and everyone is happy.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-10 12:00:04 -05:00
Jon Mason 4a1969f3e5 arm/trusted-firmware-a: update git recipe to v2.14-rc1
Update the TF-A git recipe to the latest tag.  The license SHA needed to
be updated due to adding of some memmap sources from mbed, which are
under the Apache 2.0 license, which is already present in the inc file.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-10 12:00:04 -05:00
Jon Mason 5f8dd8c3e7 arm-bsp/u-boot: update fvp-base patches
u-boot has accepted some of the fvp-base patches.  Take the upstream
versions and rebase the third patch to apply.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-10 12:00:04 -05:00
Hugues KAMBA MPIANA 3752c4e447 arm-bsp/docs:corstone1000: Add Corstone-1000 with Cortex-A320
- Document Corstone‑1000 platform architecture based on the Cortex‑A320 core
- Add test specification and guide for Corstone‑1000 with Cortex‑A320

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Frazer Carsley 7680400f78 arm-bsp/u-boot:corstone1000: Add Cortex-A320 suppport
Update Corstone-1000 U-Boot device tree for the Cortex-A320 variant
and enable GICv3/GIC-600, while keeping compatibility with the
existing GIC-400 setup. A single DT image now supports either
configuration via Kconfig guards.

**Device-tree updates (Cortex-A320)**

* Map Ethos-U85 NPU registers at `0x1A050000` (16 KiB) and its SRAM at
  `0x02400000` (2 MiB, no-map), plus a 32 MiB DDR carve-out for DMA.
* Add `/ethosu@1a050000` with interrupts, `dma-ranges`, `cs-region`,
  and `ethosu-mem-config` for driver probe.
* Guard the NPU node behind `CONFIG_ETHOS_U85`.
* Add a Cortex-A320 compatible string to the Corstone-1000 DTS
  downstream.

**GICv3/GIC-600 selection**

* Introduce `CONFIG_GIC_V3` to select the new interrupt controller.
* Add a full GICv3/GIC-600 node guarded by `#ifdef CONFIG_GIC_V3`.
* When GICv3 is enabled, set `cpu@1..3` `reg` to `0x100/0x200/0x300`
  (retain `0x1/0x2/0x3` for GIC-400).
* Update the Ethos-U85 interrupt to **SPI 16** to match the interrupt
  map.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Michael Safwat 4f82af2fa7 arm-bsp/tf-a:corstone1000: Add Cortex‑A320 support
Enable Trusted Firmware-A for Corstone-1000 platforms with Cortex-A320 and
switch the interrupt controller from GICv2/GIC-400 to GICv3/GIC-600.

**Platform/feature enablement**

* Map Ethos-U85 NPU registers (`0x1A050000`, 16 KiB) and its SRAM region
  (`0x02400000`, 4 MiB) into Normal World
  (`MT_DEVICE | MT_RW | MT_NS` / `MT_MEMORY | MT_RW | MT_NS`).
* Force Cortex-A320 feature selection: enable Armv9 features, disable
  Cortex-A35 errata, and select the `cortexa320` override in
  `trusted-firmware-a-corstone1000.inc`.
* Build TF-A-Tests with `CORSTONE1000_CORTEX_A320=1` to skip non-applicable
  FF-A, PSCI, and CPU-extension tests on Cortex-A320.

**GICv3/GIC-600 transition (A320 builds)**

* Update `plat_my_core_pos()` and `plat_arm_calc_core_pos()` to compute the
  linear core position using the Cortex-A320 MPIDR_EL1 affinity layout.
* Add an A320-specific core-position routine in assembly, guarded by
  `CORSTONE1000_CORTEX_A320`.
* Switch to the GICv3 driver with GIC-600 extensions:
  * Update platform GIC base addresses to the GIC-600 layout.
  * Use GICv3 APIs; set `USE_GIC_DRIVER=3`, `GICV3_SUPPORT_GIC600=1`,
    and `GIC_ENABLE_V4_EXTN=1`.
* Keep conditional GIC versioning so Cortex-A35 continues to use GICv2/GIC-400.

These changes ensure correct GIC configuration and reliable secondary-core
bring-up on Cortex-A320 while preserving existing Cortex-A35 behavior.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Harsimran Singh Tungal a51ff01b8f arm-bsp/tf-m:corstone1000: Add Cortex-A320 support
Enable full Corstone‑1000 Cortex‑A320 DSU‑120T platform support in TF‑M:

- Reserve a 4 MiB Host SRAM region at 0x0240_0000 for the
Cortex‑A320 normal world and open it in the CVM firewall
(region 2), gated by `CORSTONE1000_CORTEX_A320``.
- Introduce a DSU‑120T Power-Policy Unit driver plus a
`CORSTONE1000_DSU_120T` CMake option to power on the Cortex‑A320
host cluster with proper secure-enclave firewall and memory-map
setup.
- Add a CMake platform define that auto‑activates when the
`cortexa320` machine feature is present, injecting
DSU‑120T‑specific compile definitions.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Hugues KAMBA MPIANA 0faf5c4d37 arm-bsp/optee-os:corstone1000: Add Cortex-A320 support
Update the OP-TEE OS build logic to detect `MACHINE_FEATURES` and
append the appropriate `arm64-platform-cpuarch` value to
`EXTRA_OEMAKE`, instead of hard-coding `cortex-a35`.

This change ensures that when `MACHINE_FEATURES` includes
`cortexa320`, the OP-TEE build receives the matching `core-arch` flag,
while maintaining `cortex-a35` as the default.

The new Corstone-1000 variant with Cortex-A320 replaces the original
GIC-400 (v2) interrupt controller with a GIC-600, which is
architecturally compliant with GICv3. Since OP-TEE already provides
a generic GICv3 driver, only minimal platform changes are needed
to expose the updated register map and initialize the GICv3 interface.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Hugues KAMBA MPIANA b6b1a81f5e machine/corstone1000: Add Cortex‑A320 support
Enable the Corstone‑1000 Cortex‑A320 variant by:

- Introduce `machine/include/corstone1000-a320.inc` to configure the
  default Ethos‑U MAC count when `cortexa320` is in MACHINE_FEATURES,
  and allow override via `ETHOSU_NUM_MACS`.
- Add a KAS profile at `kas/corstone1000-a320.yml` for Cortex‑A320
  FVP-based builds.
- Extend corstone1000.inc to detect MACHINE_FEATURES (cortexa320) and
  pull in the matching tune-<core>.inc (default still Cortex-A35).
- Add the `meta-ethos` layer as a dependency of `meta-arm-bsp` for
  Cortex‑A320 builds and define a new KMachine override to pull in
  the Ethos‑U driver recipe.
- In `conf/machine/corstone1000-fvp.conf`, inspect `MACHINE_FEATURES`
  and set `FVP_EXE` to `FVP_Corstone-1000_with_Cortex-A320` when
  `cortexa320` is enabled, otherwise fall back to `FVP_Corstone-1000`.
- In `recipes-devtools/fvp/fvp-corstone1000.bb`, add a
  `SRC_URI:cortexa320` entry (with checksums) for the Cortex‑A320 FVP
  build archive.
- Disable the rootfs CPIO file compression so it is not compressed
  twice when bundled with the kernel

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-08 09:29:46 -05:00
Clement Faure 108053c964 arm/classes: add apply_local_src_patches task
When a recipe uses the externalsrc class, the do_patch task is
skipped entirely as specified in SRCTREECOVEREDTASKS.
Since do_apply_local_src_patches function is registered as a postfuncs,
it would never run in that specific case.

This cause recipes relying on do_apply_local_src_patches to miss the
local source patching when built from external source tree.

To address the issue, schedule a new task after the do_patch and before
the do_configure, ensuring the local patching executes regardless of
whether do_patch was skipped by externalsrc.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-12-01 04:00:05 -05:00
Ross Burton aff67cb5d7 arm/trusted-firmware-m: consolidate setting t_cose location
Whilst TF-M 2.1.1 doesn't use this, setting the variable doesn't have
any negative effects and consolidates the external module assignments.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-19 13:00:03 -05:00
Ross Burton 909d68f077 arm-bsp/trusted-firmware-m: use UNPACKDIR instead of S/../
This is slightly clearer.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-19 13:00:03 -05:00
Ross Burton 641c166389 arm/trusted-firmware-m: use UNPACKDIR instead of S/../
This is slightly clearer.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-19 13:00:03 -05:00
Ross Burton d6a9cfafb8 arm/trusted-firmware-m: remove now obsolete assignments
We now use Ninja to build TF-M[1], so setting CMAKE_VERBOSE_MAKEFILES
doesn't do anything.

We have arm-none-eabi-gcc 13.3[2], so there's no need to remove options
that <13 don't support.

[1] meta-arm 018fd6aecf ("arm/trusted-firmware-m: use Ninja to build")
[2] meta-arm f646ee4507 ("arm-toolchain: update to 13.3")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-19 13:00:03 -05:00
Hugues KAMBA MPIANA a1affdc526 kas/corstone1000: Use BitBake and OE Core instead of Poky
As the Poky layer will no longer be updated following
the integration of `bitbake-setup`, developers are advised to
use a combination of the `bitbake` and `openembedded-core`
layers instead of the `poky` layer.

Note that the `poky` layer is a combination of these two
layers glued into a single repository for convenience.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-19 10:00:05 -05:00
Ross Burton 0cbed483f2 arm/hafnium: build just the root target, not the tests
We don't run or package the tests, so there's no point to building them.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-17 08:39:24 -05:00
Ross Burton 62b9a84c4d arm/hafnium: ensure prebuilt binaries can't be used
We depend on native tools to provide these binaries, so we can delete
them to ensure that our tools are always used and never the prebuilt.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-17 08:39:24 -05:00
Ross Burton a48f0afe7f arm/hafnium: split configure/compile and call ninja directly
Split configure/compile and invoke ninja directly so that we can
control parallelisation.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-17 08:39:24 -05:00
Harsimran Singh Tungal 548a5a8c36 arm-bsp/trusted-firmware-a: corstone1000: Add patch for removing dependency of GICC frame for GICv3
GICC registers are not defined for GICv3. Trusted-Firmware-A throws error when
GICC register address is not defined even for GICv3. Adding patch
to handle this in Trusted-Firmware-A.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-17 08:38:54 -05:00
Ross Burton 2e54d47d10 arm/trusted-firmware-*: use correct mbedtls git URL
ARMmbed/mbedtls is the old name and redirects to Mbed-TLS/mbedtls, use
the correct name to avoid the redirection.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-17 08:38:11 -05:00
Clement Faure 5c8c508bb4 arm/hafnium: upgrade to v2.13.0
Upgrade hafnium from v2.12.0 to v2.13.0

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-10 09:00:07 -05:00
Michael Safwat df5a6f9c3f arm-bsp/corstone1000: Extract External System FVP options
- Introduce new file `corstone1000-extsys.inc` to define variables related
  to the external system.
- Ensure this file is included only when MACHINE_FEATURES do contain
  corstone1000-extsys.

This change makes external system configuration modular and only applied
when explicitly enabled through machine features.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-07 07:00:05 -05:00
Hugues KAMBA MPIANA 68c5015832 arm-bsp/corstone1000: sysvinit: Make module autoload work at boot
The image wasn’t autoloading kernel modules even though
`KERNEL_MODULE_AUTOLOAD` populated `/etc/modules-load.d/`. In this
configuration `/etc/init.d/rcS` only executes runlevel scripts from
`/etc/rcS.d` (and `/etc/rc5.d`), and `modutils.sh` was also missing.

This change:

* Includes the loader by adding `modutils-initscripts` to
  `CORE_IMAGE_EXTRA_INSTALL`.
* Enables SysV init by appending `sysvinit` to `DISTRO_FEATURES`,
  ensuring the `S*` start links in `/etc/rcS.d` (and `/etc/rc5.d`)
  call `/etc/init.d/modutils.sh start` during boot.

**Result:** entries in `/etc/modules-load.d/*.conf` now load
automatically at boot.

**Verification**

* Before: `lsmod` empty after boot; manual `modprobe` needed.
* After: `lsmod` shows target modules; `dmesg` contains module init logs.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-07 07:00:05 -05:00
Harsimran Singh Tungal 5fe80d2845 arm-bsp/u-boot:corstone1000: Use 32-bit cells for reserved-memory node
Switch the *reserved-memory* node from two-cell (64-bit) encoding to
one-cell (32-bit) encoding and adjust the `reg` property accordingly
to make reserved-memory node format compatible with rest of the dts.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-07 07:00:05 -05:00
Ross Burton 598e91a5aa arm-systemready/arm-systemready-linux-distros-fedora: update ISO URL
The Fedora 39 artifacts have been moved to an /archive/ directory, so
update the SRC_URI to match.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-06 10:00:11 -05:00
Ross Burton 8e0a2f59ed arm/trusted-firmware-m: update HOMEPAGE
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-06 10:00:04 -05:00
Ross Burton 53d7e26f6a arm-bsp/trusted-firmware-a: change documentation links to point at rendered docs
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-06 10:00:04 -05:00
Ross Burton 83e2f22c8d arm/trusted-firmware-a: unify git repository URL
git.trustedfirmware.org is an alias for review.trustedfirmware.org. We
moved the  main recipe to use review.trustedfirmware.org last year[1]
but not all other recipes that fetch the source followed, which means
that we have to fetch TF-A multiple times.

This commit ensures that all the recipes are using the same SRC_URI, so
we just fetch TF-A once.

[1] a6a4952e ("arm/trusted-firmware-a: use correct git URL")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-06 10:00:04 -05:00
Ross Burton a037dd8e71 arm/trusted-firmware-a: set HOMEPAGE
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-06 10:00:04 -05:00
David Hu afd6f76b09 arm/classes/tfm_sign_image: Support security counter
tfm_sign_image.bbclass hard codes the image security counter, which is
generated from the image version x.y.z.
The generated image security counter value is huge if x or y > 0.
Platform security counter store may not support such a huge counter
value.

Introduce a variable RE_WRAPPER_SECURITY_COUNTER to enable platforms to
specify the actual image security counter.

Signed-off-by: David Hu <david.hu2@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-05 06:00:03 -05:00
Ross Burton 82d64955f1 CI: only run pending-updates on master
This job takes a few minutes and isn't useful unless it's being ran for
master, or is being actively worked on.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-11-03 12:00:14 -05:00
Jon Mason 3bf5bc2a3c CI: reduce coverage for time improvement
Reduce the number of tests being run in CI to reduce the amount of time
it takes to complete, while providing the same code coverage.  Internal
CI runs went from 2.5h to 1.5h.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-31 11:00:07 -04:00
Ross Burton 6fd10047a1 arm/trusted-services: use SHA, not tag name
It turns out that the base SRCREV for trusted-services is a tag name,
which meant it was hitting the network on every build. Use the SHA
instead.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-31 11:00:05 -04:00
Ross Burton 35e853f657 arm-systemready/arm-systemready-linux-distros-debian: update for license rename
The SMAIL_GPL license in oe-core was renamed SMAIL-GPL to match SPDX.
Update the recipe to match this.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-29 10:00:03 -04:00
Ross Burton b50b4f31e6 arm-bsp/arm-systemready-acs: fix order confusing in FILESEXTRAPATHS
This bbappend was _appending_ to FILESEXTRAPATHS but putting the colon
separator _after_, so it actually constructed an invalid path.

Change the assignment to be prepend, so the separator is in the right
place.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-27 12:00:03 -04:00
Jon Mason 0c85f0f72c arm/sgi575: force gcc for tf-a
trusted-firmware a has a compile error when building with clang.  Since
this platform is EOL'ed and we're not currently building this platform
with clang in CI, the best option is to force GCC for it.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-20 12:00:05 -04:00
Jon Mason b9cfa74e66 arm/edk2-firmware: move the gcc toolchain force to the versioned recipe
Hopefully this issue can be fixed in a newer release.  Move the
toolchain forcing to the versioned so that it can be tracked easier.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-20 12:00:05 -04:00
Jon Mason 9a613e84f3 arm/optee-ftpm: enable clang compilation
Remove the forcing of GCC in the recipe, and make the changes necessary
to get clang working.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-20 12:00:05 -04:00
Jon Mason 982c986a30 arm/trusted-firmware-a: remove forcing of gcc for qemuarm-secureboot
clang is now working for qemuarm-secureboot.  Remove the forcing of gcc
and clean-up a white space issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-20 12:00:05 -04:00
Jon Mason 609c54d364 CI: remove meta-clang
Now that clang is in core, we don't need to use meta-clang anymore.
Also, use PREFERRED_TOOLCHAIN_TARGET to specify the toolchain to use.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-20 12:00:05 -04:00
Vyacheslav Yurkov 81733efdf5 arm/optee: Simplify examples recipe
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-16 15:13:31 -04:00
Ross Burton 40a5aac50c arm-bsp/u-boot: update CS1K append to use the _config functions
The u-boot recipe now uses unique build directories per config that is
being built, to ensure that there is no cross-contamination.

Handle this by moving the do_configure and do_install appends to
uboot_configure_config and uboot_install_config so that we can simply
use $builddir.

[1] oe-core 22e96b32b0b ("u-boot: Make sure the build dir is unique for each UBOOT_CONFIG")

Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-15 11:21:12 +01:00
Frazer Carsley 3a89a2c844 arm-bsp/corstone1000:psa-tests: Removes RSA tests
Since TF-M v2.2.1, the new crypto driver used does not support RSA
algorithms, so these tests are no longer valid.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-14 11:39:42 +01:00
Frazer Carsley ddf6d8327c arm-bsp/corstone1000:trusted-services: Fix psa-crypto-api-tests
Re-adds a patch aligning the Trusted Services PSA Crypto
structure with its equivalent definition in TF-M v2.1.1.
The patch was previously removed during the upgrade to
Trusted Services v1.2, as it was believed to be included in that
version. However, the alignment is still required to maintain
consistency with TF-M v2.1.1.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-14 11:39:42 +01:00
Ross Burton cd29fc3e83 arm/trusted-firmware-m: remove 2.2.0
We have 2.2.1, so there's no need for 2.2.0.  This removal was accidentally
omitted from the 2.2.1 upgrade.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-12 11:51:29 +01:00
Ross Burton f5f07d93e6 arm/trusted-firmware-m: add missing trusted-firmware-m-scripts-native 2.2.1
This was accidentally missed in the TF-M upgrade to 2.2.1.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-12 11:51:29 +01:00
Ross Burton 7206f9c9f9 arm/oeqa/fvp: update for new ignore_ssh_fails argument to run()
The OESSHTarget object now has a ignore_ssh_fails keyword argument[1],
so update this subclass to match.

As the implementation of run() here simply forwards the arguments, we
can use *args, **kwargs so that future changes don't cause problems.

[1] oe-core afe118d4f2d ("oeqa: target: ssh: Fail on SSH error even when errors are ignored")

Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-10-12 11:48:51 +01:00
Ross Burton 2b44924959 CI: use bitbake+oe-core instead of poky
Moving forwards, it's expected that the poky repository will no longer be
updated as the integration of bitbake-setup means that users are
encouraged to use bitbake+oe-core separately instead.

We also need to fetch meta-yocto as our CI is currently explicitly based
on the poky distribution.

This is effectively a no-op change, as poky is simply these component
repositories glued into a single repository for convenience.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-09 15:05:45 -04:00
Ross Burton cd7387d5bf arm-bsp/edk2-firmware: backport a patch to fix builds with host gcc15
Backport a patch from upstream to fix the build of antlr with GCC 15 on
the host.

The build still fails with clang, so update the message with the current
error message.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-08 10:37:55 -04:00
Khem Raj 08542e22a3 gn: Delete
Recipe moved to OE-core

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-02 15:00:05 -04:00
Michael Safwat 18cc301460 arm/trusted-firmware-a: Re-enable BL31 console by default
Backport Trusted Firmware-A patch to re-enable the BL31
console during early boot.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-10-02 10:00:38 -04:00
Ross Burton 1c86990f95 arm/optee: clean up OPTEE_COMPILER assignment
Now that clang is part of oe-core we can't use meta-clang being present
as an indicator of clang being available.

This does mean we can clean up the logic and just use TOOLCHAIN, as that
is always set now.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-29 15:53:45 -04:00
Ross Burton d85711c049 arm/optee: remove redundant libgcc flags
Upstream appear to have resolved the libgcc linkage issues as these
variables are not used in upstream nor our patches.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-29 15:53:45 -04:00
Jon Mason c3b9bc549f arm-bsp/juno: remove BT_LEDS config warning
Kernel builds are logging the following issue:
WARNING: linux-yocto-6.16.8+git-r0 do_kernel_configcheck: [kernel config]: specified values did not make it into the kernel's final configuration:
    [NOTE]: 'CONFIG_BT_LEDS' last val (y) and .config val (n) do not match

This could be enabled by setting:
CONFIG_LEDS_CLASS=y
CONFIG_NEW_LEDS=y
CONFIG_SND_SOC_HDA=y

But this isn't really useful on the juno platform.  So, better to
disable the BT LEDs.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-26 09:00:03 -04:00
Hugues KAMBA MPIANA 497e455db1 arm-bsp/ts:corstone1000: Rename patches
Rename the Corstone-1000 Trusted Services patches so that their
numbering matches the application order, and the remainder of
each patch name matches its corresponding commit message subject.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-16 12:00:06 -04:00
Hugues KAMBA MPIANA fbd2a1a2ac arm-bsp/ts:corstone1000: Remove obsolete patches
The Corstone-1000 Trusted Services patches removed in this change are no
longer required following the upgrade to Trusted Services v1.2.0.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-16 12:00:06 -04:00
Hugues KAMBA MPIANA 79fafe2c9c arm/trusted-services: Upgrade Trusted Services to v1.2.0
* Update Trusted Services from v1.1.0 to v1.2.0
* De-list obsolete Corstone-1000 TS patches
* Rework remaining Corstone-1000 TS patches for correct application
* Mark remaining Corstone-1000 TS patches as Backport in upstream status
* Reorder Corstone-1000 TS patches to match upstream application order

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed‑off‑by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-16 12:00:06 -04:00
Hugues KAMBA MPIANA c4ce6a426d arm/trusted-services:corstone1000: Pass Corstone-1000 target type
Trusted Services requires knowledge of the Corstone-1000 platform type to
select the correct set of FWU image UUIDs at compile time.

This change introduces a CORSTONE_1000_TYPE variable in both BitBake
and CMake code to differentiate between Corstone-1000 platform types.
Its value is determined by the selected Corstone-1000 target machine
configuration file:
* `CORSTONE_1000_TYPE_CORTEX_A35_FVP`
* `CORSTONE_1000_TYPE_CORTEX_A35_MPS3`

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-16 12:00:06 -04:00
Jon Mason 7800703ba5 arm-bsp/trusted-firmware-a: remove unreferenced patches
These patches were moved to meta-arm-bsp for tf-a recipes that have since
been removed.  Remove them now.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-15 14:24:46 -04:00
Jon Mason 2e0a465789 arm/opencsd: update to 1.6.1
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-15 14:24:46 -04:00
Jon Mason 51d7581e2e arm/edk2-firmware: update to 202508
Update edk2-firmware to the latest release and update edk2-basetools to
match this update (as the previous update did not do this).

Also, fix clang compile issues.  This change should fix any clang
compile issues since edk2-stable202108 (completely untested, but that is
when the relevant variables were renamed).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-15 14:24:46 -04:00
Jon Mason fc986773f4 arm-bsp/fvp-base: add abstracts for easier ISA configuration
Add variables for setting the Major and Minor version of the ARM
Instruction Set Architecture, and add those variables in the various
places needed for the FVP Base virtual machine to run with those
instructions.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-12 10:00:03 -04:00
Jon Mason feb539589c ci/selftest: remove rm_work
oe-selftest is now logging having rm_work enabled as an error, which is
causing the test to fail.  Remove this from the selftest.yml file, and
everything works as before.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-11 09:00:04 -04:00
Harsimran Singh Tungal a059fc317f arm-bsp: corstone1000: Upgrade Trusted-Firmware-M v2.2.1
The move to Trusted-Firmware-M v2.2.1 makes the BL1 code larger,
while the provisioning bundle can be trimmed.  At the same time BL2 and
TF-M binary addresses now need to begin on a 0x100-byte boundary for
Cortex-M0+ based platforms.

Key changes
--------------------------------
- Upgrade Trusted-Firmware-M v2.2.1 for Corstone-1000
- New crypto driver supports ECC instead of RSA.
- Rebase patches
- Add new patches to address the following changes for v2.2.1
   - Increase `BL1_1_CODE_SIZE` to 58KB to accommodate the v2.2.1 binaries.
   - Reduce `PROVISIONING_DATA_SIZE` to 6KB.
   - `BL2_CODE_START` and `S_CODE_START` are aligned to 0x100 byte boundary
      so both start addresses are an exact multiple of 0x100.
   - Adapt ADAC enabled build to the new BL2 build restructure.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 09:00:06 -04:00
Harsimran Singh Tungal c7581dfab2 arm/trusted-firmware-m: Add alignment checks for Cortex-M0+ based platform binaries
Include patch to add relevant checks in GCC linker scripts to validate if the
BL2 and Trusted-Firmware-M binary addresses are aligned to 0x100 byte boundary
for Cortex-M0+ based platforms.

This is required because:
For Cortex-M0+ VTOR: 256-byte vector table is at the offset 0x00 of the image.
To keep that table in one block, the image base must be a multiple of 0x100.
For reference: https://developer.arm.com/documentation/ddi0419/latest/

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 09:00:06 -04:00
Harsimran Singh Tungal 5a34655c1c arm/trusted-firmware-m: Add new recipe for Trusted-Firmware-M v2.2.1
Key Changes:
- Add new recipe for Trusted-Firmware-M v2.2.1

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 09:00:06 -04:00
Ross Burton b6997921b4 arm-bsp/juno: add coresight MACHINE_FEATURE
The Juno board supports Arm CoreSight, so add it to MACHINE_FEATURES.

This is useful because oe-core's perf recipe will now enable coresight
support automatically if this feature is present[1].

[1] oe-core c455bd03910 ("perf: enable coresight if enabled in MACHINE_FEATURES")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 06:00:06 -04:00
Ross Burton 177ccfdcd3 arm-bsp/corstone1000: add coresight MACHINE_FEATURE
The Corstone1000 supports Arm CoreSight, so add it to MACHINE_FEATURES.
Note that currently the FVP model doesn't support this[1] so we only
enable it for MPS3.

This is useful because oe-core's perf recipe will now enable coresight
support automatically if this feature is present[1].

[1] https://developer.arm.com/documentation/100966/1128/Arm--Corstone-1000-FVP/Corstone-1000-FVP-modeled-components
[2] oe-core c455bd03910 ("perf: enable coresight if enabled in MACHINE_FEATURES")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 06:00:06 -04:00
Ross Burton 56f84d176c CI: no need to configure coresight explicitly
The oe-core perf recipe will now enable coresight support automatically
if the coresight MACHINE_FEATURE is set[1], so we can remove the manual
configuration in our CI and let the machines enable it where appropriate.

[1] oe-core c455bd03910 ("perf: enable coresight if enabled in MACHINE_FEATURES")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-10 06:00:06 -04:00
Ross Burton 7e193e9813 arm-bsp/corstone1000: update for wic renaming --extra-space
wic in oe-core has renamed --extra-space to --extra-filesystem-space[1],
so update the workaround here.

[1] oe-core 39d10137b86 ("wic: rename wks flag --extra-space to --extra-filesystem-space")

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-09 10:00:03 -04:00
Jon Mason 90b2ef142b arm/oeqa/optee.py: only run regression tests on qemu machines
The OP-TEE default tests are taking over 30 minutes, which is causing CI
to overall take several hours.  For QEMU machines, reduce the tests to
just be the regression tests, which reduces the CI time by over 30%.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-08 10:00:03 -04:00
Ross Burton 7d60c67ad7 CI: align with Poky
Originally we customised the CI build for speed, by switching to ipkg
instead of rpm for the packages and disabling graphical output support
in qemu-system-native.

These are admirable goals, but more admirable is sharing sstate and
people may wish to use the output of this CI without having to make the
same alterations.

Drop these two changes so that our configuration matches poky. I've
verified that with this change, a build of core-image-sato for qemuarm64
can be built almost entirely from the autobuilder's sstate[1].

[1] gator-daemon, opencsd, and perf are built as these are not built on
    the AB in this configuration.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-04 13:20:49 -04:00
Ross Burton 5fae879140 CI: move network test skips to fvp.yml
testimage.yml was skipping the opkg tests, but we also need to skip the
dnf tests for when PACKAGE_CLASSES="package_rpm".

These skips are FVP-specific as they are due to the wrong IP being used
by the test suite. This should be fixed in the FVP test harness, but
for now move the exclusions into fvp.yml so they're isolated.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-04 13:20:49 -04:00
Clement Faure 1f78fab70a arm-bsp/u-boot: corstone1000: enable OF_UPSTREAM device tree support
Enable OF_UPSTREAM support for the corstone1000 platforms in U-Boot.

This patchset enables OF_UPSTREAM device tree support in U-Boot for the
corstone1000 platforms. This allows U-Boot to build using upstream
Linux kernel device tree sources instead of downstream copies.

The following changes are introduced:
- Enable OF_UPSTREAM to support upstream device tree.
- Update DEVICE_TREE naming with "arm/" prefix.
- Add device tree overlay to retain U-Boot specific device tree
nodes.
- Remove legacy device trees for corstone1000.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-09-01 13:00:04 -04:00
Andrey Zhizhikin 84b96041d3 arm/arm-bsp: optee: upgrade to 4.7.0
OP-TEE version 4.7.0 has been released on 2025-07-11 [1], and includes fixes
that are currently collected as separate patches in the layer collection.

Upgrade OP-TEE recipes to point to version 4.7.0, and drop patches from layers
as they are already present in upstream.

Clang patch in `optee-os` package was completely removed. Upstream logic was
changed in PR #7382 [2], making this patch obsolete.

CVE-2025-46733 in `optee-ftpm` package is now properly tagged and included in
4.7.0 version as well.

One patch that is still kept in the layer is
optee-client/0001-tee-supplicant-update-udev-systemd-install-code.patch, as it
has been merged after 4.7.0 tag was applied, but already present in upstream as
commit 59b90488e93e ("tee-supplicant: update udev & systemd install code").
Further updates shall consider to drop this as well.

In addition, point corestone1000 machine to a new version, as 4.6.0 is dropped
from the layer. TZDRAM patch is also dropped as it is now present in upstream.

Link: [1]: https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md#op-tee---version-470-2025-07-11
Link: [2]: https://github.com/OP-TEE/optee_os/pull/7382
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-26 12:00:06 -04:00
Jon Mason c68907c4f5 arm/optee-os: remove CFG_CORE_BTI from EXTRA_OEMAKE
commit a3a2c49b21 corrected a typo that
was preventing arm-branch-protection flags from being enabled.  However,
since making this change, fvp-base with trusted services enabled no
longer boots.  However, the flag that seems to be the problem on fvp
base is CFG_TA_BTI.  Since this is the only use case for
arm-branch-protection machine feature, remove it from the common file
until this issue can be properly sorted.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-22 09:23:26 -04:00
Jon Mason 1be16ea62c arm-bsp/fvp-base: remove console workaround
Remove the KERNEL_CONSOLE workaround, as that has now been upstreamed
should should no longer be needed.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-22 09:23:26 -04:00
Jon Mason 4a46844fe2 arm/arch-armv9*: Fix PACKAGE_EXTRA_ARCHS reference
PACKAGE_EXTRA_ARCHS references armv8 instead of armv9

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-22 09:23:26 -04:00
Jon Mason 6ec4a039a3 arm/gn: update to the latest SHA
Update gn to the latest SHA (commit from 08 Aug 2025).  There are 66
commits between the previous SHA and the new one.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-20 13:00:10 -04:00
Jon Mason d8f0ab517b arm/gn: disable uninitialized variable warning
An uninitialized variable warning is occurring when compiling gn.
However, since Wall is being used in gn, this is being logged as an
error.  Pass the no-error flag for this case to workaround this issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-20 13:00:10 -04:00
Norbert Kocsis 9e6671a222 arm/trusted-services: Fix trusted-service license file paths
Use UNPACKDIR instead of relative paths.

Signed-off-by: Norbert Kocsis <norbert.kocsis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-19 10:00:03 -04:00
Michael Safwat 8d38f57623 arm-bsp/trusted-firmware-m: corstone1000: Update the patches upstream status
These patches upstream status changed to Backport:
0006-platform-CS1000-Add-multicore-support-for-FVP.patch
0009-CC312-ADAC-Add-PSA_WANT_ALG_SHA_256-definition.patch
0010-Platform-CS1000-Add-crypto-configs-for-ADAC.patch
0012-Platform-CS1000-Remove-unused-BL1-files.patch
0013-Platform-CS1000-Fix-compiler-switch-in-BL1.patch
0017-Platform-CS1000-Enable-FWU-partition.patch
0018-Platform-Corstone1000-Implement-Bootloader-Abstracti.patch
0019-Platform-Corstone1000-Increase-buffer-sizes.patch
0023-Platform-CS1000-Remove-duplicate-configuration-parameters.patch

And from the PSA-ADAC,
This patch upstream status changed to Backport:
0002-ADAC-Link-psa_interface-instead-of-tfm_sprt.patch

This patch upstream status changed to Inappropriate:
0003-Fix-psa_key_handle_t-initialization.patch
Reason: mbedcrypto configs have to be fixed to build secure-debug mps3
without this patch

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-13 06:00:04 -04:00
Peter Hoyes 60c7910b41 arm/classes: Fix IMAGE_POSTPROCESS_COMMAND in fvpboot
Since OE-core 6fd8af0d, the semicolon delimeter in bb.build_exec_func
variables is not needed. The commit silently removes any stray ';' but
failed to handle ';' when assigning to vardeps.

In meta-arm, this has the effect of changes to FVP_* variables not being
picked up when rebuilding the image recipe since mickledore.

This is ancient history now, so just remove the semicolon to fix the
variable dependency issue when using fvpboot in meta-arm.

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-13 05:00:07 -04:00
Ross Burton a3a2c49b21 arm/optee-so: fix typo in EXTRA_OEMAKE
This recipe was using EXTREA_OEMAKE to enable BTI, fix the typo.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Ross Burton 90ab7aee89 arm/optee: the build uses lld if using clang
The OP-TEE suite of packages use lld if the compiler is clang, so now
that the lld recipe has been split out of the clang recipe we need to
depend on both.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Ross Burton 7b198c3ab7 arm/hafnium: don't exclude from world builds
Clang is large but this recipe builds on all hosts now, so we don't need
to exclude it.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Ross Burton d1237205a0 arm/hafnium: clean up inherits
This doesn't use pkgconfig, or python3native, or need to inherit clang.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Ross Burton 37b49e7588 arm/hafnium: depend on lld-native
The build explicitly uses lld, so now that it has been split out of the
clang recipe we need to also depend on that.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Ross Burton d5bdaf37c0 arm/hafnium: mark compatible with just qemuarm64-secureboot
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:21:30 -04:00
Christophe Thiblot 4c0b54632a arm-bsp/trusted-firmware-a: exclude boot requirement test for Corstone-1000
A test compares the value of the Generic Timer register CNTFRQ visible in
two frames CNTBaseN and CNTCTLBase that are linked in Armv8-A and reflect
the same value.

An issue in Corstone-1000 (errata 2142118) makes the CNTFRQ views
inconsistents and the then test fails. There is no workaround and
the test is skipped.

Errata: https://developer.arm.com/documentation/sden2142076/0002/?lang=en
Signed-off-by: Christophe Thiblot <christophe.thiblot@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:20:54 -04:00
Ross Burton 0eb59c7caf arm-bsp/u-boot: add a U-Boot 2025.04 recipe for Corstone1000
Until Corstone1000 can be updated to use 2025.07, keep an older release
of u-boot in meta-arm-bsp for it to use.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:20:27 -04:00
Ross Burton 7cf518c036 arm-bsp/u-boot: remove version 2023.07.02
The use of 2023.07.02 was removed in meta-arm e29c0ee70a
("arm-bsp/u-boot: corstone1000: Add PSA Firmware Update support (DEN0118
v1.0A)").

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-08-05 13:20:27 -04:00
Jon Mason 358b52f03b arm-bsp/u-boot: update patches for v2025.07
Update the FVP base u-boot patches to apply cleanly to u-boot v2025.07.
Also, use a config fragment to change the default boot command to boot
virtio image.  This works around some changes in
include/configs/vexpress_aemv8.h that change the boot behavior, which is
not something we're using anyway.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-31 15:00:04 -04:00
Hugues KAMBA MPIANA 5c5afac7b9 arm-bsp/documentation: corstone1000: Revamp user guide Capsule Update test section
- Rename "negative capsule update test" to "rollback capsule update test"
- Replace U-Boot mkeficapsule with EDK II GenerateCapsule workflow
- Add JSON-driven helper script example (generate_capsule_json_multiple.py)
- Document multi-payload support (BL2, TFM_S, FIP, INITRAMFS)

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-31 13:00:06 -04:00
Harsimran Singh Tungal cb314932a1 arm-bsp/doc: corstone1000: Update architecture document with new PSA FWU implementation details
Update the architecture documentation for Corstone-1000 to include
details about the new PSA Firmware Update (FWU) implementation.

The new section describes the bootloader abstraction layer (BAL),
UEFI capsule update flow, FWU metadata handling, and the integration
between TF-M and U-Boot for managing trial and accepted images.

This documentation helps align the platform with PSA FWU requirements

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Ali Can Ozaslan e2575355d9 arm/edk2-basetools-native: WORKDIR fix
Upstream has removed the need to explicitly set S = "${WORKDIR}/git",
and now defaults to S = "${UNPACKDIR}". As a result, directly referencing
${WORKDIR}/git will fail when the source is unpacked elsewhere.

Update do_install() to use ${S}/BaseTools instead of the hardcoded path.

This issue was previously unnoticed as EDK2 tools (e.g. GenerateCapsule)
were not being used in the build path at the time of the earlier refactor
(commit eea74860).

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Abdellatif El Khlifi 926ebd3b77 arm-bsp/u-boot: corstone1000: Add rebased features patches
Add rebased patches on U-Boot v2025.04

Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Abdellatif El Khlifi e29c0ee70a arm-bsp/u-boot: corstone1000: Add PSA Firmware Update support (DEN0118 v1.0A)
Add PSA FWU support on U-Boot v2025.04

Introduce Platform Security Architecture (PSA) Firmware Update (FWU) support to
U-Boot v2025.04 on the Corstone-1000 reference design. This implements the
Arm DEN0118 v1.0A specification and provides a generic, upstreamable FWU
framework for reuse across other Arm platforms.

Design overview:

Client/Runner: U-Boot parses the capsule and  executes the FWU state machine.

Update agent: Secure world handles flash writes and metadata updates.

Key features:

- Capsule-based firmware updates with support for multiple payloads
- On-disk capsule handling (ESP-based update)
- Optional image acceptance at ExitBootServices()
- ESRT (EFI System Resource Table) support
- FFA_MEM_SHARE and FFA_MEM_RECLAIM ABI support
- FWU enabled for the Corstone-1000 platform

[1]: Platform Security Firmware Update for the A-profile Arm Architecture,
    https://developer.arm.com/documentation/den0118/latest/

Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal 1cd5433f62 arm-bsp/trusted-firmware-m: corstone1000: Remove patches for old capsule update implementation
This commit removes the outdated patches of capsule update implementation for the Corstone-1000
platform targeting Trusted-Firmware-M (TF-M). The changes include the removal of
obsolete out-of-tree patches and the rebase of retained patches to align with the
latest upstream TF-M integration.

Key changes:
- Dropped legacy TF-M patches related to old capsule update flow
- Rebasing of remaining TF-M patches for compatibility with current TF-M baseline

This cleanup streamlines the TF-M integration for Corstone-1000 in preparation for
the updated PSA Firmware Update (FWU) aligned capsule update support.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal b7e0e4c566 arm-bsp/trusted-services: corstone-1000: Remove old capsule update implementation
This change removes the obsolete out-of-tree patches and legacy support related
to the old capsule update mechanism for the Corstone-1000 platform.
The Trusted-Services components are now aligned with the upstream implementation,
and outdated patches have been dropped or rebased as necessary.

- Removed deprecated patches targeting old capsule update logic
- Rebasing of remaining patches to ensure compatibility with updated TS interface

This prepares the platform for the new PSA FWU-based capsule update path and
reduces technical debt in Trusted-Services integration.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Ali Can Ozaslan 0112cd479b arm-bsp/corstone1000: Support multi-payload capsule generation
- Add 'CAPSULE_SELECTED_COMPONENTS' to enable filtering of firmware
  components during capsule generation. Only components listed in
  'CAPSULE_SELECTED_COMPONENTS' will be included in the final capsule
  image.

- Introduce CAPSULE_EXTRA_ARGS to allow passing additional arguments.
  '--capflag PersistAcrossReset' to retain capsule across reboots.

- Payload selection is now controlled via the KAS YAML configuration
  (corstone1000-image-configuration.yml), allowing per-image control
  over which firmware components are included.

- With the introduction of multiple payload support, 'CAPSULE_VERSION'
  no longer represents the firmware version itself but is instead
  used for naming the capsule and assigning a common version to all
  payloads to simplify testing.

- Use EDK2 tool to switch from single FMP capsule generation to multiple
  FMP capsules using a JSON-based configuration. This removes the need
  for manually combining firmware images into a .nopt image.

- Remove legacy nopt image creation logic, as each firmware binary is
  now handled individually. Components no longer need to be merged.
  Deploy task was removed with nopt logic.

- Generate dummy.bin for EDK2 tool compatibility. EDK2 requires
  at least one input file for each payload.

- Added dependency on  to  to ensure images are signed before capsule
  generation.

- Add CAPSULE_LOWEST_SUPPORTED_VERSION to
  corstone1000-image-configuration.yml.It in the same file where
  the firmware version (FW_VERSION) is defined, ensuring a unified
  location for version-related metadata. This value was chosen to
  be equal to the firmware version to represent a downgrade
  scenario (from version 6 to version 5) during testing.

- CAPSULE_HARDWARE_INSTANCE is set to "1" by default (instead of 0),
  indicating the first hardware.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Ali Can Ozaslan c68fedfbea arm/uefi_capsule: Switch Capsule generation tool from U-Boot to EDK2
This commit updates the uefi_capsule.bbclass to use the EDK2
GenerateCapsule tool instead of the mkeficapsule utility from U-Boot.

The switch was necessary because the mkeficapsule utility from U-Boot
does not support generating capsules with multiple payloads, whereas
the EDK2 GenerateCapsule tool provides native support for multi-image
capsule creation.

These changes allow building UEFI capsules with multiple firmware
binaries in one step, making the firmware update process
more flexible.

- Switching dependency from u-boot-tools-native to
  edk2-basetools-native
- Updating the actual capsule creation command to GenerateCapsule
  with the appropriate flags (including hardware instance, lowest
  supported version, and monotonic count)
    * CAPSULE_HARDWARE_INSTANCE defines which hardware instance
      the capsule update is intended for. This can be set
          to "1" or "0" indicating the first hardware module or SoC.
          For systems with multiple modules, subsequent instances
          could be numbered 2, 3, etc.
    * CAPSULE_LOWEST_SUPPORTED_VERSION enables roll-back protection
      by specifying the minimum firmware version that the platform
      accepts. Any firmware update below this version will be
      rejected.It should be set 0, 1, 2, etc according to your
      firmware security and versioning requirements.
- Combining certificates into the private key file as required
  by GenerateCapsule

- Add support for multiple firmware payloads
  This update refactors the capsule generation process to support
  multiple firmware binaries instead of a single payload.
  Key changes include:

- Integration of a JSON generator script to define multiple payloads
- Add default path for JSON config generator and prepare
  test infrastructure.
- Introduction of new variables
    * CAPSULE_ALL_COMPONENTS:  of all available components
    to be included in the capsule generation process.
    * CAPSULE_SELECTED_COMPONENTS: Subset of components from
    CAPSULE_ALL_COMPONENTS that should actually be included
    in the final capsule image.
- Replacement of direct GenerateCapsule arguments with JSON input
- Allow passing custom arguments to GenerateCapsule via
  `CAPSULE_EXTRA_ARGS` variable
- Cleanup of temporary files used in the capsule generation process

These changes align with EDK2's flexible capsule format and enable
component level filtering for more advanced firmware update scenarios.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal 5d481fd065 arm-bsp/trusted-services: corstone1000: PSA FWU implementation
This commit implement the required changes in Trusted-Services in order
to incorporate PSA FWU implementation. It involves the following changes:

1. Integrate IPC framework for PSA FWU calls between Cortex-A and Cortex-M subsystems.
IPC framework is required to bridge the PSA FWU calls for the platforms which have
both Cortex-A and Cortex-M subsystems. Corstone-1000 falls under this category of
platforms. In these platforms, the PSA FWU client and PSA FWU provider exist on
Cortex-A and all the PSA FWU services are implemented on Cortex-M side. This IPC
framework forwards the PSA FWU calls from Cortex-A to Cortex-M subsystem.

2. Load initial image state in PSA FWU M update agent
Set initial image state based on the image state returned by
psa_fwu_query. This way the update agent has the correct view of images
after reboot and it can accept or reject them.

3. Define PSA FWU image mapping structure.
Define PSA FWU image mapping structure for Corstone-1000.
This structure is responsible to map specific image guid with
component number.
To enable platform-specific handling, service_proxy_factory.c now
conditionally selects the appropriate image mapping
based on PLATFORM_IS_FVP. This ensures that both FVP and MPS3
platforms use the correct GUID and firmware update configuration.

4. Fix PSA FWU IPC psa_fwu_install() return value check
This change adds support to validate if the return type in psa_fwu_install()
is either PSA_SUCCESS or PSA_SUCCESS_REBOOT. Both the return values are expected.
Earlier, only PSA_SUCCESS is validated.

5. Add ESRT support
Add ESRT support for PSA FWU M agent.
ESRT functionality is implemented using unique image dedicated
for ESRT data having its own UUID. In PSA FWU M agent's context,
this image has read only attributes. The ESRT data can be read
using image_read_directory by using ESRT image UUID handle. The
ESRT data is queried from Secure Enclave using psa_fwu_query()
and ESRT data can be read from psa_fwu_impl_info_t structure
object defined in psa_fwu_component_info_t.

This commit includes the following changes:
1. Declare ESRT data structures.
2. Modify image_directory_read() to include ESRT data read support
3. Modify psa_fwu_m_update_agent_init to initialize ESRT image
attributes

6. Enable ESRT support
Enable ESRT support for Corstone-1000.
Introduce ESRT image UUID and its component number and
set TFM_FWU_MAX_DIGEST_SIZE to ESRT data size.

7. Add event provider proxy
Normal world needs to send boot confirmation event
to Secure Enclave and Trusted-Services is responsible
to transfer the event to Secure Enclave.
This commit implements the event handling framework in
SE-proxy-SP and develops event provider proxy which
forwards the event to Secure Enclave via psa calls.
This change is introduced for Corstone-1000

8. Define GUID for each payloads
Define GUID's for all the 4 payloads for FVP and
MPS3.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Imre Kis <imre.kis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal ce3ae66a06 arm-bsp: corstone1000: Add PLATFORM_IS_FVP toggle for FVP/FPGA builds
Introduces PLATFORM_IS_FVP to differentiate between FVP and FPGA builds.
Adds platform-specific CMake files for corstone1000-fvp and corstone1000-mps3,
and updates platform.cmake to use this toggle.

This commit also adds the TS_PLATFORM variable to corstone1000-fvp.conf
and corstone1000-mps3.conf, explicitly defining platform identifiers
for Trusted Services. This ensures a consistent and clear distinction
between the FVP and MPS3 builds within the build system.

These changes improve maintainability and platform-specific handling
by making it easier to reference the correct target platform
in configurations and scripts.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal 0f8a99a337 arm-bsp/trusted-firmware-m: corstone-1000: Increase PS_MAX_ASSET_SIZE and CRYPTO_IOVEC_BUFFER_SIZE for EFI variable support
Increase `PS_MAX_ASSET_SIZE` and `CRYPTO_IOVEC_BUFFER_SIZE` for the
Corstone-1000 platform to support large EFI variable storage required
by the UEFI firmware update flow and to pass Arm Architecture Compliance
Suite (ACS) tests.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Ali Can Ozaslan c486835b98 arm-bsp/trusted-firmware-m: corstone1000: Add Bootloader Abstraction Layer (BAL) support
Introduce Bootloader Abstraction Layer (BAL) support for Corstone-1000 to
enable flexible integration of firmware update including partial capsule
update.
This change includes:
- Enable the firmware update partition for Corstone-1000 and create
  placeholder bootloader abstraction layer for Corstone-1000.
- Change the insertion logic of TFM_FWU_BOOTLOADER_LIB to select a new
  platform-specific bootloader abstraction layer.
- Use the necessary flags to use the service and resolve any linker
  issues that may arise.
- Migration of capsule update logic to a new BAL module under
  `platform/ext/target/corstone1000/bootloader/mcuboot/`.
- Implementation of BAL APIs in `tfm_mcuboot_fwu.c` as per the PSA FWU
  state machine.
- Removal of `uefi_capsule_parser.c` and `uefi_capsule_parser.h` as capsule
  parsing is done in U-Boot.
- Enhancement of `uefi_fmp.c` to handle FMP metadata for multiple images.
- Update of `provisioning.c` and `security_cnt_bl2.c` to handle new BAL
  return values.
- Addition of `fwu_config.h.in` with default FWU configuration.
- Metadata layout changes to include size and image GUIDs for U-Boot
  compatibility during FWU Accept flow.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Harsimran Singh Tungal 3a2cc58deb arm-bsp/trusted-firmware-m: corstone1000: Permit FWU calls in RSE-COMMS
Add support to permit FWU calls in RSE-COMMS Trusted-Firmware-M for Corstone-1000
This change is required to allow the transmission of PSA FWU related
calls between Cortex A and Cortex M side on Corstone-1000.
For every PSA call from A side, the RSE-COMMS at M side validates, if the
call is allowed or not.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 08:00:05 -04:00
Csaba Szilágyi 1e37608374 arm/hafnium: add hafnium to qemuarm64-secureboot target
Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Csaba Szilágyi ed99303a7c arm/hafnium: Restore patch on gn visibility
This patch has been dropped in the following commit:
f1fc5c53 - arm/hafnium: update to v2.12.0

Unfortunately the original issue is still present and the
patch is required for the successful build. Patch is
restored in this commit.

Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Csaba Szilágyi 1a27790238 arm/hafnium: Remove deprecated patch for third_party/linux submodule
third_party/linux submodule has been removed from hafnium in the
following commit:
ddeedafa - chore: drop the third_party/linux submodule

Relevant patch can not be applied anymore. Patch is removed
from the recipe.

Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Csaba Szilágyi 6e934fbbcb arm/hafnium: Select valid platform for hafnium and properly pass to make
'qemu_aarch64' is not a valid hafnium platform. Supported platforms are:
* 'secure_rd_v3'
* 'secure_rd_v3_cfg1'
* 'secure_aem_v8a_fvp_vhe'
* 'aem_v8a_fvp_vhe'
* 'aem_v8a_fvp_vhe_ffa_v1_1'
* 'qemu_aarch64_vhe'
* 'secure_qemu_aarch64'
* 'rpi4'
* 'secure_tc'

Previusly selected 'qemu_aarch64' did not cause error because
it was NOT passed to make. It had no effect.

Within this commit, platform 'secure_qemu_aarch64' is selected
and passed to make.

Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Csaba Szilágyi 2e562a39d9 arm/hafnium: Depend on clang-native
hafnium is built by clang. Dependency is required for successful
build.

Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Csaba Szilágyi ad09b42433 Revert "arm/hafnium: refuse to build on non-x86-64 hosts"
According to original commit, clang for other targets
like aarch64 were not available. This condition is not
present anymore therefore check for x86_64 can be removed.

This reverts commit 01a13b11ad.

Signed-off-by: Csaba Szilágyi <csaba.szilagyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-30 04:00:05 -04:00
Clement Faure 5a7387dbe9 arm-bsp/trusted-firmware-a: corstone1000: upgrade TF-A to 2.13.0
Upgrade trusted-firmware-a to 2.13.0 for Corstone-1000
Upgrade tf-a-tests to 2.13.0 for Corstone-1000

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-29 06:00:04 -04:00
Hamideh Izadyar 80ae6c976c arm/trusted-firmware-m: apply TF-M downstream patches
Apply TF-M downstream patches in the main TF-M recipe, rather than doing
it in corstone1000 recipe.

Signed-off-by: Hamideh Izadyar <hamideh.izadyar@arm.com>
2025-07-28 14:15:23 +01:00
Michael Safwat 77ba0e68e3 arm-bsp/trusted-services: cpputest: fix cmake 4.0 compatibility
Cmake 4.0 dropped compatibility to cmake versions below 3.5. Update the
required version on the cmake file as a workaround.

Also update the component to use git am instead of apply.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Michael Safwat <michael.safwat@arm.com>
2025-07-23 17:55:21 +01:00
Michael Safwat c77c48189b arm-bsp/trusted-services: Corstone-1000: Move the MM communication buffer configs to TS CMake
Two variables are moved from the meta-arm-bsp layer to the Trusted-Services
Corstone-1000 platform CMake file so the MM communication buffer address and
page count can be configured from the CMake layer.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
2025-07-23 17:55:21 +01:00
Frazer Carsley f9b3ee4415 arm/scp-firmware: Updates upstream status
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-07-22 13:58:49 +01:00
Frazer Carsley fbc984b5d3 arm-bsp/optee: Updates upstream status
Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-07-22 13:58:49 +01:00
Frazer Carsley ec1d4e0e21 arm/optee: Updates upstream status.
Patch "0003-optee-enable-clang-support" is no longer appropriate as the
feature the patch provides is no longer required.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-07-22 13:58:49 +01:00
Frazer Carsley aedcca76fc arm-bsp/corstone1000: Ensures external-system only built when enabled.
The external-system component was marked as a dependency for the
corstone1000-recovery image regardless of whether external-system was
requested or not. This ensures that is no longer the case.

Signed-off-by: Frazer Carsley <frazer.carsley@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-07-22 13:56:41 +01:00
Jon Mason a9b75c7e20 arm/arch-armv*: Add basic tunes for newly added ARM ISAs
Add some basic tunes for the newly added Arm architectures in GCC.
These will need to be further fleshed out before submitting this to OE
Core, but should be sufficient to use for machines that need them in the
interim.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-14 10:00:03 -04:00
Mariam Elshakfy acb62de3a7 arm/optee: Backport fix for CVE-2025-46733
This CVE is fixed in optee 4.7, so backport for 4.6
For optee-ftpm, the change is submitted right after
the 4.6 tag, so update the SHA instead of holding an
out-of-tree patch.

Signed-off-by: Mariam Elshakfy <mariam.elshakfy@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-14 09:00:04 -04:00
Mariam Elshakfy 2987114521 arm/optee-ftpm: Switch to new fTPM TA fork
Use Linaro's optee-ftpm fork instead of historical sample in
Microsoft's TPM reference.

Signed-off-by: Mariam Elshakfy <mariam.elshakfy@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-14 09:00:04 -04:00
Ross Burton ad117a2733 arm/ts-psa-iat-api-test: fix path to QCBOR
This recipe has a second copy of QCBOR in SRC_URI, correct the reference
to its location in EXTRA_OECMAKE to fix builds with network isolation.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-07 15:00:04 -04:00
Ross Burton e8fb49cdf9 arm/trusted-services: use UNPACKDIR instead of WORKDIR/sources/
Use UNPACKDIR directly instead of constructing it manually from WORKDIR.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-07 15:00:04 -04:00
Ross Burton 60a1bbad34 arm/trusted-services: fix CMAKE_FIND_ROOT_PATH
The sources are not under WORKDIR/git, use UNPACKDIR.

Also use B instead of WORKDIR/build in case B changes.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-07 15:00:04 -04:00
Ross Burton 35f621e452 arm/trusted-services: set DEBUG_PREFIX_MAP correctly with UNPACKDIR
The sources are not under WORKDIR/git anymore, use UNPACKDIR. This
most likely isn't entirely correct but does remove build paths from the
binaries.

Also use TARGET_DBGSRC_DIR instead of constructing the target path
manually.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-07 15:00:04 -04:00
Ross Burton df552ede94 CI: don't force testimage in fvp-base-ts
The caller should (and does) use ci/testimage.yml explicitly instead.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-07-07 15:00:04 -04:00
Clément Faure 54cb65ca03 arm/optee: remove 4.4.0
Remove optee 4.4.0 recipes.

Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-28 13:29:57 -04:00
Clément Faure 5f8b0d44c8 arm/optee: remove 4.3.0
Remove optee 4.3.0 recipes.

Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-28 13:29:57 -04:00
Clement Faure d782eeeae4 arm-bsp/optee-os: corstone-1000: upgrade to 4.6.0
Add recipes for OP-TEE v4.6.0
Upgrade Corstone-1000 OP-TEE revision from 4.4.0 to 4.6.0
Add patch to fix compilation issue with musl and optee-test 4.6.0.

Signed-off-by: Clement Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-28 13:29:57 -04:00
Jon Mason eea748608c arm: WORKDIR fixes
Upstream has removed the need for setting S to WORKDIR, and is throwing
an error if still doing so.  Make the necessary changes.

From the upstream commit, much of the changes where made via:
  sed -i "/^S = \"\${WORKDIR}\/git\"/d" `find . -name *.bb -o -name *.inc -o -name *.bbclass`
  sed -i "s/^S = \"\${WORKDIR}\//S = \"\${UNPACKDIR}\//g" `find . -name *.bb -o -name *.inc -o -name *.bbclass`

Suggested-by: Marcin Juszkiewicz <marcin-oe@juszkiewicz.com.pl>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-28 11:03:40 -04:00
Jon Mason bb60348450 arm-bsp/sbsa-ref: modify network device and pflash for runqemu
The network device and pflash can be modified to more correctly emulate
an actual system.

Suggested-by: Marcin Juszkiewicz <marcin-oe@juszkiewicz.com.pl>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-23 09:17:58 -04:00
Yogesh Wani d91c6d7148 arm/trusted-firmware-m: Remove duplicate config in the cmake file.
The PS_NUM_ASSET is duplicated in the cmake.config and the config_tfm_target.h file
under Corstone-1000. The commit removes the one from the cmake.config and keeps the
one in the header file.

The whole rationale behind this is for the vendor to be able to override the
configuration using the cmake file.

Signed-off-by: Yogesh Wani <yogesh.wani@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-23 09:16:59 -04:00
Jon Mason 43d136216d arm-bsp/trusted-firmware-a: fvp-base prepend fixes
FILESEXTRAPATHS that have a prepend should have a trailing ':' to allow
for the follow-on modifications to the string.  Add it here where
necessary.

Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-21 09:44:14 -04:00
Jon Mason 33895ff71c Add whinlatter to compatible layers
whinlatter is the next release, add it as a compatible layer

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-21 09:44:14 -04:00
Hugues KAMBA MPIANA bf3cdf7d52 arm-bsp/trusted-services: corstone1000: Re-list patch fixing PSA Crypto Suite test
The original patch was inadvertently removed by a subsequent commit.
This change restores the patch to fix failures in the PSA Crypto
Suite test on Corstone-1000.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-21 09:43:42 -04:00
Jon Mason f4438fdf71 CI: update KAS container to 4.7
Bump the KAS container to the latest version

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-16 12:00:04 -04:00
Jon Mason acd1d70123 arm-systemready/ir-acs: Update URL
The github URL where the image was located has gone away on the master
branch.  Update the URL to point to the legacy branch, which should stay
around (according to the documentation).

Fixes: aebe535aa8 ("arm-systemready: Introduce the Arm SystemReady layer")
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-16 10:00:05 -04:00
Hugues KAMBA MPIANA b52b4b7c4b arm-bsp/documentation: corstone1000: Amend for CORSTONE1000-2025.05
* Update software component recipe references
* Update Yocto Project release name
* Update Corstone-1000 release name
* Update release note
* Various other improvements

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-16 02:00:07 -04:00
Hugues KAMBA MPIANA d8a93ac113 arm-bsp/trusted-services: corstone1000: Update PSA Crypto patch status to Backport
Modify the upstream status of the patch to align a PSA crypto struct with
TF-M from Pending to Backport as it is included in TS v1.2.0 release candidate.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-16 02:00:04 -04:00
Ross Burton 043d8c94f5 arm/edk2-firmware: localize BUILD_CC assignments
BUILD_CC and friends are only needed for the build of BaseTools, so move
the assignments to that specific make call.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-13 09:00:03 -04:00
Jon Mason 6fad8cc833 arm/trusted-services: use zero padding for unions
GCC15 changed the behavior with how unions are initalized, which is
causing an issue with mbedtls in TS.  Change the behavior to the
previous way of doing things until the fix has been released.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-12 10:00:05 -04:00
Jon Mason 4070798969 CI/fvp-base-ts: append the testcases
The test cases for fvp-base will not fully run because the trusted
servies ones are the only ones (instead of being appended to the list).
Correcting this issue so that all the tests can be run.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-12 10:00:05 -04:00
Jon Mason 5c8910e8c1 arm/edk2-firmware: update to 202505
Update to the latest version of edk2-firmware.  The sgi issue has been
corrected upstream, so the patch can now be dropped.  Also, no longer
seeing the RELEASE issue on qemuarm/qemuarm64, and removing that
workaround.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-11 12:12:26 -04:00
Jon Mason 2705f2dc2d arm/sbsa-acs: update to 7.2.2
Update to the latest version of SBSA ACS.  Since 7.1.4, BSA things were
put in a separate git repo and it now has a dependency on that.

Also, address an issue with BSA, GCC15, and incompatible pointer type
errors.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-10 17:14:59 -04:00
Jon Mason 31549c12d2 CI: update sstate-mirror.yml
The Yocto project changed the server name for sstate, though the
previous one does still appear to work.  Update here to the one matching
the YP documentation.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-09 11:00:03 -04:00
Clément Faure ee74646ce8 arm-bsp/trusted-firmware-a: corstone1000: remove TF-A 2.11.0 recipe
Remove TF-A 2.11.0 Yocto recipe.
Remove patches that are now upstreamed in TF-A 2.12

Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-06 11:39:08 -04:00
Clément Faure da4ea26f60 arm-bsp/trusted-firmware-a: corstone1000: Upgrade TF-A to 2.12.1
Upgrade trusted-firmware-a to 2.12.1 for Corstone-1000
When GENERATE_COT is enabled, use the Yocto dependency cot-dt2c instead
of installing it with Poetry.

Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-06 11:39:08 -04:00
Clément Faure 6478eca548 arm/tf-a-tests: fix header guard compilation warning
Backport patch to fix the following compilation issue:

| In file included from tftf/tests/runtime_services/realm_payload/host_realm_payload_simd_tests.c:21:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
|     6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
|     7 | #define HOST_REALM_COMMON_h
| In file included from tftf/tests/runtime_services/realm_payload/host_realm_simd_common.c:13:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
|     6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
|     7 | #define HOST_REALM_COMMON_h
|   CC      tftf/tests/runtime_services/secure_service/spm_test_helpers.c
| In file included from tftf/tests/runtime_services/realm_payload/host_realm_spm.c:20:
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:6: error: header guard 'HOST_REALM_COMMON_H' followed by '#define' of a different macro [-Werror=header-guard]
|     6 | #ifndef HOST_REALM_COMMON_H
| tftf/tests/runtime_services/realm_payload/host_realm_simd_common.h:7: note: 'HOST_REALM_COMMON_h' is defined here; did you mean 'HOST_REALM_COMMON_H'?
|     7 | #define HOST_REALM_COMMON_h
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_simd_common.o] Error 1
| make: *** Waiting for unfinished jobs....
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_spm.o] Error 1
| cc1: all warnings being treated as errors
| make: *** [Makefile:605: workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/build/corstone1000/release/tftf/host_realm_payload_simd_tests.o] Error 1
| make: Leaving directory 'workspace/corstone1000/build/tmp/work/cortexa35-poky-linux-musl/tf-a-tests/2.12.0/git'

Signed-off-by: Clément Faure <clement.faure@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-06 11:39:08 -04:00
Jon Mason 8a11dd3a16 arm/trusted-firmware-a: add 2.13.0 support
Add recipe for the latest version of TF-A, which needs a newer version
of mbedtls as well.  The license checksum updated due to hob code being
imported from edk2, which is BSD 2 Clause, which is already in the
license field for the recipe.

Updating the git recipe to use the latest version, and keeping LTS
versions.

sgi575 was removed from 2.13.0.  So, pointing that to 2.12

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-04 10:40:36 -04:00
Jon Mason b4ece023fb arm/trusted-firmware-a: update 2.12 lts
Update the TF-A 2.12 LTS recipes to the latest versions, which are
2.12.3.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-04 10:40:36 -04:00
Jon Mason 1250d00074 arm/trusted-firmware-a: update 2.10 lts
Update the TF-A 2.10 LTS recipes to the latest versions, which are
2.10.17 and 2.10.15 for the tests.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-06-04 10:40:36 -04:00
Jon Mason ab10c047f9 arm-bsp/corstone1000: white space clean-up
Seeing the following warnings:
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/conf/machine/include/corstone1000.inc:72 has a lack of whitespace around the assignment: 'SMMGW_AUTH_VAR="1"'
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/conf/machine/include/corstone1000.inc:74 has a lack of whitespace around the assignment: 'SMMGW_INTERNAL_CRYPTO="1"'

Add the necessary white space to address the issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-22 14:08:51 -04:00
Jon Mason 2e5a5dd3fe arm/trusted-services: white space clean-up
Seeing warnings of:
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/libpsats_git.bb: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/libpsats_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/libpsats/${TS_ENV}"'
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/ts-sp-logging_git.bb: /builds/jonmason00/meta-arm/work/build/../../meta-arm/recipes-security/trusted-services/ts-sp-logging_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/logging/config/${TS_SP_LOGGING_CONFIG}-${TS_ENV}"'

Clean-up the white space to address the issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-22 13:14:45 -04:00
Ross Burton fe6aa835ef Revert "CI: use walnascar branches"
This switches CI back to using the master branches.

Currently there are two known failures:
- sbsa-ref
- perf on musl

This reverts commit e0c1f0f94a.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-22 09:16:23 -04:00
Ross Burton 9ee6fc270b CI: don't save all task logs on every build
We currently archive all of the task logs on every job, but this ends up
being between 2-10MB per job and our pipelines have ~100 jobs.

To save space and time, change the log collection to only happen if the
job fails, and explicitly expire them after a week.

This reverts meta-arm 60abe46, but in two years we've not really needed
successful logs, and they can be easily toggled back on if needed in a
branch.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-21 13:12:28 -04:00
Bence Balogh c65c325819 arm-bsp/trusted-services: pass MM_COMM_BUFFER_SIZE to the libts build
The libts deployment expects the MM Communication buffer size to be
provided using the "MM_COMM_BUFFER_SIZE" variable.
Previously the default value which is set in the [1] was not overridden
here in the recipe because of this.

The size of the MM Communication buffers are not changed in this
commit, the page size is 0x1000.

[1] https://git.trustedfirmware.org/plugins/gitiles/TS/trusted-services.git/+/refs/tags/v1.1.0/deployments/libts/arm-linux/CMakeLists.txt#24

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Bence Balogh 2efe72141c arm-bsp/trusted-services: corstone1000: revert features that conflict with capsule update
Three commits had to be removed in order to make the inappropriate
capsule update implementation work with the new Trusted Services
version.

The "Make variable index usage robust with redundancy" commit needs to
be reverted because the FMP support only works if the
SMM_VARIABLE_INDEX_STORAGE_UID is 0x787.

The "Load and store UEFI variable index in chunks" commit needs to
be reverted because the optional create() and set_extended() APIs are
not supported for Corstone-1000.

The "Make constraints of NV UEFI variables persistent" commit needs to
be reverted because the FMP support is not compatible with these
changes.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing 6d4170bd1d arm-bsp/trusted-services: corstone1000: rebase patches
The patches needed rebasing to the latest Trusted Services version so
they can be applied cleanly.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing ca9e119083 arm/trusted-services: enable the logging SP
The logging service provides an SPMC agonistic to create log messages.
The current version will simply dump the incoming log messages to a
setial line. Future versions could provide access to log messages from
the NWd, could encrypt the essages and perform more efficient when
logging large messages.

This change enables the logging SP on the fvp_base platform. All log
messages made by SPs after the boot phase will be sent to UART3.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing bb741b21e0 base-fvp: enable branch protection in firmware
Introduce a new machine feature called "arm-branch-protection". When set
TF-A, optee and Trusted Services SPs will be configured to enable PAC
and BTI. In addition the fvp-is configured to emulate arm-v8.5 and
PAC+BTI.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing ee46a41578 arm/trusted-services: simplify SmmGW configuration
Bound Authenticated Variable configuration related settings to yocto
variables. The aim is easier configuration by hiding SmmGW build system
internals at the yocto recipe level.

For details please see documentation/trusted-services.md

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing 4884f787a2 arm/trusted-services: add libpsats recipe
TS upstream introduced a new library which carries PSA clients. This
library is to be used by linux user-space applications interfacing to
PSA providers running in the SWd.

Modify dependee to use the new library.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing b1cd63a320 arm/trusted-services: drop newlib
Trusted Services introduced its own libc implementation and has no
dependency on newlib anymore. Remove TS specific newlib recipes and
patch files.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Gyorgy Szing 3bcd88c8cf arm/trusted-services: update to newer version
Bump the TS SHA to latest integration.
Set the version of TS dependencies as required.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 14:00:05 -04:00
Ross Burton c550fef75d arm/execstack: remove, no longer needed
This is no longer needed by the FVP recipes.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 13:00:05 -04:00
Ross Burton c9f712b081 arm/fvp-base-a-aem: upgrade to 11.29.27
Notably, this fixes the need for an executable stack.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-20 13:00:05 -04:00
Jon Mason 1fbcf4b7ff arm/trusted-firmware-m: add development git recipe
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-13 10:00:05 -04:00
Jon Mason 32e30f7d80 arm/trusted-firmware-m: add 2.2.0 recipe
New version moved from integrated version of t_cose to upstream git
tree.  Doing so necessitates adding a path to the build command, which
is only being done in the 2.2.0 src inc file to prevent any potential
issues with older versions that might be using the
trusted-firmware-m.inc file.  t_cose is using BSD, so no need to modify
the recipe licenses.

Also, the 3.6.3 tagged SHA for mbedtls (specified in the 2.2 tf-m
source) is broken.  It references an non-existent SHA for
mbedtls-framework, which is corrected in the mbedtls-3.6 branch 2
commits later.  Using that corrected commit to work around that issue.

Keeping 2.1.1 around as it is the LTS.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-13 10:00:05 -04:00
Ali Can Ozaslan d7a8b463ba arm-bsp/trusted-services: corstone1000: Align PSA crypto structs with TF-M
The TF-M was upgraded to v2.1.1 for the Corstone-1000. The TS had to be
aligned with it, to keep the Secure Enclave Proxy Secure Partition
compatible with TF-M.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-12 13:23:22 -04:00
Denys Dmytriyenko 06047003c5 optee-test: make -Werror conditional and disabled by default
Unfortunately, new gcc-15 nonstring attribute has just recently been
merged to clang and hasn't made into a release yet - will be part of
clang-21.

For now backport the commit making -Werror conditional and disabled
by default.

Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-05-09 10:26:36 -04:00
Bence Balogh 3d3b28ee73 arm/classes/tfm_sign_image: Update script so different keys can be used
The tfm_sign_image.bbclass was updated so now the used signing key is
passed by the caller. This is needed because there can be cases where
different images have to be signed with different keys.

If no key is passed to the script, then use a default one to keep the
backward compatibility.

Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-30 08:00:07 -04:00
Mohammed Javith Akthar M 6853055725 docs/runfvp: add FVP_BINDIR configuration information
Related commit information is given below for reference.

[1/1] arm/classes: add support to configure fvp-bindir
      commit: 42390742b1

Signed-off-by: Mohammed Javith Akthar M <mohammedjavitham@ami.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-24 03:00:05 -04:00
Ross Burton e0c1f0f94a CI: use walnascar branches
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-04-23 11:41:23 -04:00
Jon Mason 62cb568a65 CI: add spaces to TS_ENV
Seeing the warning:
  lack of whitespace around the assignment: 'TS_ENV="sp"'

Add the spaces to address the issue

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:20 -04:00
Jon Mason 3124feab66 arm/tclibc: add spaces after TCLIBC
Seeing the warning:
  lack of whitespace around the assignment: 'TCLIBC="musl"'

Add spaces to address the issue

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:19 -04:00
Jon Mason ece994e08b arm-bsp/external-system: correct whitespace warning
Seeing the following warning:
WARNING: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb: /builds/jonmason00/meta-arm/work/build/../../meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb:6 has a lack of whitespace around the assignment: 'INHIBIT_DEFAULT_DEPS="1"'

Adding spaces addresses the issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:19 -04:00
Jon Mason 7e85e2354d arm/python3-pydevicetree: update to 0.0.13
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:15 -04:00
Jon Mason a842ad2a12 arm/scp-firmware: update to 2.16.0
Update SCP to the latest tagged version, and update the related patch to
the new location of the relevant files.

For a comparison of the changes, please go to
https://git.gitlab.arm.com/firmware/SCP-firmware/-/compare/v2.15.0...v2.16.0

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:15 -04:00
Jon Mason 757b8e89bd arm/execstack: correct broken version
`devtool check-upgrade-status` reports the new version as "20151030.",
which is the last tagged release.  Given that there are a number of
commits since that tag and the tree doesn't appear to be using tagged
released, treat this as a git tree and check the updates appropriately.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:07 -04:00
Jon Mason 3e7926598d arm/trusted-services: correct broken git versions
Add UPSTREAM_VERSION_UNKNOWN to avoid the "UNKNOWN_BORKEN" when running
`devtool check-upgrade-status`

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:07 -04:00
Jon Mason 4f343a1d07 arm/trusted-firmware-a: correct broken git version
Add UPSTREAM_VERSION_UNKNOWN to avoid the "UNKNOWN_BORKEN" when running
`devtool check-upgrade-status`

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:07 -04:00
Jon Mason 8b73456f13 arm/fvps: correct broken versions
With the change to webpages for the FVPs, it is not possible to detect
new versions anymore.  Add UPSTREAM_VERSION_UNKNOWN to avoid the
"UNKNOWN_BORKEN" when running `devtool check-upgrade-status`

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-18 10:00:07 -04:00
Mohammed Javith Akthar M 42390742b1 arm/classes: add support to configure fvp-bindir
Currently, fvp-bindir is configured to use the build path. This commit
allows customization of this path by defining a new variable FVP_BINDIR
in fvpconf. This change enables the runfvp script to execute without
BitBake initialization.

Testing:
- Tested using OpenBMC FVP build.
- Defined FVP_BINDIR variable with a custom path in fvp-config.inc and
observed the changes after the build.

Before changes:
$ jq . ~/openbmc/build/fvp/tmp/deploy/images/fvp/obmc-phosphor-image-fvp.fvpconf | grep
fvp-bindir
  "fvp-bindir": "/home/javith/build/openbmc/build/fvp/tmp/sysroots
-components/x86_64/fvp-base-a-aem-native/usr/bin",

After changes:
$ jq . ~/openbmc/build/fvp/tmp/deploy/images/fvp/obmc-phosphor-image-fvp.fvpconf | grep
fvp-bindir
  "fvp-bindir": "utilities/fvp/usr/bin",

Signed-off-by: Mohammed Javith Akthar M <mohammedjavitham@ami.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-17 09:57:09 -04:00
Jon Mason ca5c51e25c arm/edk2-firmware: remove qemuarm64-secureboot
edk2 isn't booting on qemuarm64-secureboot, and hasn't for some time.
Also, it's not being tested as part of CI.  Remove until it is working
again.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-11 09:37:38 -04:00
Jon Mason 69121ff4e5 arm/edk2-firmware: update to 202502
Update to the latest tagged version of edk2-firmware.  This requires
rebasing the sbsa-acs patches.  Also, sgi575 works with the latest
version but requires a patch to compile cleanly.

There is an issue with qemuarm/qemuarm64 where the boot device is not
found in edk2 if 'RELEASE' is set as the build mode.  Temporarily
changing that to DEBUG while the issue is being worked on (in
https://github.com/tianocore/edk2/issues/10942).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-11 09:37:38 -04:00
Jon Mason ce4c7f6661 arm/edk2-firmware: add version to be printed out
Currently, the version number is not being specified, which is causing
the version to be printed as an empty string.  Such as:
    UEFI firmware (version  built at 00:50:36 on Feb 21 2025)
and
    Tianocore/EDK2 firmware version

Add the package version as the version to be printed out, which results
in:
    UEFI firmware (version 202502 built at 00:50:36 on Feb 21 2025)
and
    Tianocore/EDK2 firmware version 202502

An intermediate variable was used instead of PV to allow for the
variable to be overridden if necessary.

Also, minor white space clean-up to match the style in the rest of the
file.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-11 09:37:38 -04:00
Richard Purdie ca97d0fcec classes/tfm_sign_image: Fix assignment whitespace
Fix whitespace to avoid a warning with newer bitbake.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-11 06:00:04 -04:00
Yogesh Wani 385450558e arm-bsp/documentation: corstone1000: Fix typos in the documentation
The Corstone-1000 read the docs had some small typos in the
Design Overview section. Commit addresses these.

Copyright information now updated.

Signed-off-by: Yogesh Wani <yogesh.wani@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-09 05:00:04 -04:00
Gergely Kovacs 79eb13dd05 arm/trusted-firmware-a: remove optee-os dependency from tests
The TF-A tests should not depend on OPTEE-OS

Signed-off-by: Gergely Kovacs <Gergely.Kovacs2@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-08 06:00:05 -04:00
Ross Burton 1d119f24f9 arm/fvp-base-a-aem: remove spurious executable stack from one library
There are some objects in the FVP binary that are assembler source and
fail to declare what permissions the stack needs to have, so GCC falls
back to assuming that the final binary needs an executable stack.

glibc 2.41 (as now used in uninative) introduces changes here[1]: whether
to have an executable stack or not when the binary doesn't specify a
need (defaults to executable, but this is a tunable), and any binaries
that are dlopen()ed that require an executable stack will fail.

Thus, some FVPs on some platforms (notable, fvp-base-a-aem on x86-64)
now fail on startup:

  libarmctmodel.so: cannot enable executable stack as shared object requires: Invalid argument

Luckily the solution here is to simply clear the executable bit, as
an executable stack is not actually needed.  Until a new release of the
FVP is made we can fix the binary in our package using execstack.

[1] https://lists.gnu.org/archive/html/info-gnu/2025-01/msg00014.html

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-04 13:55:24 -04:00
Ross Burton b19f24bd0a arm/execstack-native: add new recipe
Add a recipe for the execstack binary from prelink-cross. This tool is
used to manipulate the GNU_STACK segment in ELF binaries, specifically
to control whether the binary requests an executable stack or not.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-04 13:55:24 -04:00
Martin Jansa 5a55c4aaf9 metadata: add whitespace around assignments
With:
https://lists.openembedded.org/g/bitbake-devel/message/17508
there are WARNINGs like:

WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb:3 has a lack of whitespace around the assignment: 'SP_INDEX="1"'
WARNING: meta-arm/meta-arm-toolchain/recipes-devtools/external-arm-toolchain/gcc-aarch64-none-elf_13.3.rel1.bb: meta-arm/meta-arm-toolchain/recipes-devtools/external-arm-toolchain/arm-binary-toolchain.inc:31 has a lack of whitespace around the assignment: 'SKIP_FILEDEPS="1"'
WARNING: meta-arm/meta-arm-toolchain/recipes-devtools/external-arm-toolchain/gcc-arm-none-eabi_13.3.rel1.bb: meta-arm/meta-arm-toolchain/recipes-devtools/external-arm-toolchain/arm-binary-toolchain.inc:31 has a lack of whitespace around the assignment: 'SKIP_FILEDEPS="1"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/tf-a-tests_2.10.3.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/tf-a-tests_2.10.3.bb:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/tf-a-tests_2.12.0.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/tf-a-tests_2.12.0.bb:38 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.12.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc:80 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.12.1.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc:80 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_git.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc:80 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.1.1.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m.inc:89 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-bsp/trusted-firmware-rmm/trusted-firmware-rmm_0.6.0.bb: meta-arm/meta-arm/recipes-bsp/trusted-firmware-rmm/trusted-firmware-rmm_0.6.0.bb:34 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-devtools/fvp/fvp-base-a-aem_11.28.23.bb: meta-arm/meta-arm/recipes-devtools/fvp/fvp-common.inc:42 has a lack of whitespace around the assignment: 'PV_URL_SHORT="${@get_fm_short_pv_url(d)}"'
WARNING: meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb: meta-arm/meta-arm/recipes-devtools/fvp/fvp-common.inc:42 has a lack of whitespace around the assignment: 'PV_URL_SHORT="${@get_fm_short_pv_url(d)}"'
WARNING: meta-arm/meta-arm/recipes-devtools/fvp/fvp-library.bb: meta-arm/meta-arm/recipes-devtools/fvp/fvp-common.inc:42 has a lack of whitespace around the assignment: 'PV_URL_SHORT="${@get_fm_short_pv_url(d)}"'
WARNING: meta-arm/meta-arm/recipes-devtools/fvp/fvp-n1-edge.bb: meta-arm/meta-arm/recipes-devtools/fvp/fvp-common.inc:42 has a lack of whitespace around the assignment: 'PV_URL_SHORT="${@get_fm_short_pv_url(d)}"'
WARNING: meta-arm/meta-arm/recipes-devtools/fvp/fvp-sgi575.bb: meta-arm/meta-arm/recipes-devtools/fvp/fvp-common.inc:42 has a lack of whitespace around the assignment: 'PV_URL_SHORT="${@get_fm_short_pv_url(d)}"'
WARNING: meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb: meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb:21 has a lack of whitespace around the assignment: 'FTPM_UUID="bc50d971-d4c9-42c4-82cb-343fb7f37896"'
WARNING: meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb: meta-arm/meta-arm/recipes-security/optee-ftpm/optee-ftpm_git.bb:53 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-examples_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee/optee.inc:34 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-os-tadevkit_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee/optee.inc:34 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-os_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee-ftpm/optee-os_%.bbappend:1 has a lack of whitespace around the assignment: 'FTPM_UUID="bc50d971-d4c9-42c4-82cb-343fb7f37896"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-os_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee/optee-os-ts.inc:11 has a lack of whitespace around the assignment: 'TS_BIN_SPM_TEST= "${RECIPE_SYSROOT}/usr/opteesp/bin"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-os_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee/optee.inc:34 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-security/optee/optee-test_4.3.0.bb: meta-arm/meta-arm/recipes-security/optee/optee.inc:34 has a lack of whitespace around the assignment: 'export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb:12 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/libts/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-demo_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-demo_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-demo_git.bb:13 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/ts-demo/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-iat-api-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-its-api-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-ps-api-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-remote-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-service-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-attestation_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-attestation_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-attestation_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/attestation/config/${TS_SP_IAT_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-attestation_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-block-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-block-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-block-storage_git.bb:13 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/block-storage/config/${TS_SP_BLOCK_STORAGE_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-block-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-crypto_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-crypto_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-crypto_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-crypto_git.bb:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/crypto/config/${TS_SP_CRYPTO_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-fwu_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-fwu_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-fwu_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-fwu_git.bb:14 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/fwu/config/${TS_SP_FWU_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-its_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-its_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-its_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-its_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/internal-trusted-storage/config/${TS_SP_ITS_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/se-proxy/config/${TS_SP_SE_PROXY_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/smm-gateway/config/${TS_SP_SMM_GATEWAY_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test-common.inc:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/spm-test${SP_INDEX}/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test1_git.bb:3 has a lack of whitespace around the assignment: 'SP_INDEX="1"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test2_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test2_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test2_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test-common.inc:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/spm-test${SP_INDEX}/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test2_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test2_git.bb:3 has a lack of whitespace around the assignment: 'SP_INDEX="2"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test3_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test3_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test3_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test-common.inc:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/spm-test${SP_INDEX}/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test3_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test3_git.bb:3 has a lack of whitespace around the assignment: 'SP_INDEX="3"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test4_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test4_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test4_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test-common.inc:10 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/spm-test${SP_INDEX}/${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test4_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-spm-test4_git.bb:3 has a lack of whitespace around the assignment: 'SP_INDEX="4"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-common.inc:42 has a lack of whitespace around the assignment: 'OECMAKE_ARGS:remove="-DCMAKE_TOOLCHAIN_FILE:FILEPATH=${WORKDIR}/toolchain.cmake"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-storage_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-storage_git.bb:8 has a lack of whitespace around the assignment: 'OECMAKE_SOURCEPATH="${S}/deployments/protected-storage/config/${TS_SP_PS_CONFIG}-${TS_ENV}"'
WARNING: meta-arm/meta-arm/recipes-security/trusted-services/ts-uefi-test_git.bb: meta-arm/meta-arm/recipes-security/trusted-services/trusted-services.inc:37 has a lack of whitespace around the assignment: 'export CROSS_COMPILE="${TARGET_PREFIX}"'

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-04 06:00:04 -04:00
Mikko Rapeli 7fca237eab trusted-firmware-a: set mbedtls git branch with SRCBRANCH_MBEDTLS
Enables building latest bleeding edge tf-a and mbedtls with
local.conf setup:

INHERIT += "poky-bleeding"
POKY_AUTOREV_RECIPES += "trusted-firmware-a"

SRCREV_mbedtls:pn-trusted-firmware-a = "AUTOINC"
SRCREV_tfa:pn-trusted-firmware-a = "AUTOINC"
SRCBRANCH:pn-trusted-firmware-a = "master"
SRCBRANCH_MBEDTLS:pn-trusted-firmware-a = "master"
LIC_FILES_CHKSUM:pn-trusted-firmware-a = "file://docs/license.rst;md5=1118e32884721c0be33267bd7ae11130"
BBMASK += "meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.12.bb"
BBMASK += "meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.11.0.bb"

This includes workarounds for poky-bleeding.bbclass which doesn't
work with multiple SRCREV variables, masking away
tf-a 2.10 and 2.11 recipes which cause recipe parsing problems
and only one recipe needed to build latest upstream master
branch to avoid 503 error codes from remote git server.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-04 05:00:04 -04:00
Gyorgy Szing 595cb0f1a0 arm/trusted-services: fix udev management in libts
- Change libts to stop making udev related configuration if optee-client
  is deployed to the target to avoid conflicts.
- Remove the executable permission from installed tee-udev.rules file.
- Remove teepriv device from udev file as this device is op-tee specific.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Gyorgy Szing 158ce8e566 optee-client: use the same tee group as libts
Change optee-client to use the same bitbake variable to configure the
group name used for controlling access to /dev/tee* devices on the
target. The aim is to simplify system configuration by aligning the
two recipes.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Gyorgy Szing 516eb0672f optee-client: drop privileges of tee-supplicant
Stop the tee-supplicant being run with root privileges when the system
is not using systemd.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Gyorgy Szing 91cacb6332 optee-client: fix udev and systemd handling
Eliminate the systemd specific install content fix-up commands appended
to do_install.
  - patch optee-client to allow controlling installation of systemd and
    udev specific configuration files.
  - pass driver group names to optee-client build

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Gyorgy Szing 2ec60ece8d optee-os: add v4.4
Add recipes to allow building OP-TEE v4.4. This is the first version
carrying an SPMC implementation which supports branch protection.

Update corstone1000:
  - to use the new op-tee version
  - `CFG_TZDRAM_SIZE` is increased further from `0x340000` to `0x360000`
     as version 4.4.0 of OP-TEE OS requires more memory

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>

optee-os: corestone1000: udpate to op-tee v4.4

Update OP-TEE version and add a patch to increase TZDRAM size to add
more memory to OP-TEE.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Mikko Rapeli 94596e0fae optee-client: use udev rule and systemd service from upstream
Use backported upstream patch for udev rule and systemd service file.
sysvinit script is still used from meta-arm. Don't install systemd
service without systemd distro feature, other way round for
sysvinit script.

tee-supplicant started by systemd service runs as non-root teesuppl
user with teepriv group. sysvinit still runs as root since busybox
start-stop-daemon doesn't support -g group parameter and -u teesuppl
doesn't seem to change the effective user.

udev rules allow non-root /dev/tee* access from tee and
/dev/teepriv* access from teepriv groups.

Tested sysvinit changes with:

$ kas build ci/qemuarm64-secureboot.yml:ci/poky.yml:ci/testimage.yml

and systemd changes with:

$ kas build ci/qemuarm64-secureboot.yml:ci/poky.yml:ci/testimage.yml:ci/uefi-secureboot.yml

Cc: tom.hochstein@nxp.com
Cc: sahil.malhotra@nxp.com
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-02 11:00:04 -04:00
Mikko Rapeli 9f19b9b9a3 trusted-firmare-a: update qemu patch status
Submitted to upstream and worked through review
comments and CI issues:

https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/36514

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-01 10:42:55 -04:00
Mikko Rapeli 629fc54290 edk2-firmware: fix SOURCE_DATE_EPOCH
edk2-firmware build scripts use printenv to print SOURCE_DATE_EPOCH
but that is not in HOSTTOOLS and thus fails with configurations
which use VirtualRealTimeClockLib. Change to using SOURCE_DATE_EPOCH
environment variable directly to fix builds. I think this is OE
specific build config change but filed a bug report upstream
https://github.com/tianocore/edk2/issues/10910
since the fallback mechanism is not working.

Applying patch in 202411 recipe and not .inc since 202408 recipe
from meta-arm-bsp does not find the patch file from meta-arm
side.

[Jon Mason: corrected issues with email patch mangling for edk2]

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-01 10:41:22 -04:00
Ross Burton 2cc1cd16ab CI: dump all environment variables in update-repos
Print all of the environment variables in the update-repos task for
introspection, instead of a subset.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-01 09:25:23 -04:00
Ross Burton 9b92d080b1 CI: disable KAS_REPO_REF_DIR by default
Having local repo caches is a little fiddly to manage, and by definition
we're running CI inside GitLab which supports mirroring repositories
automatically.

As these mirrors are always available and update automatically, make
Kas reference directories opt-in and instead expect that the site is
either fine with full fetches, or is using KAS_PREMIRRORS.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-01 09:25:23 -04:00
Ross Burton c8da42d7bd CI: always save the lockfile.yml in update-repos
The update-repos job can "fail with warnings" if the reference repository
fetch fails. This is intentionally a warning as the CI may have set
KAS_PREMIRRORS and a stale cache is fine.

However, by default artifacts are only saved on successful jobs, so if
this happens the lockfile.yml isn't saved. Ensure the artifacts are
always saved so the rest of the pipeline is successful.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-04-01 09:25:23 -04:00
Jon Mason f94c002d1d arm-bsp/sgi575: add FVP support
Add FVP support to sgi575 and run a boot test as part of CI.  Networking
is not currently working and seems to require an older version of edk2
to boot the kernel.  Also, the unique files for grub and wks do not seem
to be necessary.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-28 10:00:08 -04:00
Jon Mason 3bf8bf5d4d arm/fvp: add TC3 and Neoverse v3, remove n1 edge
Add Total Compute 2023, Neoverse V3 R1, and Reference Design-1 AE FVPs.
Also, remove Neoverse N1 Edge.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-28 10:00:08 -04:00
Jon Mason 957fcca083 arm/edk2-firmware: Fix branch name variables
In the SRC_URI, the branch name variables are switched for edk2 and
edk2-platforms.  Switch them as appropriate.

Fixes: bf204866e8 ("arm: Use SRC* variables consistently")
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-28 10:00:08 -04:00
Ross Burton 49cad31d10 ci/update-repos: always pass the latest URL
Instead of assuming that the repository was created with the latest URL,
fetch the repository explicitly when fetching.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-26 15:00:07 -04:00
Ross Burton 95e4041c19 ci: show KAS_PREMIRRORS in preamble
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-26 15:00:07 -04:00
Ross Burton 69f9b2da14 ci: forward the exit code from update-repos
If update-repos fails with status 128 then that means it failed to fetch
the remote repositories.  This should result in a warning not a failure
but flock was just returning status 1.

Save the exit code and if it returns 128 continue but exit with it
later, so the lockfile generation still occurs but the job doesn't fail.

Also, only call the update-repos script if KAS_REPO_REF_DIR has been set.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-26 15:00:07 -04:00
Ross Burton 5d0fcd503b CI: use canonical git.yoctoproject.org URLs
The canonical repository URLs don't use /git/.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-26 15:00:07 -04:00
Mikko Rapeli 56c13c3648 trusted-firmware-a: move qemu patch
qemuarm64-secureboot directory in path to 0001-Add-spmc_manifest-for-qemu.patch
hides the patch from machines with different names and thus break builds
unless overrides are set to include "qemuarm64-secureboot".
Move patch to plain "files" directory to avoid build failures
and this cumbersome workaround.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-25 14:05:52 -04:00
Ross Burton 34c8608d87 arm-system-ready/arm-systemready-ir-acs: add version to download filename
The download filename wasn't versioned so multiple versions would write
to the same file on disk and conflict, causing repeated downloads and
fetch failures.

Add the PV to the filename on disk to resolve this.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-25 14:05:32 -04:00
Ross Burton c9fa84d0f7 CI: use DEFAULT_TAG as the default ACS_TAG
This stops the job being stuck if the runners will only take jobs that
have been tagged.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-25 14:05:32 -04:00
Jon Mason f78c6c0e4f arm/trusted-firmware-a: update 2.12.0 recipe to 2.12.1
Update to the lts-v2.12.1 tag.  Changes include a number of CVE fixes
and mbedtls minor version bump:
	8cf9edba5cc3 docs(changelog): changelog for lts-v2.12.1 release
	f5d048108bf3 Merge changes from topic "for-lts-v2.12.1" into lts-v2.12
	56472775f96d docs(maintainers): update LTS maintainers
	baab55315c7f docs: updates to LTS
	f00f71efc410 docs: add inital lts doc
	1a8ee82c6d77 Merge changes from topic "for-lts-v2.12.1" into lts-v2.12
	b19ce90a908c fix(rd1ae): fix rd1-ae device tree
	34f10e7d9fc7 feat(rd1ae): add Generic Timer in device tree
	551dc4c09f57 docs(rd1ae): update documentation to include BL32
	8e4240779867 feat(rd1ae): add support for OP-TEE SPMC
	8e4bb69c747e feat(mbedtls): mbedtls config update for v3.6.2
	a46d6a1320d7 docs(prerequisites): update mbedtls to version 3.6.2
	2ffe181a3982 refactor(mbedtls): rename default mbedtls confs
	3809359e2124 fix(cpus): workaround for Neoverse-V3 erratum 3701767
	4a9ff092c9b4 fix(cpus): workaround for Neoverse-N3 erratum 3699563
	7e41b706e97c fix(cpus): workaround for Neoverse-N2 erratum 3701773
	15300ac30c55 fix(cpus): workaround for Cortex-X925 erratum 3701747
	6e0efc7fe739 fix(cpus): workaround for Cortex-X4 erratum 3701758
	8299c1274617 fix(cpus): workaround for Cortex-X3 erratum 3701769
	fa6c9874485b fix(cpus): workaround for Cortex-X2 erratum 3701772
	4e78288fd2bc fix(cpus): workaround for Cortex-A725 erratum 3699564
	ae6edfd5b543 fix(cpus): workaround for Cortex-A720-AE erratum 3699562
	24526273fc50 fix(cpus): workaround for Cortex-A720 erratum 3699561
	a7b322706435 fix(cpus): workaround for Cortex-A715 erratum 3699560
	d4826882210b fix(cpus): workaround for Cortex-A710 erratum 3701772
	9d6143ec8ffb fix(cpus): workaround for accessing ICH_VMCR_EL2
	7e4bf042a0dd chore(cpus): fix incorrect header macro
	9427c061eb8d fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
	bea64fd5272d fix(security): add support in cpu_ops for CVE-2024-7881
	16b87247ed03 fix(security): add CVE-2024-7881 mitigation to Cortex-X3
	427c33bc0c0b fix(security): add CVE-2024-7881 mitigation to Neoverse-V3
	192a152448ae fix(security): add CVE-2024-7881 mitigation to Neoverse-V2
	3e4d94c43b64 fix(security): add CVE-2024-7881 mitigation to Cortex-X925
	41a52efd6f38 fix(security): add CVE-2024-7881 mitigation to Cortex-X4
	2f09b9f3c2af fix(security): enable WORKAROUND_CVE_2024_7881 build option
	70a7d3f2d030 fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
	41b64fe36f42 fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
	0b2d22097c96 fix(cpus): workaround for CVE-2024-5660 for Cortex-A77
	193370e1c6a2 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1
	d52c52a5fa8c fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE
	3bd6531a55a4 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C
	eda09acd1b22 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78
	b9766da96365 fix(cpus): workaround for CVE-2024-5660 for Cortex-X1
	6324220805b1 fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2
	6041f0723994 fix(cpus): workaround for CVE-2024-5660 for Cortex-A710
	b23f5da614e6 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2
	ef378713fa4b fix(cpus): workaround for CVE-2024-5660 for Cortex-X3
	2898088f8ba6 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3
	b8e111c72619 fix(cpus): workaround for CVE-2024-5660 for Cortex-X4
	a6f6396313ea fix(cpus): workaround for Cortex-X4 erratum 2923985
	d1c3a5d8b9d8 fix(build): do not force PLAT in plat_helpers.mk
	ea1b816b1763 chore(deps): update pytest for cot-dt2c
	65762d7b4cfc chore(deps): bump jinja2
	87f3125a0e45 chore(deps): bump jinja2 in the pip group across 1 directory
	b4530565c030 chore(deps): bump the pip group across 2 directories with 1 update
	11e5f92d3d43 build(deps): bump setuptools in the pip group across 1 directory
	850389f4acfe chore(deps): bump micromatch

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-20 12:49:21 -04:00
Jon Mason 27a88dd7bd arm/opencsd: update to v1.5.6
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-20 12:49:21 -04:00
Jon Mason b4e61d8c10 arm/edk2-firmware: update to edk2-stable202411
Update to the latest version of edk2.  Unfortunately, sbsa-ref has a
kernel warning due to the CPU topology that was added.  So, hold this
platform back to 202408 and move those recipes to meta-arm-bsp.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-20 12:49:21 -04:00
Mikko Rapeli 45daeba052 oeqa parselogs-ignores-sbsa-ref.txt: ignore screen error
It's not clear why this happens but this error is visible
in CI builds too often. Root cause needs analysis but
ignore the error for now.

https://autobuilder.yoctoproject.org/valkyrie/#/builders/75/builds/1190/steps/23/logs/stdio

Traceback (most recent call last):
  File "/srv/pokybuild/yocto-worker/meta-arm/build/meta/lib/oeqa/core/decorator/__init__.py", line 35, in wrapped_f
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "/srv/pokybuild/yocto-worker/meta-arm/build/meta/lib/oeqa/runtime/cases/parselogs.py", line 185, in test_parselogs
    self.assertEqual(errcount, 0, msg=self.msg)
AssertionError: 1 != 0 : Log: /srv/pokybuild/yocto-worker/meta-arm/build/build/tmp/work/sbsa_ref-poky-linux/core-image-sato/1.0/target_logs/Xorg.0.log
-----------------------
Central error: [   103.173] failed to find screen to remove
***********************
[   101.955] (**) QEMU QEMU USB Tablet: (accel) selected scheme none/0
[   101.955] (**) QEMU QEMU USB Tablet: (accel) acceleration factor: 2.000
[   101.958] (**) QEMU QEMU USB Tablet: (accel) acceleration threshold: 4
[   102.144] (II) event0  - QEMU QEMU USB Tablet: is tagged by udev as: Mouse
[   102.169] (II) event0  - QEMU QEMU USB Tablet: device is a pointer
[   102.228] (II) config/udev: Adding input device QEMU QEMU USB Keyboard (/dev/input/event1)
[   102.228] (**) QEMU QEMU USB Keyboard: Applying InputClass "libinput keyboard catchall"
[   102.229] (II) Using input driver 'libinput' for 'QEMU QEMU USB Keyboard'
[   102.229] (**) QEMU QEMU USB Keyboard: always reports core events
[   102.229] (**) Option "Device" "/dev/input/event1"
[   102.318] (II) event1  - QEMU QEMU USB Keyboard: is tagged by udev as: Keyboard
[   102.326] (II) event1  - QEMU QEMU USB Keyboard: device is a keyboard
[   102.345] (II) event1  - QEMU QEMU USB Keyboard: device removed
[   102.385] (**) Option "config_info" "udev:/sys/devices/platform/PNP0D10:00/usb1/1-2/1-2:1.0/0003:0627:0001.0002/input/input1/event1"
[   102.386] (II) XINPUT: Adding extended input device "QEMU QEMU USB Keyboard" (type: KEYBOARD, id 7)
[   102.519] (II) event1  - QEMU QEMU USB Keyboard: is tagged by udev as: Keyboard
[   102.527] (II) event1  - QEMU QEMU USB Keyboard: device is a keyboard
[   103.105] (II) modeset(0): Disabling kernel dirty updates, not required.
[   103.165] (II) config/udev: removing GPU device /sys/devices/pci0000:00/0000:00:01.0/drm/card0 /dev/dri/card0
[   103.173] xf86: remove device 0 /sys/devices/pci0000:00/0000:00:01.0/drm/card0
[   103.173] failed to find screen to remove
***********************
1 errors found in logs.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-20 11:00:04 -04:00
Ross Burton 00fa95aec1 CI: fix duplicate variables
I accidentally created two variables sections, resulting in our build
jobs running on very limited containers.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-03-20 11:50:21 +00:00
Ross Burton f20bd9ff62 CI: move CPU_REQUEST from .build to .setup
We were only setting the k8s CPU request in .build jobs not .setup. This
was intentional initially so that only the build jobs get more resources,
but some of the non-.build jobs are resource-heavy. For example, the
pending-updates job has to parse the entire metadata from scratch, and
that sometimes takes longer than usual when we only have two cores to
use.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-11 11:00:07 -04:00
Mikko Rapeli 53bfba8c5b optee-ftpm: support genericarm64
genericarm64 machines may have firmware with optee support
and thus also optee-ftpm may be compiled and used there.
tee-supplicant will load TAs at runtime if support is
detected.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-11 07:00:04 -04:00
Mikko Rapeli 11d3f0ad34 optee: support genericarm64
optee-client/tee-supplicant, optee-os-tadevkit and optee-test can be
compiled for genericarm64 and these detect firmware optee support at
runtime. Using qemuarm64 compatible config for them.
optee-os itself may need HW specific config for different boards
and SoCs but these components work with same config on multiple boards.
Tested on qemu and AMD kv260 with Linaro Trusted Substrate firmware
(https://gitlab.com/Linaro/trustedsubstrate/meta-ts).

Note: optee-test version in userspace and optee-os version in firmware
must match for tests to pass.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-11 07:00:04 -04:00
Ross Burton e02a77c055 CI: there's no need to run pending-updates on x86 machines
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-10 09:00:05 -04:00
Ross Burton af9375798f arm/arm-bsp/trusted-firmware-a: use main branch when fetching mbedtls
mbedtls pushes to both master and main, but main is preferred.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-10 09:00:05 -04:00
Ross Burton b6227e2962 arm-bsp/fvp-base: bump cores to to v8.5
The Pointer Authentication (PAC) instructions are part of v8.3, and BTI
(Branch Target Indentification) instructions are mandatory in v8.5.

As we want to use PAC/BTI everywhere in this BSP, bump the cores to
v8.5.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-03-06 10:40:44 -05:00
Andrew Jeffery f9f47ec15a arm/trusted-services: ts-sp-fw: Replace v2.7.0 tag with commit ID
Do so for the usual reason of avoiding network access during recipe
parsing. Occasionally parsing will stall for me as it seems connectivity
to trustedfirmware.org can be flaky.

Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-28 01:00:06 -05:00
Jon Mason 07fcd92a68 arm/boot-wrapper-aarch64: update to the latest
Update to the latest commit.
Changes in gn between 5e3760073454c72f3458805a1b7a89ecf80353cb and ac6742520ded1da30d500f74e8affe86e27cabd5
	ac6742520ded aarch64: Start Xen on Armv8-R at EL2
	ba899d1d7227 aarch64: Implement PSCI for Armv8-R
	476a0b6451d7 aarch64: Enable Armv8-R EL2 boot
	0f00cf4cb8b2 Introduce --with-bw-arch for boot-wrapper compile arch
	aafb5958eb9d Boot CPUs sequentially
	d62de19c8661 Add printing functions
	1ab497ed6c38 Simplify spin logic
	1e576e54d0a4 Unify assembly setup paths
	19ffbec99cf5 aarch32: Always enter kernel via exception return
	e8e6f797bafa aarch32: Implement cpu_init_arch()
	8745a2cd8e0a aarch32: Refactor inital entry
	77c3316737fc aarch64: Always enter kernel via exception return
	308d25f908a8 aarch64: Implement cpu_init_arch()
	4dcb17f55300 aarch64: Remove redundant EL1 entry logic
	400f0a86dcc8 Revert "configure: allow the use of bare-metal toolchains"
	1fea854771f9 configure: allow the use of bare-metal toolchains
	784feb9b0753 Makefile: suppress RWX segment warnings
	e1d7651f3c2f Makefile: rework test-dtc-option
	cd7fe8a88e82 aarch64: Enable access into RCW[S]MASK_EL1 registers from EL2 and below
	1ac203146003 aarch64: Enable access into 128 bit system registers from EL2 and below
	b13b3bdcb2a1 aarch64: Enable access into SCTLR2_ELx registers from EL2 and below
	61b84b4a1c02 aarch64: Remove TSCXT bit set from SCTLR_EL2_RESET
	3bac221638c4 configure: make --with-kernel-dir optional

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason 9da0a47d07 arm/trusted-firmware-rmm: update to 0.6.0
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason b31af92555 arm/trusted-firmware-m: update to v2.1.1
Update trusted-firmware-m to the latest LTS (TF-Mv2.1.1)
Changes between 0c4c99ba33b3e66deea070e149279278dc7647f4 and 02bf279913439a07082dd581df033f370a8fbb92
	02bf27991343 docs: Release notes for v2.1.1
	7264a32e84a0 docs: rp2350: Minor docs & script improvements
	4bad159af017 Docs: Release dates update
	a5e02ec0c6a2 Align .gitignore contents to main branch
	8fe944a652f5 Platform: RP2350: Fix NV counters in ITS
	66bc1fa8eed9 Build: Fix patch formatting for 0001-iar-Add-missing-v8.1m-check.patch
	895d44a4eb52 Platform: RP2350: Add NV counters to ITS
	e81b741aa6cc tf-m-tests: Step version for rp2350 psa-arch-tests
	2be65a027c86 Platform: rp2350: Add rwx linker flag conditionally for GNUARM
	a85425417696 Platform: RP2350: Add RP2350 porting
	9ed2e7c7f52b Platform/TFM/ITS/Config: Commits required for new platform porting
	f12db7c872d5 cc3xx/low-level/pka: SRAM size depends on CC3XX version
	c7e0192fab6f cc3xx/low-level/hash: wait for hash engine to be idle
	42a4041bdff4 Crypto: Update to Mbed TLS 3.6.2
	471c127e7755 Crypto: Add option to enforce ABI compatibility
	7da71fd05445 tfm_spe_mailbox: Fix NULL pointer checks
	974bc101e0b2 cc3xx/low-level/pka: wait for sw reset to be done before proceeding
	89b9c4889c60 Crypto: Enforce MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS on Mbed TLS config
	62b1300557c5 Crypto: Additional checks for writes to avoid out-of-bound access
	a2cead6a9ef4 tfm_spe_mailbox: Use local vars for local_copy_vects
	15afe61d1194 TFMV-8: Fix unchecked user-supplied pointer via mailbox message
	22e8e89c8f56 tfm_spe_mailbox: Do not write-back on input vectors checks failure
	12a4c5342965 tfm_spe_mailbox: Validate vectors from NSPE
	75bbe3fc0240 CC3XX: Relax assert condition in aead_crypt for input
	0db7ebf32ba3 Crypto: Protect writes to avoid out-of-bound access
	2ecea430fbb4 Crypto: Prevent the scratch allocator from overflowing
	fbcdc69b794d SPM: mailbox_agent_api: Free connection if params association fails
	2a59580b5809 Crypto: Update to Mbed TLS 3.6.1
	6a54ec89f22f Platform: STM32: script all_stm_platfrom
	66596b4dae57 Platform: corstone1000: Fix isolation L2 memory protection
	7045675209ca stm : fix error on b_u585i_iot02a with TF-Mv2.1.0

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason 55b41af673 arm/trusted-firmware-a: update the LTS to v2.10.12
Update trusted-firmware-a to lts-v2.10.12
Changes between 7e63213601425c7a6d83e47dc936b264deb9df2b and 408ba4ddfe9a8d55e3e2488bea89c39adef07981
	408ba4ddfe9a docs(changelog): changelog for lts-v2.10.12 release
	7bdf51628eab Merge "docs(maintainers): update LTS maintainers" into lts-v2.10
	8355ef7728ec docs(maintainers): update LTS maintainers
	faceedf4e5c2 Merge changes from topic "for-lts-v2.10.12" into lts-v2.10
	9007a3344e12 Merge changes from topic "gr/lts-doc-2.10" into lts-v2.10
	924c7f42ce4a chore(deps): bump cross-spawn
	7c8c034e5fed chore(deps): bump jinja2 in the pip group across 1 directory
	3d85a19f2f54 docs: updates to LTS
	13657a3f3f2a docs: add inital lts doc
	a4c57c122407 Merge changes from topic "lts-v2.10.12" into lts-v2.10
	564922601397 feat(mbedtls): mbedtls config update for v3.6.2
	44161dcb10ab docs(prerequisites): update mbedtls to version 3.6.2
	0ac65e7aa5ec refactor(mbedtls): rename default mbedtls confs
	8b2c885739dd fix(arm): add extra hash config to validate ROTPK
	832b92b7f615 docs(changelog): changelog for lts-v2.10.11 release
	a3fc7c18c461 Merge changes from topic "for-lts-2.10.11" into lts-v2.10
	196984e65da0 fix(cpus): workaround for Cortex-X4 erratum 2923985
	0eed05ee70aa chore(cpus): optimise runtime errata applications
	34e6d7cb8ce1 Merge changes from topic "sm/fix_erratum" into lts-v2.10
	ad9dfdc5800c fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
	5673d345aaa3 fix(cpus): workaround for CVE-2024-5660 for Cortex-A77
	4fd2a6702dd1 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1
	a02a863d3156 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE
	87250d2bb1ea fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C
	30c57c58abe3 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78
	c7d3c9eb2d81 fix(cpus): workaround for CVE-2024-5660 for Cortex-X1
	282e63544d26 fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2
	f7ae819f03ae fix(cpus): workaround for CVE-2024-5660 for Cortex-A710
	3efc9e13011d fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2
	17e17ed3f1e6 fix(cpus): workaround for CVE-2024-5660 for Cortex-X3
	a6375e1feb42 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3
	e42abf298321 fix(cpus): workaround for CVE-2024-5660 for Cortex-X4
	698e68fe1fe9 fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
	b229b47bd86c chore: rename Blackhawk to Cortex-X925
	96498991d1ce chore: rename Chaberton to Cortex-A725
	b28aa38e28cf docs(changelog): changelog for lts-v2.10.10 release
	8e74814ce52f Merge changes from topic "for-lts-v2.10.10" into lts-v2.10
	c9f3fb5822dc build(deps): bump setuptools in the pip group across 1 directory
	395ef3534cf1 chore(deps): bump micromatch
	6c6e986bffb3 build(npm): update Node.js and all packages
	c5d2a030a35f build(deps): bump braces
	ebf6430a01c5 build(deps): bump idna from 3.4 to 3.7
	93ad43e79ef7 build(deps): bump jinja2 from 3.1.2 to 3.1.4
	f8a06a0f82ce build(deps): bump urllib3 from 2.0.2 to 2.2.2
	3ea256c36a4b build(deps): bump pip from 23.1.2 to 23.3

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason 74bd36ec63 arm/gn: update to latest commit
Update to the latest gn commit.
Changes in gn between 95b0f8fe31a992a33c040bbe3867901335c12762 and ab638bd7cbb9ac8468bf2fbe60c74ed4706a14a7
	ab638bd7cbb9 Revert "Speed-up GN with custom OutputStream interface."
	2dd9331a7041 Speed-up GN with custom OutputStream interface.
	ed1abc107815 Add `exec_script_allowlist` to replace `exec_script_whitelist`.
	c97a86a72105 Retry ReplaceFile in case of failure
	7296b601ea80 Fix crash when NinjaBuildWriter::RunAndWriteFile fails
	468c6128db7f fix include for escape.h
	5a47a93b9426 fix exit code for gn gen failure
	24e92acb8472 misc: Use html.escape instead of cgi.escape
	feafd1012a32 Do not copy parent build_dependency_files_ in Scope constructors.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason 543adf67d2 arm/opencsd: update to 1.5.5
Update to the latest stable version (1.5.5), comprised of the following
commits:
	742d60ed7dc7 opencsd: Update version info and README for 1.5.5
	7ca491c516b8 build: Update docs for MacOS support
	cac83e59666e build: Add MacOS development makefile
	e56eff270ca2 build: Use .dylib shared library suffix for MacOS
	35f957d2a97a build: Create initial MacOS makefile
	44dff5b22a26 build: Restore Linux build support
	a0e13010e1d6 build: Rename build folders as 'unix_common' for upcoming MacOS support
	ecdde9f69307 tests: Add option to suppress elapsed processing time in test program.
	821632be920c tests: update mem_buff_demo test to add options.
	70e472c9387f opencsd: Memacc object cleanup fix

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason f1fc5c53a1 arm/hafnium: update to v2.12.0
Update to the latest version of halfnium

Changes between 2bef7ab3895c48d39b84ab58179b2d0de5156b8b and 2cf2ca7c4b81ab18e9cd363d9a5c8288e2a94fda
	2cf2ca7c4b81 docs: the change log for the v2.12 release
	69e18eb52d63 docs: update the threat model for IPI threats
	c9866ab33c7a docs: add description of single service IPI support
	b17856caec30 test: interrupt targeting blocked vcpu is queued
	0ee13d9cc510 test: add helpers to share page for coordination btw endpoints
	eda971da9f4c fix: queue interrupt targeting blocked vcpu
	0a69718c6298 fix(docs): fixes to the docs to fix build errors
	4b3d26803b56 test(ipi): IPI to invalid vCPU fails
	2f579f93c1d9 test: multiple SPs periodic deadlines on multiple cores
	8157b6897a8f test: multiple SPs with periodic deadline
	b390a0d12967 test(ipi): set target vCPU in VCPU_STATE_BLOCKED
	2affbc7a7bbb test(ipi): target vCPU set in VCPU_STATE_PREEMPTED
	180a65a7be5f feat(ipi): handle in VCPU_STATE_BLOCKED/PREEMPTED
	84d49b67d2d9 fix(ipi): small fixes to the ipi implementation
	0136b2bf3f35 test: migrate blocked vcpu with pending timer
	da42b544504b test: timer expired while vcpu is in PREEMPTED state
	7c9702280c62 chore: reduce verbosity of console messages for SPs
	9243e772b209 docs: support for arch timer in secure world
	c0110997e1f8 chore: add doc comment on Pauth fault tests
	a067dc1d77f8 test: add unit tests for timer management
	872742eec217 test: use watchdog timer as source of non secure interrupt
	febcb625856e test: add driver for normal world watchdog timer
	b9dd51451e46 test: introduce driver for sp805 peripheral
	65827d703535 test: migrate vCPU of SP with pending timer deadline
	593b8addcbdc test: multiple SPs programmed with timer deadlines
	fe10878b1e1c test: SP reprograms the arch timer deadline
	b2429b49c524 test: SP handles timer with short deadline
	34c050a04357 test: commands for SP services to configure timer
	64ae5a8d6a18 test: add SP helper utilities for arch timer
	6b8cf4f361f6 feat(arch timer): handle spurious host timer interrupt
	106bfc364d64 feat(arch timer): migrate vCPU with pending timer to another CPU
	cf069a65988e feat(arch timer): resume SP if deadline expires in NWd
	2efb3e103382 feat(arch timer): handle host timer interrupt tracking live deadline
	32424db1d5d6 feat(arch timer): inject timer virtual interrupt before resuming vCPU
	a3787c91a96c feat(arch timer): track pending timer configured by SP vCPU
	28e988f3bb56 chore: exclude physical timer source file from static checks
	f684d196422b feat(arch timer): trap and emulate physical timer access from SPs
	d3ac7383c10f feat(arch timer): helpers to configure EL1 physical timer
	f658f5e1a6e1 feat(arch timer): initialize timer list and host physical timer
	def48d0365b3 feat(arch timer): introduce host timer driver
	c31708afa85c feat(arch timer): helper utilities to add and remove from timer list
	eed861e514ba feat(arch timer): data structure to track pending timers
	08200fe0f2e2 test: physical interrupt preempts virtual interrupt handling
	75331b3ee028 test: SPMC call chain not preemptible
	179f567f17fe test: helpers commands to mimic secure interrupt scenarios
	94946a1451e3 fix(interrupts): SPMC scheduled call chain shall not be preempted
	025a451a9275 fix: simplify secure interrupt handling
	c3fd9756a53e feat(memory share): handle GPF in FFA_MEM_FRAG_RX
	e06384d55458 docs: document VM availability messages
	50ef91174b38 refactor: api_ffa_msg_send_direct_resp
	13f09815b474 refactor: don't pass sender/receiver ID
	79504ff11a86 refactor: remove unused functions
	a1a0235181b3 test: VM availability messaging tests
	06e8b732abc2 feat: forward VM availability messages from SPMC to SP
	d0356f85a2a2 refactor: `spmd_handler` refactorings
	520bcc86451b test: VM created/destroyed partition properties
	a603e0842531 feat: VM created/destroyed partition properties
	18694027d10d feat: parse `vm-availability-messages`
	1308a63f4851 test(ipi): FFA_NOTIFICATION_INFO_GET reports pending IPI
	d270b869c989 test(ipi): target waiting vCPU whilst in SWd
	537165559733 test(ipi): target waiting vCPU whilst in NWd
	3a9510e81960 test(ipi): handling SRI in the NWd
	377defd58730 test(ipi): send IPI to running vCPU
	d2efb134495d test(ipi): state machine to help testing IPI
	8be2651ff463 test(ipi): add unit tests for fetching pending IPIs
	1f2babf02fd8 feat(ipi): report IPIs in FFA_NOTIFICATION_INFO_GET
	960be20fecdc feat(ipi): handle IPI for waiting case
	f3cf28cf7d4b feat(ipi): introduce IPI paravirtualised interface
	18485946304c refactor: use bitfields for interrupt_descriptor struct
	e44e18e5702b fix: increase stack size in primary VM
	cc9d11383413 ci: increase timeout for long running tests
	b8f9a899f0be test: if SPs wake up with eret FFA_RUN
	4dbf4d95c63f fix: only normal world VMs need FFA_RUN
	478faac95b69 refactor: always eret FFA_RUN to the caller
	8ddb0e2d11e6 chore: drop the FFA_RUN tests
	3190f5401e09 chore: specify updated submodule commit hash
	baaf9e5bd0c5 docs: update FFA_PARTITION_INFO_GET(_REGS)
	0ffce75f8244 refactor(notifications): verbose validity check
	3e55c4d8e3de fix: check ff-a version for functionality support
	d96c931b233d test(ff-a): report features in partition info get
	7fb0fdb7ab97 fix: report indirect message and direct message 2
	11f50e5ff10b chore: drop linux/driver project checks
	d5d6c381e69c chore: drop the driver/linux submodule
	8018929656f3 doc: refer the checkpatch.pl setup
	d8e61447a1b5 ci: add script download checkpatch.pl
	94b0fa111104 chore: drop rule to update linux binary
	ddeedafa09d0 chore: drop the third_party/linux submodule
	6b756a10770a ci: drop the setup with the hafnium driver
	15e302616540 chore: drop hf_interrupt_inject
	da6b099e5dfb chore: drop mailbox waiting list
	9a9ed227a137 test(ff-a): FFA_MSG_WAIT called with pending message
	ccbf26c078c7 docs: add FFA_MSG_WAIT description
	ea8ccfe752cb refactor(notifications): drop the SRI state
	ac0cb263714c chore: drop legacy timer support in hypervisor
	9acc62973951 chore: remove legacy timer support tests
	a74c97c4c184 test: interrupt targets blocked SP
	23a7e58b6494 fix(interrupts): resume blocked vCPU and pend vIRQ line
	3e749afb2d9b test(pauth): test PAuth usage from S-EL0
	70c6ca0e0cb9 fix(pauth): use prng to generate S-EL0 pauth keys
	9478e32bb811 refactor: UUID packing/unpacking
	cca64d765bf0 refactor: `get_ffa_partition_info`
	fb9c2a27a319 refactor: `api_ffa_fill_partition_info`
	45abeebfd2b4 feat: report error if too many UUIDs in manifest
	6053297ef775 refactor(manifest): UUID parsing
	8c5de22b6b6a test: fork 'preempted_by_secure_interrupt'
	bd32c97bdb07 refactor: simplify interception of FF-A calls
	67f5ba3d10d3 refactor: boot order list to use list.h
	8e02186908e0 refactor: rename list functions
	3bfc36eab652 test(ff-a): cannot send indirect message when RX buffer full
	3d5a9609bf43 test(ff-a): add RX retention tests to S-EL0 setup
	a2103eb08381 feat(code-coverage): check elf files for folder include/exclude
	c7270b752e5f fix(memory share): hypervisor retrieve request check
	7640451f68fc fix(build): fix out of tree build specifying $OUT
	36fcf881497b fix: detect pauth algorithm in cpu
	483686441714 refactor: `memcpy` refactors
	5d5f27972dbb fix: use correct load-address while adding offset
	3bb825946fed fix(indirect message): set framework notifications
	8ccd2d0f0552 fix: rename load address relative offset node name
	67196c7ad3bc docs: document new `FFA_VERSION` behaviour
	c4d9ae80b40b fix(ff-a): don't report ME interrupt to EL0
	41c5da385103 fix(notifications): delay SRI flag use from NWd
	d9e7c8fd3cf9 fix: in case the mailbox is FULL return FFA_RUN
	77b4eef0071d fix(hftest): clear NPI when polling for notifications
	486ffdce7223 test(ff-a): FFA_MSG_WAIT multicore RX buffer test
	337dbdfa04ee test(ff-a): test FFA_MSG_WAIT with retain RX buffer flag
	7253bd5c43fc feat(ff-a): add retain RX buffer flag to ffa_msg_wait
	bc854180a4bb test(ff-a): verify FFA_MSG_WAIT releases RX buffer
	be1a0b7a4d43 fix(ffa): add RX buffer release to FFA_MSG_WAIT
	b8730e9f7263 refactor: moved api_interrupt_clear_decrement to vcpu
	cfc8174a3a22 refactor: added ffa_msg_wait_complete
	472f66a344c9 refactor: use vm_id_is_current_world
	ac9407556eca refactor: rename implicit_completion_signal
	3b31f09c4e80 refactor: create vcpu_secure_interrupt_complete
	9a4b9c0b9592 fix(notifications): per-vCPU for MP only
	318e90a733de feat: queue interrupt targeting blocked vcpu
	c023e39839c0 test: new setup with S-EL1 UP SP as Service2
	538b688a0865 test: register secondary entrypoint only for MP S-EL1
	ec3bf2223df0 test: queue interrupt targeting a migrated vcpu in blocked state
	97fa216c6ae9 test: queue interrupt targeting a migrated vcpu in running state
	ce6baae61eee test: queue interrupt targeting a migrated vcpu in waiting state
	4fff340ea012 test: queue multiple pending virtual interrupts
	e1bec84e69f1 test: handle secure interrupt triggered by Generic Timer
	95bb8fe60145 test: leverage build define to identify an S-EL0 SP
	75a1ab7b9c3c test: update manifests to accommodate AP REFCLK timer device region
	76fe642c630f test: add SP helper commands to manage generic timer
	ad3fb6698931 test: add driver for AP REFCLK Generic timer
	92b404ecffd6 test: driver for generic memory mapped system timer
	ae519e184f12 test: map MMIO regions from device region nodes
	7945bb578a0f refactor: reduce fields tracking interrupt handling for vcpus
	93d3d7015108 feat(interrupts): target migratable S-EL1 UP vCPU
	42e56c11d90e feat(interrupts): target migratable S-EL0 UP vCPU
	48dc41c3890c feat(interrupts): queue if unable to signal virtual interrupt
	c64d0645a4c4 feat(interrupts): prioritize servicing queued virtual interrupts
	32913cb081cf feat(interrupts): data structures, helpers for queueing
	b7c2558e1bbd fix(interrupts): drop the running priority before resuming vcpu
	6acc53703857 fix(hftest): logs from different setups would override
	ff651e335032 feat: hftest to disable_visualisation
	6f6bf8a117f9 refactor: simplify functions to pend VI
	33172403a44a fix: moved unsupported function log
	3e9f605eba42 test: interrupt to be pended before boot
	cc542042dbbd feat(interrupts): physical interrupt enabled
	d533859d7826 chore: add venv to gitignore
	1c56a252a966 fix(hftest): service set-up functions in core 0
	65deaa433730 refactor: drop hypervisor-specific tests
	6045881f4fe2 fix(notifications): vCPU ID check in get ABI
	a2c79226b56b docs: redirect to a common ff-a binding document in TF-A
	296ee70c7af7 refactor(memory share): split check of hyp retrieve request
	058ddee34d02 fix: remove memory region's device attribute
	71704804400a secure_tc: enable branch protection
	9c5b1d3708f8 refactor: split `api_ffa_features`
	650cb148d610 refactor: report FFA_YIELD
	1a8c0cdb812c refactor: report secondary EP register supported
	5a222641c137 refactor: permission get/set supported at S-EL0 partitions
	4271ff9734fe refactor: remove arch/platform specific ffa_features
	4e8e479805bb refactor: reduce log level of some log statements
	be12343e0ceb fix(hftest): interrupt enable/disable
	94f9a7303d06 fix(docs): refactor poetry dependency group
	734981e83008 fix(memory share): dont change the PAS for device memory
	9a444adfee0b refactor(hftest): update iris options
	fd374b8c9227 fix(memory share): v1.1 emad reserved field check
	5ebf4bf2c364 feat: parallelize `clang-tidy`
	2ad6b66ef5f6 chore: fix `clang-tidy` warnings
	a4d4a2b00cf2 fix: check `.h` files with `clang-tidy`
	20acb0118db9 refactor: remove `make check`
	ca9234c8510c refactor: reformat `.clang-tidy`
	67a7926ce341 fix: first vCPU runs in the VCPU_STATE_RUNNING
	77f39c21e52a fix(docs): point poetry readthedocs virtual env
	bd43209c3d7f refactor: console log verbosity
	052fa62be451 fix(docs): design doc typo fails the build
	a33eca997600 fix(qemu): memory barriers to operate DMA
	66a38bd5184d fix: fix build with clang-18
	a5ea909bfc61 fix: fix build with clang-17
	74ee3ab8bb56 fix: fix build with clang-16
	6f1f1210152d feat: print vCPU ID
	920362870c0d test: tests for printing sequentially and concurrently
	31e5c95fd1c7 fix(hftest): define stacks for all secondary cores
	7cdb36d7dfa8 test(mem share): RO mem cannot be zeroed during send
	72d53a15d7b7 fix(boot): remove limit all partition memory is RW
	c7a3848c7cc0 refactor: improve hftest error message
	133ae6e2e48b feat(dlog): adopt FF-A in `stdout_putchar`
	c5cebbc0e8d0 refactor: move log buffer from VM to vCPU
	99fe2434f9d9 refactor: add documentation for interrupt controller in DT
	1c26ae7ec65a fix(gic): add support for passing GIC data from DT in boot flow
	99c5eff25b84 test: add unit tests to validate dma properties
	718afa9ca629 refactor: create a helper function to obtain common fields
	9c764b3e5437 refactor: use dma device properties struct within device node
	7de26958d155 refactor: extract VM's log buffer into separate struct
	6027b4f0bd7a fix: fix signature of `memcpy`
	8f046e4873ea refactor: remove `CHECK_OR_ZERO` macro from `std.h`
	2b56fc163c19 refactor: replace some uses of `uintptr_t` with `cpu_id_t`
	b4ef4320e1d0 refactor: use typedef for CPU entry point functions
	71d887b7cad0 refactor(memory share): improve naming of sender_orig_mode
	c8e6e85d7f72 test(memory share): device as normal through descritor mem types
	3b65a25f2642 test(memory share): lend device memory as normal
	6e2613628196 fix(memory share): add precedence check for memory type
	2268412d6968 test(memory share): normal memory lent as device
	91052c3eb749 fix(memory share): log for invalid instruction access
	3f295b18c75c feat(manifest): add overlap checks for SPMC memory
	889cbf1e6e82 refactor: use enums for PSCI constants
	5e99699970bc refactor: add helper function to check if VM is primary
	8204182ee3d2 refactor: add helper functions for checking if VM is UP/MP
	0a824e972474 chore: fix log strings
	bd060340445e fix(memory share): relinquish from VM
	9bbcb87d8873 fix(memory share): assert pointer before dereferencing
	a39a84497eda feat(memory share): relinquish use `memcpy_trapped`
	3f6527cd56f9 feat(memory share): revert memory retrieve
	69cdfd9531f8 feat(memory share): avoid updating PTs
	7b9cc432ce38 feat(memory share): memcpy_trapped to copy retrieve resp
	8f2150d1d4c6 feat(memory share): `memcpy_trapped` to read from tx
	f220d57a4102 fix(memory share): retrieve request validation
	c9227c849e62 fix(memory share): multiple borrower with NWd VM
	540cddfcb118 feat: introduce gicd_set_ctrl helper utility
	cde596402559 test(ff-a): add tests for changing version through `FFA_VERSION`
	64d930ee6c33 fix: check that calls to FFA_VERSION actually succeed
	e9921275a326 fix: memory sharing tests
	08befddc43c0 refactor: move `update_mm_security_state` to `common/ffa.c`
	2909e54cf230 refactor: port tests due to new restrictions
	d319fbbb5b9b fix: remove log statement that caused `FFA_VERSION` to fail
	6eeec8e85a5f feat: restrict `FFA_VERSION` calls
	0e617d9d2245 refactor(ff-a): `FFA_VERSION` related refactorings
	4b846eb871c0 fix(mem share): zeroing RO memory during memory send
	8fc1b5054cb2 fix: error codes need to be uint32_t
	6fd6c1d6ecad fix: fix input validation in FFA_FEATURES
	49ec1e42e218 refactor: refactor `api_ffa_features`
	88851f90b88e feat: add macros to check bits
	d1c34b5edee1 feat(mte): add error log for sync tag fault in EL2
	95fbb31760eb feat(memory share): add memory share 64-bit ABIs
	b9ae416a7d55 refactor: use `GET_ESR_EC` macro
	5a13355b0802 refactor: add `GET_ESR_FNV`
	9f7ce018c967 test(dlog): unit tests for `dlog` with binary format specifier
	7efc8377234e feat(dlog): support binary unsigned integer format specifiers
	e8937d9c2a05 chore(dlog): fix uses of `dlog` to use new format strings
	544549064bb2 feat(dlog): check arguments to `dlog` at compile-time
	50af30574657 test(dlog): unit tests for `dlog` with length modifiers
	70894da99ab1 feat(dlog): handle length modifiers
	e980e611ed8a refactor(dlog): miscellaneous changes related to logging
	705b56e94b38 refactor(dlog): move `dlog_flush_buffer` to `api.c`
	e8fdaed4c376 refactor(dlog): replace macros with enums
	93157d09e78f test(dlog): unit tests for `dlog`
	c9df08b45438 feat(hftest): assertion macros for strings
	d2ef618a680c refactor(dlog): return number of characters written
	222d9fbb3dee fix: enable `-Wsign-compare` in `ASSERT_EQ`
	1064a9c8d3c3 refactor: use `enum ffa_error` for errors
	824b63d9b256 feat: enable `-Wsign-compare`
	b090762d1c4d fix: disable `-Wsign-compare` for dtc
	4a88b9625897 feat: enable `-Wextra` flag
	df099becb672 refactor(init): use memory pool for boot params
	dc759f53ddbe refactor: use an enum for FF-A error codes
	d38270c14fe8 refactor: use enum for SP commands
	6a7c95926233 feat(hftest): rewrite error messages for failed assertions
	76766e61e230 refactor: use `typeof` in `HFTEST_ASSERT_OP`
	871b41e33565 refactor: always expand `assert` macro
	3a3e08dbd653 fix: check for illegal values of gic related build flags
	346a09cfce7f fix: check for illegal branch protection feature
	0549849def41 fix: propagate enable_mte build flag to cflags
	00d3b632aeda fix: incorrect calculation for number of boot info desc
	b886d4930571 fix(memory share): drop check to instruction access

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-25 11:00:05 -05:00
Jon Mason 1adc206509 arm/fvp-base-a-aem: update to 11.28.23
Update to the latest version.

License SHA changed due to the addition of "Artistic License 2.0" and
was missing entries for a few others that were there previously.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-24 11:06:06 -05:00
Jose Quaresma a55e4445f2 bsp: optee-client: cleanup old tee-supplicant
The same tee-supplicant is available in the meta-arm layer
along with the recipe.

| meta-arm/recipes-security/optee/optee-client
| meta-arm/recipes-security/optee/optee-client/tee-supplicant.sh
| meta-arm/recipes-security/optee/optee-client/tee-supplicant@.service
| meta-arm/recipes-security/optee/optee-client.inc
| meta-arm/recipes-security/optee/optee-client_4.1.0.bb

Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-21 09:07:49 -05:00
Jon Mason 25ca4ecb32 arm/trusted-firmware-a: update git recipe
Update the TF-A git recipe to the latest commit (as it was older than
the 2.12 release previously).  Also, update mbedtls to 3.6.2 (per the
tf-a docs in the master branch).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-20 09:00:07 -05:00
Jon Mason 48708ed3cc arm/trusted-firmware-a: re-add patches
TF-A Patches were erroneously moved to meta-arm-bsp, despite still being
needed by the recipes in meta-arm.  Copy them back and make copious
apologies.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-20 09:00:07 -05:00
Jon Mason 7c2df809e0 arm/trusted-firmware-a: move qemuarm64-secureboot file to the correct location
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-13 11:00:04 -05:00
Jon Mason 5773030601 CI/machine-summary: remove binary toolchains and sort entries alphabetically
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-13 11:00:04 -05:00
Jon Mason 8a457932df arm/trusted-firmware-a: Move 2.11 to meta-arm-bsp
Move v2.11 to meta-arm-bsp so that corstone1000 can still use it (though
2.12 does appear to work).  Move all the other platforms in meta-arm-bsp
to use 2.12.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-11 10:24:07 -05:00
Jon Mason f0f0be29a3 arm/trusted-firmware-a: Add cot-dt2c
Platforms with GENERATE_COT need to either have COT_DESC_IN_DTB set or
use cot-dt2c to generate it.  Add cot-dt2c from trusted-firmware-a
sources and its python dependencies to enable this for those that need
it.

Also, move all the relevant platforms in meta-arm-bsp to use 2.12

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-10 14:49:31 -05:00
Philip Puk d656275855 arm-bsp/u-boot: corstone1000: Reserve memory for RSS comm pointer access protocol
This memory was used by OpenAMP to establish communication between
the Secure Enclave and Trusted Services. After transitioning from
OpenAMP to RSE_COMMS, this shared memory is now configured for the
pointer access protocol in RSE_COMMS.

Since this memory may be still used by a user-space application
in linux as U-Boot is passing an EFI memory map starting from
0x80000000, this memory range should be reserved as the
pointer access protocol may be enabled on corstone1000 in the future.

Signed-off-by: Philip Puk <philip.puk@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-02-10 09:22:21 -05:00
Mikko Rapeli 34d326f107 systemd-boot: update systemd-bootaarch64.efi path
poky updated systemd from 256 to 257 which changed
the build time path.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2025-02-10 14:04:58 +00:00
Ross Burton 03af0c72f1 arm-toolchain: remove external-arm-toolchain
Integrating the binary Arm GCC toolchain into OE is quite complicated
because the binary release and oe-core's toolchain are arranged slightly
differently, which makes it quite fragile.

As it's obviously a binary release we cannot patch it to fix issues.

Also it has some fairly sizable limitations: for example the kernel
headers are old (from linux 4.19) and the locale packaging is different
so locale package dependencies don't work.

The main historic users of the external toolchain no longer use it, so
remove it.  The recipes will remain in the LTS branches for users who
are using it currently, but will not be part of the next release.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-30 07:26:31 -05:00
Ross Burton 78f7c988e2 arm-toolchain/external-arm-toolchain: update for toolchain provider changes
The oe-core commit "classes/recipes: Switch virtual/XXX-gcc to
virtual/cross-cc (and c++/binutils)"[1] changes the virtual names that
the toolchain components use, so external-arm-toolchain needs updating
to use these new names.

[1] 4ccc3bc8266c327bcc18c9a3faf7536210dfb9f0

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-30 07:26:31 -05:00
Musa Antike b56ab3175d kas: Include unattended Debian test
Add unattended installation yml to Debian  target

Signed-off-by: Musa Antike <musa.antike@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-29 11:41:59 -05:00
Musa Antike f1769d5640 arm-systemready/oeqa: Add unattended installation testcase
Add test for Debian unattended installation verification

Signed-off-by: Musa Antike <musa.antike@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-29 11:41:52 -05:00
Musa Antike f0978b3067 arm-systemready/linux-distros: Implement unattended Debian
- Implement unattended installation for Debian
- Upgrade Debian version to 12.8.0

Signed-off-by: Musa Antike <musa.antike@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-29 08:46:03 -05:00
Musa Antike 6e913cf30d arm-systemready/linux-distros: Move openSUSE unattended conf to SRC_URI
- Replace THISDIR with UNPACKDIR by adding unattended conf to SRC_URI

Signed-off-by: Musa Antike <musa.antike@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-29 08:46:03 -05:00
Musa Antike 0702fbbcfa arm-systemready/linux-distros: Move Fedora unattended conf to SRC_URI
- Replace THISDIR with UNPACKDIR by adding unattended conf to SRC_URI

Signed-off-by: Musa Antike <musa.antike@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-29 08:46:03 -05:00
Mikko Rapeli db933d55b4 trusted-firmware-a: fix mbedtls license checksum
tf-a 2.10.9 uses mbedtls 3.6.1 from 3.6 branch which
has the same checksum as in tf-a 2.11 recipe. Found when
downgrading tf-a from 2.12 to 2.10 to debug hangs on zcu102
board:

ERROR: trusted-firmware-a-2.10.9-r0 do_populate_lic: QA Issue: trusted-firmware-a: The LIC_FILES_CHKSUM does not match for file://mbedtls/LICENSE;
md5=3b83ef96387f14655fc854ddc3c6bd57
trusted-firmware-a: The new md5 checksum is 379d5819937a6c2f1ef1630d341e026d
trusted-firmware-a: Here is the selected license text:
vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html)
OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license.
This means that users may choose which of these licenses they take the code
under.

The full text of each of these licenses is given below.

                                 Apache License
                           Version 2.0, January 2004
...
  `Gnomovision' (which makes passes at compilers) written by James Hacker.

  <signature of Ty Coon>, 1 April 1989
  Ty Coon, President of Vice

This General Public License does not permit incorporating your program into
proprietary programs.  If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library.  If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
trusted-firmware-a: Check if the license information has changed in /home/builder/src/base/repo/build/tmp_zynqmp-zcu102/work/zynqmp_zcu102-poky-linux/trusted-firmware-a/2.10.9/git/mbedtls/LICENSE to verify that the LICENSE value "BSD-2-Clause & BSD-3-Clause & MIT & Apache-2.0 & Apache-2.0" r
emains valid [license-checksum]
ERROR: trusted-firmware-a-2.10.9-r0 do_populate_lic: Fatal QA errors were found, failing task.
ERROR: Logfile of failure stored in: /home/builder/src/base/repo/build/tmp_zynqmp-zcu102/work/zynqmp_zcu102-poky-linux/trusted-firmware-a/2.10.9/temp/log.do_populate_lic.4070974
NOTE: recipe trusted-firmware-a-2.10.9-r0: task do_populate_lic: Failed
ERROR: Task (/home/builder/src/base/repo/build/../meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.9.bb:do_populate_lic) f
ailed with exit code '1'

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-17 09:30:29 -05:00
Mikko Rapeli eb9a1ec43b edk2-firmware: fix PlatformStandaloneMmRpmb.dsc build
With backported patch from upstream. Error was:

| build.py...
| /home/builder/src/base/repo/build/tmp_rockpi4b/work/rockpi4b-poky-linux/edk2-firmware/202408/edk2/edk2-platforms/Platform/StandaloneMm/PlatformS
tandaloneMmPkg/PlatformStandaloneMmRpmb.dsc(...): error 4000: Instance of library class [HobPrintLib] is not found
|       in [/home/builder/src/base/repo/build/tmp_rockpi4b/work/rockpi4b-poky-linux/edk2-firmware/202408/edk2/StandaloneMmPkg/Core/StandaloneMmCor
e.inf] [AARCH64]
|       consumed by module [/home/builder/src/base/repo/build/tmp_rockpi4b/work/rockpi4b-poky-linux/edk2-firmware/202408/edk2/StandaloneMmPkg/Core
/StandaloneMmCore.inf]

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
2025-01-17 09:30:29 -05:00
Philip Puk 90123a287f arm-bsp/recipes-security: Add protobuf interface to crypto-sp in corstone1000
Adds protobuf interface to se-proxy-sp as the main crypto-sp uses it and
parsec service 1.4 also switch using protobuf interface.

Signed-off-by: Philip Puk <philip.puk@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-13 12:00:03 -05:00
Jon Mason 0905953af4 arm/trusted-firmware-a: bump fip and tests to 2.12
Bump fip and tf-a tests to use the 2.12 sources

Note: change to license is for CoT device tree python application (which
is Apache licensed).

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-10 11:00:05 -05:00
Quentin Schulz 280018a5db arm/trusted-firmware-a: add support for 2.12.0
Add support for TF-A version v2.12.0 and mbedtls 3.6.1.

GCC-compiled boot tested on RK3588 Tiger, RK3399 Puma and PX30 Ringneck.

0001-fix-zynqmp-handle-secure-SGI-at-EL1-for-OP-TEE.patch is merged in
2.12.0 so no need to have it in SRC_URI as for 2.11.0 and earlier
recipes.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-10 11:00:05 -05:00
Jon Mason f52fb00f10 arm/trusted-firmware-a: update 2.10 LTS to the latest versions
Update TF-A LTS to 2.10.9 (which includes an mbedtls bump to 3.6.1, per
docs).  Also, bump the TF-A tests to the latest version.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-10 11:00:05 -05:00
Ali Can Ozaslan bc5967ad87 arm-bsp/linux-yocto: corstone1000: Update to version 6.12
* Set Linux kernel preferred version for Corstone-1000 to 6.12.
* Update version listed in Corstone-1000 user guide documentation.
* Remove Linux kernel version 6.10 recipe as was only used by Corstone-1000.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2025-01-07 09:00:04 -05:00
Bence Balogh 6c34f1e425 arm-bsp/documentation: corstone1000: describe host level authentication
A new section was added for the host level authentication which
explains how the FIP content is verified at TF-A level.

Signed-off-by: Abdellatif El Khlifi abdellatif.elkhlifi@arm.com
Signed-off-by: Bence Balogh bence.balogh@arm.com
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-30 11:00:04 -05:00
Hugues KAMBA MPIANA cc4399ad9a arm-bsp/documentation: corstone1000: Show flyout menu in sidebar
Use flyout menu enabled via the `flyout_display`
parameter to show the flyout in the bottom of the sidebar.

The default Read the Docs (RtD) flyout needs to be disabled in order
to not have 2 flyouts showing. It is done by disabling it in the
RtD project settings.

Additionally, the Sphinx theme needs to be upgraded from version
2.0.0 to version 3.0.0. The sphinx and docutils modules also need
to be update for compatibility reason.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-21 08:22:38 -05:00
Peter Hoyes 5adb315517 arm/lib: Relax "Listening for serial connection" regex
Newer versions of the FVP now contain a full log entry for the
"Listening for serial connection on port" regex of the form:

INFO: FVP_NAME: terminal_uart: Listening for serial connection...

Relax the regex to support this new logging format and change from
re.match to re.search as the regex may not appear at the start of the
line.

This change is backwards-compatible with older versions of the FVP.

Signed-off-by: Peter Hoyes <peter.hoyes@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-16 10:00:05 -05:00
Ross Burton 83d9575a38 arm-bsp/linux-yocto: add temporary 6.10 recipe
oe-core has removed 6.10, so until corstone1000 has upgraded to 6.12 add
it temporarily to meta-arm-bsp.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-13 11:00:03 -05:00
Ross Burton fd2ba2d290 arm-bsp/linux-yocto: fix Juno build with linux 6.12
The DesignWare platform driver is hidden behind a DesignWare Core option
now, so enable that too.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-13 11:00:03 -05:00
Adam Johnston 3df279b56a arm-bsp/corstone-1000: IMAGE_ROOTFS_EXTRA_SPACE workaround
When images are repacked IMAGE_ROOTFS_EXTRA_SPACE is ignored.
This is not necessarily a bug but an undocumented quirk of how wic
works.

Evaluate IMAGE_ROOTFS_EXTRA_SPACE and use the value with the
 --extra-space option. Note that, since IMAGE_ROOTFS_EXTRA_SPACE is in
Kb, the value for `--extra-space` requires the explicit 'K' suffix (the
default is 'M')

Signed-off-by: Adam Johnston <adam.johnston@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-13 10:00:05 -05:00
Abdellatif El Khlifi 258277bab5 arm-bsp/linux-yocto: corstone1000: Update the Upstream-Status of the remoteproc patches
Set the Upstream-Status to Denied because the community suggests a different design

The external system implementation in Corstone-1000 is user-defined.
In the implementation provided by he FPGA board and by the FVP, the
Cortex-A35 (Linux) can not access the memory of the external system (Cortex-M3).
So, Linux can not load the external system firmware and can not communicate
with the external system using Rpmsg over remoteproc subsystem. The reason is Rpmsg
needs vrings memory buffers to be shared between both cores.
The community prefers that the HW is updated with memory sharing before they
consider merging the remoteproc driver.

We reached the agreement that we will split the work in two parts:

Part 1: Writing an SSE-710 reset controller driver
Part 2: Corstone-1000 remoteproc driver

Part 1 is doable and we will be working on it.
Part 2 is waiting for the FPGA upgrade with the memory sharing feature.

For more details [1].

[1]: https://lore.kernel.org/all/20241009094635.GA14639@e130802.arm.com/

Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-12 06:00:04 -05:00
Jamin Lin 22de236233 arm: remove python3-pyhsslms recipe
I upstreamed this recipe in meta-openembedded/meta-python,
so removes this recipe from meta-arm meta layer.

https://github.com/openembedded/meta-openembedded/blob/master/meta-python/recipes-devtools/python/python3-pyhsslms_2.0.0.bb

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-11 22:00:04 -05:00
Gabor Abonyi b2c43dbf9b lib/fvp: add name to terminal title in FVP runner
Currently, terminal title is %title, which is populated with the
component name by the FVP. This commit prepends it with {name},
which is already a mandatory parameter for terminals to be launched.
E.g. FVP_TERMINALS[terminal_uart] ?= "My Name" will launch a terminal
with a title "My Name - terminal_uart".

Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-09 09:00:03 -05:00
Hugues KAMBA MPIANA 8af2f218d4 kas: corstone-1000: Update the SHA of the Yocto layer dependencies for the CORSTONE1000-2024.11 release.
The SHA of the dependent community layers are commented out and set to
the tested SHA from the `styhead` branch of each layer.

The set SHAs are to be uncommented in the `styhead` branch which is
to be used to create the `CORSTONE1000-2024.11` tag.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-05 10:30:39 -05:00
Hugues KAMBA MPIANA 5c40c5f7f7 arm-bsp/documentation: corstone1000: Amend documentation for CORSTONE1000-2024.11 release
* Fix typographical error in documentation.
* Add missing instructions.
* Create paragraphs where necessary to improve readability.
* Change `note` box to `important` box

* Remove verification of arm_tstee driver presence:
arm-tstee driver has been integrated in Linux v6.10.14 which is
the one used in the software stack. It is built as part of Linux and
is no longer a loadable module.
The steps to verify the driver presence are no longer applicable.

* Standardise naming of the target platform:
Consistently use the name `Corstone-1000` to refer to the target platform.

* Update Debian OS version from 12.4 to 12.7
Debian version 12.4 has a bug in Shim 15.7.
This bug causes a fatal error when attempting to boot media installer
for Debian,and resets the platform before installation starts.
A patch to skip the Shim was applied to Corstone-1000 to avoid
the error.
Debian version 12.7 no longer has the bug in the Shim thus making
the usage of the patch redundant.
Bump Debian installer to version 12.7 and remove usage of the patch
for the Debian installation test.

* Replace xterm with tmux:
Update the user guide to specify tmux instead of xterm.
Using tmux as opposed to xterm provides a better user experience
when running the commands listed on the user guide.

* Use ACS image for FVP SystemReady test:
Due to fixed timeout values in the meta-arm-systemready the ACS time
test do not complete successfully.
Instead, specify commands to use the pre-built ACS image.

* List Trusted Services as a host component:
Add Trusted Services to the list of components used on the Host processor
of the Corstone-1000. The various BitBake recipes and append files used to
build Trusted Services are listed for the component.

* Update release version to CORSTONE1000-2024.11:
All references to the version of the Corstone-1000 software reference
stack have been updated from CORSTONE1000-2024.06 to CORSTONE1000-2024.11.
Add to the changelog the 2024.11 release information.
Add the 2024.11 release notes.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-05 10:30:39 -05:00
Ross Burton 82bb1d2190 arm/fvp-base-a-aem: upgrade to 11.27.19
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-03 10:00:04 -05:00
Bence Balogh 30519676ab arm-bsp/trusted-firmware-m: corstone1000: Fix Secure Debug connection due to token version mismatch
Due to a mismatch between the ADAC dummy token major version and the version
in the secure-debug-manager repository [1]'s submodule [2], the secure debug connection was denied.
Update the ADAC token major and minor versions in TF-M to align with the expected
dummy token.

[1] https://github.com/ARM-software/secure-debug-manager/
[2] https://git.trustedfirmware.org/plugins/gitiles/shared/psa-adac.git/+/refs/heads/master/psa-adac/core/include/psa_adac.h

Fixes: 7e9466 ("arm-bsp/trusted-firmware-m: corstone1000: add Secure Debug")
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-12-02 05:00:04 -05:00
Mikko Rapeli 737bfd0e63 linux-yocto: remove signing
Remove secure boot signature from kernel image.
It's signed as part of uki image now which signs
kernel, initramfs etc.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-25 12:10:17 -05:00
Mikko Rapeli 682fb426ee uefi-secureboot.yml: switch to Unified Kernel Image (UKI)
Unified Kernel Image includes kernel and initrd which
both are signed with UEFI secure boot. This brings secure
boot closer to userspace.

Use core-image-initramfs-boot to find the real
rootfs and boot systemd init there. No need to hard code
rootfs via qemuboot/runqemu variables.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-25 12:10:17 -05:00
Mikko Rapeli a3523586e5 uefi-secureboot.yml: remove duplicate distro features
Setting INIT_MANAGER to "systemd" already sets needed
feature flags. Appending to them only causes sstate
cache invalidation and recompilations.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-25 12:10:17 -05:00
Mikko Rapeli d0fd3e961a qemuarm64-secureboot.conf: append to WKS_FILE_DEPENDS
Various classes add dependencies so don't overwrite them.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-25 12:10:17 -05:00
Jon Mason 853fde2b24 CI: add poky-altcfg in xen.yml for systemd image requirement
xen-image-minimal now requires systemd.  Add poky-altcfg (which has
systemd amongst other things) as an includes in the xen.yml file to work
around this.  Also, xen requires openssh instead of dropbear.  So,
override that entry.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-21 11:00:04 -05:00
Romain Naour 9d9c2fb93e CI: test external-arm-toolchain with usrmerge enabled
We want to test meta-arm-toolchain layer with usrmerge enabled [1]
since it produce some breakage with current external ARM toolchains [2].

Instead of using a custom setting (poky + usrmerge enabled), use the
existing poky-altcfg provided by Yocto. poky-altcfg uses systemd as
init system and imply usermerge being enabled (new systemd v255
requirement) [3].

Note: It must be a 32bit machine, since there are currently no aarch64
host toolchains for aarch64 (some gitlab runner used by meta-arm are
aarch64 host) [4].

[1] https://docs.yoctoproject.org/scarthgap/ref-manual/features.html?highlight=usrmerge#distro-features
[2] https://lists.yoctoproject.org/g/meta-arm/message/5557
[3] https://git.openembedded.org/openembedded-core/commit/?id=802e853eeddf16d73db1900546cc5f045d1fb7ed
[4] 4bfa191ada

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:39 -05:00
Romain Naour de47f836e2 external-arm-toolchain: rebuild libmvec.so symlink if any
On some architectures (namely Aarch64), glibc may provide a libmvec
library since glibc 2.22, which programs built with gcc OpenMP
support might get linked to.

In order for these programs to work on the target, we need to copy this
library to the target filesystem.

Make sure that libmvec.so symlink is correct with or without usermerge
enabled otherwise libmvec.so symlink is broken.

For more details on libmvec, see
https://sourceware.org/glibc/wiki/libmvec.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:33 -05:00
Romain Naour cb4c0c9a93 external-arm-toolchain: override dynamic loader path with usrmerge enabled
usrmerge nowaday required by systemd [1] but it broke
external-arm-toolchain in several ways...

When usrmerge is enabled, /lib is no longer part of SYSROOT_DIRS list
while the prebuilt toolchain expect the dynamic loader to be placed in
/lib not /usr/lib.

There is no /lib directory in the per-package sysroot directory
generated to build each package:

  [...]/build/tmp/sysroots-components/<target>/<package>/
  sysroot-providers/ usr/

But the cross-compiler still generate binaries with dynamic loarder
path set to "/lib/ld-linux-<target>.so*"

  strings sanitycheckc_cross.exe | grep ld
  /lib/ld-linux-aarch64.so.1

A symlink /lib -> /usr/lib is crated in the final rootfs image.

But this broke the meson-qemuwrapper used when "qemu-usermode"
(MACHINE_FEATURES) is available:

See [2]:
  do_write_config:append:class-target() {
       # Write out a qemu wrapper that will be used as exe_wrapper so that meson
       # can run target helper binaries through that.
       qemu_binary="${@qemu_wrapper_cmdline(d, '$STAGING_DIR_HOST', ['$STAGING_DIR_HOST/${libdir}','$STAGING_DIR_HOST/${base_libdir}'])}"

It produce a runtime issue while running a meson sanity check:

  meson-qemuwrapper [...]/build/meson-private/sanitycheckc_cross.exe

  qemu-aarch64: Could not open '/lib/ld-linux-aarch64.so.1': No such file or directory

Note: The binaries build by the Yocto internal toolchain seems be "patched" [3]
to look at /usr/lib instead of /lib.

We use -Wl,--dynamic-linker to make sure that the cross-compiler
generate binaries using the dynamic loader path defined by usrmerge
for all packages build by Yocto.

[1] https://git.openembedded.org/openembedded-core/commit/?id=802e853eeddf16d73db1900546cc5f045d1fb7ed
[2] https://git.openembedded.org/openembedded-core/tree/meta/classes-recipe/meson.bbclass?h=2024-04.3-scarthgap#n130
[3] https://github.com/openembedded/openembedded-core/blob/scarthgap/meta/recipes-devtools/gcc/gcc/0007-Define-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:23 -05:00
Vasyl Vavrychuk 8634bdc2f2 external-arm-toolchain: remove ${base_libdir}/libpthread*.so from FILES:${PN}
When `usrmerge` distro feature is not enabled, then `${base_libdir}`
resolves to `/lib` and `/lib/libpthread*.so` does not match any files.
But, with `usrmerge` distro feature, `${base_libdir}` is `/usr/lib`, so
removed line leads to `/usr/lib/libpthread.so` symlink included in
`${PN}` which causes QA check failure.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:19 -05:00
Vasyl Vavrychuk 4b2cef379f external-arm-toolchain: in libc.so GNU ld script use base_libdir
`base_libdir` gets replaced with `/lib` or `/usr/lib` depending on
`usrmerge` distro feature.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:13 -05:00
Romain Naour a6f44bbb80 external-arm-toolchain: wrap symlink handling under usrmerge check
Rework the symlink handling when usermerge is enabled.
Indeed, "ln -sf ../../lib/librt.so.1 ${D}${libdir}/librt.so" create a
dead link with usermerge...

Based on: https://lists.yoctoproject.org/g/meta-arm/message/5765

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: "Parthiban" <parthiban@linumiz.com>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:15:00 -05:00
Vasyl Vavrychuk 98eea62962 external-arm-toolchain: wrap base_libdir vs libdir manipulations under usrmerge check
With `usrmerge` disto feature `base_libdir` and `libdir` are the same,
so it does not make sense to:

* removing "duplicates" between them
* move files from `base_libdir` to `libdir`

This fixes build error

| mv: '.../tmp/work/cortexa15t2hf-neon-poky-linux-gnueabi/external-arm-toolchain/12.2.Rel1/image/usr/lib/libasan.a' and '.../tmp/work/cortexa15t2hf-neon-poky-linux-gnueabi/external-arm-toolchain/12.2.Rel1/image/usr/lib/libasan.a' are the same file

in case of `usrmerge` feature enabled.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:14:53 -05:00
Romain Naour 9a0451a959 external-arm-toolchain: remove old sed fixup for libc.so
As reported by Vasyl Vavrychuk [1], /${EAT_LIBDIR}/${EAT_TARGET_SYS}
is not present in libc.so in the latest prebuilt toolchains:

ARM32:
  $ cat ./gcc-arm-8.3-2019.03-x86_64-arm-linux-gnueabihf/arm-linux-gnueabihf/libc/usr/lib/libc.so
  OUTPUT_FORMAT(elf32-littlearm)
  GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-armhf.so.3 ) )

  $ cat ./gcc-arm-9.2-2019.12-x86_64-arm-none-linux-gnueabihf/arm-none-linux-gnueabihf/libc/usr/lib/libc.so
  OUTPUT_FORMAT(elf32-littlearm)
  GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-armhf.so.3 ) )

  $ cat ./arm-gnu-toolchain-12.3.rel1-x86_64-arm-none-linux-gnueabihf/arm-none-linux-gnueabihf/libc/usr/lib/libc.so
  OUTPUT_FORMAT(elf32-littlearm)
  GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-armhf.so.3 ) )

  $ cat ./arm-gnu-toolchain-13.3.rel1-x86_64-arm-none-linux-gnueabihf/arm-none-linux-gnueabihf/libc/usr/lib/libc.so
  OUTPUT_FORMAT(elf32-littlearm)
  GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-armhf.so.3 ) )

Aarch64:
  $ cat ./gcc-linaro-7.3.1-2018.05-x86_64_aarch64-linux-gnu/aarch64-linux-gnu/libc/usr/lib/libc.so
  OUTPUT_FORMAT(elf64-littleaarch64)
  GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-aarch64.so.1 ) )

  $ cat ./gcc-arm-9.2-2019.12-x86_64-aarch64-none-linux-gnu/aarch64-none-linux-gnu/libc/usr/lib64/libc.so
  OUTPUT_FORMAT(elf64-littleaarch64)
  GROUP ( /lib64/libc.so.6 /usr/lib64/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-aarch64.so.1 ) )

  $ cat ./arm-gnu-toolchain-12.3.rel1-x86_64-aarch64-none-linux-gnu/aarch64-none-linux-gnu/libc/usr/lib64/libc.so
  OUTPUT_FORMAT(elf64-littleaarch64)
  GROUP ( /lib64/libc.so.6 /usr/lib64/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-aarch64.so.1 ) )

  $ cat ./arm-gnu-toolchain-13.3.rel1-x86_64-aarch64-none-linux-gnu/aarch64-none-linux-gnu/libc/usr/lib64/libc.so
  OUTPUT_FORMAT(elf64-littleaarch64)
  GROUP ( /lib64/libc.so.6 /usr/lib64/libc_nonshared.a  AS_NEEDED ( /lib/ld-linux-aarch64.so.1 ) )

We can safely remove old sed fixup for libc.so.

[1] https://lists.yoctoproject.org/g/meta-arm/message/5565

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-14 16:12:08 -05:00
Ross Burton e7898787bb CI: don't use debug-tweaks
As of the following commit in oe-core[1]:

  classes-recipe/core-image: drop debug-tweaks IMAGE_FEATURE

The debug-tweaks feature is no longer valid. Replace it with the options
that we need to perform login over testimage.

[1] https://git.openembedded.org/openembedded-core/commit/?id=2c229f9542c6ba608912e14c9c3f783c3fa89349

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-08 09:00:03 -05:00
Hugues KAMBA MPIANA bf9010c684 arm-bsp/documentation: corstone1000: Add SystemReady IR v2.0 certification
- Add details on SystemReady IR v2.0 certification achievement
- Document additional patch added
- Update release notes with new milestone tag `CORSTONE1000-2024.06-systemready-ir-v2.0`

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-05 18:18:25 -05:00
Ziad Elhanafy ac05154c51 arm-systemready/linux-distros: Follow WORKDIR -> UNPACKDIR transition
This adapts to the oe-core rework to enforce a separate directory
for unpacking local sources (UNPACKDIR) instead of polluting WORKDIR
directly.

Follows the guidelines from:
https://lists.openembedded.org/g/openembedded-architecture/message/2007

Signed-off-by: Ziad Elhanafy <ziad.elhanafy@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-11-05 18:18:25 -05:00
Jon Mason 2fdc139084 arm-bsp/tc: remove all references to total compute
The tc files were removed some time ago, but there are still entries
in the bbappends trying to reference those files.  Remove them.

Fixes: 0af53c6453 ("arm-bsp: Remove tc1")
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-23 17:00:03 -04:00
Jon Mason 6165b9e7a1 arm-bsp/fvp-base: remove backported u-boot patches
With the recent update of u-boot to 2024.10, these patches are no longer
needed (as they are in this release).  Remove them and everything is
happy again.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-23 17:00:03 -04:00
Jon Mason e161d8aefb arm/scp-firmware: update to v2.15.0
Update SCP to the latest tagged version, and update the related patch to
the new location of the relevant files.

For a comparison of the changes, please go to
https://git.gitlab.arm.com/firmware/SCP-firmware/-/compare/v2.14.0...v2.15.0

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-14 13:00:03 -04:00
Jon Mason 8a03ee5fdf arm/edk2: update to 202408
Update edk2 to the latest stable release tag, and update edk2-platforms
to the last SHA that seems to work.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-14 13:00:03 -04:00
Ben 33fa7e75ed kas: Include unattended openSUSE test
Add unattended installation class to openSUSE target

Signed-off-by: Ben Cownley <ben.cownley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-08 10:00:09 -04:00
Ben 0e0b9e608c arm-systemready/oeqa: Add unattended installation testcase
Add test for openSUSE unattended installation

Signed-off-by: Ben Cownley <ben.cownley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-08 10:00:09 -04:00
Ben 02ba927dfc arm-systemready/linux-distros: Implement unattended openSUSE
Implement unattended installation for openSUSE

Signed-off-by: Ben Cownley <ben.cownley@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-08 10:00:09 -04:00
Javier Tia d315a5dec9 arm/uefi-secureboot: Add uefi capsule update support
UEFI capsule update is a mechanism that allows firmware updates to be
delivered and applied in a standardized way. It is part of the UEFI
specification and provides a way to update system firmware components
like the BIOS, UEFI drivers, or other platform firmware.

Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-07 21:00:04 -04:00
Jon Mason 40cc644285 CI: Rework qemuarm64-secureboot matrix
qemuarm64-secureboot is using systemd for uefi-secureboot, which has
warnings with musl (and fails to compile with clang and musl).  So,
modify the matrix to keep the coverage of everything else but musl.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-07 10:16:20 -04:00
Javier Tia a93bdc8e4e arm/uefi-secureboot: Add uefi http boot support
Enable network boot via HTTP protocol. Many embedded and server-class
systems use network boot for booting. Enabling network boot on devices
allows:

- Shipping devices without OS images. When we power up the device, the
  firmware can connect to the Internet and download and install suitable
  boot images for this specific device. Administrators can centrally
  manage the boot images and configuration files on a network server.
  This centralization streamlines the management of boot options and
  ensures consistency across all devices.

- This is particularly useful in enterprise environments. On mass
  deployments, there is a need to install the operating system on
  multiple devices simultaneously.

- Ability to maintain a completely diskless system if needed 

The plain HTTP protocol lacks encryption. It's intended to be used on
local networks. Secure http protocol support is under review. 

Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-07 00:00:04 -04:00
Khem Raj 72546aff89 layer.conf: Update to walnascar (5.2) layer/release series
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-04 23:00:03 -04:00
Javier Tia 847fd39b25 arm/qemuarm64-secureboot: Enable UEFI Secure Boot
Encapsulate all UEFI Secure Boot required settings in one Kas
configuration file.

Introduce SBSIGN_KEYS_DIR variable where UEFI keys will be generated
to sign UEFI binaries. 

Introduce uefi-secureboot machine feature, which is being used to
conditionally set the proper UEFI settings in recipes.

Replace Grub bootloader with systemd-boot, which it makes easier to
enable Secure Boot.

Advantages using systemd as Init Manager:

- Extending secure boot to userspace is a lot easier with systemd than
with sysvinit where custom scripts will need to be written for all use
cases.

- systemd supports dm-verity and TPM devices for encryption usecases out
of the box. Enabling them is a lot easier than writing custom scripts
for sysvinit.

- systemd also supports EUFI signing the UKI binaries which merge kernel,
command line and initrd which helps in bringing secure boot towards
rootfs.

- systemd offers a modular structure with unit files that are more
predictable and easier to manage than the complex and varied scripts
used by SysVinit. This modularity allows for better control and
customization of the boot process, which is beneficial in Secure Boot
environments.

- Add CI settings to build and test UEFI Secure Boot.

Add one test to verify Secure Boot using OE Testing infraestructure:

$ kas build ci/qemuarm64-secureboot.yml:ci/meta-secure-core.yml:ci/uefi-secureboot.yml:ci/testimage.yml
...
RESULTS - uefi_secureboot.UEFI_SB_TestSuite.test_uefi_secureboot: PASSED (0.62s)
...
SUMMARY:
core-image-base () - Ran 73 tests in 28.281s
core-image-base - OK - All required tests passed (successes=19, skipped=54, failures=0, errors=0)

Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> [yml file include fix]
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-04 10:27:35 -04:00
Javier Tia fc08510f22 arm: Enable Secure Boot in all required recipes
In the target, Secure Boot starts from the firmware (u-boot), adds the
signing keys, and verifies the bootloader (systemd-boot) and kernel
(Linux).

sbsign bbclass is used to sign the binaries. sbsign is the name of the
tool used to sign these binaries. Hence the name of this class to sbsign
and variables with SBSIGN prefix.

Signed-off-by: Javier Tia <javier.tia@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-03 18:00:04 -04:00
Mikko Rapeli 5720b1044f optee-client: switch systemd service to notify type
optee-client 4.3 supports systemd sd-notify to inform
systemd and other services that it has started.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-02 08:55:14 -04:00
Mikko Rapeli 210f5f7dcc arm/oeqa/optee.py: increase timeout value from 22 to 45 minutes
Tests are taking more time now and several devices are
timing out:

https://gitlab.com/jonmason00/meta-arm/-/pipelines/1467809227

qemuarm64-secureboot runs the test in 10 and
qemuarm-secureboot in 13 minutes.

Upstream optee CI shows xtest runs taking around 30 minutes on
slowest qemu machines:

https://github.com/OP-TEE/optee_os/actions/runs/10997530234?pr=7052

Guestimate limit to 45 minutes so that slowest and most loaded
machines could fit there too. optee xtest has internal test
specific timeouts so if something hangs it should be detected
earlier.

If these limits still cause issues, then we could disable some of
the longer running tests with "xtest -l" option. Default for
testing level is 1 but maybe 2 or 3 could be enough.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Cc: Jérôme Forissier <jerome@forissier.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-01 15:00:15 -04:00
Jon Mason 5c1407e904 arm/gn: update to latest commit
Update to the latest gn commit.
Changes in gn between b2afae122eeb6ce09c52d63f67dc53fc517dbdc8 and 95b0f8fe31a992a33c040bbe3867901335c12762
95b0f8fe31a9 Improve error message for duplicated items
e30a1fe26e5e [rust-project] Always use forward slashes in sysroot paths
20806f79c6b4 Update all_dependent_configs docs.
f792b9756418 set 'no_stamp_files' by default
60a28b636057 fix a typo
b5ff50936a72 Stop using transitional LFS64 APIs
a737c2849f13 do not use tool prefix for phony rule
e080b4d340c2 [rust] Add sysroot_src to rust-project.json
50ecf4c84d08 Implement and enable 'no_stamp_files'
4e4b8d989499 Add Target::dependency_output_alias()
225e90c5025b Add "outputs" to generated_file documentation.
9e0c7b7cefb2 Update bug database link.
d010e218ca70 remove a trailing space after variable bindings
32f63e70484f fix tool name in error
f190770a69a3 remove unused includes
54f5b539df8c Markdown optimization (follow-up)
e3d088c4b6ac Support link_output, depend_output in Rust linked tools.
fc8172f4a107 Properly verify runtime_outputs in rust tool definitions.
fdb90141934a BugFix: Syntax error in gen.py file
93550dc1701d generated_file: add output to input deps of stamp
449f3e4dfb45 Markdown optimization:
05eed8f6252e Revert "Rust: link_output, depend_output and runtime_outputs for dylibs"
8f2193f70793 hint using nogncheck on disallowed includes
0ee833e823f2 Rust: link_output, depend_output and runtime_outputs for dylibs
1b41f0502f87 Add missing reference section to function_toolchain.cc

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-01 15:00:15 -04:00
Jon Mason 453a531158 arm/arm-ffa-user: update to 5.0.2
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-01 15:00:15 -04:00
Jon Mason 5ead59d370 arm/opencsd: update to 1.5.4
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-01 15:00:15 -04:00
Jon Mason 6abc3b7daa arm/optee: update to 4.3.0
Update OP-TEE to version 4.3.0
NOTE: the license file in optee-test changed, but the license is the
same (commit a748f5fcd9ec8a574dc86a5aa56d05bc6ac174e7).  They chose to
change the URL of the licenses in question to be "LICENSE-GPL" and
"LICENSE-BSD".

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-10-01 15:00:15 -04:00
Jon Mason 7cce43e632 Revert "CI: switch to building against styhead branches where possible"
This reverts commit 2b1348d74f.

Revert to allow the meta-arm master branch to use the master branch of
other layers.
2024-10-01 11:08:47 -04:00
629 changed files with 40206 additions and 20263 deletions
+81 -78
View File
@@ -1,4 +1,4 @@
image: ${MIRROR_GHCR}/siemens/kas/kas:4.4
image: ${MIRROR_GHCR}/siemens/kas/kas:5.2
variables:
# These are needed as the k8s executor doesn't respect the container
@@ -9,18 +9,16 @@ variables:
CPU_REQUEST: ""
# The default machine tag for the build jobs
DEFAULT_TAG: ""
# The machine tag for the ACS test jobs
ACS_TAG: ""
# The directory to use as the persistent cache (the root for DL_DIR, SSTATE_DIR, etc)
CACHE_DIR: $CI_BUILDS_DIR/persist
# The directory to use as the persistent cache (the root for DL_DIR,
# SSTATE_DIR, etc). The default is the build tree which will not be
# persistent, so this should be set in the runner.
CACHE_DIR: $CI_PROJECT_DIR
# The container mirror to use
MIRROR_GHCR: ghcr.io
# Whether to run the SystemReady ACS tests
ACS_TEST: 0
# The list of extra Kas fragments to be used when building
EXTRA_KAS_FILES: ""
# The NVD API key to use when fetching CVEs
NVDCVE_API_KEY: ""
# Whether warnings should be fatal (0/1)
FATAL_WARNINGS: 0
stages:
- prep
@@ -33,29 +31,22 @@ stages:
stage: build
interruptible: true
variables:
KUBERNETES_CPU_REQUEST: $CPU_REQUEST
KAS_WORK_DIR: $CI_PROJECT_DIR/work
KAS_BUILD_DIR: $KAS_WORK_DIR/build
KAS_REPO_REF_DIR: $CACHE_DIR/repos
# Set this in the environment to enable local repository caches
KAS_REPO_REF_DIR: ""
SSTATE_DIR: $CACHE_DIR/sstate
DL_DIR: $CACHE_DIR/downloads
BB_LOGCONFIG: $CI_PROJECT_DIR/ci/logging.yml
TOOLCHAIN_DIR: $CACHE_DIR/toolchains
IMAGE_DIR: $KAS_BUILD_DIR/tmp/deploy/images
TOOLCHAIN_LINK_DIR: $KAS_BUILD_DIR/toolchains
before_script:
- echo KAS_WORK_DIR = $KAS_WORK_DIR
- echo SSTATE_DIR = $SSTATE_DIR
- echo DL_DIR = $DL_DIR
- rm -rf $KAS_WORK_DIR
- mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
# Must do this here, as it's the only way to make sure the toolchain is installed on the same builder
- ./ci/get-binary-toolchains $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
- mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR
# Generalised fragment to do a Kas build
.build:
extends: .setup
variables:
KUBERNETES_CPU_REQUEST: $CPU_REQUEST
rules:
# Don't run MR pipelines
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
@@ -72,16 +63,19 @@ stages:
# Catch all for everything else
- if: '$KERNEL != "linux-yocto-dev"'
script:
- KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
- echo KASFILES=$KASFILES
- kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
- kas build $KASFILES
- ./ci/check-warnings $KAS_BUILD_DIR/warnings.log
- kas shell ci/base.yml:lockfile.yml --command "$CI_PROJECT_DIR/ci/junit.sh $KAS_WORK_DIR/build"
- |
KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
echo KASFILES=$KASFILES
kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
kas build $KASFILES
if [ $FATAL_WARNINGS -ne 0 ]; then
./ci/check-warnings $KAS_BUILD_DIR/warnings.log
fi
kas shell ci/base.yml:lockfile.yml --command "$CI_PROJECT_DIR/ci/junit.sh $KAS_WORK_DIR/build"
artifacts:
name: "logs"
when: always
when: on_failure
expire_in: 1 week
paths:
- $KAS_BUILD_DIR/tmp*/work*/**/temp/log.do_*.*
- $KAS_BUILD_DIR/tmp*/work*/**/testimage/*
@@ -99,46 +93,45 @@ update-repos:
exit_codes: 128
script:
- |
flock --verbose --timeout 60 $KAS_REPO_REF_DIR ./ci/update-repos
exit_code=0
# Dump the environment for reference
printenv
# Update the reference repositories if needed
if [ -n "$KAS_REPO_REF_DIR" ]; then
flock --verbose --timeout 60 $KAS_REPO_REF_DIR --command ./ci/update-repos || exit_code=$?
# Exit now if that failed, unless the status was 128 (fetch failed)
test $exit_code != 0 -a $exit_code != 128 && exit 1
fi
# Only generate if doesn't already exist, to allow feature branches to drop one in.
if test -f lockfile.yml; then
echo Using existing lockfile.yml
else
# Be sure that this is the complete list of layers being fetched
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml:ci/meta-virtualization.yml | tee lockfile.yml
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml | tee lockfile.yml
fi
exit $exit_code
artifacts:
name: "lockfile"
when: always
paths:
- lockfile.yml
#
# Build stage, the actual build jobs
#
# Available options for building are
# Available options for building are (VIRT _must_ be last for ssh override)
# DISTRO: [poky, poky-altcfg, poky-tiny]
# KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
# TOOLCHAINS: [gcc, clang, external-gccarm]
# KERNEL: [linux-yocto, linux-yocto-dev]
# TOOLCHAINS: [gcc, clang]
# TCLIBC: [glibc, musl]
# FIRMWARE: [u-boot, edk2]
# TS: [none, trusted-services]
# VIRT: [none, xen]
# TESTING: testimage
# SECUREDEBUG: [none, secure-debug]
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: [fvp-base, corstone1000-fvp]
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
# Validate layers are Yocto Project Compatible
check-layers:
extends: .setup
@@ -157,7 +150,6 @@ corstone1000-fvp:
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
corstone1000-mps3:
extends: .build
@@ -168,6 +160,15 @@ corstone1000-mps3:
- FIRMWARE: none
SECUREDEBUG: [none, secure-debug]
corstone1000-a320-fvp:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
documentation:
extends: .setup
script:
@@ -199,7 +200,11 @@ fvp-base:
TESTING: testimage
- FIRMWARE: [u-boot, edk2]
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
- LTS: lts-revisions
TESTING: testimage
- KERNEL: linux-yocto-dev
LATEST: latest-revisions
TESTING: testimage
fvps:
extends: .build
@@ -244,6 +249,11 @@ musca-s1:
pending-updates:
extends: .setup
# Only run this job for the default branch (master), or if forced with
# BUILD_FORCE_PENDING_UPDATES.
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $BUILD_FORCE_PENDING_UPDATES != null
artifacts:
paths:
- update-report
@@ -252,19 +262,18 @@ pending-updates:
# This configuration has all of the layers we need enabled
- kas shell --update --force-checkout ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/meta-secure-core.yml:lockfile.yml --command \
"$CI_PROJECT_DIR/scripts/machine-summary.py -t report -o $CI_PROJECT_DIR/update-report $($CI_PROJECT_DIR/ci/listmachines.py meta-arm meta-arm-bsp)"
# Do this on x86 whilst the compilers are x86-only
tags:
- x86_64
qemuarm64-secureboot:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
- TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TCLIBC: [glibc, musl]
TS: [none, qemuarm64-secureboot-ts]
TESTING: testimage
- UEFISB: [none, uefi-secureboot]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
@@ -272,26 +281,18 @@ qemuarm64:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
FIRMWARE: [u-boot, edk2]
TESTING: testimage
qemuarm-secureboot:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
- TOOLCHAINS: [gcc, clang]
TCLIBC: [glibc, musl]
TESTING: testimage
- TOOLCHAINS: external-gccarm
- DISTRO: [poky, poky-altcfg]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
@@ -300,33 +301,38 @@ qemuarm:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
- TOOLCHAINS: [gcc, clang]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarmv5:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
KERNEL: [linux-yocto, linux-yocto-dev]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
rdn2:
extends: .build
parallel:
matrix:
- TESTING: testimage
rdv2:
extends: .build
parallel:
matrix:
- TESTING: testimage
sbsa-ref:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
- TOOLCHAINS: [gcc, clang]
TESTING: testimage
- DISTRO: poky-altcfg
TESTING: testimage
@@ -339,8 +345,5 @@ selftest:
- KASFILES=./ci/qemuarm64.yml:./ci/selftest.yml:lockfile.yml
- kas shell --update --force-checkout $KASFILES -c 'oe-selftest --num-processes 2 --select-tag meta-arm --run-all-tests'
sgi575:
extends: .build
toolchains:
extends: .build
-6
View File
@@ -1,6 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-firmware.yml
-19
View File
@@ -1,19 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-ir-acs.yml
env:
ACS_TEST: "0"
local_conf_header:
testimage: |
TESTIMAGE_AUTO = "${ACS_TEST}"
target:
- arm-systemready-ir-acs
- arm-systemready-linux-distros-debian
- arm-systemready-linux-distros-opensuse
- arm-systemready-linux-distros-fedora
+18 -13
View File
@@ -7,36 +7,41 @@ distro: poky
defaults:
repos:
branch: styhead
branch: master
repos:
bitbake:
url: https://git.openembedded.org/bitbake
layers:
bitbake: disabled
core:
url: https://git.openembedded.org/openembedded-core
layers:
meta:
meta-yocto:
url: https://git.yoctoproject.org/meta-yocto
layers:
meta-poky:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
layers:
meta:
meta-poky:
env:
BB_LOGCONFIG: ""
TOOLCHAIN_DIR: ""
BB_HASHSERVE: "auto"
local_conf_header:
base: |
CONF_VERSION = "2"
BB_SERVER_TIMEOUT = "300"
setup: |
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG:remove:pn-qemu-system-native = "gtk+ sdl"
PACKAGECONFIG:append:pn-perf = " coresight"
INHERIT += "rm_work"
extrapackages: |
CORE_IMAGE_EXTRA_INSTALL += "perf opencsd"
CORE_IMAGE_EXTRA_INSTALL += "perf"
CORE_IMAGE_EXTRA_INSTALL:append:aarch64 = " gator-daemon"
machine: unset
+1 -6
View File
@@ -3,11 +3,6 @@
header:
version: 14
repos:
meta-clang:
url: https://github.com/kraj/meta-clang
branch: master
local_conf_header:
toolchain: |
TOOLCHAIN = "clang"
PREFERRED_TOOLCHAIN_TARGET = "clang"
@@ -3,6 +3,6 @@
header:
version: 14
includes:
- ci/base.yml
- ci/corstone1000-fvp.yml
machine: sgi575
machine: corstone1000-a320-fvp
-21
View File
@@ -1,21 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cve: |
INHERIT += "cve-check"
# Allow the runner environment to provide an API key
NVDCVE_API_KEY = "${@d.getVar('BB_ORIGENV').getVar('NVDCVE_API_KEY') or ''}"
# Just show the warnings for our layers
CVE_CHECK_SHOW_WARNINGS = "0"
CVE_CHECK_SHOW_WARNINGS:layer-arm-toolchain = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-bsp = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-systemready = "1"
# Ignore the kernel, we sometime carry kernels in meta-arm
CVE_CHECK_SHOW_WARNINGS:pn-linux-yocto = "0"
+2 -2
View File
@@ -5,5 +5,5 @@ header:
# Add universally helpful features when testing boards
local_conf_header:
debug: |
EXTRA_IMAGE_FEATURES:append = " debug-tweaks"
rootlogin: |
EXTRA_IMAGE_FEATURES:append = " allow-empty-password empty-root-password allow-root-login"
+1 -1
View File
@@ -13,5 +13,5 @@ local_conf_header:
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "grub-efi"
QB_DEFAULT_BIOS = "QEMU_EFI.fd"
QB_DEFAULT_BIOS ??= "QEMU_EFI.fd"
WKS_FILE ?= "efi-disk.wks.in"
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cc: |
SKIP_RECIPE[gcc-cross-arm] = "Using external toolchain"
TCMODE = "external-arm"
EXTERNAL_TOOLCHAIN = "${TOPDIR}/toolchains/${TARGET_ARCH}"
# Disable ptest as this pulls target compilers, which don't
# work with external toolchain currently
DISTRO_FEATURES:remove = "ptest"
+27
View File
@@ -0,0 +1,27 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/fvp-base-ts.yml
- ci/meta-secure-core.yml
repos:
meta-secure-core:
layers:
meta-tpm2:
local_conf_header:
remove_secureboot: |
BBMASK += "efi-secure-boot"
ftpm_sp_test: |
# Include tpm2 related packages
IMAGE_INSTALL:append = " tpm2-tools-tests tpm2-abrmd tpm2-tss"
# Use systemd as the init system, which is required for the tpm2 self-tests
INIT_MANAGER = "systemd"
IMAGE_INSTALL:append = " systemd util-linux"
ts_ftpm_sp: |
MACHINE_FEATURES:append = " ts-ftpm"
RUN_TPM2_TESTS = "1"
+5 -4
View File
@@ -5,23 +5,24 @@ header:
includes:
- ci/fvp-base.yml
- ci/meta-openembedded.yml
- ci/testimage.yml
local_conf_header:
trusted_services: |
# Enable the needed test suites
TEST_SUITES = " ping ssh trusted_services"
TEST_SUITES:append = " trusted_services"
# Include all Secure Partitions into the image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its"
MACHINE_FEATURES:append = " ts-attestation ts-smm-gateway optee-spmc-test"
MACHINE_FEATURES:append = " ts-block-storage ts-fwu"
MACHINE_FEATURES:append = " ts-block-storage ts-fwu ts-logging"
MACHINE_FEATURES:append = " arm-branch-protection"
SMMGW_AUTH_VAR = "1"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL += "optee-test"
# Set the TS environment
TS_ENV="sp"
TS_ENV = "sp"
# Enable and configure semihosting
FVP_CONFIG[cluster0.cpu0.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu1.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
+6
View File
@@ -7,3 +7,9 @@ local_conf_header:
testimagefvp: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
IMAGE_CLASSES += "fvpboot"
networking_failing_tests: |
# These tests currently fail as the wrong IP for the build host is used
TEST_SUITES:remove = "opkg dnf"
target:
- core-image-base
+27 -4
View File
@@ -17,10 +17,33 @@ local_conf_header:
target:
# Target packages to test aarch64
- fvp-base-a-aem
- fvp-corstone1000
# Nativesdk to test x86-64
# Architecture Envelope Models (AEM) FVPs
- fvp-base-a-aem
- nativesdk-fvp-base-a-aem
# Arm Lumex CSS (Total Compute) FVPs
# These are x86 only... :(
- nativesdk-fvp-tc3
# Automotive FVPs
- fvp-rd1-ae
- nativesdk-fvp-rd1-ae
# Infrastructure FVPs
- fvp-rdv3-r1
- nativesdk-fvp-rdv3-r1
- fvp-rdv2
- nativesdk-fvp-rdv2
- fvp-rdn2
- nativesdk-fvp-rdn2
# IoT FVPs
- fvp-corstone1000
- nativesdk-fvp-corstone1000
- nativesdk-fvp-n1-edge
- nativesdk-fvp-sgi575
- fvp-corstone1000-a320
- nativesdk-fvp-corstone1000-a320
# Morello FVPs
# TBD
+2 -2
View File
@@ -3,7 +3,7 @@
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
#NOTE: This is the default. This is only being added for completeness/clarity
local_conf_header:
toolchain: |
TOOLCHAIN = "gcc"
PREFERRED_TOOLCHAIN_TARGET = "gcc"
+1 -1
View File
@@ -6,7 +6,7 @@ header:
- ci/base.yml
repos:
poky:
meta-yocto:
layers:
meta-yocto-bsp:
-51
View File
@@ -1,51 +0,0 @@
#!/bin/bash
set -u -e
BASENAME=arm-gnu-toolchain
VER=${VER:-13.3.rel1}
HOST_ARCH=${HOST_ARCH:-$(uname -m)}
# Use the standard kas container locations if nothing is passed into the script
DOWNLOAD_DIR="${1:-/builds/persist/downloads/}"
TOOLCHAIN_DIR="${2:-/builds/persist//toolchains/}"
TOOLCHAIN_LINK_DIR="${3:-build/toolchains/}"
# These should be already created by .gitlab-ci.yml, but do here if run outside of that env
mkdir -p $DOWNLOAD_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
download() {
TRIPLE=$1
URL=https://developer.arm.com/-/media/Files/downloads/gnu/$VER/binrel/$BASENAME-$VER-$HOST_ARCH-$TRIPLE.tar.xz
wget -P $DOWNLOAD_DIR -nc $URL
}
if [ $HOST_ARCH = "aarch64" ]; then
# AArch64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
elif [ $HOST_ARCH = "x86_64" ]; then
# x86_64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
# AArch64 GNU/Linux target
download aarch64-none-linux-gnu
else
echo "ERROR - Unknown build arch of $HOST_ARCH"
exit 1
fi
for i in arm aarch64; do
if [ ! -d $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*/ ]; then
if [ ! -f $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz ]; then
continue
fi
tar -C $TOOLCHAIN_DIR -axvf $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz
fi
# Setup a link for the toolchain to use local to the building machine (e.g., not in a shared location)
ln -s $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu* $TOOLCHAIN_LINK_DIR/$i
done
+16
View File
@@ -0,0 +1,16 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
latest_revisions: |
PREFERRED_VERSION_scp-firmware ?= "git"
PREFERRED_VERSION_trusted-firmware-a ?= "git"
PREFERRED_VERSION_trusted-firmware-m ?= "git"
PREFERRED_VERSION_optee-client ?= "git"
PREFERRED_VERSION_optee-examples ?= "git"
PREFERRED_VERSION_optee-os-tadevkit ?= "git"
PREFERRED_VERSION_optee-os ?= "git"
PREFERRED_VERSION_optee-test ?= "git"
PREFERRED_PROVIDER_u-boot = "u-boot:class-devupstream"
+11
View File
@@ -0,0 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
latest_revisions: |
PREFERRED_VERSION_trusted-firmware-a ?= "2.14.%"
PREFERRED_VERSION_tf-a-tests ?= "2.14.%"
PREFERRED_VERSION_trusted-firmware-m ?= "2.2.%"
PREFERRED_VERSION_trusted-firmware-m-scripts-native ?= "2.2.%"
-1
View File
@@ -6,7 +6,6 @@ header:
repos:
meta-secure-core:
url: https://github.com/Wind-River/meta-secure-core.git
branch: master
layers:
meta-secure-core-common:
meta-signing-key:
-11
View File
@@ -1,11 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
repos:
meta-virtualization:
url: https://git.yoctoproject.org/meta-virtualization
branch: master
+5
View File
@@ -6,6 +6,11 @@ header:
- ci/base.yml
- ci/meta-openembedded.yml
local_conf_header:
version_for_ci: |
# For better CI coverage, use the LTS version of tf-m
PREFERRED_VERSION_trusted-firmware-m ?= "2.2.%"
machine: musca-s1
target:
+1
View File
@@ -9,6 +9,7 @@ machine: qemuarm64-secureboot
target:
- core-image-base
- hafnium
local_conf_header:
optee: |
+14
View File
@@ -0,0 +1,14 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/fvp.yml
local_conf_header:
sshpregen: |
# Allow the use of the pregen keys as this is CI so safe
COMPATIBLE_MACHINE:pn-ssh-pregen-hostkeys:rdn2 = "rdn2"
machine: rdn2
+14
View File
@@ -0,0 +1,14 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/fvp.yml
local_conf_header:
sshpregen: |
# Allow the use of the pregen keys as this is CI so safe
COMPATIBLE_MACHINE:pn-ssh-pregen-hostkeys:rdv2 = "rdv2"
machine: rdv2
+1
View File
@@ -7,3 +7,4 @@ local_conf_header:
setup: |
BB_LOGCONFIG = ""
SANITY_TESTED_DISTROS = ""
INHERIT:remove = "rm_work"
+1 -3
View File
@@ -5,7 +5,5 @@ header:
local_conf_header:
sstate_mirror: |
BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
SSTATE_MIRRORS = "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
BB_HASHSERVE = "auto"
BB_SIGNATURE_HANDLER = "OEEquivHash"
OE_FRAGMENTS += "core/yocto/sstate-mirror-cdn"
+2 -2
View File
@@ -9,6 +9,8 @@ local_conf_header:
testimage: |
IMAGE_CLASSES += "testimage"
TESTIMAGE_AUTO = "1"
# Don't testimage initramfs
TESTIMAGE_AUTO:pn-core-image-initramfs-boot = "0"
kvm: |
QEMU_USE_KVM = ""
slirp: |
@@ -17,5 +19,3 @@ local_conf_header:
IMAGE_FEATURES += "ssh-server-dropbear"
sshkeys: |
CORE_IMAGE_EXTRA_INSTALL += "ssh-pregen-hostkeys"
universally_failing_tests: |
TEST_SUITES:remove = "opkg"
+50
View File
@@ -0,0 +1,50 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
# UEFI Secure Boot: A mechanism to ensure that only trusted software is executed
# during the boot process.
header:
version: 14
includes:
- ci/meta-openembedded.yml
- ci/meta-secure-core.yml
local_conf_header:
uefi_secureboot: |
SBSIGN_KEYS_DIR = "${TOPDIR}/sbkeys"
BB_ENV_PASSTHROUGH_ADDITIONS = "SBSIGN_KEYS_DIR"
# Detected by passing kernel parameter
QB_KERNEL_ROOT = ""
# kernel is in the image, should not be loaded separately
QB_DEFAULT_KERNEL = "none"
WKS_FILE = "efi-disk.wks.in"
KERNEL_IMAGETYPE = "Image"
MACHINE_FEATURES:append = " efi uefi-secureboot uefi-http-boot uefi-capsule-updates"
EFI_PROVIDER = "systemd-boot"
# Use systemd as the init system
INIT_MANAGER = "systemd"
IMAGE_INSTALL:append = " systemd systemd-boot util-linux coreutils"
TEST_SUITES:append = " uefi_secureboot uki"
IMAGE_CLASSES += "uki"
IMAGE_CLASSES += "sbsign"
UKI_SB_KEY = "${SBSIGN_KEY}"
UKI_SB_CERT = "${SBSIGN_CERT}"
IMAGE_BOOT_FILES:remove = "Image"
INITRAMFS_IMAGE = "core-image-initramfs-boot"
# not for initramfs image recipe
IMAGE_CLASSES:remove:pn-core-image-initramfs-boot = "uki"
IMAGE_CLASSES:remove:pn-core-image-initramfs-boot = "sbsign"
IMAGE_CLASSES:remove:pn-core-image-initramfs-boot = "testimage"
IMAGE_FEATURES:remove:pn-core-image-initramfs-boot = "ssh-server-dropbear"
CORE_IMAGE_EXTRA_INSTALL:remove:pn-core-image-initramfs-boot = "ssh-pregen-hostkeys"
+2 -4
View File
@@ -20,10 +20,8 @@ def repo_shortname(url):
.replace('*', '.'))
repositories = (
"https://git.yoctoproject.org/git/poky",
"https://git.yoctoproject.org/poky",
"https://git.openembedded.org/meta-openembedded",
"https://git.yoctoproject.org/git/meta-virtualization",
"https://github.com/kraj/meta-clang",
)
if __name__ == "__main__":
@@ -44,7 +42,7 @@ if __name__ == "__main__":
if repodir.exists():
try:
print("Updating %s..." % repo)
subprocess.run(["git", "-C", repodir, "-c", "gc.autoDetach=false", "fetch"], check=True)
subprocess.run(["git", "-C", repodir, "-c", "gc.autoDetach=false", "fetch", repo], check=True)
except subprocess.CalledProcessError as e:
print(e)
failed = True
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-virtualization.yml
local_conf_header:
meta-virt: |
DISTRO_FEATURES:append = " virtualization xen"
target:
- xen-image-minimal
+18
View File
@@ -28,6 +28,13 @@ Note that currently meta-arm's `scripts` directory isn't in `PATH`, so a full pa
`runfvp` will automatically start terminals connected to each of the serial ports that the machine specifies. This can be controlled by using the `--terminals` option, for example `--terminals=none` will mean no terminals are started, and `--terminals=tmux` will start the terminals in [`tmux`][tmux] sessions. Alternatively, passing `--console` will connect the serial port directly to the current session, without needing to open further windows.
The tool attempts to automatically select a suitable terminal type. To see which terminal type is selected by default in your environment, run `runfvp --help`.
`runfvp` determines availability by checking for required executables in your PATH as well as environment variables specific to each terminal type. If any of these checks fail, the corresponding terminal type is disabled.
The --help output also lists all currently available terminal types.
When using `-terminals=screen`, `runfvp` must be launched from within an existing [`screen`][screen] session. Normally, screen sets the `STY` environment variable to reference the current session. However, if the session is renamed or if `kas` is started from within the screen session, this value may become invalid or be lost. In such cases, `STY` must be set manually. Use `screen -ls` to view the list of currently attached sessions.
The default terminal can also be configured by writing a [INI-style][INI] configuration file to `~/.config/runfvp.conf`:
```
@@ -59,6 +66,16 @@ There are recipes for common FVPs in meta-arm already, and writing new recipes i
If `FVP_PROVIDER` is not set then it is assumed that `FVP_EXE` is installed on the host already.
### `FVP_BINDIR`
Optional parameter to configure the path of the FVP binary. For example, `fvp-base` uses path from the build host by default. This path can be customized by configuring like below.
```
FVP_BINDIR ?= "utilities/fvp/usr/bin"
```
Potential use case for this parameter configuration is to execute `runfvp` script without the need for bitbake environment initialization.
### `FVP_CONFIG`
Parameters passed to the FVP with the `--parameter`/`-C` option. These are expressed as variable flags so individual parameters can be altered easily. For example:
@@ -129,3 +146,4 @@ FVP_ENV_PASSTHROUGH = "ARMLMD_LICENSE_FILE FM_TRACE_PLUGINS"
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[tmux]: https://tmux.github.io/
[INI]: https://docs.python.org/3/library/configparser.html
[screen]: https://www.gnu.org/software/screen/
+86 -7
View File
@@ -5,21 +5,27 @@ in `meta-arm/recipes-security/trusted-services`
## Secure Partitions recipes
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions.
These recipes produce ELF and DTB files for SPs.
These files are automatically included into optee-os image accordingly to defined MACHINE_FEATURES.
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions, which produce executables and
manifest binaries (DT files) for SPs.
The Secure Partitions are compatible with any SPMC implementation that complies with the FF-A specification. Meta-arm
currently supports OP-TEE SPMC, and when enabled, the Secure Partition binaries are automatically included in the
optee-os image based on the defined MACHINE_FEATURES. For more details bout OP-TEE SPMC please refer to the
[OP-TEE documentation][^6].
### How to include TS SPs
To include TS SPs into optee-os image you need to add into MACHINE_FEATURES
features for each [Secure Partition][^2] you would like to include:
To include TS SPs into the firmware image add the corresponding feature flags to the MACHINE_FEATURES variable for each
[Secure Partition][^2] you would like to include :
| Secure Partition | MACHINE_FEATURE |
| ----------------- | --------------- |
| Attestation | ts-attesation |
| Crypto | ts-crypto |
| Firmware Update | ts-fwu
| Firmware Update | ts-fwu |
| fTPM | ts-ftpm |
| Internal Storage | ts-its |
| Logging | ts-logging |
| Protected Storage | ts-storage |
| se-proxy | ts-se-proxy |
| smm-gateway | ts-smm-gateway |
@@ -46,6 +52,15 @@ Other steps depend on your machine/platform definition:
4. Trusted Services supports an SPMC agonistic binary format. To build SPs to this format the `TS_ENV` variable is to be
set to `sp`. The resulting SP binaries should be able to boot under any FF-A v1.1 compliant SPMC implementation.
### Example configurations
The `meta-arm/ci` directory contains various TS focused [KAS][^7] configuration files:
| File name | Description |
|-----------|-------------|
| ci/fvp-base-ts-ftpm.yml |Enabling the fTPM SP on the fvp-base machine|
| ci/fvp-base-ts.yml |TS config for the fvp-base machine|
| ci/qemuarm64-secureboot-ts.yml |TS config for quemuarm64-secureboot machine|
## Normal World applications
@@ -54,9 +69,67 @@ Optionally for testing purposes you can add `packagegroup-ts-tests` into your im
## OEQA Trusted Services tests
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
See `ci/trusted-services.yml` for an example how to include them into an image.
## Configuration options
Some TS recipes support yocto variables to set build configuration. These variables can be set in .conf files (machine
specific or local.conf), or .bbappend files.
### SmmGW SP
The recipe supports the following configuration variables
| Variable name | Type | Description |
|-----------------------|------|--------------------------------------------------------------------------------------------------------|
| SMMGW_AUTH_VAR | Bool | Enable Authenticated variable support |
| SMMGW_INTERNAL_CRYPTO | Bool | Use MbedTLS build into SmmGW for authentication related crypto operations. Depends on SMMGW_AUTH_VAR=1 |
fTPM tests are supported by OEQA but are disabled by default due to their lengthy execution time. To enable them, set the RUN_TPM2_TESTS
variable e.g. in local.conf.
The list of supported test cases can be found in the `tests` array in the `meta-arm/recipes-tpm/tpm2-tools/files/tpm2-test-all` script.
These can be ran one-by-one, but currently running all of them by calling `tpm2-test-all` results in a failure of the `tpm2-abmrd` tool.
The tests not supported are listed in the same script under the `Failing tests:` line.
This script was created to meet the needs of the Trusted Services project, but in the future it should be updated to be configurable to
support generic usage. The aforementioned issue shall also be solved, so the supported tests could run together.
### fTPM SP
The fTPM SP is an experimental feature. Please refer to the [TS documentation][^5] for details on limitations.
The current integration enables the fTPM Secure Partition and supports running tpm2-tools tests to verify correct
functionality. Secure Boot and other features that leverage TPM capabilities are not enabled currently.
Configuration variables of the recipe:
| Variable name | Type | Description |
|-----------------------|------|--------------------------------------------------------------------------------------------------------|
| RUN_TPM2_TESTS | Bool | Enable automatic execution of TPM tests from OEQA to verify the TS fTPM SP |
The current integration targeting the fvp-base machine enables fTPM SP and allows running the tests. To reproduce the
build please use `ci/fvp-base-ts-ftpm.yml`. This configuration:
- deploys the SP in the SWd
- amends the Linux kernel configuration:
- enables the tpm-crb driver
- add a patch to allow DTB based discovery
- deploys user-space components (tpm2-tss, tpm2-abrmd, tmp2-tools)
- configures the initialization system to start tpm2-abrmd.
The configuration leverages tpm2 components form meta-secure-core layer.
Validation can be performed by running the script located at `meta-arm/recipes-tpm/tpm2-tools/files/tpm2-test-all`. This
script runs a subset of tpm2 tests. While all tpm2 test pass when executed individually, executing the entire test suite
in a sequence leads to a failure of the `tpm2-abmrd` tool. As a workaround some test cases are disabled in the script.
You can find the list of disabled tests marked under the `Failing tests` section of the script.
Note: tpm2 tests was designed to validate the tpm2 reference stack. Its use for verifying the fTPM SP is not fully
aligned with this intent. As such, the current validation approach is considered “best effort” and is suitable for
development purposes. A more appropriate and comprehensive test suite should be selected for future validation.
------
[^1]: https://trusted-services.readthedocs.io/en/integration/overview/index.html
@@ -66,3 +139,9 @@ See `ci/trusted-services.yml` for an example how to include them into an image.
[^3]: https://trusted-services.readthedocs.io/en/integration/deployments/test-executables.html
[^4]: https://optee.readthedocs.io/en/latest/building/gits/optee_test.html
[^5]: https://trusted-services.readthedocs.io/en/integration/services/tpm-service-description.html
[^6]: https://optee.readthedocs.io/en/latest/architecture/spmc.html
[^7]: https://kas.readthedocs.io
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
repos:
meta-arm:
layers:
meta-arm-systemready:
distro: nodistro
target:
- arm-systemready-firmware
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
env:
TESTIMAGE_AUTO: "1"
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
target:
- arm-systemready-ir-acs
@@ -1,7 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
target:
- arm-systemready-linux-distros-debian
@@ -1,8 +0,0 @@
header:
version: 16
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-fedora
@@ -1,7 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
target:
- arm-systemready-linux-distros-opensuse
@@ -1,11 +0,0 @@
header:
version: 16
env:
DISTRO_UNATTENDED_INST_TESTS:
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
local_conf_header:
systemready-unattended-inst: |
TESTIMAGE_AUTO = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "1", "", d)}"
+22
View File
@@ -0,0 +1,22 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
local_conf_header:
testimagefvp: |
IMAGE_CLASSES += "fvpboot"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
machine: corstone1000-a320-fvp
+17 -9
View File
@@ -8,22 +8,30 @@ defaults:
branch: master
repos:
bitbake:
url: https://git.openembedded.org/bitbake
layers:
bitbake: disabled
core:
url: https://git.openembedded.org/openembedded-core
layers:
meta:
meta-yocto:
url: https://git.yoctoproject.org/meta-yocto
layers:
meta-poky:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
# commit: 2e9c2a2381105f1306bcbcb54816cbc5d8110eff
layers:
meta:
meta-poky:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
# commit: 1750c66ae8e4268c472c0b2b94748a59d6ef866d
# commit: 461d85a1831318747af5abe86da193bcde3fd9b4
layers:
meta-oe:
meta-python:
@@ -31,7 +39,7 @@ repos:
meta-secure-core:
url: https://github.com/wind-river/meta-secure-core.git
# commit: e29165a1031dcf601edbed1733cedd64826672a5
# commit: 59d7e90542947c342098863b9998693ac79352b0
layers:
meta-secure-core-common:
meta-signing-key:
+3
View File
@@ -4,3 +4,6 @@ header:
local_conf_header:
extsys: |
MACHINE_FEATURES += "corstone1000-extsys"
# external system firmware
CORE_IMAGE_EXTRA_INSTALL:firmware += "external-system-elf"
+1 -1
View File
@@ -10,7 +10,7 @@ local_conf_header:
OVERRIDES .= ":firmware"
# Need to ensure we build with a small libc
TCLIBC="musl"
TCLIBC = "musl"
mass-storage: |
# Ensure the Mass Storage device is absent
+8 -5
View File
@@ -23,6 +23,11 @@ local_conf_header:
INIT_MANAGER:firmware = "mdev-busybox"
VIRTUAL-RUNTIME_init_manager:firmware = "busybox"
# This guarantees module auto-loading support at boot
# by adding /etc/init.d/modutils.sh and /etc/rcS.d/ files
CORE_IMAGE_EXTRA_INSTALL:append = " modutils-initscripts"
DISTRO_FEATURES:append = " sysvinit"
# prevent the kernel image from being included in the intramfs rootfs
PACKAGE_EXCLUDE:firmware += "kernel-image-*"
@@ -40,10 +45,8 @@ local_conf_header:
CORE_IMAGE_EXTRA_INSTALL += "packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL:firmware += "packagegroup-ts-tests-psa"
# external system firmware
CORE_IMAGE_EXTRA_INSTALL:firmware += "external-system-elf"
capsule: |
# These variables are set here since they are not defined in the arm-systemready-firmware recipe or under multiconfig mode.
CAPSULE_EXTENSION = "uefi.capsule"
CAPSULE_FW_VERSION = "6"
CAPSULE_NAME = "${MACHINE}-v${CAPSULE_FW_VERSION}"
CAPSULE_VERSION = "6"
CAPSULE_NAME = "${MACHINE}-v${CAPSULE_VERSION}"
@@ -4,5 +4,5 @@ header:
version: 14
local_conf_header:
fvp-multicore: |
MACHINE_FEATURES += "corstone1000_fvp_smp"
multicore: |
MACHINE_FEATURES += "corstone1000_smp"
+13
View File
@@ -0,0 +1,13 @@
header:
version: 14
includes:
- ci/debug.yml
local_conf_header:
sshd: |
IMAGE_FEATURES += "ssh-server-dropbear"
fvp_sshkeys: |
CORE_IMAGE_EXTRA_INSTALL:append = " ssh-pregen-hostkeys"
target:
- core-image-minimal
+3 -6
View File
@@ -9,7 +9,7 @@ BBFILE_COLLECTIONS += "meta-arm-bsp"
BBFILE_PATTERN_meta-arm-bsp = "^${LAYERDIR}/"
BBFILE_PRIORITY_meta-arm-bsp = "5"
LAYERSERIES_COMPAT_meta-arm-bsp = "styhead"
LAYERSERIES_COMPAT_meta-arm-bsp = "wrynose"
LAYERDEPENDS_meta-arm-bsp = "core meta-arm"
# This won't be used by layerindex-fetch, but works everywhere else
@@ -20,11 +20,8 @@ LAYERDEPENDS_meta-arm-bsp:append:musca-s1 = " meta-python"
# Additional license directories.
LICENSE_PATH += "${LAYERDIR}/custom-licenses"
BBFILES_DYNAMIC += " \
meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bb \
meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bbappend \
"
WARN_QA:append:layer-meta-arm-bsp = " patch-status"
addpylib ${LAYERDIR}/lib oeqa
IMAGE_ROOTFS_EXTRA_ARGS ?= ""
@@ -0,0 +1,17 @@
#@TYPE: Machine
#@NAME: corstone1000-a320-fvp machine
#@DESCRIPTION: Machine configuration for Corstone1000 64-bit FVP with A320 CPU
require conf/machine/include/corstone1000-a320.inc
require conf/machine/corstone1000-fvp.conf
# Ethos-U85 FVP configuration
ETHOSU_NUM_MACS ?= "256"
FVP_CONFIG[host.ethosu.num_macs] = "${ETHOSU_NUM_MACS}"
# Reuse FVP recipe overrides
MACHINEOVERRIDES .= ":corstone1000-fvp"
# Override FVP executable provider and executable name.
FVP_PROVIDER:corstone1000-a320-fvp ??= "fvp-corstone1000-a320-native"
FVP_EXE:corstone1000-a320-fvp = "FVP_Corstone-1000-A320"
@@ -3,10 +3,17 @@
#@DESCRIPTION: Machine configuration for Corstone1000 64-bit FVP
require conf/machine/include/corstone1000.inc
require ${@bb.utils.contains('MACHINE_FEATURES', 'corstone1000-extsys', \
'conf/machine/include/corstone1000-extsys.inc', '', d)}
TFA_TARGET_PLATFORM = "fvp"
TFM_PLATFORM_IS_FVP = "TRUE"
CORSTONE_1000_TYPE = "CORSTONE_1000_TYPE_CORTEX_A35_FVP"
WKS_FILE:firmware ?= "corstone1000-flash-firmware-fvp.wks.in"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
@@ -18,13 +25,12 @@ FVP_EXE ?= "FVP_Corstone-1000"
FVP_CONSOLES[default] = "host_terminal_0"
FVP_CONSOLES[tf-a] = "host_terminal_1"
FVP_CONSOLES[se] = "secenc_terminal"
FVP_CONSOLES[extsys] = "extsys_terminal"
#Disable Time Annotation
FASTSIM_DISABLE_TA = "0"
# FVP Parameters
FVP_CONFIG[se.trustedBootROMloader.fname] ?= "bl1.bin"
FVP_CONFIG[se.trustedBootROMloader.fname] ?= "trusted-firmware-m/bl1.bin"
FVP_CONFIG[board.xnvm_size] ?= "64"
FVP_CONFIG[se.trustedSRAM_config] ?= "6"
FVP_CONFIG[se.BootROM_config] ?= "3"
@@ -41,14 +47,11 @@ FVP_CONFIG[se.cryptocell.USER_OTP_FILTERING_DISABLE] ?= "1"
# Boot image
FVP_DATA ?= "board.flash0=corstone1000-flash-firmware-image-${MACHINE}.wic@0x68000000"
# External system (cortex-M3)
FVP_CONFIG[extsys_harness0.extsys_flashloader.fname] ?= "es_flashfw.bin"
# FVP Terminals
FVP_TERMINALS[host.host_terminal_0] ?= "Normal World Console"
FVP_TERMINALS[host.host_terminal_1] ?= "Secure World Console"
FVP_TERMINALS[se.secenc_terminal] ?= "Secure Enclave Console"
FVP_TERMINALS[extsys0.extsys_terminal] ?= "Cortex M3"
# MMC card configuration
FVP_CONFIG[board.msd_mmc.card_type] ?= "SDHC"
@@ -57,7 +60,7 @@ FVP_CONFIG[board.msd_mmc.diagnostics] ?= "0"
FVP_CONFIG[board.msd_mmc.p_max_block_count] ?= "0xFFFF"
FVP_CONFIG[board.msd_config.pl180_fifo_depth] ?= "16"
FVP_CONFIG[board.msd_mmc.support_unpadded_images] ?= "true"
FVP_CONFIG[board.msd_mmc.p_mmc_file] ?= "${IMAGE_NAME}.wic"
FVP_CONFIG[board.msd_mmc.p_mmc_file] ?= "${IMAGE_LINK_NAME}.wic"
# MMC2 card configuration
FVP_CONFIG[board.msd_mmc_2.card_type] ?= "SDHC"
@@ -6,4 +6,9 @@ require conf/machine/include/corstone1000.inc
TFA_TARGET_PLATFORM = "fpga"
PLATFORM_IS_FVP = "FALSE"
# Unlike the FVP, MPS3 supports CoreSight
MACHINE_FEATURES += "coresight"
CORSTONE_1000_TYPE = "CORSTONE_1000_TYPE_CORTEX_A35_MPS3"
WKS_FILE:firmware ?= "corstone1000-flash-firmware-mps3.wks.in"
+16 -9
View File
@@ -4,7 +4,13 @@
#@NAME: Armv8-A Base Platform FVP machine
#@DESCRIPTION: Machine configuration for Armv8-A Base Platform FVP model
require conf/machine/include/arm/arch-armv8-4a.inc
require conf/machine/include/arm/arch-armv8-5a.inc
# Set variables here to make it easier to change Instruction Set Architectures
# on the FVP Base machine, which should make it easier to test both the tunes
# and the virtual hardware. These variables are set via the DEFAULT_TUNE
ARM_ISA_MAJOR = "${@int(d.getVar('ARMPKGARCH').split('v')[1][0])}"
ARM_ISA_MINOR = "${@int(d.getVar('ARMPKGARCH')[d.getVar('ARMPKGARCH').find('-')+1]) if '-' in d.getVar('ARMPKGARCH') else 0 }"
ARM_SYSTEMREADY_FIRMWARE = "trusted-firmware-a:do_deploy"
ARM_SYSTEMREADY_ACS_CONSOLE = "default"
@@ -17,8 +23,6 @@ IMAGE_FSTYPES += "wic"
WKS_FILE ?= "efi-disk.wks.in"
SERIAL_CONSOLES = "115200;ttyAMA0"
# FIXME - This is being upstreamed. Remove once that has occurred.
KERNEL_CONSOLE ?= "${@','.join(d.getVar('SERIAL_CONSOLES').split(' ')[0].split(';')[::-1]) or 'ttyS0'}"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
KERNEL_DTB_NAME = "fvp-base-revc.dtb"
@@ -54,12 +58,15 @@ FVP_CONFIG[cluster0.check_memory_attributes] ?= "0"
FVP_CONFIG[cluster1.check_memory_attributes] ?= "0"
FVP_CONFIG[cluster0.stage12_tlb_size] ?= "1024"
FVP_CONFIG[cluster1.stage12_tlb_size] ?= "1024"
FVP_CONFIG[bp.secureflashloader.fname] ?= "bl1-fvp.bin"
FVP_CONFIG[bp.flashloader0.fname] ?= "fip-fvp.bin"
FVP_CONFIG[bp.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic"
# Set the baseline to ARMv8.4, as the default is 8.0.
FVP_CONFIG[cluster0.has_arm_v8-4] = "1"
FVP_CONFIG[cluster1.has_arm_v8-4] = "1"
FVP_CONFIG[bp.secureflashloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[bp.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[bp.virtioblockdevice.image_path] ?= "${IMAGE_LINK_NAME}.wic"
# FVP Base default is 8.0, so there is no has_arm_v8-0 for it. However, this is needed for every version after. So set this accordingly
FVP_EXTRA_ARGS = "--parameter cluster0.has_arm_v${ARM_ISA_MAJOR}-${ARM_ISA_MINOR}=1 --parameter cluster1.has_arm_v${ARM_ISA_MAJOR}-${ARM_ISA_MINOR}=1"
FVP_EXTRA_ARGS += "${@bb.utils.contains('TUNE_FEATURES', 'sve', '--parameter cluster0.has_sve=1 --parameter cluster1.has_sve=1', '', d)}"
FVP_EXTRA_ARGS += "${@bb.utils.contains('TUNE_FEATURES', 'sve2', '--parameter cluster0.sve.has_sve2=1 --parameter cluster1.sve.has_sve2=1', '', d)}"
FVP_CONSOLES[default] = "terminal_0"
FVP_TERMINALS[bp.terminal_0] ?= "Console"
FVP_TERMINALS[bp.terminal_1] ?= ""
@@ -0,0 +1,4 @@
# Cortex-A320 variant of the Corstone-1000 platform.
MACHINEOVERRIDES =. "corstone1000-a320:"
MACHINE_FEATURES += "cortexa320"
OVERRIDES .= ":cortexa320"
@@ -0,0 +1,6 @@
FVP_CONSOLES[extsys] = "extsys_terminal"
FVP_CONFIG[extsys_harness0.extsys_flashloader.fname] = "es_flashfw.bin"
FVP_TERMINALS[extsys0.extsys_terminal] = "Cortex M3"
@@ -1,20 +1,24 @@
require conf/machine/include/arm/armv8a/tune-cortexa35.inc
TUNE_FILE = "conf/machine/include/arm/armv8a/tune-cortexa35.inc"
TUNE_FILE:cortexa320 = "conf/machine/include/arm/arch-armv9-2a.inc"
require ${TUNE_FILE}
MACHINEOVERRIDES =. "corstone1000:"
# TF-M
PREFERRED_VERSION_trusted-firmware-m ?= "2.1.%"
PREFERRED_VERSION_trusted-firmware-m ?= "2.2.%"
PREFERRED_VERSION_trusted-firmware-m-scripts-native ?= "2.2.%"
# TF-A
TFA_PLATFORM = "corstone1000"
PREFERRED_VERSION_trusted-firmware-a ?= "2.11.%"
PREFERRED_VERSION_tf-a-tests ?= "2.10.%"
PREFERRED_VERSION_trusted-firmware-a ?= "2.14.%"
PREFERRED_VERSION_tf-a-tests ?= "2.14.%"
TFA_BL2_BINARY = "bl2-corstone1000.bin"
TFA_FIP_BINARY = "fip-corstone1000.bin"
# optee
PREFERRED_VERSION_optee-os ?= "4.2.%"
PREFERRED_VERSION_optee-os ?= "4.9.%"
PREFERRED_VERSION_optee-client ?= "4.9.%"
# Trusted Services
TS_PLATFORM = "arm/corstone1000"
@@ -22,8 +26,8 @@ TS_SP_SE_PROXY_CONFIG = "corstone1000"
# Include smm-gateway and se-proxy SPs into optee-os binary
MACHINE_FEATURES += "ts-smm-gateway ts-se-proxy"
# u-boot
PREFERRED_VERSION_u-boot ?= "2023.07%"
# U-Boot
PREFERRED_VERSION_u-boot ?= "2025.10"
MACHINE_FEATURES += "efi"
EFI_PROVIDER ?= "grub-efi"
@@ -34,7 +38,7 @@ IMAGE_CMD:wic[vardeps] += "GRUB_LINUX_APPEND"
# Linux kernel
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
PREFERRED_VERSION_linux-yocto ?= "6.10.%"
PREFERRED_VERSION_linux-yocto ?= "6.19%"
KERNEL_IMAGETYPE = "Image"
KERNEL_IMAGETYPE:firmware = "Image.gz"
# add FF-A support in the kernel
@@ -49,7 +53,6 @@ IMAGE_FSTYPES += "wic"
# Need to clear the suffix so TESTIMAGE_AUTO works
IMAGE_NAME_SUFFIX = ""
WKS_FILE ?= "efi-disk-no-swap.wks.in"
WKS_FILE:firmware ?= "corstone1000-flash-firmware.wks.in"
# making sure EXTRA_IMAGEDEPENDS will be used while creating the image
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
@@ -63,3 +66,11 @@ ARM_SYSTEMREADY_FIRMWARE = "${FIRMWARE_DEPLOYMENT}:do_deploy \
corstone1000-esp-image:do_image_complete \
"
ARM_SYSTEMREADY_ACS_CONSOLE ?= "default"
# Workaround IMAGE_ROOTFS_EXTRA_SPACE being ignored when images are repacked
IMAGE_ROOTFS_EXTRA_ARGS += "--extra-filesystem-space ${@${IMAGE_ROOTFS_EXTRA_SPACE}}K"
# Enable Authenticated variable support in SmmGW
SMMGW_AUTH_VAR = "1"
# Use MbedTLS build into SmmGW for authentication related crypto operations.
SMMGW_INTERNAL_CRYPTO = "1"
+1 -1
View File
@@ -8,7 +8,7 @@ TUNE_FEATURES = "aarch64"
require conf/machine/include/arm/arch-armv8a.inc
MACHINE_FEATURES = "usbhost usbgadget alsa screen wifi bluetooth optee pci"
MACHINE_FEATURES = "usbhost usbgadget alsa screen wifi bluetooth optee pci coresight"
KERNEL_IMAGETYPE = "Image.gz"
KERNEL_DEVICETREE = "arm/juno.dtb arm/juno-r1.dtb arm/juno-r2.dtb"
+63
View File
@@ -0,0 +1,63 @@
# Configuration for Arm Neoverse N2 Reference Design development board
#@TYPE: Machine
#@NAME: RD N2
#@DESCRIPTION: Machine configuration for RD N2
require conf/machine/include/arm/armv9a/tune-neoversen2.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA2"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES:forcevariable = "cpio.gz wic"
IMAGE_NAME_SUFFIX = ""
IMAGE_CLASSES += "fvpboot"
WKS_FILE ?= "efi-disk.wks.in"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices"
TEST_FVP_DEVICES ?= "watchdog networking"
# FVP Config
FVP_PROVIDER ?= "fvp-rdn2-native"
FVP_EXE ?= "FVP_RD_N2"
FVP_DATA ?= "css.scp.armcortexm7ct=scp-firmware/scp_ramfw.bin@0x0BD80000 \
css.mcp.armcortexm7ct=scp-firmware/mcp_ramfw.bin@0x0BF80000"
FVP_CONFIG[css.gic_distributor.ITS-device-bits] ?= "20"
FVP_CONFIG[css.mcp.ROMloader.fname] ?= "scp-firmware/mcp_romfw.bin"
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp-firmware/scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[board.dram_size] ?= "0x200000000"
# Virtio configuration
FVP_CONFIG[board.virtio_net.enabled] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] = "2222=22"
FVP_CONFIG[board.virtioblockdevice.image_path] ?= "${IMAGE_LINK_NAME}.wic"
FVP_CONSOLES[default] = "terminal_ns_uart_ap"
FVP_TERMINALS[css.scp.terminal_uart_scp] ?= "SCP Console"
FVP_TERMINALS[css.mcp.terminal_uart_mcp] ?= "MCP Console"
FVP_TERMINALS[css.terminal_ns_uart_ap] ?= "NS Console"
FVP_TERMINALS[css.terminal_s_uart_ap] ?= "S Console"
# Seeing intermittent test timeout errors in CI where the boot is almost
# complete. Lengthen the timeout to allow for more opportunity to
# complete successfully.
TEST_FVP_LINUX_BOOT_TIMEOUT = "900"
+65
View File
@@ -0,0 +1,65 @@
# Configuration for Arm Neoverse V2 Reference Design development board
#@TYPE: Machine
#@NAME: RD V2
#@DESCRIPTION: Machine configuration for RD V2
#FIXME - doesn't boot with armv9 tunes
#require conf/machine/include/arm/arch-armv9a.inc
require conf/machine/include/arm/arch-armv8a.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA2"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES:forcevariable = "cpio.gz wic"
IMAGE_NAME_SUFFIX = ""
IMAGE_CLASSES += "fvpboot"
WKS_FILE ?= "efi-disk.wks.in"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices"
TEST_FVP_DEVICES ?= "watchdog networking"
# FVP Config
FVP_PROVIDER ?= "fvp-rdv2-native"
FVP_EXE ?= "FVP_RD_V2"
FVP_DATA ?= "css.scp.armcortexm7ct=scp-firmware/scp_ramfw.bin@0x0BD80000 \
css.mcp.armcortexm7ct=scp-firmware/mcp_ramfw.bin@0x0BF80000"
FVP_CONFIG[css.gic_distributor.ITS-device-bits] ?= "20"
FVP_CONFIG[css.mcp.ROMloader.fname] ?= "scp-firmware/mcp_romfw.bin"
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp-firmware/scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[board.dram_size] ?= "0x200000000"
# Virtio configuration
FVP_CONFIG[board.virtio_net.enabled] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] = "2222=22"
FVP_CONFIG[board.virtioblockdevice.image_path] ?= "${IMAGE_LINK_NAME}.wic"
FVP_CONSOLES[default] = "terminal_ns_uart_ap"
FVP_TERMINALS[css.scp.terminal_uart_scp] ?= "SCP Console"
FVP_TERMINALS[css.mcp.terminal_uart_mcp] ?= "MCP Console"
FVP_TERMINALS[css.terminal_ns_uart_ap] ?= "NS Console"
FVP_TERMINALS[css.terminal_s_uart_ap] ?= "S Console"
# Seeing intermittent test timeout errors in CI where the boot is almost
# complete. Lengthen the timeout to allow for more opportunity to
# complete successfully.
TEST_FVP_LINUX_BOOT_TIMEOUT = "900"
+5 -2
View File
@@ -26,17 +26,20 @@ EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boo
SERIAL_CONSOLES ?= "115200;ttyAMA0 115200;hvc0"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
#FIXME - in 2.15.0, new logic for pen hold the SMP cores was added, which breaks this platform. Hold this back until it can be resolved.
PREFERRED_VERSION_trusted-firmware-a ?= "2.14.%"
QB_SYSTEM_NAME = "qemu-system-aarch64"
QB_MACHINE = "-machine sbsa-ref"
QB_CPU = "-cpu neoverse-n2"
QB_SMP = "-smp 4"
QB_MEM = "-m 1024"
QB_DEFAULT_FSTYPE = "wic.qcow2"
QB_NETWORK_DEVICE = "-device virtio-net-pci,netdev=net0,mac=@MAC@"
QB_NETWORK_DEVICE = "-device e1000e,netdev=net0,mac=@MAC@"
QB_DRIVE_TYPE = "/dev/hd"
QB_ROOTFS_OPT = "-drive file=@ROOTFS@,if=ide,format=qcow2"
QB_DEFAULT_KERNEL = "none"
QB_OPT_APPEND = "-device usb-tablet -device usb-kbd -pflash @DEPLOY_DIR_IMAGE@/SBSA_FLASH0.fd -pflash @DEPLOY_DIR_IMAGE@/SBSA_FLASH1.fd"
QB_OPT_APPEND = "-device usb-tablet -device usb-kbd -drive if=pflash,format=raw,unit=0,readonly=on,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH0.fd -drive if=pflash,format=raw,unit=1,readonly=on,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH1.fd"
QB_SERIAL_OPT = "-device virtio-serial-pci -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
QB_TCPSERIAL_OPT = "-device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
# sbsa-ref is a true virtual machine so can't use KVM
-24
View File
@@ -1,24 +0,0 @@
# Configuration for Arm SGI575 development board
#@TYPE: Machine
#@NAME: SGI575
#@DESCRIPTION: Machine configuration for SGI575
require conf/machine/include/arm/armv8-2a/tune-cortexa75.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA0"
#grub-efi
EFI_PROVIDER ?= "grub-efi"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES += "cpio.gz wic"
WKS_FILE ?= "sgi575-efidisk.wks"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
@@ -0,0 +1,12 @@
version: 2
build:
os: "ubuntu-22.04"
tools:
python: "3.9"
sphinx:
configuration: meta-arm-bsp/documentation/corstone1000-a320/conf.py
formats:
- pdf
python:
install:
- requirements: meta-arm-bsp/documentation/requirements.txt
@@ -0,0 +1,117 @@
# SPDX-FileCopyrightText: <text>Copyright 2026 Arm Limited and/or its
# affiliates <open-source-office@arm.com></text>
#
# SPDX-License-Identifier: MIT
# Configuration file for the Sphinx documentation builder.
#
# This file only contains a selection of the most common options. For a full
# list see the documentation:
# https://www.sphinx-doc.org/en/master/usage/configuration.html
# -- Path setup --------------------------------------------------------------
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
#
# sys.path.insert(0, os.path.abspath('.'))
import os
import re
import sys
import yaml
# Append the documentation directory to the path, so we can import variables
sys.path.append(os.path.dirname(__file__))
_metadata_path = os.path.join(os.path.dirname(__file__), 'corstone-a320_metadata.yaml')
with open(_metadata_path, encoding='utf-8') as metadata_file:
_metadata = yaml.safe_load(metadata_file) or {}
_metadata_variables = {
item['name']: item['value']
for item in _metadata.get('variables', [])
if item.get('name') and item.get('value')
}
# -- Project information -----------------------------------------------------
project = 'Corstone-1000 Armv9-A Edge-AI'
copyright = '2026, Arm Limited'
author = 'Arm Limited'
# -- General configuration ---------------------------------------------------
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
'myst_parser',
'sphinx_rtd_theme',
]
source_suffix = {
'.rst': 'restructuredtext',
'.md': 'markdown',
}
myst_enable_extensions = [
'colon_fence',
]
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
# This pattern also affects html_static_path and html_extra_path.
exclude_patterns = [
'_build',
'Thumbs.db',
'.DS_Store',
'docs/infra',
'corstone-a320_map.md',
'corstone-a320_metadata.yaml',
]
# -- Options for HTML output -------------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
#
html_theme = 'sphinx_rtd_theme'
html_theme_options = {
'flyout_display': 'attached',
}
# Define the canonical URL if you are using a custom domain on Read the Docs
html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")
# Tell Jinja2 templates the build is running on Read the Docs
if os.environ.get("READTHEDOCS", "") == "True":
if "html_context" not in globals():
html_context = {}
html_context["READTHEDOCS"] = True
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
#html_static_path = ['_static']
def _replace_metadata_variables(app, docname, source):
source[0] = re.sub(
r'\$([A-Za-z0-9_]+)',
lambda match: _metadata_variables.get(match.group(1), match.group(0)),
source[0],
)
def setup(app):
app.connect('source-read', _replace_metadata_variables)
@@ -0,0 +1,6 @@
- topics/introducing.md
- topics/software-architecture.md
- topics/user-guide.md
- topics/tests.md
- topics/release-notes.md
- topics/change-log.md
@@ -0,0 +1,106 @@
---
title: Corstone-1000 with Cortex-A320
subtitle: ""
abstract: Arm Corstone-1000 with Cortex-A320 is a reference solution for IoT devices. It is part of Total Solution for IoT which consists of hardware and software reference implementation.
author: Arm
status: REL
keywords: [IoT, software]
bookpartno: 112000
product: Corstone-1000 with Cortex-A320
product_type: Open Source Projects
product_revision:
- prefix: Version
version: "0101"
version_label: "2026.02"
output_type: "software"
conformance_notice: "true"
content_type: User Guide
audience:
- Software Developers
categories:
- IoT
themes:
- IoT
intended_audience: Software Developers
terminology_review: new
releases:
- revision: 0100-01
date: 2026-05-01
change_summary: Update
permissions: nonconfidential
variables:
- name: arm_developer_cs1000_website
value: 'https://developer.arm.com/Tools%20and%20Software/Corstone-1000%20Software'
- name: arm_developer_cs1000_search
value: 'https://developer.arm.com/search#q=corstone-1000'
- name: arm_developer_mhu_website
value: 'https://developer.arm.com/documentation/ka005129/latest/#:~:text=An%20MHU%20is%20a%20device,that%20a%20message%20is%20available'
- name: arm_developer_secureboot_website
value: 'https://developer.arm.com/documentation/PRD29-GENC-009492/c/TrustZone-Software-Architecture/Booting-a-secure-system/Secure-boot'
- name: arm_architecture_security_features_platform_security
value: 'https://www.arm.com/architecture/security-features/platform-security'
- name: linux_repository
value: 'https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/'
- name: arm_trustzone_for_cortex_a_website
value: 'https://www.arm.com/technologies/trustzone-for-cortex-a'
- name: arm_fmw_framework_a_profile_pdf
value: 'https://developer.arm.com/documentation/den0077/latest'
- name: arm_fmw_framework_m_profile_pdf
value: 'https://developer.arm.com/architectures/Firmware%20Framework%20for%20M-Profile'
- name: platform_security_fwu_for_a_profile_pdf
value: 'https://developer.arm.com/documentation/den0118/a/'
- name: psa_firmware_update_ihi_0093_api_reference_website
value: 'https://arm-software.github.io/psa-api/fwu/1.0/api/api.html'
- name: edk2_capsule_generation_tool_repository
value: 'https://github.com/tianocore/edk2/blob/master/BaseTools/Source/Python/Capsule/GenerateCapsule.py'
- name: psa_fwu_den0018_specification_website
value: 'https://developer.arm.com/documentation/den0118/latest/'
- name: ts_psa_fwu_service_website
value: 'https://trusted-services.readthedocs.io/en/stable/services/fwu/psa-fwu-m.html'
- name: tfm_shim_layer_website
value: 'https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/services/tfm_fwu_service.html#shim-layer-between-fwu-and-bootloader'
- name: op_tee_os_repository
value: 'https://github.com/OP-TEE/optee_os'
- name: psa_certified_website
value: 'https://www.psacertified.org/'
- name: psa_l2_ready
value: 'https://www.psacertified.org/products/corstone-1000/'
- name: systemready_ir_certification
value: 'https://armkeil.blob.core.windows.net/developer/Files/pdf/certificate-list/arm-systemready-ve-arm-neoverse.pdf'
- name: trusted_board_boot_requirements_client_pdf
value: 'https://developer.arm.com/documentation/den0006/latest'
- name: trusted_firmware_m_website
value: 'https://www.trustedfirmware.org/projects/tf-m/'
- name: trusted_firmware_m_bl1_website
value: 'https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/booting/bl1.html'
- name: trusted_firmware_a_bl2_website
value: 'https://developer.arm.com/documentation/108028/0000/RD-TC22-software/Software-components/AP-firmware/Trusted-firmware-A-BL2'
- name: trusted_firmware_a_fip_guide
value: 'https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#firmware-image-package-fip'
- name: trusted_services_website
value: 'https://www.trustedfirmware.org/projects/trusted-services/'
- name: trusted_services_uefi_smm_website
value: 'https://trusted-services.readthedocs.io/en/integration/services/uefi-smm-services.html#'
- name: das_u_boot_repository
value: 'https://github.com/u-boot/u-boot.git'
- name: keil_rtx5_website
value: 'https://developer.arm.com/Tools%20and%20Software/Keil%20MDK/RTX5%20RTOS'
- name: ppa_website
value: 'https://developer.arm.com/documentation/102738/0100/Power--performance--and-area-analysis'
- name: mcuboot_website
value: 'https://docs.mcuboot.com/'
- name: arm_developer_fvp
value: 'https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps'
- name: secure_debug_manager_repo_readme
value: 'https://github.com/ARM-software/secure-debug-manager/tree/master?tab=readme-ov-file#secure-debug-manager-psa-adac--sdc-600'
- name: secure_debug_manager_armds_integration
value: 'https://github.com/ARM-software/secure-debug-manager?tab=readme-ov-file#arm-development-studio-integration'
- name: meta_arm_repository_release_branch
value: 'https://docs.yoctoproject.org/next/migration-guides/migration-6.0.html'
- name: arm_ulink_pro_website
value: 'https://www.arm.com/products/development-tools/debug-probes/ulink-pro'
- name: arm_ds_website
value: 'https://www.arm.com/products/development-tools/embedded-and-software/arm-development-studio'
- name: edk2_repository
value: 'https://github.com/tianocore/edk2'
Binary file not shown.

After

Width:  |  Height:  |  Size: 54 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 77 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 58 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 86 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 60 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 69 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 46 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 65 KiB

@@ -0,0 +1,12 @@
# Corstone-1000 Armv9-A Edge-AI
```{toctree}
:maxdepth: 2
topics/introducing
topics/software-architecture
topics/user-guide
topics/tests
topics/release-notes
topics/change-log
```
@@ -0,0 +1,150 @@
# Change log {.chapter permissions=non-confidential}
This document contains a summary of the new features, changes and fixes in each release of the Corstone-1000 with Cortex-A320 software stack.
## Version 2026.05 {.reference}
The following changes are present in this release:
- Continued Corstone-1000 with Cortex-A320 enablement across U-Boot, TF-A, TF-M, OP-TEE, and Linux with the split A320 device tree, GIC-700 support, Ethos-U85 DT alignment, and NPU reset via the external-system controller.
- Enabled and documented FVP SMP builds and platform-agnostic multicore support, including the errata override fixes for Corstone-1000 with Cortex-A320 and removal of the reboot workaround note.
- Split Corstone-1000 with Cortex-A320 FVP support into a dedicated machine configuration and standalone documentation.
### Corstone-1000 with Cortex-A320 components versions {.reference}
The following component versions are available:
Table: Corstone-1000 with Cortex-A320 component versions
+----------------------------------------+-----------------------------------+
| Component | Version |
+========================================+===================================+
| linux-yocto | 6.19 |
+----------------------------------------+-----------------------------------+
| u-boot | 2025.10 |
+----------------------------------------+-----------------------------------+
| external-system | 0.1.0 |
+----------------------------------------+-----------------------------------+
| optee-client | 4.9.0 |
+----------------------------------------+-----------------------------------+
| optee-os | 4.9.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-a | 2.14.1 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-m | 2.2.2 |
+----------------------------------------+-----------------------------------+
| libts | v1.3.0 |
+----------------------------------------+-----------------------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.3.0 |
+----------------------------------------+-----------------------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+----------------------------------------+-----------------------------------+
### Yocto distribution components versions {.reference}
The following Yocto distribution components versions are available:
Table: Yocto distribution component versions
+-------------------+------------+
| Component | Version |
+===================+============+
| meta-arm | wrynose |
+-------------------+------------+
| bitbake | 22021758e6 |
+-------------------+------------+
| meta-openembedded | 9af4488d46 |
+-------------------+------------+
| openembedded-core | 06dd66e622 |
+-------------------+------------+
| meta-yocto | 8251bdad5f |
+-------------------+------------+
| meta-secure-core | 07a99ae241 |
+-------------------+------------+
| busybox | 1.37.0 |
+-------------------+------------+
| musl | 1.2.6 |
+-------------------+------------+
| gcc-arm-none-eabi | 15.2.rel1 |
+-------------------+------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------+------------+
| openssl | 3.5.6 |
+-------------------+------------+
## Version 2025.12 {.reference}
The following changes are present in this release:
- Delivered end-to-end Cortex-A320 enablement across U-Boot, TF-A, TF-M, OP-TEE, Yocto machine layers, and documentation, including device-tree updates, MPIDR handling, and FVP model renaming.
- Rolled out the PSA Firmware Update (DEN0118) pipeline: U-Boot capsule parsing, Bootloader Abstraction Layer in TF-M, ESRT exposure, and Trusted Services IPC bridges replacing legacy capsule code.
- Hardened the new firmware update flow with EFI self-tests, metadata restructuring for partial and multi-image acceptance, and RSE-COMMS gating refinements.
- Upgraded key firmware components (TF-A 2.13.0, TF-M 2.2.1, Trusted Services 1.2.0, OP-TEE OS 4.7.0) and introduced targeted test skips plus integer-only build modes to keep validation green.
- Cleaned and renumbered downstream patch series across Trusted Services and TF-M while removing obsolete integrations to align with upstream baselines.
- Refreshed release material and architecture guides to describe the A320 profile, PSA FWU behavior, and updated software stack.
- Added KAS profiles, machine includes, and automated FVP selection logic to streamline developer workflows for the refreshed platform configuration.
### Corstone-1000 with Cortex-A320 components versions {.reference}
The following component versions are available:
Table: Corstone-1000 with Cortex-A320 component versions
+----------------------------------------+-----------------------------------+
| Component | Version |
+========================================+===================================+
| linux-yocto | 6.12.60 |
+----------------------------------------+-----------------------------------+
| u-boot | 2025.04 |
+----------------------------------------+-----------------------------------+
| optee-client | 4.7.0 |
+----------------------------------------+-----------------------------------+
| optee-os | 4.7.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-a | 2.13.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-m | 2.2.1 |
+----------------------------------------+-----------------------------------+
| libts | v1.2.0 |
+----------------------------------------+-----------------------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.2.0 |
+----------------------------------------+-----------------------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+----------------------------------------+-----------------------------------+
### Yocto distribution components versions {.reference}
The following Yocto distribution components versions are available:
Table: Yocto distribution component versions
+-------------------+------------+
| Component | Version |
+===================+============+
| meta-arm | whinlatter |
+-------------------+------------+
| bitbake | 0dde1a3ff8 |
+-------------------+------------+
| meta-openembedded | fc0152e434 |
+-------------------+------------+
| openembedded-core | 4bd920ad7d |
+-------------------+------------+
| meta-yocto | b3b6592635 |
+-------------------+------------+
| meta-secure-core | 63209fb150 |
+-------------------+------------+
| meta-ethos | aa2504a32f |
+-------------------+------------+
| meta-sca | e68f1a9d17 |
+-------------------+------------+
| busybox | 1.37.0 |
+-------------------+------------+
| musl | 1.2.5 |
+-------------------+------------+
| gcc-arm-none-eabi | 13.3.rel1 |
+-------------------+------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------+------------+
| openssl | 3.5.4 |
+-------------------+------------+
@@ -0,0 +1,14 @@
# Introduction {.chapter permissions=non-confidential}
Arm Corstone-1000 with Cortex-A320 is a reference solution for IoT devices
based on Arm Corstone-1000, but with Cortex-A320 CPU, Ethos-U85 NPU and
GIC700 (Generic Interrupt Controller). It is part of Total Solution
for IoT which consists of hardware and software reference implementations.
## Disclaimer {.reference}
Arm reference solutions are Arm public example software projects that track and
pull upstream components, incorporating their respective security fixes
published over time. Arm partners are responsible for ensuring that the
components they use contain all the required security fixes, if and when they
deploy a product derived from Arm reference solutions.
@@ -0,0 +1,40 @@
# Release notes {.chapter permissions=non-confidential}
You expressly assume all liabilities and risks relating to your use or operation
of your software and hardware designed or modified using the Arm Tools,
including without limitation, your software or hardware designed or
intended for safety-critical applications. Should your software or hardware
prove defective, you assume the entire cost of all necessary servicing, repair
or correction.
## Release notes - 2026.05 {.reference}
The following knowns issues and limitations are present in this release:
- Crypto isolation is not supported in the Secure world of Corstone-1000. Additionally, clients in
the Normal world are not isolated from one another. Therefore, if an end user wants to add a new
Secure Partition (SP) (such as a software TPM) that accesses the Crypto service via the SE-Proxy,
they are responsible for implementing their own isolation mechanisms to ensure proper security boundaries.
- DSTREAM debug probe may experience unreliable USB connectivity when used with Arm DS for secure debug.
This issue is under active investigation, and we are working to identify and resolve compatibility issues in a future update.
As a more stable alternative, the ULINKpro debug probe is recommended for use with Corstone-1000 in secure debug scenarios.
## Release notes - 2025.12 {.reference}
The following knowns issues and limitations are present in this release:
- Corstone-1000 with Cortex-A320 FVP does not currently support Symmetric Multiprocessing
- Corstone-1000 with Cortex-A320 FVP becomes unresponsive when the Linux kernel driver for the Ethos-U85 NPU loads automatically after a software reboot.
- Crypto isolation is not supported in the Secure world of Corstone-1000. Additionally, clients in
the Normal world are not isolated from one another. Therefore, if an end user wants to add a new
Secure Partition (SP) (such as a software TPM) that accesses the Crypto service via the SE-Proxy,
they are responsible for implementing their own isolation mechanisms to ensure proper security boundaries.
- DSTREAM debug probe may experience unreliable USB connectivity when used with Arm DS for secure debug.
This issue is under active investigation, and we are working to identify and resolve compatibility issues in a future update.
As a more stable alternative, the ULINKpro debug probe is recommended for use with Corstone-1000 in secure debug scenarios.
## Support {.reference}
For technical support, email [Arm subsystem support](mailto:support-subsystem-iot@arm.com).
For security issues, contact [Arm Security](mailto:psirt@arm.com).
@@ -0,0 +1,311 @@
# Software architecture {.chapter permissions=non-confidential}
The combination of Corstone-1000 software and hardware reference solution is [PSA Level-2 ready certified]($psa_l2_ready) as well as [Arm SystemReady Devicetree certified]($systemready_ir_certification). Please rely on the Corstone-1000 platform for certification needs.
More information on the Corstone-1000 subsystems product(s), variants and design can be
found on [Arm Developer]($arm_developer_cs1000_website).
This document explicitly focuses on the software part of the solution and
provides internal details on the software components. The reference
software package of the platform can be retrieved following instructions
present in the user guide document.
## Design overview {.reference}
This variant of the Corstone-1000 platform replaces the Host System's Cortex-A35
processor with a Cortex-A320. In this configuration, the optional External System
(previously a Cortex-M3) is replaced by an Arm Ethos-U85 Neural Processing Unit (NPU).
The Ethos-U85 runs in the direct drive configuration, where the Host System is
responsible for managing the NPU directly.
![Cortex-A320 subsystems](../images/CorstoneA320Subsystems.png)
## Secure boot chain {.reference}
For the security of a device, it is essential that only authorized
software should run on the device.
The Corstone-1000 boot uses a [Secure boot]($arm_developer_secureboot_website) chain process
where an already authenticated image verifies and loads the following software in the chain.
For the boot chain process to work, the start of the chain should be trusted, forming the
Root of Trust (RoT) of the device. The RoT of the device is immutable in
nature and encoded into the device by the device manufacturer before it
is deployed into the field.
In Corstone-1000, the content of the ROM and CC312 One Time Programmable (OTP) memory forms the RoT.
Verification of an image can happen either by comparing the computed and stored hashes, or by
checking the signature of the image if the image is signed.
![Secure boot chain](../images/SecureBootChain.png)
It is a lengthy chain to boot the software on Corstone-1000.
### TF-M BL1\_1 {.reference}
On power-up, the Secure Enclave begins execution from TF-M BL1\_1, which resides in ROM and serves as
the Root of Trust (RoT) for the device.
TF-M BL1\_1 is the immutable bootloader and is responsible for:
- Provisioning the device during the first boot
- Performing hardware initialization
- Verifying the integrity and authenticity of the next stage in the boot chain
At boot time, TF-M BL1\_1:
- Copies the TF-M BL1\_2 image from OTP to RAM.
- Verifies the integrity of BL1\_2 by comparing its computed hash with the hash stored in OTP.
### TF-M BL1\_2 {.reference}
During provisioning, the TF-M BL1\_2 binary, along with its hashes and cryptographic keys, is stored
in One-Time Programmable (OTP) memory.
Once verified, TF-M BL1\_2:
- Takes control and verifies the next stage in the boot chain, which is TF-M BL2.
- Computes the hash of the BL2 image and compares it with the BL2 hash stored in OTP to ensure
integrity before transferring execution to BL2.
The TF-M BL1 design details can be found in the [TF-M design documents]($trusted_firmware_m_bl1_website).
:::note
Corstone-1000 has some differences compared to this design due to memory (OTP/ROM) limitations:
- BL1\_1 code size is larger than needed because it handles most of the hardware initialization instead of the BL1\_2.
- BL1\_2 cannot be updated during provisioning time because the provisioning bundle that contains its code is located in the ROM.
- BL1\_2 does not use the post-quantum LMS verification.
- BL2 cannot be updated because it is verified by comparing the computed hash to the hash stored in the OTP.
:::
### TF-M BL2 {.reference}
In this system, TF-M BL2 refers to MCUBoot.
On the first boot, MCUBoot can provision additional cryptographic keys. It is responsible for authenticating both:
- TF-M (Trusted Firmware-M), and
- The initial bootloader of the Host system, [Trusted Firmware-A (TF-A) BL2]($trusted_firmware_a_bl2_website)
This authentication is done by verifying the digital signatures of the respective images.
MCUBoot performs image verification in the following steps:
1. Load the image from non-volatile memory into RAM.
2. Validate the image's signature using the corresponding public key.
:::note
The public key present in the image header is validated by comparing with the hash. Depending on the image, the hash of the public key is either stored in the OTP or part of the software which is being already verified in the previous stages.
:::
The execution control is passed to TF-M after the verification.
As the runtime executable of the Secure Enclave, TF-M initializes itself before
bringing the Host system out of reset.
### Host system authentication {.reference}
The Host system follows the boot standard defined in [Trusted Board Boot Requirements Client]($trusted_board_boot_requirements_client_pdf)
to authenticate the Secure and Non-secure software.
The [Firmware Image Package (FIP)]($trusted_firmware_a_fip_guide) packs bootloader images and
other payloads into a single archive.
![FIPDiagram](../images/FIPDiagram.png)
The FIP for Corstone-1000 contains:
- Trusted firmware-A BL2
- AP EL3 Runtime firmware, BL31 image
- AP Secure Payload, BL32 image
- AP Normal world firmware -U-boot, BL33 image
- Trusted OS Firmware configuration file used by Trusted OS (BL32), TOS_FW_CONFIG
- Key certificates
- Content certificates
To load and validate TF-A BL2, TF-M BL2 first parses the GUID Partition Table (GPT)
to locate the FIP. It then determines the offset of TF-A BL2 within the FIP.
:::note
TF-M does not check the FIP signature, it only checks the TF-A BL2's signature in the FIP.
:::
The implicitly trusted components are:
- A SHA-256 hash of the Root of Trust Public Key (ROTPK.) For development purposes, a development ROTPK is used and its hash embedded into the TF-A BL2 image. This public key is provided by the TF-A source code.
- TF-A BL2 image - it can be trusted because it has been verified by TF-M BL2 before starting TF-A.
The remaining components in the Chain of Trust (CoT) are either certificates or bootloader images.
#### Bootloader authentication {.reference}
The FIP contains two types of certificates:
- Content Certificates used to store the hash of a bootloader image.
- Key Certificates used to verify public keys used to sign Content Certificates.
The Host system bootloader images are authenticated by computing their hash and comparing it to the corresponding hash found in the Content Certificate.
#### Certificates verification {.reference}
The public keys defined in the Trusted Key Certificate are used to verify the later certificates in
the CoT process. The Trusted Key Certificate is verified with the Root of Trust Public Key.
#### UEFI authenticated variables {.reference}
For UEFI Secure Boot, authenticated variables can be accessed from the secure flash.
The feature has been integrated in U-Boot, which authenticates the images as per the UEFI
specification before executing them.
## Secure services {.reference}
Corstone-1000 is unique in offering a secure environment for running trusted workloads.
While the Host system includes TrustZone technology, the platform also features a hardware-isolated
Secure Enclave, specifically designed to execute these secure workloads.
In Corstone-1000, essential Secure Services—such as Cryptography, Protected Storage,
Internal Trusted Storage, and Attestation—are provided through PSA Functional APIs implemented in TF-M.
From the user's perspective, there is no difference when communicating with these services,
whether they run in the Secure Enclave or in the Secure world of the Host system.
The diagram below illustrates the data flow for such calls.
![Secure services](../images/SecureServices.png)
The Secure Enclave Proxy Secure Partition (SE Proxy SP) is a proxy managed by OP-TEE that forwards
Secure Service calls to the Secure Enclave. This communication uses the
[RSE communication protocol](https://tf-m-user-guide.trustedfirmware.org/platform/arm/rse/rse_comms.html).
While the protocol supports shared memory and MHU interrupts as a doorbell mechanism between cores,
in Corstone-1000, the entire message is currently transmitted through the MHU channels.
Corstone-1000 implements Isolation Level 2 using the Cortex-M0+ Memory Protection Unit (MPU).
Users can define their own secure services to run either in the Host system's Secure World or in
the Secure Enclave. This choice involves a trade-off between latency and security.
Services running in the Secure Enclave benefit from strong, hardware-enforced isolation,
offering higher security but at the cost of increased latency. In contrast, services running in the
Host Secure World experience lower latency, but rely on TrustZone technology for virtualized isolation,
which offers comparatively less robust security.
## PSA secure firmware update {.reference}
The Corstone-1000 platform necessitates a robust, secure, and flexible firmware update mechanism
including partial capsule update to ensure fielded devices can receive critical patches, feature enhancements,
and security fixes without compromising system integrity. To meet these requirements, we have implemented the
Platform Security Architecture (PSA) Firmware Update (FWU) framework on Corstone-1000, leveraging Trusted Firmware-M (TF-M)
for the Secure Enclave, U-Boot as the host-side client on Cortex-A, and the UEFI capsule update mechanism for payload
encapsulation. This design supports the Fixed Virtual Platform (FVP) target, providing consistent behavior across
simulation-based deployments. The Corstone-1000 supports FWU
which complies with the
[Platform Security Firmware Update for the A-profile Arm Architecture]($platform_security_fwu_for_a_profile_pdf)
and [PSA Firmware Update IHI 0093]($psa_firmware_update_ihi_0093_api_reference_website)
specifications.
To standardize and streamline capsule creation with multiple FMP payloads, the
[EDK2 capsule generation tool]($edk2_capsule_generation_tool_repository)
tool has been integrated into the meta-arm Yocto layer for Corstone-1000. This integration involves defining
build rules for generating UEFI capsules as part of the firmware image build process. Configuration parameters
exposed in the recipe allow developers to specify the number of FMP payloads, target image GUIDs, version numbers etc.
This capsule ensures that all update payloads conform to the UEFI FMP specification and are ready for
validation and delivery by UBoot.
The FWU solution for Corstone-1000 is composed of three primary domains:
- Host System
- Trusted Services intermediary
- Secure Enclave
Each domain has distinct responsibilities and communicates through standardized interfaces.
![System architecture PSA firmware update](../images/SystemArchitecturePSAFirmwareUpdate.png)
On the host side, U-Boot functions as the FWU client and orchestrates the update process from capsule retrieval to
payload delivery based on [PSA FWU DEN0018 specification]($psa_fwu_den0018_specification_website)
via Arm FF-A framework. The Trusted-Services SE Proxy secure partition serves as a gateway between the non-secure host
environment and the Secure Enclave. The [PSA FWU service]($ts_psa_fwu_service_website) running in the Trusted Services
implementation forwards the data to the Secure Enclave via MHU-based PSA calls. Within the Secure Enclave, the PSA FWU
Agent, conforming to [PSA Firmware Update IHI 0093]($psa_firmware_update_ihi_0093_api_reference_website) specification,
orchestrates the actual flash programming, metadata management, and rollback protection mechanisms. The agent relies on a
bespoke [shim layer]($tfm_shim_layer_website) to abstract hardwarespecific flash operations and bootloader interactions.
As defined in the specification, the external flash is divided into two banks: one bank holds the
currently running images, while the other is used to stage new images.
There are four updatable components: **BL2**, **TF-M**, **the FIP** and **the Kernel Image** (the initramfs bundle).
New images are delivered and accepted in the form of UEFI capsules.
![External flash](../images/ExternalFlash.png)
When a FWU is initiated on Corstone-1000, the following sequence of operations takes place:
1. Capsule Retrieval and Preparation
U-Boot on the host system retrieves the firmware capsule.
It validates the capsule header and parses the FMP (Firmware Management Protocol) descriptor list to identify the payloads to be updated.
For each FMP descriptor, U-Boot:
Splits the firmware payload into 4 KiB chunks.
Invokes the PSA_FWU_Update API for each chunk, transmitting the buffer address via the FF-A (Firmware Framework for Arm) shared memory interface.
2. Secure Transmission and Forwarding
The PSA Firmware Update (FWU) service, running as part of Trusted Services, receives the chunks through Secure Partition Client (SPC) calls.
It forwards these chunks to the Secure Enclave using MHU-based PSA calls.
3. Flashing Within the Secure Enclave
Inside the Secure Enclave, the PSA FWU Agent dispatches each chunk to the shim layer.
The shim layer:
Erases the corresponding sectors in the non-active flash bank.
Writes the received firmware chunks at the correct offsets.
During partial updates, it also copies static partitions from the active bank to the non-active one to maintain consistency.
4. Finalization and Boot Preparation
After all chunks are successfully written:
The shim updates the firmware manifest and the EFI System Resource Table (ESRT) entries to reflect the new image version.
This step enables the bootloader to recognize the new firmware for a trial boot.
The platform then performs an automatic reset, booting into the non-active bank in trial mode.
5. Trial Boot and Confirmation
In trial mode, U-Boot evaluates the new firmware and issues either an accept or reject command using the PSA FWU ABI.
These commands are sent to the Secure Enclave, instructing the shim to update the firmware metadata accordingly.
6. Recovery and Fallback Mechanism
If the trial boot is successful, the host sends an acknowledgment, transitioning the firmware state from 'trial' to 'regular'.
If the system fails or becomes unresponsive:
A watchdog timer triggers a system reset.
The BL1 firmware in the Secure Enclave detects repeated failures and reverts to the previously known-good flash bank.
This rollback mechanism ensures the device remains operational and recoverable, even after a failed update.
![Secure firmware update](../images/SecureFirmwareUpdate.png)
## UEFI runtime support in U-Boot {.reference}
The implementation of UEFI boot-time and runtime APIs requires persistent variable storage. In
Corstone-1000, UEFI variables are stored using the Protected Storage (PS) service.
The diagram below illustrates the data flow for storing UEFI variables. U-Boot's UEFI subsystem
communicates with the Secure World using the U-Boot FF-A driver, which interfaces with the
[UEFI System Management Mode (SMM) service]($trusted_services_uefi_smm_website).
The SMM service provides support for the UEFI System Management Mode. This support is implemented by the SMM Gateway secure partition.
The SMM service then uses the Proxy Protected Storage (PS) provided by the SE Proxy SP.
These PS calls are forwarded to the Secure Enclave, following the communication path described earlier.
![UEFI runtime support flow](../images/UEFISupport.png)
## References {.reference}
For more information, see:
- [Arm Developer]($arm_developer_cs1000_search)
- [Arm Security Architectures]($arm_architecture_security_features_platform_security)
File diff suppressed because it is too large Load Diff
@@ -0,0 +1,265 @@
# Build, flash and run {.chapter permissions=non-confidential}
The Arm Corstone-1000 with Cortex-A320 software stack uses the Yocto Project to build a tiny Linux distribution suitable for the Arm Corstone-1000 with Cortex-A320 platform (kernel and initramfs filesystem less than 6 MB on the flash).
The Corstone-1000 with Cortex-A320 software stack can be run on [Arm Corstone-1000 with Cortex-A320 FVP (Fixed Virtual Platform)](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) and is built on top of Yocto Project's [Wrynose release]($meta_arm_repository_release_branch).
The Yocto Project relies on the [BitBake](https://docs.yoctoproject.org/bitbake.html#bitbake-documentation) tool as its build tool. Please see the [Yocto Project documentation](https://docs.yoctoproject.org/) for more information.
## Prerequisites {.reference}
This guide assumes that your host machine is running Ubuntu 24.04 LTS (with `sudo` rights), with at least
32GB of free disk space and 16GB of RAM as minimum requirement.
The following prerequisites must be available on the host system:
- Git 2.39.2 or greater.
- Python 3.11.2 or greater.
- GNU Tar 1.34 or greater.
- GNU Compiler Collection 12.2 or greater.
- GNU Make 4.3 or greater.
- tmux 3.3 or greater.
Please follow the steps described in the Yocto mega manual:
- [Compatible Linux Distribution](https://docs.yoctoproject.org/singleindex.html#compatible-linux-distribution)
- [Build Host Packages](https://docs.yoctoproject.org/singleindex.html#build-host-packages)
## Software components {.reference}
Within the Yocto Project, each component included in the Corstone-1000 with Cortex-A320 software stack is specified as
a [BitBake recipe](https://docs.yoctoproject.org/bitbake/2.2/bitbake-user-manual/bitbake-user-manual-intro.html#recipes).
The recipes specific to the Corstone-1000 with Cortex-A320 BSP are located at:
`${WORKSPACE}/meta-arm/meta-arm-bsp/`.
`${WORKSPACE}` refers to the absolute path to your workspace where the `meta-arm` repository will be cloned. Consider exporting it (e.g., `export WORKSPACE=$(realpath .)`) if you're already in the workspace directory,
so you can copy and paste the commands from this guide verbatim.
The Yocto machine config files are at:
- `${WORKSPACE}/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000-a320.inc`
- `${WORKSPACE}/meta-arm/meta-arm-bsp/conf/machine/corstone1000-a320-fvp.conf`
:::note
All the paths stated in this document are absolute paths.
:::
### Host processor components {.reference}
This section describes the components used in the host processor.
#### Trusted Firmware-A {.reference}
The following [Trusted Firmware-A](https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git) components are used:
Table: Trusted Firmware-A components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.14.1.bb` |
#### Trusted Services {.reference}
The following [Trusted Services](https://trusted-services.readthedocs.io/en/latest/index.html) components are used:
Table: Trusted Services components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-iat-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-its-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-ps-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb` |
#### OP-TEE {.reference}
The following [OP-TEE](https://git.trustedfirmware.org/OP-TEE/optee_os.git) components are used:
Table: OP-TEE components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/optee/optee-os_4.9.0.bb` |
#### U-Boot {.reference}
The following [U-Boot](https://github.com/u-boot/u-boot.git) components are used:
Table: U-Boot components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2025.10.bb` |
#### Linux {.reference}
The distribution is based on the [Poky](https://docs.yoctoproject.org/ref-manual/terms.html#term-Poky)
distribution which is a Linux distribution stripped down to a minimal configuration.
The provided distribution is based on [BusyBox](https://www.busybox.net/) and built using [musl libc](https://musl.libc.org/).
The following Linux components are used:
Table: Linux components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.19.bb` |
| defconfig | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig` |
### Secure enclave components {.reference}
This section describes the secure enclave components.
#### Trusted Firmware-M {.reference}
The following [Trusted Firmware-M](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git) are used:
Table: Trusted Firmware-M secure enclave components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.2.2.bb` |
## Build {.reference}
To build the software stack, do the following:
:::note
Building binaries natively on Windows and AArch64 Linux is not supported. Use an Intel or AMD 64-bit architecture Linux based development machine to build the software stack and transfer the binaries to run the software stack on an FVP in Windows or AArch64 Linux if required.
:::
1. Create a new folder that will be your workspace:
```
mkdir ${WORKSPACE}
cd ${WORKSPACE}
```
2. Install kas version 4.4 with `sudo` rights:
```
sudo pip3 install kas==4.4
```
Ensure the kas installation directory is visible on the `$PATH` environment variable.
3. Clone the `meta-arm` Yocto layer in the workspace `${WORKSPACE}`.
```
cd ${WORKSPACE}
git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2026.05
```
4. Accept the EULA on the [Arm Developer](https://developer.arm.com/downloads/-/arm-ecosystem-fvps/eula) site to build a Corstone-1000 with Cortex-A320 image for FVP as follows:
```
export ARM_FVP_EULA_ACCEPT="True"
```
5. Build a Corstone-1000 with Cortex-A320 image:
```
kas build meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml
```
A clean build takes a significant amount of time given that all of the development machine utilities are also
built along with the target images. Those development machine utilities include executables (Python,
CMake, etc.) and the required toolchains.
Once the build succeeds, all output binaries will be placed in `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/`.
Everything apart from the Secure Enclave ROM firmware is bundled into a single binary, the
`corstone1000-flash-firmware-image-corstone1000-a320-fvp.wic` file.
The output binaries run in the Corstone-1000 with Cortex-A320 platform are the following:
- The Secure Enclave ROM firmware: `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/trusted-firmware-m/bl1.bin`
- The internal firmware flash image: `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/corstone1000-flash-firmware-image-corstone1000-a320-fvp.wic`
## Build with SSH {.reference}
The `meta-arm/kas/corstone1000-a320-fvp.yml` build produces an image for booting from flash.
To build a bootable mass storage OS image with Dropbear SSH enabled, run:
```
kas build meta-arm/ci/corstone1000-a320-fvp.yml:meta-arm/kas/corstone1000-ssh.yml
```
The mass storage OS image can be found at `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/core-image-minimal-corstone1000-a320-fvp.wic`
:::note
The generated `core-image-minimal-corstone1000-a320-fvp.fvpconf` attaches the mass storage OS image to `board.msd_mmc.p_mmc_file`.
:::
## Run {.reference}
Once the platform is turned ON, the Secure Enclave will start to boot, wherein the relevant memory contents of the `*.wic`
file are copied to their respective memory locations. Firewall policies are enforced
on memories and peripherals before bringing the Host Processor out of reset.
The Host Processor will boot TrustedFirmware-A, OP-TEE, U-Boot and then Linux before presenting a login prompt.
A Fixed Virtual Platform (FVP) model of the Corstone-1000 with Cortex-A320 platform must be available to run the
Corstone-1000 with Cortex-A320 FVP software image.
A Yocto recipe is provided to download the latest supported FVP version.
The recipe is located at `${WORKSPACE}/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000-a320.bb`.
The latest FVP version is `11.31.cs1000_a320_2` for Corstone-1000 with Cortex-A320, and the model is automatically downloaded and installed when using the `runfvp` command as follows:
```
kas shell meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml \
-c "../meta-arm/scripts/runfvp -- --version"
```
The FVP can also be manually downloaded from [Arm Developer](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) to download the Corstone-1000 with Cortex-A320 FVP package.
To set up the FVP:
1. Run `tmux`:
```
cd ${WORKSPACE} && tmux
```
2. Run the FVP within `tmux`:
```
kas shell meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml \
-c "../meta-arm/scripts/runfvp --terminals=tmux"
```
When the script is executed, three terminal instances will be launched:
- one for the Secure Enclave processing element
- two for the Host processor processing element.
```
corstone1000-a320-fvp login:
```
3. Log in using the `root` username.
## Security issue reporting {.reference}
To report any security issues identified with Corstone-1000 with Cortex-A320, please send an email to [psirt@arm.com](mailto:psirt@arm.com).
@@ -1,5 +1,5 @@
..
# Copyright (c) 2022-2024, Arm Limited.
# Copyright (c) 2022-2026, Arm Limited.
#
# SPDX-License-Identifier: MIT
@@ -10,6 +10,265 @@ Change Log
This document contains a summary of the new features, changes and
fixes in each release of Corstone-1000 software stack.
***************
Version 2026.05
***************
Changes
=======
- Upgraded key Corstone-1000 components to U-Boot 2025.10, TF-A 2.14.1, TF-M 2.2.2, OP-TEE 4.9.0, Trusted Services 1.3.0, and Linux 6.19.
- Added GPT support in TF-M and updated MCUboot to use the GPT library for firmware-update partitions.
- Extended the TF-M firmware update flow with GPT fixes, partition create/remove/duplicate operations, metadata-only handling, flash erase protection, stale partition cleanup, and better handling of older images during PSA FWU.
- Added SSH-enabled build overlay for FVP mass-storage images.
- Removed GRUB from the initramfs boot package set.
Corstone-1000 components versions
=================================
+-------------------------------------------+-------------------+
| linux-yocto | 6.19 |
+-------------------------------------------+-------------------+
| u-boot | 2025.10 |
+-------------------------------------------+-------------------+
| external-system | 0.1.0 |
+-------------------------------------------+-------------------+
| optee-client | 4.9.0 |
+-------------------------------------------+-------------------+
| optee-os | 4.9.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-a | 2.14.1 |
+-------------------------------------------+-------------------+
| trusted-firmware-m | 2.2.2 |
+-------------------------------------------+-------------------+
| libts | v1.3.0 |
+-------------------------------------------+-------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.3.0 |
+-------------------------------------------+-------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+-------------------------------------------+-------------------+
Yocto distribution components versions
======================================
+-------------------------------------------+----------------+
| meta-arm | wrynose |
+-------------------------------------------+----------------+
| bitbake | 22021758e6 |
+-------------------------------------------+----------------+
| meta-openembedded | 9af4488d46 |
+-------------------------------------------+----------------+
| openembedded-core | 06dd66e622 |
+-------------------------------------------+----------------+
| meta-yocto | 8251bdad5f |
+-------------------------------------------+----------------+
| meta-secure-core | 07a99ae241 |
+-------------------------------------------+----------------+
| busybox | 1.37.0 |
+-------------------------------------------+----------------+
| musl | 1.2.6 |
+-------------------------------------------+----------------+
| gcc-arm-none-eabi | 15.2.rel1 |
+-------------------------------------------+----------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------------------------------+----------------+
| openssl | 3.5.6 |
+-------------------------------------------+----------------+
***************
Version 2025.12
***************
Changes
=======
- Delivered end-to-end Cortex-A320 enablement across U-Boot, TF-A, TF-M, OP-TEE, Yocto machine layers, and documentation, including device-tree updates, MPIDR handling, and FVP model renaming.
- Rolled out the PSA Firmware Update (DEN0118) pipeline: U-Boot capsule parsing, Bootloader Abstraction Layer in TF-M, ESRT exposure, and Trusted Services IPC bridges replacing legacy capsule code.
- Hardened the new firmware update flow with EFI self-tests, metadata restructuring for partial and multi-image acceptance, and RSE-COMMS gating refinements.
- Upgraded key firmware components (TF-A 2.13.0, TF-M 2.2.1, Trusted Services 1.2.0, OP-TEE OS 4.7.0) and introduced targeted test skips plus integer-only build modes to keep validation green.
- Cleaned and renumbered downstream patch series across Trusted Services and TF-M while removing obsolete integrations to align with upstream baselines.
- Refreshed release material and architecture guides to describe the A320 profile, PSA FWU behavior, and updated software stack.
- Added KAS profiles, machine includes, and automated FVP selection logic to streamline developer workflows for the refreshed platform configuration.
Corstone-1000 components versions
=================================
+-------------------------------------------+-------------------+
| linux-yocto | 6.12.60 |
+-------------------------------------------+-------------------+
| u-boot | 2025.04 |
+-------------------------------------------+-------------------+
| external-system | 0.1.0 |
+-------------------------------------------+-------------------+
| optee-client | 4.7.0 |
+-------------------------------------------+-------------------+
| optee-os | 4.7.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-a | 2.13.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-m | 2.2.1 |
+-------------------------------------------+-------------------+
| libts | v1.2.0 |
+-------------------------------------------+-------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.2.0 |
+-------------------------------------------+-------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+-------------------------------------------+-------------------+
Yocto distribution components versions
======================================
+-------------------------------------------+----------------+
| meta-arm | whinlatter |
+-------------------------------------------+----------------+
| bitbake | 0dde1a3ff8 |
+-------------------------------------------+----------------+
| meta-openembedded | fc0152e434 |
+-------------------------------------------+----------------+
| openembedded-core | 4bd920ad7d |
+-------------------------------------------+----------------+
| meta-yocto | b3b6592635 |
+-------------------------------------------+----------------+
| meta-secure-core | 63209fb150 |
+-------------------------------------------+----------------+
| busybox | 1.37.0 |
+-------------------------------------------+----------------+
| musl | 1.2.5 |
+-------------------------------------------+----------------+
| gcc-arm-none-eabi | 13.3.rel1 |
+-------------------------------------------+----------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------------------------------+----------------+
| openssl | 3.5.4 |
+-------------------------------------------+----------------+
***************
Version 2025.05
***************
Changes
=======
- OP-TEE OS: Added support for v4.4
- Trusted Services: PSA-Crypto structures aligned with TF-M, added protobuf interface to crypto-sp
- Documentation: fixed typos, added host-level authentication section, enabled fly-out sidebar menu
- Das U-Boot: Reserved memory for RSS communication-pointer access protocol
- Linux Kernel: Upgraded kernel to v6.12, updated Upstream-Status notes for remoteproc patches
- Corstone-1000 image: Implemented IMAGE_ROOTFS_EXTRA_SPACE workaround
Corstone-1000 components versions
=================================
+-------------------------------------------+-------------------+
| linux-yocto | 6.12.30 |
+-------------------------------------------+-------------------+
| u-boot | 2023.07.02 |
+-------------------------------------------+-------------------+
| external-system | 0.1.0 |
+-------------------------------------------+-------------------+
| optee-client | 4.4.0 |
+-------------------------------------------+-------------------+
| optee-os | 4.4.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-a | 2.11.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-m | 2.1.1 |
+-------------------------------------------+-------------------+
| libts | 602be60719 |
+-------------------------------------------+-------------------+
| ts-newlib | 4.1.0 |
+-------------------------------------------+-------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+-------------------------------------------+-------------------+
| ts-sp-{se-proxy, smm-gateway} | 602be60719 |
+-------------------------------------------+-------------------+
Yocto distribution components versions
======================================
+-------------------------------------------+----------------+
| meta-arm | walnascar |
+-------------------------------------------+----------------+
| poky | ee0d8d8a61 |
+-------------------------------------------+----------------+
| meta-openembedded | 2169c9afcc |
+-------------------------------------------+----------------+
| meta-secure-core | 423bc85b05 |
+-------------------------------------------+----------------+
| busybox | 1.37.0 |
+-------------------------------------------+----------------+
| musl | 1.2.5 |
+-------------------------------------------+----------------+
| gcc-arm-none-eabi | 13.3.rel1 |
+-------------------------------------------+----------------+
| gcc-cross-aarch64 | 14.2.0 |
+-------------------------------------------+----------------+
| openssl | 3.4.1 |
+-------------------------------------------+----------------+
***************
Version 2024.11
***************
Changes
=======
- Implementation of a replication strategy for FWU metadata in TF-M according to the FWU specification.
- Upgrade to metadata version 2 in TF-M.
- Increase the ITS and PS memory size in Secure Flash for TF-M.
- SW components upgrades.
- Bug fixes.
Corstone-1000 components versions
=================================
+-------------------------------------------+-----------------------------------------------------+
| linux-yocto | 6.10.14 |
+-------------------------------------------+-----------------------------------------------------+
| u-boot | 2023.07.02 |
+-------------------------------------------+-----------------------------------------------------+
| external-system | 0.1.0 |
+-------------------------------------------+-----------------------------------------------------+
| optee-client | 4.2.0 |
+-------------------------------------------+-----------------------------------------------------+
| optee-os | 4.2.0 |
+-------------------------------------------+-----------------------------------------------------+
| trusted-firmware-a | 2.11.0 |
+-------------------------------------------+-----------------------------------------------------+
| trusted-firmware-m | 2.1.0 |
+-------------------------------------------+-----------------------------------------------------+
| libts | 602be60719 |
+-------------------------------------------+-----------------------------------------------------+
| ts-newlib | 4.1.0 |
+-------------------------------------------+-----------------------------------------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+-------------------------------------------+-----------------------------------------------------+
| ts-sp-{se-proxy, smm-gateway} | 602be60719 |
+-------------------------------------------+-----------------------------------------------------+
Yocto distribution components versions
======================================
+-------------------------------------------+------------------------------+
| meta-arm | styhead |
+-------------------------------------------+------------------------------+
| poky | 5465094be9 |
+-------------------------------------------+------------------------------+
| meta-openembedded | 461d85a183 |
+-------------------------------------------+------------------------------+
| meta-secure-core | 59d7e90542 |
+-------------------------------------------+------------------------------+
| busybox | 1.36.1 |
+-------------------------------------------+------------------------------+
| musl | 1.2.5 |
+-------------------------------------------+------------------------------+
| gcc-arm-none-eabi | 13.3.rel1 |
+-------------------------------------------+------------------------------+
| gcc-cross-aarch64 | 14.2.0 |
+-------------------------------------------+------------------------------+
| openssl | 3.3.1 |
+-------------------------------------------+------------------------------+
***************
Version 2024.06
@@ -370,4 +629,4 @@ Changes
--------------
*Copyright (c) 2022-2024, Arm Limited. All rights reserved.*
*Copyright (c) 2022-2026, Arm Limited. All rights reserved.*
@@ -1,3 +1,8 @@
# SPDX-FileCopyrightText: <text>Copyright 2020-2024, 2026 Arm Limited and/or its
# affiliates <open-source-office@arm.com></text>
#
# SPDX-License-Identifier: MIT
# Configuration file for the Sphinx documentation builder.
#
# This file only contains a selection of the most common options. For a full
@@ -21,8 +26,8 @@ sys.path.append(os.path.dirname(__file__))
# -- Project information -----------------------------------------------------
project = 'corstone1000'
copyright = '2020-2024, Arm Limited'
project = 'Corstone-1000'
copyright = '2020-2026, Arm Limited'
author = 'Arm Limited'
@@ -50,6 +55,9 @@ exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store', 'docs/infra']
# a list of builtin themes.
#
html_theme = 'sphinx_rtd_theme'
html_theme_options = {
'flyout_display': 'attached',
}
# Define the canonical URL if you are using a custom domain on Read the Docs
html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")
Binary file not shown.

After

Width:  |  Height:  |  Size: 43 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 44 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 63 KiB

After

Width:  |  Height:  |  Size: 58 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 16 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 46 KiB

@@ -1,5 +1,5 @@
..
# Copyright (c) 2022, 2024, Arm Limited.
# Copyright (c) 2022, 2024, 2026 Arm Limited.
#
# SPDX-License-Identifier: MIT
@@ -1,5 +1,5 @@
..
# Copyright (c) 2022-2024, Arm Limited.
# Copyright (c) 2022-2026, Arm Limited.
#
# SPDX-License-Identifier: MIT
@@ -19,6 +19,46 @@ intended for safety-critical applications. Should Your Software or Your Hardware
prove defective, you assume the entire cost of all necessary servicing, repair
or correction.
***********************
Release notes - 2026.05
***********************
The same notes as the 2025.05 release still apply.
***********************
Release notes - 2025.12
***********************
The same notes as the 2025.05 release still apply.
Known Issues or Limitations
---------------------------
- Corstone-1000 with Cortex-A320 FVP does not currently support Symmetric Multiprocessing
- Corstone-1000 with Cortex-A320 FVP becomes unresponsive when the Linux kernel driver for the Ethos-U85 NPU loads automatically after a software reboot.
***********************
Release notes - 2025.05
***********************
Known Issues or Limitations
---------------------------
- Crypto isolation is not supported in the Secure world of Corstone-1000. Additionally, clients in
the Normal world are not isolated from one another.Therefore, if an end user wants to add a new
Secure Partition (SP) (such as a software TPM) that accesses the Crypto service via the SE-Proxy,
they are responsible for implementing their own isolation mechanisms to ensure proper security boundaries.
- DSTREAM debug probe may experience unreliable USB connectivity when used with Arm DS for secure debug.
This issue is under active investigation, and we are working to identify and resolve compatibility issues in a future update.
As a more stable alternative, the ULINKpro debug probe is recommended for use with Corstone-1000 in secure debug scenarios.
***********************
Release notes - 2024.11
***********************
The same notes as the 2024.06 release still apply.
***********************
Release notes - 2024.06
***********************
@@ -38,6 +78,16 @@ Platform Support
- This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.23_25
https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps
SystemReady IR v2.0 Certification Milestone
-------------------------------------------
As of this release, Corstone-1000 has achieved `SystemReady IR v2.0 certification <https://www.arm.com/architecture/system-architectures/systemready-certification-program/ve>`__.
This milestone confirms compliance with the SystemReady IR requirements, ensuring broader compatibility and reliability for deployment.
Applied patch `313ad2a0e600 <https://git.yoctoproject.org/meta-arm/commit/?h=scarthgap&id=313ad2a0e600655d9bfbe53646e356372ff02644>`__ to address compatibility requirements for SystemReady IR v2.0.
This update is included in tag `CORSTONE1000-2024.06-systemready-ir-v2.0 <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2024.06-systemready-ir-v2.0>`__ and builds on the `CORSTONE1000-2024.06` release.
***********************
Release notes - 2023.11
***********************
@@ -236,4 +286,4 @@ For all security issues, contact Arm by email at psirt@arm.com.
--------------
*Copyright (c) 2022-2023, Arm Limited. All rights reserved.*
*Copyright (c) 2022-2026, Arm Limited. All rights reserved.*
@@ -1,10 +1,10 @@
..
# Copyright (c) 2022-2024, Arm Limited.
# Copyright (c) 2022-2026, Arm Limited.
#
# SPDX-License-Identifier: MIT
######################
Software architecture
Software Architecture
######################
@@ -16,137 +16,266 @@ Arm Corstone-1000 is a reference solution for IoT devices. It is part of
Total Solution for IoT which consists of hardware and software reference
implementation.
Corstone-1000 software plus hardware reference solution is PSA Level-2 ready
certified (`PSA L2 Ready`_) as well as System Ready IR certified(`SRIR cert`_).
More information on the Corstone-1000 subsystem product and design can be
found at:
`Arm corstone1000 Software`_ and `Arm corstone1000 Technical Overview`_.
The combination of Corstone-1000 software and hardware reference solution is `PSA Level-2 ready
certified <psa_l2-ready_>`__ as well as `Arm SystemReady Devicetree certified <systemready-ir-certification_>`__.
This readme explicitly focuses on the software part of the solution and
More information on the Corstone-1000 subsystems product and design can be
found on `Arm Developer <arm-developer-cs1000-website_>`__.
This document explicitly focuses on the software part of the solution and
provides internal details on the software components. The reference
software package of the platform can be retrieved following instructions
present in the user-guide document.
present in the user guide document.
***************
Design Overview
***************
The software architecture of Corstone-1000 platform is a reference
implementation of Platform Security Architecture (`PSA`_) which provides
implementation of `Platform Security Architecture <psa-certified-website_>`__ which provides
framework to build secure IoT devices.
The base system architecture of the platform is created from three
different types of systems: Secure Enclave, Host and External System.
Each subsystem provides different functionality to overall SoC.
The base system architecture of the platform is created from three different types of subsystems:
- Secure Enclave
- Host System
- External System
Each subsystem provides different functionality to the overall system on a chip (SoC).
.. image:: images/CorstoneSubsystems.png
:width: 720
:alt: CorstoneSubsystems
Secure Enclave
==============
The Secure Enclave System, provides PSA Root of Trust (RoT) and
cryptographic functions. It is based on an Cortex-M0+ processor,
CC312 Cryptographic Accelerator and peripherals, such as watchdog and
secure flash. Software running on the Secure Enclave is isolated via
hardware for enhanced security. Communication with the Secure Encalve
is achieved using Message Handling Units (MHUs) and shared memory.
On system power on, the Secure Enclave boots first. Its software
comprises of a ROM code (TF-M BL1), MCUboot BL2, and
TrustedFirmware-M(`TF-M`_) as runtime software. The software design on
Secure Enclave follows Firmware Framework for M class
processor (`FF-M`_) specification.
The Secure Enclave boots first on system power on, it provides `PSA Root of Trust (RoT) <psa-certified-website_>`__ and
cryptographic functions. It is based on a Cortex-M0+ processor, CC312 Cryptographic Accelerator and
peripherals such as watchdog and secure flash.
The Host System is based on ARM Cotex-A35 processor with standardized
peripherals to allow for the booting of a Linux OS. The Cortex-A35 has
the TrustZone technology that allows secure and non-secure security
states in the processor. The software design in the Host System follows
Firmware Framework for A class processor (`FF-A`_) specification.
The boot process follows Trusted Boot Base Requirement (`TBBR`_).
The Host Subsystem is taken out of reset by the Secure Enclave system
during its final stages of the initialization. The Host subsystem runs
FF-A Secure Partitions(based on `Trusted Services`_) and OPTEE-OS
(`OPTEE-OS`_) in the secure world, and U-Boot(`U-Boot repo`_) and
linux (`linux repo`_) in the non-secure world. The communication between
non-secure and the secure world is performed via FF-A messages.
.. image:: images/Corstone1000SecureFlashMPS3.png
:width: 400
:alt: Corstone1000SecureFlashMPS3
An external system is intended to implement use-case specific functionality.
The system is based on Cortex-M3 and run RTX RTOS. Communication between the
external system and Host (Cortex-A35) can be performed using MHU as transport
mechanism. The current software release supports switching on and off the
external system. Support for OpenAMP-based communication is under
development.
.. image:: images/Corstone1000SecureFlashFVP.png
:width: 400
:alt: Corstone1000SecureFlashFVP
Overall, the Corstone-1000 architecture is designed to cover a range
of Power, Performance, and Area (PPA) applications, and enable extension
for use-case specific applications, for example, sensors, cloud
connectivitiy, and edge computing.
Software running on the Secure Enclave is isolated via hardware for enhanced security.
Communication with the Secure Enclave is achieved using `Message Handling Units (MHUs) <arm-developer-mhu-website_>`__
and shared memory.
Its software components comprises:
- `Trusted Firmware-M (TF-M) BL1 <trusted-firmware-m-bl1-website_>`__
- `MCUboot <mcuboot-website_>`__
- `TrustedFirmware-M <trusted-firmware-m-website_>`__
The software design on the Secure Enclave follows `Arm Firmware Framework for M-Profile
processor <arm-fmw-framework-m-profile-pdf_>`__ (FF-M) specification.
Host System
===========
The Host System is based on ARM Cortex-A35 processor with standardized
peripherals to allow booting a Linux-based operating system (OS). The Cortex-A35 has
the `TrustZone <arm-trustzone-for-cortex-a-website_>`__ technology that allows Secure and Non-secure security
states in the processor.
The boot process follows `Trusted Boot Base Requirements Client <trusted-board-boot-requirements-client-pdf_>`__.
The Host System is taken out of reset by the Secure Enclave system during its final stages of the
initialization.
In the Secure world, the Host System runs:
- FF-A Secure Partitions (based on `Trusted Services <trusted-services-website_>`__)
- `OP-TEE OS <op-tee-os-repository_>`__
In the Non-secure World, the Host System runs:
- `U-Boot <das-u-boot-repository_>`__
- `Linux kernel <linux-repository_>`__
The software design in the Host System follows `Arm Firmware Framework for Arm A-profile
<arm-fmw-framework-a-profile-pdf_>`__ (FF-A) specification.
The communication between Non-secure and the Secure world is performed via FF-A messages.
External System
===============
The External System is intended to implement use-case specific functionality.
The system is based on Cortex-M3 and runs `Keil RTX5 <keil-rtx5-website_>`__.
Communication between the external system and Host (Cortex-A35) can be performed using MHU as transport
mechanism. The current software release supports switching the External System ON and OFF.
The Corstone-1000 architecture is designed to cover a range of
`Power, Performance, and Area (PPA) <ppa-website_>`__ applications, and enable extension
for use-case specific applications, for example, sensors, cloud connectivity, and edge computing.
*****************
Secure Boot Chain
*****************
For the security of a device, it is essential that only authorized
software should run on the device. The Corstone-1000 boot uses a
Secure Boot Chain process where an already authenticated image verifies
and loads the following software in the chain. For the boot chain
process to work, the start of the chain should be trusted, forming the
Root of Trust (RoT) of the device. The RoT of the device is immutable in
nature and encoded into the device by the device owner before it
is deployed into the field. In Corstone-1000, the content of the ROM
and CC312 OTP (One Time Programmable) memory forms the RoT.
software should run on the device.
Verification of an image can happen either by comparing the computed and
stored hashes, or by checking the signature of the image if the image
is signed.
The Corstone-1000 boot uses a `Secure boot <arm-developer-secureboot-website_>`__ chain process
where an already authenticated image verifies and loads the following software in the chain.
For the boot chain process to work, the start of the chain should be trusted, forming the
Root of Trust (RoT) of the device. The RoT of the device is immutable in
nature and encoded into the device by the device manufacturer before it
is deployed into the field.
In Corstone-1000, the content of the ROM and CC312 One Time Programmable (OTP) memory forms the RoT.
Verification of an image can happen either by comparing the computed and stored hashes, or by
checking the signature of the image if the image is signed.
.. image:: images/SecureBootChain.png
:width: 870
:alt: SecureBootChain
It is a lengthy chain to boot the software on Corstone-1000. On power on,
the Secure Enclave starts executing BL1_1 code from the ROM which is the RoT
of the device. The BL1_1 is the immutable bootloader of the system, it handles
the provisioning on the first boot, hardware initialization and verification
of the next stage.
It is a lengthy chain to boot the software on Corstone-1000.
The BL1_2 code, hashes and keys are written into the OTP during the provisioning.
The next bootstage is the BL1_2 which is copied from the OTP into the RAM. The
BL1_1 also compares the BL1_2 hash with the hash saved to the OTP. The BL1_2
verifies and transfers control to the next bootstage which is the BL2. During the
verification, the BL1_2 compares the BL2 image's computed hash with the BL2 hash in
the OTP. The BL2 is MCUBoot in the system. BL2 can provision additional keys on the
first boot and it authenticates the initial bootloader of the host (Host TF-A BL2)
and TF-M by checking the signatures of the images.
The MCUBoot handles the image verification the following way:
TF-M BL1_1
==========
- Load image from a non-volatile memory to dynamic RAM.
- The public key present in the image header is validated by comparing with the hash.
Depending on the image, the hash of the public key is either stored in the OTP or part
of the software which is being already verified in the previous stages.
- The image is validated using the public key.
On power-up, the Secure Enclave begins execution from TF-M BL1_1, which resides in ROM and serves as
the Root of Trust (RoT) for the device.
TF-M BL1_1 is the immutable bootloader and is responsible for:
- Provisioning the device during the first boot
- Performing hardware initialization
- Verifying the integrity and authenticity of the next stage in the boot chain
At boot time, TF-M BL1_1:
- Copies the TF-M BL1_2 image from OTP to RAM.
- Verifies the integrity of BL1_2 by comparing its computed hash with the hash stored in OTP.
TF-M BL1_2
==========
During provisioning, the TF-M BL1_2 binary, along with its hashes and cryptographic keys, is stored
in One-Time Programmable (OTP) memory.
Once verified, TF-M BL1_2:
- Takes control and verifies the next stage in the boot chain, which is TF-M BL2.
- Computes the hash of the BL2 image and compares it with the BL2 hash stored in OTP to ensure
integrity before transferring execution to BL2.
.. note::
The TF-M BL1 design details can be found in the `TF-M design documents <trusted-firmware-m-bl1-website_>`_.
.. important::
Corstone-1000 has some differences compared to this design due to memory (OTP/ROM)
limitations:
- BL1_1 code size is larger than needed because it handles most of the hardware initialization instead of the BL1_2.
- BL1_2 cannot be updated during provisioning time because the provisioning bundle that contains its code is located in the ROM.
- BL1_2 does not use the post-quantum LMS verification.
- BL2 cannot be updated because it is verified by comparing the computed hash to the hash stored in the OTP.
TF-M BL2
========
In this system, TF-M BL2 refers to MCUBoot.
On the first boot, MCUBoot can provision additional cryptographic keys. It is responsible for authenticating both:
- TF-M (Trusted Firmware-M), and
- The initial bootloader of the Host system, `Trusted Firmware-A (TF-A) BL2 <trusted-firmware-a-bl2-website_>`__
This authentication is done by verifying the digital signatures of the respective images.
MCUBoot performs image verification in the following steps:
#. Load the image from non-volatile memory into RAM.
#. Validate the image's signature using the corresponding public key.
.. note::
The public key present in the image header is validated by comparing with the hash.
Depending on the image, the hash of the public key is either stored in the OTP or part
of the software which is being already verified in the previous stages.
The execution control is passed to TF-M after the verification. TF-M being
the runtime executable of the Secure Enclave which initializes itself and, at the end,
brings the host CPU out of rest.
The execution control is passed to TF-M after the verification.
As the runtime executable of the Secure Enclave, TF-M initializes itself before
bringing the Host system out of reset.
The TF-M BL1 design details and reasoning can be found in the `TF-M design documents
<https://tf-m-user-guide.trustedfirmware.org/design_docs/booting/bl1.html>`_.
The Corstone-1000 has some differences compared to this design due to memory (OTP/ROM)
limitations:
- The provisioning bundle that contains the BL1_2 code is located in the ROM.
This means the BL1_2 cannot be updated during provisioning time.
- The BL1_1 handles most of the hardware initialization instead of the BL1_2. This
results in a bigger BL1_1 code size than needed.
- The BL1_2 does not use the post-quantum LMS verification. The BL2 is verified by
comparing the computed hash to the hash which is stored in the OTP. This means the
BL2 is not updatable.
Host System Authentication
==========================
The host follows the boot standard defined in the `TBBR`_ to authenticate the
secure and non-secure software.
The Host system follows the boot standard defined in the `Trusted Board Boot Requirements Client <trusted-board-boot-requirements-client-pdf_>`__
to authenticate the Secure and Non-secure software.
The `Firmware Image Package (FIP) <trusted-firmware-a-fip-guide_>`__ packs bootloader images and
other payloads into a single archive.
.. image:: images/FIPDiagram.png
:alt: FIPDiagram
The FIP for Corstone-1000 contains:
- Trusted firmware-A BL2
- AP EL3 Runtime firmware, BL31 image
- AP Secure Payload, BL32 image
- AP Normal world firmware -U-boot, BL33 image
- Trusted OS Firmware configuration file used by Trusted OS (BL32), TOS_FW_CONFIG
- Key certificates
- Content certificates
To load and validate TF-A BL2, TF-M BL2 first parses the GUID Partition Table (GPT)
to locate the FIP. It then determines the offset of TF-A BL2 within the FIP.
.. note::
TF-M does not check the FIP signature, it only checks the TF-A BL2's signature in the FIP.
.. important::
The implicitly trusted components are:
- A SHA-256 hash of the Root of Trust Public Key (ROTPK) -
For development purposes, a development ROTPK is used and its hash embedded into the TF-A BL2 image.
This public key is provided by the TF-A source code.
- TF-A BL2 image - it can be trusted because it has been verified by TF-M BL2 before starting TF-A.
The remaining components in the Chain of Trust (CoT) are either certificates or bootloader images.
Bootloader Authentication
-------------------------
The FIP contains two types of certificates:
- **Content Certificates** - used to store the hash of a bootloader image.
- **Key Certificates** - used to verify public keys used to sign Content Certificates.
The Host system bootloader images are authenticated by computing their hash and comparing it to the corresponding hash found in the Content Certificate.
Certificates Verification
-------------------------
The public keys defined in the Trusted Key Certificate are used to verify the later certificates in
the CoT process. The Trusted Key Certificate is verified with the Root of Trust Public Key.
UEFI Authenticated Variables
----------------------------
For UEFI Secure Boot, authenticated variables can be accessed from the secure flash.
The feature has been integrated in U-Boot, which authenticates the images as per the UEFI
@@ -156,79 +285,140 @@ specification before executing them.
Secure Services
***************
Corstone-1000 is unique in providing a secure environment to run a secure
workload. The platform has TrustZone technology in the Host subsystem but
it also has hardware isolated Secure Enclave environment to run such secure
workloads. In Corstone-1000, known Secure Services such as Crypto, Protected
Storage, Internal Trusted Storage and Attestation are available via PSA
Functional APIs in TF-M. There is no difference for a user communicating to
these services which are running on a Secure Enclave instead of the
secure world of the host subsystem. The below diagram presents the data
flow path for such calls.
Corstone-1000 is unique in offering a secure environment for running trusted workloads.
While the Host system includes TrustZone technology, the platform also features a hardware-isolated
Secure Enclave, specifically designed to execute these secure workloads.
In Corstone-1000, essential Secure Services—such as Cryptography, Protected Storage,
Internal Trusted Storage, and Attestation—are provided through PSA Functional APIs implemented in TF-M.
From the user's perspective, there is no difference when communicating with these services,
whether they run in the Secure Enclave or in the Secure world of the Host system.
The diagram below illustrates the data flow for such calls.
.. image:: images/SecureServices.png
:width: 930
:alt: SecureServices
The Secure Enclave Proxy Secure Partition (SE Proxy SP) is a proxy managed by OP-TEE that forwards
Secure Service calls to the Secure Enclave. This communication uses the `RSE communication protocol <https://tf-m-user-guide.trustedfirmware.org/platform/arm/rse/rse_comms.html>`_.
While the protocol supports shared memory and MHU interrupts as a doorbell mechanism between cores,
in Corstone-1000, the entire message is currently transmitted through the MHU channels.
Corstone-1000 implements Isolation Level 2 using the Cortex-M0+ Memory Protection Unit (MPU).
The SE Proxy SP (Secure Enclave Proxy Secure Partition) is a proxy partition
managed by OPTEE which forwards such calls to the Secure Enclave. The
solution relies on the `RSE communication protocol
<https://tf-m-user-guide.trustedfirmware.org/platform/arm/rse/rse_comms.html>`_
which is a lightweight serialization of the psa_call() API. It can use shared
memory and MHU interrupts as a doorbell for communication between two cores
but currently the whole message is forwarded through the MHU channels in Corstone-1000.
Corstone-1000 implements isolation level 2. Cortex-M0+ MPU (Memory Protection
Unit) is used to implement isolation level 2.
For a user to define its own secure service, both the options of the host
secure world or secure encalve are available. It's a trade-off between
lower latency vs higher security. Services running on a Secure Enclave are
secure by real hardware isolation but have a higher latency path. In the
second scenario, the services running on the secure world of the host
subsystem have lower latency but virtual hardware isolation created by
TrustZone technology.
Users can define their own secure services to run either in the Host system's Secure World or in
the Secure Enclave. This choice involves a trade-off between latency and security.
Services running in the Secure Enclave benefit from strong, hardware-enforced isolation,
offering higher security but at the cost of increased latency. In contrast, services running in the
Host Secure World experience lower latency, but rely on TrustZone technology for virtualized isolation,
which offers comparatively less robust security.
**********************
Secure Firmware Update
**********************
**************************
PSA Secure Firmware Update
**************************
Apart from always booting the authorized images, it is also essential that
the device only accepts the authorized (signed) images in the firmware update
process. Corstone-1000 supports OTA (Over the Air) firmware updates and
follows Platform Security Firmware Update specification (`FWU`_).
The Arm Corstone-1000 platform necessitates a robust, secure, and flexible firmware update mechanism
including partial capsule update to ensure fielded devices can receive critical patches, feature enhancements,
and security fixes without compromising system integrity. To meet these requirements, we have implemented the
Platform Security Architecture (PSA) Firmware Update (FWU) framework on Corstone-1000, leveraging Trusted Firmware-M (TF-M)
for the Secure Enclave, U-Boot as the host-side client on Cortex-A, and the UEFI capsule update mechanism for payload
encapsulation. This design supports both the Fixed Virtual Platform (FVP) and the Field Programmable Gate Array (FPGA)
targets, providing consistent behavior across simulation and silicon-based deployments. The Corstone-1000 supports FWU
which complies with the `Platform Security Firmware Update for the A-profile Arm Architecture <platform-security-fwu-for-a-profile-pdf_>`__
and `PSA Firmware Update IHI 0093 <psa-firmware-update-ihi-0093-api-reference-website_>`__
specifications.
As standardized into `FWU`_, the external flash is divided into two
banks of which one bank has currently running images and the other bank is
used for staging new images. There are four updatable units, i.e. Secure
Enclave's BL2 and TF-M, and Host's FIP (Firmware Image Package) and Kernel
Image (the initramfs bundle). The new images are accepted in the form of a UEFI capsule.
To standardize and streamline capsule creation with multiple FMP payloads, the `EDK2 capsule generation tool <edk2-capsule-generation-tool-repository_>`__
tool has been integrated into the meta-arm Yocto layer for Corstone1000. This integration involves defining
build rules for generating UEFI capsules as part of the firmware image build process. Configuration parameters
exposed in the recipe allow developers to specify the number of FMP payloads, target image GUIDs, version numbers etc.
This capsule ensures that all update payloads conform to the UEFI FMP specification and are ready for
validation and delivery by UBoot.
The FWU solution for Corstone-1000 is composed of three primary domains:
- Host System
- Trusted Services intermediary
- Secure Enclave
Each domain has distinct responsibilities and communicates through standardized interfaces.
.. image:: images/SystemArchitecturePSAFirmwareUpdate.png
:width: 690
:alt: SystemArchitecturePSAFirmwareUpdate
On the host side, U-Boot functions as the FWU client and orchestrates the update process from capsule retrieval to
payload delivery based on `PSA FWU DEN0018 specification <psa-fwu-den0018-specification-website_>`__
via Arm FF-A framework. The Trusted-Services SE Proxy secure partition serves as a gateway between the non-secure host
environment and the Secure Enclave. The `PSA FWU service <ts-psa-fwu-service-website_>`__ running in the Trusted Services
implementation forwards the data to the Secure Enclave via MHU-based PSA calls. Within the Secure Enclave, the PSA FWU
Agent, conforming to `PSA Firmware Update IHI 0093 <psa-firmware-update-ihi-0093-api-reference-website_>`__ specification,
orchestrates the actual flash programming, metadata management, and rollback protection mechanisms. The agent relies on a
bespoke `shim layer <tfm-shim-layer-website_>`__ to abstract hardwarespecific flash operations and bootloader interactions.
As defined in the specification, the external flash is divided into two banks: one bank holds the
currently running images, while the other is used to stage new images.
There are four updatable components: **BL2**, **TF-M**, **the FIP** and **the Kernel Image** (the initramfs bundle).
New images are delivered and accepted in the form of UEFI capsules.
.. image:: images/ExternalFlash.png
:width: 690
:alt: ExternalFlash
When Firmware update is triggered, U-Boot verifies the capsule by checking the
capsule signature, version number and size. Then it signals the Secure Enclave
that can start writing UEFI capsule into the flash. Once this operation finishes
,Secure Enclave resets the entire system.
The Metadata Block in the flash has the below firmware update state machine.
TF-M runs an OTA service that is responsible for accepting and updating the
images in the flash. The communication between the UEFI Capsule update
subsystem and the OTA service follows the same data path explained above.
The OTA service writes the new images to the passive bank after successful
capsule verification. It changes the state of the system to trial state and
triggers the reset. Boot loaders in Secure Enclave and Host read the Metadata
block to get the information on the boot bank. In the successful trial stage,
the acknowledgment from the host moves the state of the system from trial to
regular. Any failure in the trial stage or system hangs leads to a system
reset. This is made sure by the use of watchdog hardware. The Secure Enclave's
BL1 has the logic to identify multiple resets and eventually switch back to the
previous good bank. The ability to revert to the previous bank is crucial to
guarantee the availability of the device.
When a FWU is initiated on Corstone-1000, the following sequence of operations takes place:
#. **Capsule Retrieval and Preparation**
U-Boot on the host system retrieves the firmware capsule.
It validates the capsule header and parses the FMP (Firmware Management Protocol) descriptor list to identify the payloads to be updated.
For each FMP descriptor, U-Boot:
Splits the firmware payload into 4 KiB chunks.
Invokes the PSA_FWU_Update API for each chunk, transmitting the buffer address via the FF-A (Firmware Framework for Arm) shared memory interface.
#. **Secure Transmission and Forwarding**
The PSA Firmware Update (FWU) service, running as part of Trusted Services, receives the chunks through Secure Partition Client (SPC) calls.
It forwards these chunks to the Secure Enclave using MHU-based PSA calls.
#. **Flashing Within the Secure Enclave**
Inside the Secure Enclave, the PSA FWU Agent dispatches each chunk to the shim layer.
The shim layer:
Erases the corresponding sectors in the non-active flash bank.
Writes the received firmware chunks at the correct offsets.
During partial updates, it also copies static partitions from the active bank to the non-active one to maintain consistency.
#. **Finalization and Boot Preparation**
After all chunks are successfully written:
The shim updates the firmware manifest and the EFI System Resource Table (ESRT) entries to reflect the new image version.
This step enables the bootloader to recognize the new firmware for a trial boot.
The platform then performs an automatic reset, booting into the non-active bank in trial mode.
#. **Trial Boot and Confirmation**
In trial mode, U-Boot evaluates the new firmware and issues either an accept or reject command using the PSA FWU ABI.
These commands are sent to the Secure Enclave, instructing the shim to update the firmware metadata accordingly.
#. **Recovery and Fallback Mechanism**
If the trial boot is successful, the host sends an acknowledgment, transitioning the firmware state from 'trial' to 'regular'.
If the system fails or becomes unresponsive:
A watchdog timer triggers a system reset.
The BL1 firmware in the Secure Enclave detects repeated failures and reverts to the previously known-good flash bank.
This rollback mechanism ensures the device remains operational and recoverable, even after a failed update.
.. image:: images/SecureFirmwareUpdate.png
@@ -241,13 +431,15 @@ guarantee the availability of the device.
UEFI Runtime Support in U-Boot
******************************
Implementation of UEFI boottime and runtime APIs require variable storage.
In Corstone-1000, these UEFI variables are stored in the Protected Storage
service. The below diagram presents the data flow to store UEFI variables.
The U-Boot implementation of the UEFI subsystem uses the U-Boot FF-A driver to
communicate with the SMM Service in the secure world. The backend of the
SMM service uses the proxy PS from the SE Proxy SP. From there on, the PS
calls are forwarded to the Secure Enclave as explained above.
The implementation of UEFI boot-time and runtime APIs requires persistent variable storage. In
Corstone-1000, UEFI variables are stored using the Protected Storage (PS) service.
The diagram below illustrates the data flow for storing UEFI variables. U-Boots UEFI subsystem
communicates with the Secure World using the U-Boot FF-A driver, which interfaces with the `UEFI System Management Mode (SMM) service <trusted-services-uefi-smm-website_>`__.
The SMM service provides support for the UEFI System Management Mode. This support is implemented by the SMM Gateway secure partition.
The SMM service then uses the Proxy Protected Storage (PS) provided by the SE Proxy SP.
These PS calls are forwarded to the Secure Enclave, following the communication path described earlier.
.. image:: images/UEFISupport.png
@@ -255,30 +447,43 @@ calls are forwarded to the Secure Enclave as explained above.
:alt: UEFISupport
***************
**********
References
***************
`ARM corstone1000 Search`_
`Arm security features`_
**********
* `Arm Developer <arm-developer-cs1000-search_>`__
* `Arm Security Architectures <arm-architecture-security-features-platform-security_>`_
--------------
*Copyright (c) 2022-2023, Arm Limited. All rights reserved.*
*Copyright (c) 2022-2026, Arm Limited. All rights reserved.*
.. _Arm corstone1000 Technical Overview: https://developer.arm.com/documentation/102360/0000
.. _Arm corstone1000 Software: https://developer.arm.com/Tools%20and%20Software/Corstone-1000%20Software
.. _Arm corstone1000 Search: https://developer.arm.com/search#q=corstone-1000
.. _Arm security features: https://www.arm.com/architecture/security-features/platform-security
.. _linux repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
.. _FF-A: https://developer.arm.com/documentation/den0077/latest
.. _FF-M: https://developer.arm.com/architectures/Firmware%20Framework%20for%20M-Profile
.. _FWU: https://developer.arm.com/documentation/den0118/a/
.. _OPTEE-OS: https://github.com/OP-TEE/optee_os
.. _PSA: https://www.psacertified.org/
.. _PSA L2 Ready: https://www.psacertified.org/products/corstone-1000/
.. _SRIR cert: https://armkeil.blob.core.windows.net/developer/Files/pdf/certificate-list/arm-systemready-ir-certification-arm-corstone-1000.pdf
.. _TBBR: https://developer.arm.com/documentation/den0006/latest
.. _TF-M: https://www.trustedfirmware.org/projects/tf-m/
.. _Trusted Services: https://www.trustedfirmware.org/projects/trusted-services/
.. _U-Boot repo: https://github.com/u-boot/u-boot.git
.. _arm-developer-cs1000-website: https://developer.arm.com/Tools%20and%20Software/Corstone-1000%20Software
.. _arm-developer-cs1000-search: https://developer.arm.com/search#q=corstone-1000
.. _arm-developer-mhu-website: https://developer.arm.com/documentation/ka005129/latest/#:~:text=An%20MHU%20is%20a%20device,that%20a%20message%20is%20available
.. _arm-developer-secureboot-website: https://developer.arm.com/documentation/PRD29-GENC-009492/c/TrustZone-Software-Architecture/Booting-a-secure-system/Secure-boot
.. _arm-architecture-security-features-platform-security: https://www.arm.com/architecture/security-features/platform-security
.. _linux-repository: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
.. _arm-trustzone-for-cortex-a-website: https://www.arm.com/technologies/trustzone-for-cortex-a
.. _arm-fmw-framework-a-profile-pdf: https://developer.arm.com/documentation/den0077/latest
.. _arm-fmw-framework-m-profile-pdf: https://developer.arm.com/architectures/Firmware%20Framework%20for%20M-Profile
.. _platform-security-fwu-for-a-profile-pdf: https://developer.arm.com/documentation/den0118/a/
.. _psa-firmware-update-ihi-0093-api-reference-website: https://arm-software.github.io/psa-api/fwu/1.0/api/api.html
.. _edk2-capsule-generation-tool-repository: https://github.com/tianocore/edk2/blob/master/BaseTools/Source/Python/Capsule/GenerateCapsule.py
.. _psa-fwu-den0018-specification-website: https://developer.arm.com/documentation/den0118/latest/
.. _ts-psa-fwu-service-website: https://trusted-services.readthedocs.io/en/stable/services/fwu/psa-fwu-m.html
.. _tfm-shim-layer-website: https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/services/tfm_fwu_service.html#shim-layer-between-fwu-and-bootloader
.. _op-tee-os-repository: https://github.com/OP-TEE/optee_os
.. _psa-certified-website: https://www.psacertified.org/
.. _psa_l2-ready: https://www.psacertified.org/products/corstone-1000/
.. _systemready-ir-certification: https://armkeil.blob.core.windows.net/developer/Files/pdf/certificate-list/arm-systemready-ve-arm-neoverse.pdf
.. _trusted-board-boot-requirements-client-pdf: https://developer.arm.com/documentation/den0006/latest
.. _trusted-firmware-m-website: https://www.trustedfirmware.org/projects/tf-m/
.. _trusted-firmware-m-bl1-website: https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/booting/bl1.html
.. _trusted-firmware-a-bl2-website: https://developer.arm.com/documentation/108028/0000/RD-TC22-software/Software-components/AP-firmware/Trusted-firmware-A-BL2
.. _trusted-firmware-a-fip-guide: https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#firmware-image-package-fip
.. _trusted-services-website: https://www.trustedfirmware.org/projects/trusted-services/
.. _trusted-services-uefi-smm-website: https://trusted-services.readthedocs.io/en/integration/services/uefi-smm-services.html#
.. _das-u-boot-repository: https://github.com/u-boot/u-boot.git
.. _keil-rtx5-website: https://developer.arm.com/Tools%20and%20Software/Keil%20MDK/RTX5%20RTOS
.. _ppa-website: https://developer.arm.com/documentation/102738/0100/Power--performance--and-area-analysis
.. _mcuboot-website: https://docs.mcuboot.com/
File diff suppressed because it is too large Load Diff
+5 -4
View File
@@ -1,4 +1,4 @@
# Copyright (c) 2022, Arm Limited.
# Copyright (c) 2022-2024, Arm Limited.
#
# SPDX-License-Identifier: MIT
@@ -6,6 +6,7 @@
jinja2==3.1.1
# Required to build the documentation
sphinx~=5.0
sphinx_rtd_theme~=2.0.0
docutils==0.17.1
sphinx==7.1.2
myst-parser~=3.0.1
sphinx_rtd_theme~=3.0.0
docutils~=0.18.1
@@ -1,2 +0,0 @@
FILESEXTRAPATHS:append := "${THISDIR}/files/${MACHINE}:"
SRC_URI:append = " file://report.txt"
@@ -1 +0,0 @@
include arm-systemready-ir-acs-${MACHINE}.inc
@@ -1,5 +0,0 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files/fvp-base:"
SRC_URI:append = " \
file://0001-check-sr-results-Change-the-expected-SR-result-confi.patch \
"
@@ -1 +0,0 @@
include arm-systemready-scripts-native-${MACHINE}.inc
@@ -1,227 +0,0 @@
From e3e0465a25f9b1607b2e5ed42afb7b556aa8b9bc Mon Sep 17 00:00:00 2001
From: Debbie Martin <Debbie.Martin@arm.com>
Date: Wed, 4 Oct 2023 18:40:18 +0100
Subject: [PATCH] [PATCH] check-sr-results: Change the expected SR result
config
Update the check-sr-results.yaml and format-sr-results.yaml files for the
Systemready IR suite. These changes are required because of the
following known differences of fvp-base outputs to those expected by the
SystemReady scripts.
Changes to check-sr-results.yaml:
1. acs-console.log:
a. must-have-esp: EFI partition/variable persistence not supported due to
FVP reset.
b. warn-once-if-contains "-dirty": BL1, BL2, and BL31 have dirty versions.
c. must-contain "efi: ESRT=0x" and "'esrt: Reserving ESRT space from 0x'":
Capsule updates are not supported.
d. error-if-contains: "No EFI system partition" and "Failed to persist
EFI variables": EFI partition/variable persistence not supported due to
FVP reset.
2. acs_results/result.md:
a. must-contain "Failure: |0|": Capsule and EFI partition failures make
the total 20.
3. acs_results/CapsuleApp_ESRT_table_info.log:
a. capsuleapp-esrt: Capsule updates are not supported.
b. must-contain "'EFI_SYSTEM_RESOURCE_TABLE:'" and
"EFI_SYSTEM_RESOURCE_ENTRY": EFI partition/variable persistence not
supported due to FVP reset.
c. must-contain "FwClass": Capsule updates are not supported.
d. error-if-contains "ESRT - Not Found": Capsule updates are not
supported.
4. acs_results/CapsuleApp_FMP_protocol_info.log:
a. warn-if-contains "Aborted test": Capsule updates are not supported.
This patch also adds must-contain for the specific totals of the test
categories due to allowing the "Aborted test" string.
5. acs_results/linux_dump/firmware/efi/esrt:
a. Remove whole directory because capsule updates are not supported.
6. acs_results/uefi/temp:
a. Set min-entries to 0: this defaults to 1 despite the directory being
optional, so errors if a directory is empty.
7. acs_results/uefi_dump:
a. min-entries is 13: change this to 11 due to smbiosview.log being
optional and the change to make map.log optional.
8. acs_results/uefi_dump/dh.log:
a. must-contain "EFISystemPartition": EFI partition/variable persistence
not supported due to FVP reset.
b. must-contain "FirmwareManagement": Capsule updates are not supported.
9. acs_results/uefi_dump/map.log:
a. Make optional because it isn't populated for IR.
10. fw:
a. Make optional because capsule updates are not supported.
11. os-logs:
a. Make optional because distro installation isn't done as part of ACS.
Changes to format-sr-results.yaml:
1. Remove the SIE section (not supported on fvp-base and, if present, causes
format-sr-results.py to error).
Upstream-Status: Inappropriate
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
---
check-sr-results.yaml | 34 ++++++++++++++--------------------
format-sr-results.yaml | 15 ---------------
2 files changed, 14 insertions(+), 35 deletions(-)
diff --git a/check-sr-results.yaml b/check-sr-results.yaml
index a4235de..555fb71 100644
--- a/check-sr-results.yaml
+++ b/check-sr-results.yaml
@@ -10,7 +10,6 @@ check-sr-results-configuration:
# The following tree applies to all ACS-IR 2.0 versions.
tree:
- file: acs-console.log
- must-have-esp:
must-contain:
- Booting `bbr/bsa'
- Press any key to stop the EFI SCT running
@@ -24,8 +23,6 @@ tree:
- 'EFI stub: Booting Linux Kernel...'
- 'EFI stub: Using DTB from configuration table'
- Linux version
- - 'efi: ESRT=0x'
- - 'esrt: Reserving ESRT space from 0x'
- systemd
- Executing FWTS for EBBR
- 'Test: UEFI'
@@ -36,13 +33,9 @@ tree:
- ACS run is completed
- Please press <Enter> to continue ...
warn-once-if-contains:
- - -dirty
- 'EFI stub: ERROR:'
- 'FIRMWARE BUG:'
- OVERLAP DETECTED
- error-if-contains:
- - No EFI system partition
- - Failed to persist EFI variables
- dir: acs_results
min-entries: 8 # Allow missing result.md
max-entries: 9
@@ -53,7 +46,7 @@ tree:
must-contain:
- SCT Summary
- Dropped:|0|
- - Failure:|0|
+ - Failure:|20|
- Warning:|0|
- Dropped by group
- Failure by group
@@ -64,16 +57,11 @@ tree:
max-entries: 2
tree:
- file: CapsuleApp_ESRT_table_info.log
- capsuleapp-esrt:
must-contain:
- ESRT TABLE
- - 'EFI_SYSTEM_RESOURCE_TABLE:'
- - EFI_SYSTEM_RESOURCE_ENTRY
- - FwClass
error-if-contains:
- FwResourceCount - 0x0
- FwResourceCountMax - 0x0
- - ESRT - Not Found
- file: CapsuleApp_FMP_protocol_info.log
must-contain:
- FMP DATA
@@ -95,9 +83,14 @@ tree:
- 'Medium failures: NONE'
- 'Low failures: NONE'
- 'Other failures: NONE'
+ - 'dt_base | 3| | | | | |'
+ - 'esrt | | | 2| | | |'
+ - 'uefibootpath | | | | | | |'
+ - 'uefirtmisc | 1| | | | 8| |'
+ - 'uefirttime | 4| | | | 35| |'
+ - 'uefirtvariable | 2| | | | 10| |'
+ - 'uefivarinfo | | | | | 1| |'
- 'Total:'
- warn-if-contains:
- - Aborted test
error-if-contains:
- FAILED
- This is an invalid entry.
@@ -180,6 +173,7 @@ tree:
tree:
- file: OsIndicationsSupported-*
- dir: esrt
+ optional:
tree:
- dir: entries
tree:
@@ -314,8 +308,9 @@ tree:
- BSA tests complete. Reset the system.
- dir: temp # This sometimes remains; ignore it
optional:
+ min-entries: 0
- dir: uefi_dump
- min-entries: 13
+ min-entries: 11
max-entries: 13
tree:
- file: bcfg.log
@@ -331,8 +326,6 @@ tree:
must-contain:
- Handle dump
- DevicePath
- - EFISystemPartition
- - FirmwareManagement
- SimpleTextOut
- file: dmem.log
must-contain:
@@ -355,6 +348,7 @@ tree:
- DRIVER NAME
- file: ifconfig.log
- file: map.log
+ optional:
must-contain:
- Mapping table
- /HD(1,GPT,
@@ -392,7 +386,7 @@ tree:
- dir: docs
optional:
- dir: fw
- min-entries: 3
+ optional:
tree:
- file: u-boot-sniff.log
must-contain:
@@ -500,7 +494,7 @@ tree:
- dir: manual-results
optional:
- dir: os-logs
- min-entries: 2
+ optional:
tree:
- file: 'OS-image-download-links.txt'
optional:
diff --git a/format-sr-results.yaml b/format-sr-results.yaml
index dd34cd6..20b69de 100644
--- a/format-sr-results.yaml
+++ b/format-sr-results.yaml
@@ -47,21 +47,6 @@ subs:
extract:
filename: "acs_results/linux_dump/firmware/devicetree/base/psci/\
compatible"
- - heading: BBSR Compliance
- paragraph: TBD
- subs:
- - heading: SIE SCT
- extract:
- filename: acs_results/SIE/result.md
- find: '# SCT Summary'
- first-line: 4
- last-line:
- paragraph: TBD
- - heading: SIE FWTS
- extract:
- filename: acs_results/SIE/fwts/FWTSResults.log
- find: Test Failure Summary
- paragraph: TBD
- heading: BSA Compliance (informative)
paragraph: TBD
subs:
--
2.25.1
@@ -1,34 +0,0 @@
General information
-------------------
- Arm SystemReady Band: IR
- System name: FVP Base A AEM
- Prepared by:
- E-mail:
- Date:
System information
------------------
- Company: Arm
- System: FVP Base A AEM
- SoC:
- FW version:
- Memory:
- Storage devices / disks:
- Network controllers:
- Other Hardware information:
Test Logs and Results
---------------------
- ACS version used: 2.0
- ACS URL (if pre-built binary): https://github.com/ARM-software/arm-systemready/blob/v23.03_IR_2.0.0/IR/prebuilt_images/v23.03_2.0.0/ir-acs-live-image-generic-arm64.wic.xz
- Changes to ACS (if built from source):
- Test Logs collected
[X] ACS - SCT
[X] ACS - BSA - UEFI
[X] ACS - BSA - Linux
[X] ACS - FWTS
[X] ACS - Linux boot log
[X] ACS - Linux dumps
[X] ACS - UEFI Shell dumps
[ ] ACS - Capsule Update
@@ -11,30 +11,24 @@ part --source empty --size 3k --offset 17k --part-name="reserved_1" --uuid B1F2F
part --source empty --size 4k --align 4 --offset 20k --part-name="FWU-Metadata" --uuid 3FDFFEE1-3223-4C6B-80F9-B0E7D780C21D --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 24k --part-name="Bkup-FWU-Metadata" --uuid B3068316-5351-4998-823A-3A7B09133EC1 --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 28k --part-name="private_metadata_replica_2" --uuid 3CC3B456-DEC8-4CE3-BC5C-965483CE4828 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
part --source empty --size 4k --align 4 --offset 28k --part-name="private_metadata_replica_1" --uuid 3CC3B456-DEC8-4CE3-BC5C-965483CE4828 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
part --source empty --size 4k --align 4 --offset 32k --part-name="private_metadata_replica_2" --uuid DCE9C503-8DFD-4DCB-8889-647E49641552 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
# The partition type of each of these four partitions should match the type of the images
# in a fiwmare update capsule
# The size has to be aligned to TF-M's SE_BL2_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 144k --sourceparams="file=bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9
part --source rawcopy --size 144k --sourceparams="file=trusted-firmware-m/bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type F1D883F9-DFEB-5363-98D8-686EE3B69F4F
# The size has to be aligned to TF-M's TFM_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 320k --sourceparams="file=tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
part --source rawcopy --size 320k --sourceparams="file=trusted-firmware-m/tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type 7FAD470E-5EC5-5C03-A2C1-4756B495DE61
# Rawcopy of the FIP binary
part --source rawcopy --size 2 --sourceparams="file=signed_fip-corstone1000.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7
part --source rawcopy --size 2560k --sourceparams="file=signed_fip.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type F1933675-5A8C-5B6D-9EF4-846739E89BC8
# Rawcopy of kernel with initramfs
part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type 8197561D-6124-46FC-921E-141CC5745B05
# The offset has to be aligned to TF-M's SE_BL2_BANK_1_OFFSET define (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source empty --size 144k --offset 16392k --align 4 --part-name="bl2_secondary" --uuid 3F0C49A4-48B7-4D1E-AF59-3E4A3CE1BA9F --part-type 64BD8ADB-02C0-4819-8688-03AB4CAB0ED9
part --source empty --size 320k --align 4 --part-name="tfm_secondary" --uuid 009A6A12-64A6-4F0F-9882-57CD79A34A3D --part-type D763C27F-07F6-4FF0-B2F3-060CB465CD4E
part --source empty --size 2 --align 4 --part-name="FIP_B" --uuid 9424E370-7BC9-43BB-8C23-71EE645E1273 --part-type B5EB19BD-CF56-45E8-ABA7-7ADB228FFEA7
part --source empty --size 12 --align 4 --part-name="kernel_secondary" --uuid A2698A91-F9B1-4629-9188-94E4520808F8 --part-type 8197561D-6124-46FC-921E-141CC5745B05
part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type F771AFF9-C7E9-5F99-9EDA-2369DD694F61
# This ensures wic sets the size of the flash as 64MiB in the GPT header, despite only half being filled
part --source empty --size 3k --offset 32748k --part-name="reserved_2" --uuid CCB18569-C0BA-42E0-A429-FE1DC862D660
bootloader --ptable gpt
@@ -0,0 +1,34 @@
# WIC partitioning for corstone1000 internal flash
# Layout and maximum sizes (to be defined):
#
# The entries with --offset parameter should not be relocated
# because BL1 code is statically configured for the given positions
# Partition sizes are fixed since corstone1000 does not support partial update
# and has a limit for each partition to grow.
part --source empty --size 3k --offset 17k --part-name="reserved_1" --uuid B1F2FC8C-A7A3-4485-87CB-16961B8847D7
part --source empty --size 4k --align 4 --offset 20k --part-name="FWU-Metadata" --uuid 3FDFFEE1-3223-4C6B-80F9-B0E7D780C21D --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 24k --part-name="Bkup-FWU-Metadata" --uuid B3068316-5351-4998-823A-3A7B09133EC1 --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 28k --part-name="private_metadata_replica_1" --uuid 3CC3B456-DEC8-4CE3-BC5C-965483CE4828 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
part --source empty --size 4k --align 4 --offset 32k --part-name="private_metadata_replica_2" --uuid DCE9C503-8DFD-4DCB-8889-647E49641552 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
# The partition type of each of these four partitions should match the type of the images
# in a fiwmare update capsule
# The size has to be aligned to TF-M's SE_BL2_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 144k --sourceparams="file=trusted-firmware-m/bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type FBFBEFAA-0A56-50D5-B651-74091D3D62CF
# The size has to be aligned to TF-M's TFM_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 320k --sourceparams="file=trusted-firmware-m/tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type AF4CC7AD-EE2E-5A39-AAD5-FAC8A1E6173C
# Rawcopy of the FIP binary
part --source rawcopy --size 2 --sourceparams="file=signed_fip.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type 55302F96-C4F0-5CF9-8624-E7CC388F2B68
# Rawcopy of kernel with initramfs
part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type 3E8AC972-C33C-5CC9-90A0-CDD3159683EA
# This ensures wic sets the size of the flash as 64MiB in the GPT header, despite only half being filled
part --source empty --size 3k --offset 32748k --part-name="reserved_2" --uuid CCB18569-C0BA-42E0-A429-FE1DC862D660
bootloader --ptable gpt

Some files were not shown because too many files have changed in this diff Show More