1
0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-07-18 04:27:08 +00:00

Compare commits

..

8 Commits

Author SHA1 Message Date
Ross Burton 4dc2a7bf29 arm-bsp/edk2-firmware: fix build on newer hosts
Compiles of edk2-firmware with GCC 15 on the host will fail:

main.c: In function ‘ProcessArgs’:
| main.c:163:42: error: too many arguments to function ‘p->process’; expected 0, have 2
|   163 |                                         (*p->process)( *argv, *(argv+1) );
|       |                                         ~^~~~~~~~~~~~  ~~~~~

We actually already had the fix for this, but were doing SRC_URI +=
_before_ the include file did SRC_URI =, so the patch was never applied.

Move the require to the top of the recipe so this ordering problem does
not happen, and fix the line-endings in the patch that never got applied.

[ YOCTO #16116 ]

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-03-26 09:50:11 -04:00
Michael Safwat 73460c5394 arm-bsp/docs:corstone1000: Update copyright and host tool versions
Update Corstone-1000 documentation to reflect 2026 copyright and
current supported host environment.

Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-23 08:00:19 -05:00
Hugues KAMBA MPIANA 4f9c410953 arm-bsp/docs:corstone1000: Update copyright notice
Update the copyright notice year.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-19 07:00:16 -05:00
Hugues KAMBA MPIANA 7b66a1d63a corstone1000: Fix Ethos-U test build for Cortex-A320 variant
Update the meta-ethos layer SHA to a commit that fixes
Ethos-U test build failures caused by the migration of
ML repositories to GitLab.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-16 15:00:16 -05:00
Hugues KAMBA MPIANA d3a9da81bc docs:corstone1000: Update user guide
- Replace openSUSE Tumbleweed with openSUSE Leap.
- Ensure correct component versions are listed.
- Update changelog and release notes for C25Q4 release.
- Add Positive partial capsule update test.
- Improve user guide for consistency and clarity.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-08 16:00:20 -05:00
Hugues KAMBA MPIANA de9026e481 corstone1000: Pin layers SHA for whinlatter release
Pinned layers in corstone1000-base.yml and corstone1000-a320.yml.

Signed-off-by: Hugues KAMBA MPIANA <hugues.kambampiana@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-08 16:00:20 -05:00
Devaraj Ranganna d9f9fa431b arm-bsp: corstone1000: Enable secure debug on TF-M v2.2.x
Allow TF-M v2.2.1 to boot with Secure Debug enabled on Corstone-1000 and
align the driver implementation with the current psa-adac library.

- Add missing DRBG macros to fix the
  "Failed to generate challenge!" error during Secure Debug.
- Fix an unintended platform reset occurring immediately after setting
  the debug enable bits in the dcu_en register while in SE LCS.

Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-07 09:00:21 -05:00
Ross Burton b295bd407c CI: use whinlatter branches
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2026-01-06 11:00:16 -05:00
399 changed files with 8169 additions and 21502 deletions
+47 -45
View File
@@ -9,16 +9,18 @@ variables:
CPU_REQUEST: ""
# The default machine tag for the build jobs
DEFAULT_TAG: ""
# The directory to use as the persistent cache (the root for DL_DIR,
# SSTATE_DIR, etc). The default is the build tree which will not be
# persistent, so this should be set in the runner.
CACHE_DIR: $CI_PROJECT_DIR
# The machine tag for the ACS test jobs
ACS_TAG: "$DEFAULT_TAG"
# The directory to use as the persistent cache (the root for DL_DIR, SSTATE_DIR, etc)
CACHE_DIR: $CI_BUILDS_DIR/persist
# The container mirror to use
MIRROR_GHCR: ghcr.io
# Whether to run the SystemReady ACS tests
ACS_TEST: 0
# The list of extra Kas fragments to be used when building
EXTRA_KAS_FILES: ""
# Whether warnings should be fatal (0/1)
FATAL_WARNINGS: 0
# The NVD API key to use when fetching CVEs
NVDCVE_API_KEY: ""
stages:
- prep
@@ -39,10 +41,12 @@ stages:
SSTATE_DIR: $CACHE_DIR/sstate
DL_DIR: $CACHE_DIR/downloads
BB_LOGCONFIG: $CI_PROJECT_DIR/ci/logging.yml
TOOLCHAIN_DIR: $CACHE_DIR/toolchains
IMAGE_DIR: $KAS_BUILD_DIR/tmp/deploy/images
TOOLCHAIN_LINK_DIR: $KAS_BUILD_DIR/toolchains
before_script:
- rm -rf $KAS_WORK_DIR
- mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR
- mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
# Generalised fragment to do a Kas build
.build:
@@ -63,15 +67,13 @@ stages:
# Catch all for everything else
- if: '$KERNEL != "linux-yocto-dev"'
script:
- |
KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
echo KASFILES=$KASFILES
kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
kas build $KASFILES
if [ $FATAL_WARNINGS -ne 0 ]; then
./ci/check-warnings $KAS_BUILD_DIR/warnings.log
fi
kas shell ci/base.yml:lockfile.yml --command "$CI_PROJECT_DIR/ci/junit.sh $KAS_WORK_DIR/build"
- KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
- echo KASFILES=$KASFILES
- kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
- kas build $KASFILES
- ./ci/check-warnings $KAS_BUILD_DIR/warnings.log
- kas shell ci/base.yml:lockfile.yml --command "$CI_PROJECT_DIR/ci/junit.sh $KAS_WORK_DIR/build"
artifacts:
name: "logs"
when: on_failure
@@ -110,7 +112,7 @@ update-repos:
echo Using existing lockfile.yml
else
# Be sure that this is the complete list of layers being fetched
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml | tee lockfile.yml
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml:ci/meta-virtualization.yml | tee lockfile.yml
fi
exit $exit_code
artifacts:
@@ -131,6 +133,20 @@ update-repos:
# TS: [none, trusted-services]
# TESTING: testimage
# SECUREDEBUG: [none, secure-debug]
# VIRT: [none, xen]
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: [fvp-base, corstone1000-fvp]
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
# Validate layers are Yocto Project Compatible
check-layers:
@@ -150,6 +166,7 @@ corstone1000-fvp:
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
corstone1000-mps3:
extends: .build
@@ -160,15 +177,6 @@ corstone1000-mps3:
- FIRMWARE: none
SECUREDEBUG: [none, secure-debug]
corstone1000-a320-fvp:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
documentation:
extends: .setup
script:
@@ -200,11 +208,7 @@ fvp-base:
TESTING: testimage
- FIRMWARE: [u-boot, edk2]
TESTING: testimage
- LTS: lts-revisions
TESTING: testimage
- KERNEL: linux-yocto-dev
LATEST: latest-revisions
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
fvps:
extends: .build
@@ -268,7 +272,6 @@ qemuarm64-secureboot:
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TCLIBC: [glibc, musl]
TS: [none, qemuarm64-secureboot-ts]
TESTING: testimage
@@ -282,8 +285,8 @@ qemuarm64:
parallel:
matrix:
- DISTRO: poky-tiny
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- VIRT: xen
qemuarm-secureboot:
extends: .build
@@ -302,9 +305,11 @@ qemuarm:
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
FIRMWARE: edk2
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
qemuarmv5:
extends: .build
@@ -316,18 +321,6 @@ qemuarmv5:
- DISTRO: poky-tiny
TESTING: testimage
rdn2:
extends: .build
parallel:
matrix:
- TESTING: testimage
rdv2:
extends: .build
parallel:
matrix:
- TESTING: testimage
sbsa-ref:
extends: .build
parallel:
@@ -345,5 +338,14 @@ selftest:
- KASFILES=./ci/qemuarm64.yml:./ci/selftest.yml:lockfile.yml
- kas shell --update --force-checkout $KASFILES -c 'oe-selftest --num-processes 2 --select-tag meta-arm --run-all-tests'
sgi575:
extends: .build
parallel:
matrix:
- TESTING: testimage
# FVP binary is x86-only
tags:
- x86_64
toolchains:
extends: .build
@@ -1,8 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 11
includes:
- ci/corstone1000-fvp.yml
machine: corstone1000-a320-fvp
- kas/arm-systemready-firmware.yml
+19
View File
@@ -0,0 +1,19 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-ir-acs.yml
env:
ACS_TEST: "0"
local_conf_header:
testimage: |
TESTIMAGE_AUTO = "${ACS_TEST}"
target:
- arm-systemready-ir-acs
- arm-systemready-linux-distros-debian
- arm-systemready-linux-distros-opensuse
- arm-systemready-linux-distros-fedora
+3 -3
View File
@@ -7,12 +7,12 @@ distro: poky
defaults:
repos:
branch: wrynose
branch: whinlatter
repos:
bitbake:
url: https://git.openembedded.org/bitbake
branch: "2.18"
branch: "2.16"
layers:
bitbake: disabled
@@ -34,7 +34,7 @@ repos:
env:
BB_LOGCONFIG: ""
BB_HASHSERVE: "auto"
TOOLCHAIN_DIR: ""
local_conf_header:
base: |
+21
View File
@@ -0,0 +1,21 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cve: |
INHERIT += "cve-check"
# Allow the runner environment to provide an API key
NVDCVE_API_KEY = "${@d.getVar('BB_ORIGENV').getVar('NVDCVE_API_KEY') or ''}"
# Just show the warnings for our layers
CVE_CHECK_SHOW_WARNINGS = "0"
CVE_CHECK_SHOW_WARNINGS:layer-arm-toolchain = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-bsp = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-systemready = "1"
# Ignore the kernel, we sometime carry kernels in meta-arm
CVE_CHECK_SHOW_WARNINGS:pn-linux-yocto = "0"
+1 -1
View File
@@ -13,5 +13,5 @@ local_conf_header:
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "grub-efi"
QB_DEFAULT_BIOS ??= "QEMU_EFI.fd"
QB_DEFAULT_BIOS = "QEMU_EFI.fd"
WKS_FILE ?= "efi-disk.wks.in"
-27
View File
@@ -1,27 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/fvp-base-ts.yml
- ci/meta-secure-core.yml
repos:
meta-secure-core:
layers:
meta-tpm2:
local_conf_header:
remove_secureboot: |
BBMASK += "efi-secure-boot"
ftpm_sp_test: |
# Include tpm2 related packages
IMAGE_INSTALL:append = " tpm2-tools-tests tpm2-abrmd tpm2-tss"
# Use systemd as the init system, which is required for the tpm2 self-tests
INIT_MANAGER = "systemd"
IMAGE_INSTALL:append = " systemd util-linux"
ts_ftpm_sp: |
MACHINE_FEATURES:append = " ts-ftpm"
RUN_TPM2_TESTS = "1"
-3
View File
@@ -10,6 +10,3 @@ local_conf_header:
networking_failing_tests: |
# These tests currently fail as the wrong IP for the build host is used
TEST_SUITES:remove = "opkg dnf"
target:
- core-image-base
+9 -27
View File
@@ -17,33 +17,15 @@ local_conf_header:
target:
# Target packages to test aarch64
# Nativesdk to test x86-64
# Architecture Envelope Models (AEM) FVPs
- fvp-base-a-aem
- nativesdk-fvp-base-a-aem
# Arm Lumex CSS (Total Compute) FVPs
# These are x86 only... :(
- nativesdk-fvp-tc3
# Automotive FVPs
- fvp-rd1-ae
- nativesdk-fvp-rd1-ae
# Infrastructure FVPs
- fvp-rdv3-r1
- nativesdk-fvp-rdv3-r1
- fvp-rdv2
- nativesdk-fvp-rdv2
- fvp-rdn2
- nativesdk-fvp-rdn2
# IoT FVPs
- fvp-corstone1000
- fvp-rd1-ae
- fvp-v3-r1
# Nativesdk to test x86-64
- nativesdk-fvp-base-a-aem
- nativesdk-fvp-corstone1000
- fvp-corstone1000-a320
- nativesdk-fvp-corstone1000-a320
# Morello FVPs
# TBD
- nativesdk-fvp-rd1-ae
- nativesdk-fvp-v3-r1
# These are x86 only... :(
- nativesdk-fvp-sgi575
- nativesdk-fvp-tc3
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
latest_revisions: |
PREFERRED_VERSION_scp-firmware ?= "git"
PREFERRED_VERSION_trusted-firmware-a ?= "git"
PREFERRED_VERSION_trusted-firmware-m ?= "git"
PREFERRED_VERSION_optee-client ?= "git"
PREFERRED_VERSION_optee-examples ?= "git"
PREFERRED_VERSION_optee-os-tadevkit ?= "git"
PREFERRED_VERSION_optee-os ?= "git"
PREFERRED_VERSION_optee-test ?= "git"
PREFERRED_PROVIDER_u-boot = "u-boot:class-devupstream"
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
latest_revisions: |
PREFERRED_VERSION_trusted-firmware-a ?= "2.10.%"
PREFERRED_VERSION_tf-a-tests ?= "2.10.%"
PREFERRED_VERSION_trusted-firmware-m ?= "2.1.%"
+10
View File
@@ -0,0 +1,10 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
repos:
meta-virtualization:
url: https://git.yoctoproject.org/meta-virtualization
-5
View File
@@ -6,11 +6,6 @@ header:
- ci/base.yml
- ci/meta-openembedded.yml
local_conf_header:
version_for_ci: |
# For better CI coverage, use the LTS version of tf-m
PREFERRED_VERSION_trusted-firmware-m ?= "2.1.%"
machine: musca-b1
target:
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/fvp.yml
local_conf_header:
sshpregen: |
# Allow the use of the pregen keys as this is CI so safe
COMPATIBLE_MACHINE:pn-ssh-pregen-hostkeys:rdv2 = "rdv2"
machine: rdv2
+2 -2
View File
@@ -9,6 +9,6 @@ header:
local_conf_header:
sshpregen: |
# Allow the use of the pregen keys as this is CI so safe
COMPATIBLE_MACHINE:pn-ssh-pregen-hostkeys:rdn2 = "rdn2"
COMPATIBLE_MACHINE:pn-ssh-pregen-hostkeys:sgi575 = "sgi575"
machine: rdn2
machine: sgi575
-2
View File
@@ -9,8 +9,6 @@ local_conf_header:
testimage: |
IMAGE_CLASSES += "testimage"
TESTIMAGE_AUTO = "1"
# Don't testimage initramfs
TESTIMAGE_AUTO:pn-core-image-initramfs-boot = "0"
kvm: |
QEMU_USE_KVM = ""
slirp: |
+1
View File
@@ -39,6 +39,7 @@ local_conf_header:
IMAGE_CLASSES += "sbsign"
UKI_SB_KEY = "${SBSIGN_KEY}"
UKI_SB_CERT = "${SBSIGN_CERT}"
QB_KERNEL_ROOT = ""
IMAGE_BOOT_FILES:remove = "Image"
INITRAMFS_IMAGE = "core-image-initramfs-boot"
+1
View File
@@ -22,6 +22,7 @@ def repo_shortname(url):
repositories = (
"https://git.yoctoproject.org/poky",
"https://git.openembedded.org/meta-openembedded",
"https://git.yoctoproject.org/meta-virtualization",
)
if __name__ == "__main__":
+16
View File
@@ -0,0 +1,16 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-virtualization.yml
- ci/poky-altcfg.yml
local_conf_header:
meta-virt: |
DISTRO_FEATURES:append = " virtualization xen"
sshd: |
IMAGE_FEATURES:append = " ssh-server-openssh"
target:
- xen-image-minimal
-8
View File
@@ -28,13 +28,6 @@ Note that currently meta-arm's `scripts` directory isn't in `PATH`, so a full pa
`runfvp` will automatically start terminals connected to each of the serial ports that the machine specifies. This can be controlled by using the `--terminals` option, for example `--terminals=none` will mean no terminals are started, and `--terminals=tmux` will start the terminals in [`tmux`][tmux] sessions. Alternatively, passing `--console` will connect the serial port directly to the current session, without needing to open further windows.
The tool attempts to automatically select a suitable terminal type. To see which terminal type is selected by default in your environment, run `runfvp --help`.
`runfvp` determines availability by checking for required executables in your PATH as well as environment variables specific to each terminal type. If any of these checks fail, the corresponding terminal type is disabled.
The --help output also lists all currently available terminal types.
When using `-terminals=screen`, `runfvp` must be launched from within an existing [`screen`][screen] session. Normally, screen sets the `STY` environment variable to reference the current session. However, if the session is renamed or if `kas` is started from within the screen session, this value may become invalid or be lost. In such cases, `STY` must be set manually. Use `screen -ls` to view the list of currently attached sessions.
The default terminal can also be configured by writing a [INI-style][INI] configuration file to `~/.config/runfvp.conf`:
```
@@ -146,4 +139,3 @@ FVP_ENV_PASSTHROUGH = "ARMLMD_LICENSE_FILE FM_TRACE_PLUGINS"
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[tmux]: https://tmux.github.io/
[INI]: https://docs.python.org/3/library/configparser.html
[screen]: https://www.gnu.org/software/screen/
+9 -75
View File
@@ -5,31 +5,26 @@ in `meta-arm/recipes-security/trusted-services`
## Secure Partitions recipes
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions, which produce executables and
manifest binaries (DT files) for SPs.
The Secure Partitions are compatible with any SPMC implementation that complies with the FF-A specification. Meta-arm
currently supports OP-TEE SPMC, and when enabled, the Secure Partition binaries are automatically included in the
optee-os image based on the defined MACHINE_FEATURES. For more details bout OP-TEE SPMC please refer to the
[OP-TEE documentation][^6].
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions.
These recipes produce ELF and DTB files for SPs.
These files are automatically included into optee-os image accordingly to defined MACHINE_FEATURES.
### How to include TS SPs
To include TS SPs into the firmware image add the corresponding feature flags to the MACHINE_FEATURES variable for each
[Secure Partition][^2] you would like to include :
To include TS SPs into optee-os image you need to add into MACHINE_FEATURES
features for each [Secure Partition][^2] you would like to include:
| Secure Partition | MACHINE_FEATURE |
| ----------------- | --------------- |
| Attestation | ts-attesation |
| Crypto | ts-crypto |
| Firmware Update | ts-fwu |
| fTPM | ts-ftpm |
| Firmware Update | ts-fwu
| Internal Storage | ts-its |
| Logging | ts-logging |
| Protected Storage | ts-storage |
| se-proxy | ts-se-proxy |
| smm-gateway | ts-smm-gateway |
| spm-test[1-4] | optee-spmc-test |
| Logging | ts-logging |
Other steps depend on your machine/platform definition:
@@ -52,15 +47,6 @@ Other steps depend on your machine/platform definition:
4. Trusted Services supports an SPMC agonistic binary format. To build SPs to this format the `TS_ENV` variable is to be
set to `sp`. The resulting SP binaries should be able to boot under any FF-A v1.1 compliant SPMC implementation.
### Example configurations
The `meta-arm/ci` directory contains various TS focused [KAS][^7] configuration files:
| File name | Description |
|-----------|-------------|
| ci/fvp-base-ts-ftpm.yml |Enabling the fTPM SP on the fvp-base machine|
| ci/fvp-base-ts.yml |TS config for the fvp-base machine|
| ci/qemuarm64-secureboot-ts.yml |TS config for quemuarm64-secureboot machine|
## Normal World applications
@@ -69,7 +55,7 @@ Optionally for testing purposes you can add `packagegroup-ts-tests` into your im
## OEQA Trusted Services tests
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
See `ci/trusted-services.yml` for an example how to include them into an image.
## Configuration options
@@ -77,59 +63,13 @@ See `ci/trusted-services.yml` for an example how to include them into an image.
Some TS recipes support yocto variables to set build configuration. These variables can be set in .conf files (machine
specific or local.conf), or .bbappend files.
### SmmGW SP
The recipe supports the following configuration variables
SmmGW SP recipe supports the following configuration variables
| Variable name | Type | Description |
|-----------------------|------|--------------------------------------------------------------------------------------------------------|
| SMMGW_AUTH_VAR | Bool | Enable Authenticated variable support |
| SMMGW_INTERNAL_CRYPTO | Bool | Use MbedTLS build into SmmGW for authentication related crypto operations. Depends on SMMGW_AUTH_VAR=1 |
fTPM tests are supported by OEQA but are disabled by default due to their lengthy execution time. To enable them, set the RUN_TPM2_TESTS
variable e.g. in local.conf.
The list of supported test cases can be found in the `tests` array in the `meta-arm/recipes-tpm/tpm2-tools/files/tpm2-test-all` script.
These can be ran one-by-one, but currently running all of them by calling `tpm2-test-all` results in a failure of the `tpm2-abmrd` tool.
The tests not supported are listed in the same script under the `Failing tests:` line.
This script was created to meet the needs of the Trusted Services project, but in the future it should be updated to be configurable to
support generic usage. The aforementioned issue shall also be solved, so the supported tests could run together.
### fTPM SP
The fTPM SP is an experimental feature. Please refer to the [TS documentation][^5] for details on limitations.
The current integration enables the fTPM Secure Partition and supports running tpm2-tools tests to verify correct
functionality. Secure Boot and other features that leverage TPM capabilities are not enabled currently.
Configuration variables of the recipe:
| Variable name | Type | Description |
|-----------------------|------|--------------------------------------------------------------------------------------------------------|
| RUN_TPM2_TESTS | Bool | Enable automatic execution of TPM tests from OEQA to verify the TS fTPM SP |
The current integration targeting the fvp-base machine enables fTPM SP and allows running the tests. To reproduce the
build please use `ci/fvp-base-ts-ftpm.yml`. This configuration:
- deploys the SP in the SWd
- amends the Linux kernel configuration:
- enables the tpm-crb driver
- add a patch to allow DTB based discovery
- deploys user-space components (tpm2-tss, tpm2-abrmd, tmp2-tools)
- configures the initialization system to start tpm2-abrmd.
The configuration leverages tpm2 components form meta-secure-core layer.
Validation can be performed by running the script located at `meta-arm/recipes-tpm/tpm2-tools/files/tpm2-test-all`. This
script runs a subset of tpm2 tests. While all tpm2 test pass when executed individually, executing the entire test suite
in a sequence leads to a failure of the `tpm2-abmrd` tool. As a workaround some test cases are disabled in the script.
You can find the list of disabled tests marked under the `Failing tests` section of the script.
Note: tpm2 tests was designed to validate the tpm2 reference stack. Its use for verifying the fTPM SP is not fully
aligned with this intent. As such, the current validation approach is considered “best effort” and is suitable for
development purposes. A more appropriate and comprehensive test suite should be selected for future validation.
------
[^1]: https://trusted-services.readthedocs.io/en/integration/overview/index.html
@@ -139,9 +79,3 @@ development purposes. A more appropriate and comprehensive test suite should be
[^3]: https://trusted-services.readthedocs.io/en/integration/deployments/test-executables.html
[^4]: https://optee.readthedocs.io/en/latest/building/gits/optee_test.html
[^5]: https://trusted-services.readthedocs.io/en/integration/services/tpm-service-description.html
[^6]: https://optee.readthedocs.io/en/latest/architecture/spmc.html
[^7]: https://kas.readthedocs.io
+12
View File
@@ -0,0 +1,12 @@
header:
version: 13
repos:
meta-arm:
layers:
meta-arm-systemready:
distro: nodistro
target:
- arm-systemready-firmware
+12
View File
@@ -0,0 +1,12 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
env:
TESTIMAGE_AUTO: "1"
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
target:
- arm-systemready-ir-acs
@@ -0,0 +1,8 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-debian
@@ -0,0 +1,8 @@
header:
version: 16
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-fedora
@@ -0,0 +1,8 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-opensuse
@@ -0,0 +1,11 @@
header:
version: 16
env:
DISTRO_UNATTENDED_INST_TESTS:
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
local_conf_header:
systemready-unattended-inst: |
TESTIMAGE_AUTO = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "1", "", d)}"
-22
View File
@@ -1,22 +0,0 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
local_conf_header:
testimagefvp: |
IMAGE_CLASSES += "fvpboot"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
machine: corstone1000-a320-fvp
+19
View File
@@ -0,0 +1,19 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
a320: |
MACHINE_FEATURES += "cortexa320"
OVERRIDES .= ":cortexa320"
repos:
meta-ethos:
url: https://gitlab.arm.com/iot/meta-ethos.git
branch: whinlatter
commit: b919565c36b89af2ba61cc28024da633a9fae0da
meta-sca:
url: https://github.com/priv-kweihmann/meta-sca.git
branch: master
commit: e68f1a9d17553a2a1b5b20962749f90482112a3f
+6 -7
View File
@@ -5,25 +5,24 @@ distro: poky
defaults:
repos:
branch: wrynose
branch: master
repos:
bitbake:
url: https://git.openembedded.org/bitbake
branch: "2.18"
commit: 22021758e66737bcf68dfd2b74adc6a0cb1d42d9
commit: 0dde1a3ff852be057be40d17f233ecca19e7b389
layers:
bitbake: disabled
core:
url: https://git.openembedded.org/openembedded-core
commit: 06dd66e6220e5ce4ed4b9af4d8231ae5f0a8ce80
commit: 4bd920ad7d7279020ea6e561d0584ae70f33f751
layers:
meta:
meta-yocto:
url: https://git.yoctoproject.org/meta-yocto
commit: 8251bdad5fda780a000fb41e6eda82eadf0fa39e
commit: b3b659263566c4d2f2813190e72d93f8598a4c47
layers:
meta-poky:
@@ -35,7 +34,7 @@ repos:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
commit: 9af4488d46cb4fd4c0d2d64820c86225ebd6ac71
commit: fc0152e434307b98e1d16251f92ed81ac617c1db
layers:
meta-oe:
meta-python:
@@ -43,7 +42,7 @@ repos:
meta-secure-core:
url: https://github.com/wind-river/meta-secure-core.git
commit: 07a99ae241acd488a2feda1ededf87dc70dfde80
commit: 63209fb1500cee88d5d4d74669bce4b613c03ff7
layers:
meta-secure-core-common:
meta-signing-key:
@@ -4,5 +4,5 @@ header:
version: 14
local_conf_header:
multicore: |
MACHINE_FEATURES += "corstone1000_smp"
fvp-multicore: |
MACHINE_FEATURES += "corstone1000_fvp_smp"
-13
View File
@@ -1,13 +0,0 @@
header:
version: 14
includes:
- ci/debug.yml
local_conf_header:
sshd: |
IMAGE_FEATURES += "ssh-server-dropbear"
fvp_sshkeys: |
CORE_IMAGE_EXTRA_INSTALL:append = " ssh-pregen-hostkeys"
target:
- core-image-minimal
+7 -1
View File
@@ -9,17 +9,23 @@ BBFILE_COLLECTIONS += "meta-arm-bsp"
BBFILE_PATTERN_meta-arm-bsp = "^${LAYERDIR}/"
BBFILE_PRIORITY_meta-arm-bsp = "5"
LAYERSERIES_COMPAT_meta-arm-bsp = "wrynose"
LAYERSERIES_COMPAT_meta-arm-bsp = "walnascar whinlatter"
LAYERDEPENDS_meta-arm-bsp = "core meta-arm"
# This won't be used by layerindex-fetch, but works everywhere else
LAYERDEPENDS_meta-arm-bsp:append:corstone1000 = " meta-python openembedded-layer efi-secure-boot"
LAYERDEPENDS_meta-arm-bsp:append:corstone1000:cortexa320 = " meta-ethos"
LAYERDEPENDS_meta-arm-bsp:append:musca-b1 = " meta-python"
LAYERDEPENDS_meta-arm-bsp:append:musca-s1 = " meta-python"
# Additional license directories.
LICENSE_PATH += "${LAYERDIR}/custom-licenses"
BBFILES_DYNAMIC += " \
meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bb \
meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bbappend \
"
WARN_QA:append:layer-meta-arm-bsp = " patch-status"
addpylib ${LAYERDIR}/lib oeqa
@@ -1,17 +0,0 @@
#@TYPE: Machine
#@NAME: corstone1000-a320-fvp machine
#@DESCRIPTION: Machine configuration for Corstone1000 64-bit FVP with A320 CPU
require conf/machine/include/corstone1000-a320.inc
require conf/machine/corstone1000-fvp.conf
# Ethos-U85 FVP configuration
ETHOSU_NUM_MACS ?= "256"
FVP_CONFIG[host.ethosu.num_macs] = "${ETHOSU_NUM_MACS}"
# Reuse FVP recipe overrides
MACHINEOVERRIDES .= ":corstone1000-fvp"
# Override FVP executable provider and executable name.
FVP_PROVIDER:corstone1000-a320-fvp ??= "fvp-corstone1000-a320-native"
FVP_EXE:corstone1000-a320-fvp = "FVP_Corstone-1000-A320"
@@ -6,14 +6,15 @@ require conf/machine/include/corstone1000.inc
require ${@bb.utils.contains('MACHINE_FEATURES', 'corstone1000-extsys', \
'conf/machine/include/corstone1000-extsys.inc', '', d)}
require ${@bb.utils.contains('MACHINE_FEATURES', 'cortexa320', \
'conf/machine/include/corstone1000-a320.inc', '', d)}
TFA_TARGET_PLATFORM = "fvp"
TFM_PLATFORM_IS_FVP = "TRUE"
CORSTONE_1000_TYPE = "CORSTONE_1000_TYPE_CORTEX_A35_FVP"
WKS_FILE:firmware ?= "corstone1000-flash-firmware-fvp.wks.in"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
@@ -22,6 +23,7 @@ DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices"
# FVP Config
FVP_PROVIDER ?= "fvp-corstone1000-native"
FVP_EXE ?= "FVP_Corstone-1000"
FVP_EXE:cortexa320 = "FVP_Corstone-1000-A320"
FVP_CONSOLES[default] = "host_terminal_0"
FVP_CONSOLES[tf-a] = "host_terminal_1"
FVP_CONSOLES[se] = "secenc_terminal"
@@ -30,7 +32,7 @@ FVP_CONSOLES[se] = "secenc_terminal"
FASTSIM_DISABLE_TA = "0"
# FVP Parameters
FVP_CONFIG[se.trustedBootROMloader.fname] ?= "trusted-firmware-m/bl1.bin"
FVP_CONFIG[se.trustedBootROMloader.fname] ?= "bl1.bin"
FVP_CONFIG[board.xnvm_size] ?= "64"
FVP_CONFIG[se.trustedSRAM_config] ?= "6"
FVP_CONFIG[se.BootROM_config] ?= "3"
@@ -10,5 +10,3 @@ TFA_TARGET_PLATFORM = "fpga"
MACHINE_FEATURES += "coresight"
CORSTONE_1000_TYPE = "CORSTONE_1000_TYPE_CORTEX_A35_MPS3"
WKS_FILE:firmware ?= "corstone1000-flash-firmware-mps3.wks.in"
+2 -2
View File
@@ -58,8 +58,8 @@ FVP_CONFIG[cluster0.check_memory_attributes] ?= "0"
FVP_CONFIG[cluster1.check_memory_attributes] ?= "0"
FVP_CONFIG[cluster0.stage12_tlb_size] ?= "1024"
FVP_CONFIG[cluster1.stage12_tlb_size] ?= "1024"
FVP_CONFIG[bp.secureflashloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[bp.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[bp.secureflashloader.fname] ?= "bl1-fvp.bin"
FVP_CONFIG[bp.flashloader0.fname] ?= "fip-fvp.bin"
FVP_CONFIG[bp.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic"
# FVP Base default is 8.0, so there is no has_arm_v8-0 for it. However, this is needed for every version after. So set this accordingly
@@ -1,4 +1,5 @@
# Cortex-A320 variant of the Corstone-1000 platform.
MACHINEOVERRIDES =. "corstone1000-a320:"
MACHINE_FEATURES += "cortexa320"
OVERRIDES .= ":cortexa320"
ETHOSU_NUM_MACS ?= "256"
FVP_CONFIG[host.ethosu.num_macs] = "${ETHOSU_NUM_MACS}"
IMAGE_INSTALL:append = " arm-npu-ethosu"
@@ -5,19 +5,19 @@ require ${TUNE_FILE}
MACHINEOVERRIDES =. "corstone1000:"
# TF-M
PREFERRED_VERSION_trusted-firmware-m ?= "2.2.%"
PREFERRED_VERSION_trusted-firmware-m ?= "2.2.1"
# TF-A
TFA_PLATFORM = "corstone1000"
PREFERRED_VERSION_trusted-firmware-a ?= "2.14.%"
PREFERRED_VERSION_tf-a-tests ?= "2.14.%"
PREFERRED_VERSION_trusted-firmware-a ?= "2.13.%"
PREFERRED_VERSION_tf-a-tests ?= "2.13.%"
TFA_BL2_BINARY = "bl2-corstone1000.bin"
TFA_FIP_BINARY = "fip-corstone1000.bin"
# optee
PREFERRED_VERSION_optee-os ?= "4.9.%"
PREFERRED_VERSION_optee-client ?= "4.9.%"
PREFERRED_VERSION_optee-os ?= "4.7.%"
PREFERRED_VERSION_optee-client ?= "4.7.%"
# Trusted Services
TS_PLATFORM = "arm/corstone1000"
@@ -26,7 +26,7 @@ TS_SP_SE_PROXY_CONFIG = "corstone1000"
MACHINE_FEATURES += "ts-smm-gateway ts-se-proxy"
# U-Boot
PREFERRED_VERSION_u-boot ?= "2025.10"
PREFERRED_VERSION_u-boot ?= "2025.04%"
MACHINE_FEATURES += "efi"
EFI_PROVIDER ?= "grub-efi"
@@ -37,7 +37,7 @@ IMAGE_CMD:wic[vardeps] += "GRUB_LINUX_APPEND"
# Linux kernel
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
PREFERRED_VERSION_linux-yocto ?= "6.19%"
PREFERRED_VERSION_linux-yocto ?= "6.12.%"
KERNEL_IMAGETYPE = "Image"
KERNEL_IMAGETYPE:firmware = "Image.gz"
# add FF-A support in the kernel
@@ -52,6 +52,7 @@ IMAGE_FSTYPES += "wic"
# Need to clear the suffix so TESTIMAGE_AUTO works
IMAGE_NAME_SUFFIX = ""
WKS_FILE ?= "efi-disk-no-swap.wks.in"
WKS_FILE:firmware ?= "corstone1000-flash-firmware.wks.in"
# making sure EXTRA_IMAGEDEPENDS will be used while creating the image
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
-58
View File
@@ -1,58 +0,0 @@
# Configuration for Arm Neoverse N2 Reference Design development board
#@TYPE: Machine
#@NAME: RD N2
#@DESCRIPTION: Machine configuration for RD N2
require conf/machine/include/arm/armv9a/tune-neoversen2.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA2"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES:forcevariable = "cpio.gz wic"
IMAGE_NAME_SUFFIX = ""
IMAGE_CLASSES += "fvpboot"
WKS_FILE ?= "efi-disk.wks.in"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices"
TEST_FVP_DEVICES ?= "watchdog networking"
# FVP Config
FVP_PROVIDER ?= "fvp-rdn2-native"
FVP_EXE ?= "FVP_RD_N2"
FVP_DATA ?= "css.scp.armcortexm7ct=scp-firmware/scp_ramfw.bin@0x0BD80000 \
css.mcp.armcortexm7ct=scp-firmware/mcp_ramfw.bin@0x0BF80000"
FVP_CONFIG[css.gic_distributor.ITS-device-bits] ?= "20"
FVP_CONFIG[css.mcp.ROMloader.fname] ?= "scp-firmware/mcp_romfw.bin"
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp-firmware/scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[board.dram_size] ?= "0x200000000"
# Virtio configuration
FVP_CONFIG[board.virtio_net.enabled] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] = "2222=22"
FVP_CONFIG[board.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic"
FVP_CONSOLES[default] = "terminal_ns_uart_ap"
FVP_TERMINALS[css.scp.terminal_uart_scp] ?= "SCP Console"
FVP_TERMINALS[css.mcp.terminal_uart_mcp] ?= "MCP Console"
FVP_TERMINALS[css.terminal_ns_uart_ap] ?= "NS Console"
FVP_TERMINALS[css.terminal_s_uart_ap] ?= "S Console"
-60
View File
@@ -1,60 +0,0 @@
# Configuration for Arm Neoverse V2 Reference Design development board
#@TYPE: Machine
#@NAME: RD V2
#@DESCRIPTION: Machine configuration for RD V2
#FIXME - doesn't boot with armv9 tunes
#require conf/machine/include/arm/arch-armv9a.inc
require conf/machine/include/arm/arch-armv8a.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA2"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES:forcevariable = "cpio.gz wic"
IMAGE_NAME_SUFFIX = ""
IMAGE_CLASSES += "fvpboot"
WKS_FILE ?= "efi-disk.wks.in"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
# testimage config
TEST_TARGET = "OEFVPTarget"
TEST_TARGET_IP = "127.0.0.1:2222"
DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices"
TEST_FVP_DEVICES ?= "watchdog networking"
# FVP Config
FVP_PROVIDER ?= "fvp-rdv2-native"
FVP_EXE ?= "FVP_RD_V2"
FVP_DATA ?= "css.scp.armcortexm7ct=scp-firmware/scp_ramfw.bin@0x0BD80000 \
css.mcp.armcortexm7ct=scp-firmware/mcp_ramfw.bin@0x0BF80000"
FVP_CONFIG[css.gic_distributor.ITS-device-bits] ?= "20"
FVP_CONFIG[css.mcp.ROMloader.fname] ?= "scp-firmware/mcp_romfw.bin"
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp-firmware/scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "trusted-firmware-a/bl1.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "trusted-firmware-a/fip.bin"
FVP_CONFIG[board.dram_size] ?= "0x200000000"
# Virtio configuration
FVP_CONFIG[board.virtio_net.enabled] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] = "2222=22"
FVP_CONFIG[board.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic"
FVP_CONSOLES[default] = "terminal_ns_uart_ap"
FVP_TERMINALS[css.scp.terminal_uart_scp] ?= "SCP Console"
FVP_TERMINALS[css.mcp.terminal_uart_mcp] ?= "MCP Console"
FVP_TERMINALS[css.terminal_ns_uart_ap] ?= "NS Console"
FVP_TERMINALS[css.terminal_s_uart_ap] ?= "S Console"
+5 -2
View File
@@ -26,18 +26,21 @@ EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boo
SERIAL_CONSOLES ?= "115200;ttyAMA0 115200;hvc0"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
# FIXME - Currently seeing a kernel warning for the CPU topology when bumping
# the version past this. The issue is being tracked in
# https://github.com/tianocore/edk2-platforms/issues/752
PREFERRED_VERSION_edk2-firmware ?= "202408%"
QB_SYSTEM_NAME = "qemu-system-aarch64"
QB_MACHINE = "-machine sbsa-ref"
QB_CPU = "-cpu neoverse-n2"
QB_SMP = "-smp 4"
QB_MEM = "-m 1024"
QB_DEFAULT_FSTYPE = "wic.qcow2"
QB_NETWORK_DEVICE = "-device e1000e,netdev=net0,mac=@MAC@"
QB_DRIVE_TYPE = "/dev/hd"
QB_ROOTFS_OPT = "-drive file=@ROOTFS@,if=ide,format=qcow2"
QB_DEFAULT_KERNEL = "none"
QB_OPT_APPEND = "-device usb-tablet -device usb-kbd -drive if=pflash,format=raw,unit=0,readonly=on,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH0.fd -drive if=pflash,format=raw,unit=1,readonly=on,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH1.fd"
QB_OPT_APPEND = "-device usb-tablet -device usb-kbd -drive if=pflash,format=raw,unit=0,readonly,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH0.fd -drive if=pflash,format=raw,unit=1,readonly,file=@DEPLOY_DIR_IMAGE@/SBSA_FLASH1.fd"
QB_SERIAL_OPT = "-device virtio-serial-pci -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
QB_TCPSERIAL_OPT = "-device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
# sbsa-ref is a true virtual machine so can't use KVM
+65
View File
@@ -0,0 +1,65 @@
# Configuration for Arm SGI575 development board
#@TYPE: Machine
#@NAME: SGI575
#@DESCRIPTION: Machine configuration for SGI575
require conf/machine/include/arm/armv8-2a/tune-cortexa75.inc
EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a"
# 2.13.0 removes support for sgi575
PREFERRED_VERSION_trusted-firmware-a ?= "2.12.%"
KERNEL_IMAGETYPE ?= "Image"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
SERIAL_CONSOLES = "115200;ttyAMA0"
EFI_PROVIDER ?= "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
MACHINE_FEATURES += "efi"
IMAGE_FSTYPES += "cpio.gz wic"
IMAGE_NAME_SUFFIX = ""
IMAGE_CLASSES += "fvpboot"
WKS_FILE ?= "efi-disk.wks.in"
WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}"
# testimage config
TEST_TARGET = "OEFVPTarget"
#TEST_TARGET_IP = "127.0.0.1:222"
TEST_SUITES = "fvp_boot"
# FVP Config
FVP_PROVIDER ?= "fvp-sgi575-native"
FVP_EXE ?= "FVP_CSS_SGI-575"
# Virtio-Net configuration
FVP_CONFIG[board.virtio_net.enabled] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "1"
FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] = "2222=22"
FVP_CONFIG[board.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic"
#FVP_CONFIG[cache_state_modelled] ?= "0"
FVP_CONFIG[css.cmn600.mesh_config_file] = "SGI-575_cmn600.yml"
FVP_CONFIG[css.cmn600.force_rnsam_internal] ?= "false"
FVP_CONFIG[css.gic_distributor.ITS-device-bits] ?= "20"
FVP_DATA ?= "css.scp.armcortexm7ct=scp_ramfw.bin@0x0BD80000"
FVP_CONFIG[css.mcp.ROMloader.fname] ?= "mcp_romfw.bin"
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "bl1-sgi575.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "fip-sgi575.bin"
FVP_CONSOLES[default] = "terminal_uart_ap"
FVP_TERMINALS[css.scp.terminal_uart_aon] ?= "SCP Console"
FVP_TERMINALS[css.mcp.terminal_uart0] ?= ""
FVP_TERMINALS[css.mcp.terminal_uart1] ?= ""
FVP_TERMINALS[css.terminal_uart_ap] ?= "Console"
FVP_TERMINALS[css.terminal_uart1_ap] ?= ""
FVP_TERMINALS[soc.terminal_s0] ?= ""
FVP_TERMINALS[soc.terminal_s1] ?= ""
FVP_TERMINALS[soc.terminal_mcp] ?= ""
FVP_TERMINALS[board.terminal_0] ?= ""
FVP_TERMINALS[board.terminal_1] ?= ""
@@ -1,12 +0,0 @@
version: 2
build:
os: "ubuntu-22.04"
tools:
python: "3.9"
sphinx:
configuration: meta-arm-bsp/documentation/corstone1000-a320/conf.py
formats:
- pdf
python:
install:
- requirements: meta-arm-bsp/documentation/requirements.txt
@@ -1,117 +0,0 @@
# SPDX-FileCopyrightText: <text>Copyright 2026 Arm Limited and/or its
# affiliates <open-source-office@arm.com></text>
#
# SPDX-License-Identifier: MIT
# Configuration file for the Sphinx documentation builder.
#
# This file only contains a selection of the most common options. For a full
# list see the documentation:
# https://www.sphinx-doc.org/en/master/usage/configuration.html
# -- Path setup --------------------------------------------------------------
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
#
# sys.path.insert(0, os.path.abspath('.'))
import os
import re
import sys
import yaml
# Append the documentation directory to the path, so we can import variables
sys.path.append(os.path.dirname(__file__))
_metadata_path = os.path.join(os.path.dirname(__file__), 'corstone-a320_metadata.yaml')
with open(_metadata_path, encoding='utf-8') as metadata_file:
_metadata = yaml.safe_load(metadata_file) or {}
_metadata_variables = {
item['name']: item['value']
for item in _metadata.get('variables', [])
if item.get('name') and item.get('value')
}
# -- Project information -----------------------------------------------------
project = 'Corstone-1000 Armv9-A Edge-AI'
copyright = '2026, Arm Limited'
author = 'Arm Limited'
# -- General configuration ---------------------------------------------------
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
'myst_parser',
'sphinx_rtd_theme',
]
source_suffix = {
'.rst': 'restructuredtext',
'.md': 'markdown',
}
myst_enable_extensions = [
'colon_fence',
]
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
# This pattern also affects html_static_path and html_extra_path.
exclude_patterns = [
'_build',
'Thumbs.db',
'.DS_Store',
'docs/infra',
'corstone-a320_map.md',
'corstone-a320_metadata.yaml',
]
# -- Options for HTML output -------------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
#
html_theme = 'sphinx_rtd_theme'
html_theme_options = {
'flyout_display': 'attached',
}
# Define the canonical URL if you are using a custom domain on Read the Docs
html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")
# Tell Jinja2 templates the build is running on Read the Docs
if os.environ.get("READTHEDOCS", "") == "True":
if "html_context" not in globals():
html_context = {}
html_context["READTHEDOCS"] = True
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
#html_static_path = ['_static']
def _replace_metadata_variables(app, docname, source):
source[0] = re.sub(
r'\$([A-Za-z0-9_]+)',
lambda match: _metadata_variables.get(match.group(1), match.group(0)),
source[0],
)
def setup(app):
app.connect('source-read', _replace_metadata_variables)
@@ -1,6 +0,0 @@
- topics/introducing.md
- topics/software-architecture.md
- topics/user-guide.md
- topics/tests.md
- topics/release-notes.md
- topics/change-log.md
@@ -1,106 +0,0 @@
---
title: Corstone-1000 with Cortex-A320
subtitle: ""
abstract: Arm Corstone-1000 with Cortex-A320 is a reference solution for IoT devices. It is part of Total Solution for IoT which consists of hardware and software reference implementation.
author: Arm
status: REL
keywords: [IoT, software]
bookpartno: 112000
product: Corstone-1000 with Cortex-A320
product_type: Open Source Projects
product_revision:
- prefix: Version
version: "0101"
version_label: "2026.02"
output_type: "software"
conformance_notice: "true"
content_type: User Guide
audience:
- Software Developers
categories:
- IoT
themes:
- IoT
intended_audience: Software Developers
terminology_review: new
releases:
- revision: 0100-01
date: 2026-05-01
change_summary: Update
permissions: nonconfidential
variables:
- name: arm_developer_cs1000_website
value: 'https://developer.arm.com/Tools%20and%20Software/Corstone-1000%20Software'
- name: arm_developer_cs1000_search
value: 'https://developer.arm.com/search#q=corstone-1000'
- name: arm_developer_mhu_website
value: 'https://developer.arm.com/documentation/ka005129/latest/#:~:text=An%20MHU%20is%20a%20device,that%20a%20message%20is%20available'
- name: arm_developer_secureboot_website
value: 'https://developer.arm.com/documentation/PRD29-GENC-009492/c/TrustZone-Software-Architecture/Booting-a-secure-system/Secure-boot'
- name: arm_architecture_security_features_platform_security
value: 'https://www.arm.com/architecture/security-features/platform-security'
- name: linux_repository
value: 'https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/'
- name: arm_trustzone_for_cortex_a_website
value: 'https://www.arm.com/technologies/trustzone-for-cortex-a'
- name: arm_fmw_framework_a_profile_pdf
value: 'https://developer.arm.com/documentation/den0077/latest'
- name: arm_fmw_framework_m_profile_pdf
value: 'https://developer.arm.com/architectures/Firmware%20Framework%20for%20M-Profile'
- name: platform_security_fwu_for_a_profile_pdf
value: 'https://developer.arm.com/documentation/den0118/a/'
- name: psa_firmware_update_ihi_0093_api_reference_website
value: 'https://arm-software.github.io/psa-api/fwu/1.0/api/api.html'
- name: edk2_capsule_generation_tool_repository
value: 'https://github.com/tianocore/edk2/blob/master/BaseTools/Source/Python/Capsule/GenerateCapsule.py'
- name: psa_fwu_den0018_specification_website
value: 'https://developer.arm.com/documentation/den0118/latest/'
- name: ts_psa_fwu_service_website
value: 'https://trusted-services.readthedocs.io/en/stable/services/fwu/psa-fwu-m.html'
- name: tfm_shim_layer_website
value: 'https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/services/tfm_fwu_service.html#shim-layer-between-fwu-and-bootloader'
- name: op_tee_os_repository
value: 'https://github.com/OP-TEE/optee_os'
- name: psa_certified_website
value: 'https://www.psacertified.org/'
- name: psa_l2_ready
value: 'https://www.psacertified.org/products/corstone-1000/'
- name: systemready_ir_certification
value: 'https://armkeil.blob.core.windows.net/developer/Files/pdf/certificate-list/arm-systemready-ve-arm-neoverse.pdf'
- name: trusted_board_boot_requirements_client_pdf
value: 'https://developer.arm.com/documentation/den0006/latest'
- name: trusted_firmware_m_website
value: 'https://www.trustedfirmware.org/projects/tf-m/'
- name: trusted_firmware_m_bl1_website
value: 'https://trustedfirmware-m.readthedocs.io/en/latest/design_docs/booting/bl1.html'
- name: trusted_firmware_a_bl2_website
value: 'https://developer.arm.com/documentation/108028/0000/RD-TC22-software/Software-components/AP-firmware/Trusted-firmware-A-BL2'
- name: trusted_firmware_a_fip_guide
value: 'https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#firmware-image-package-fip'
- name: trusted_services_website
value: 'https://www.trustedfirmware.org/projects/trusted-services/'
- name: trusted_services_uefi_smm_website
value: 'https://trusted-services.readthedocs.io/en/integration/services/uefi-smm-services.html#'
- name: das_u_boot_repository
value: 'https://github.com/u-boot/u-boot.git'
- name: keil_rtx5_website
value: 'https://developer.arm.com/Tools%20and%20Software/Keil%20MDK/RTX5%20RTOS'
- name: ppa_website
value: 'https://developer.arm.com/documentation/102738/0100/Power--performance--and-area-analysis'
- name: mcuboot_website
value: 'https://docs.mcuboot.com/'
- name: arm_developer_fvp
value: 'https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps'
- name: secure_debug_manager_repo_readme
value: 'https://github.com/ARM-software/secure-debug-manager/tree/master?tab=readme-ov-file#secure-debug-manager-psa-adac--sdc-600'
- name: secure_debug_manager_armds_integration
value: 'https://github.com/ARM-software/secure-debug-manager?tab=readme-ov-file#arm-development-studio-integration'
- name: meta_arm_repository_release_branch
value: 'https://docs.yoctoproject.org/next/migration-guides/migration-6.0.html'
- name: arm_ulink_pro_website
value: 'https://www.arm.com/products/development-tools/debug-probes/ulink-pro'
- name: arm_ds_website
value: 'https://www.arm.com/products/development-tools/embedded-and-software/arm-development-studio'
- name: edk2_repository
value: 'https://github.com/tianocore/edk2'
Binary file not shown.

Before

Width:  |  Height:  |  Size: 77 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 58 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 16 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 86 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 60 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 69 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 46 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 65 KiB

@@ -1,12 +0,0 @@
# Corstone-1000 Armv9-A Edge-AI
```{toctree}
:maxdepth: 2
topics/introducing
topics/software-architecture
topics/user-guide
topics/tests
topics/release-notes
topics/change-log
```
@@ -1,150 +0,0 @@
# Change log {.chapter permissions=non-confidential}
This document contains a summary of the new features, changes and fixes in each release of the Corstone-1000 with Cortex-A320 software stack.
## Version 2026.05 {.reference}
The following changes are present in this release:
- Continued Corstone-1000 with Cortex-A320 enablement across U-Boot, TF-A, TF-M, OP-TEE, and Linux with the split A320 device tree, GIC-700 support, Ethos-U85 DT alignment, and NPU reset via the external-system controller.
- Enabled and documented FVP SMP builds and platform-agnostic multicore support, including the errata override fixes for Corstone-1000 with Cortex-A320 and removal of the reboot workaround note.
- Split Corstone-1000 with Cortex-A320 FVP support into a dedicated machine configuration and standalone documentation.
### Corstone-1000 with Cortex-A320 components versions {.reference}
The following component versions are available:
Table: Corstone-1000 with Cortex-A320 component versions
+----------------------------------------+-----------------------------------+
| Component | Version |
+========================================+===================================+
| linux-yocto | 6.19 |
+----------------------------------------+-----------------------------------+
| u-boot | 2025.10 |
+----------------------------------------+-----------------------------------+
| external-system | 0.1.0 |
+----------------------------------------+-----------------------------------+
| optee-client | 4.9.0 |
+----------------------------------------+-----------------------------------+
| optee-os | 4.9.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-a | 2.14.1 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-m | 2.2.2 |
+----------------------------------------+-----------------------------------+
| libts | v1.3.0 |
+----------------------------------------+-----------------------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.3.0 |
+----------------------------------------+-----------------------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+----------------------------------------+-----------------------------------+
### Yocto distribution components versions {.reference}
The following Yocto distribution components versions are available:
Table: Yocto distribution component versions
+-------------------+------------+
| Component | Version |
+===================+============+
| meta-arm | wrynose |
+-------------------+------------+
| bitbake | 22021758e6 |
+-------------------+------------+
| meta-openembedded | 9af4488d46 |
+-------------------+------------+
| openembedded-core | 06dd66e622 |
+-------------------+------------+
| meta-yocto | 8251bdad5f |
+-------------------+------------+
| meta-secure-core | 07a99ae241 |
+-------------------+------------+
| busybox | 1.37.0 |
+-------------------+------------+
| musl | 1.2.6 |
+-------------------+------------+
| gcc-arm-none-eabi | 15.2.rel1 |
+-------------------+------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------+------------+
| openssl | 3.5.6 |
+-------------------+------------+
## Version 2025.12 {.reference}
The following changes are present in this release:
- Delivered end-to-end Cortex-A320 enablement across U-Boot, TF-A, TF-M, OP-TEE, Yocto machine layers, and documentation, including device-tree updates, MPIDR handling, and FVP model renaming.
- Rolled out the PSA Firmware Update (DEN0118) pipeline: U-Boot capsule parsing, Bootloader Abstraction Layer in TF-M, ESRT exposure, and Trusted Services IPC bridges replacing legacy capsule code.
- Hardened the new firmware update flow with EFI self-tests, metadata restructuring for partial and multi-image acceptance, and RSE-COMMS gating refinements.
- Upgraded key firmware components (TF-A 2.13.0, TF-M 2.2.1, Trusted Services 1.2.0, OP-TEE OS 4.7.0) and introduced targeted test skips plus integer-only build modes to keep validation green.
- Cleaned and renumbered downstream patch series across Trusted Services and TF-M while removing obsolete integrations to align with upstream baselines.
- Refreshed release material and architecture guides to describe the A320 profile, PSA FWU behavior, and updated software stack.
- Added KAS profiles, machine includes, and automated FVP selection logic to streamline developer workflows for the refreshed platform configuration.
### Corstone-1000 with Cortex-A320 components versions {.reference}
The following component versions are available:
Table: Corstone-1000 with Cortex-A320 component versions
+----------------------------------------+-----------------------------------+
| Component | Version |
+========================================+===================================+
| linux-yocto | 6.12.60 |
+----------------------------------------+-----------------------------------+
| u-boot | 2025.04 |
+----------------------------------------+-----------------------------------+
| optee-client | 4.7.0 |
+----------------------------------------+-----------------------------------+
| optee-os | 4.7.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-a | 2.13.0 |
+----------------------------------------+-----------------------------------+
| trusted-firmware-m | 2.2.1 |
+----------------------------------------+-----------------------------------+
| libts | v1.2.0 |
+----------------------------------------+-----------------------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.2.0 |
+----------------------------------------+-----------------------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+----------------------------------------+-----------------------------------+
### Yocto distribution components versions {.reference}
The following Yocto distribution components versions are available:
Table: Yocto distribution component versions
+-------------------+------------+
| Component | Version |
+===================+============+
| meta-arm | whinlatter |
+-------------------+------------+
| bitbake | 0dde1a3ff8 |
+-------------------+------------+
| meta-openembedded | fc0152e434 |
+-------------------+------------+
| openembedded-core | 4bd920ad7d |
+-------------------+------------+
| meta-yocto | b3b6592635 |
+-------------------+------------+
| meta-secure-core | 63209fb150 |
+-------------------+------------+
| meta-ethos | aa2504a32f |
+-------------------+------------+
| meta-sca | e68f1a9d17 |
+-------------------+------------+
| busybox | 1.37.0 |
+-------------------+------------+
| musl | 1.2.5 |
+-------------------+------------+
| gcc-arm-none-eabi | 13.3.rel1 |
+-------------------+------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------+------------+
| openssl | 3.5.4 |
+-------------------+------------+
@@ -1,14 +0,0 @@
# Introduction {.chapter permissions=non-confidential}
Arm Corstone-1000 with Cortex-A320 is a reference solution for IoT devices
based on Arm Corstone-1000, but with Cortex-A320 CPU, Ethos-U85 NPU and
GIC700 (Generic Interrupt Controller). It is part of Total Solution
for IoT which consists of hardware and software reference implementations.
## Disclaimer {.reference}
Arm reference solutions are Arm public example software projects that track and
pull upstream components, incorporating their respective security fixes
published over time. Arm partners are responsible for ensuring that the
components they use contain all the required security fixes, if and when they
deploy a product derived from Arm reference solutions.
@@ -1,40 +0,0 @@
# Release notes {.chapter permissions=non-confidential}
You expressly assume all liabilities and risks relating to your use or operation
of your software and hardware designed or modified using the Arm Tools,
including without limitation, your software or hardware designed or
intended for safety-critical applications. Should your software or hardware
prove defective, you assume the entire cost of all necessary servicing, repair
or correction.
## Release notes - 2026.05 {.reference}
The following knowns issues and limitations are present in this release:
- Crypto isolation is not supported in the Secure world of Corstone-1000. Additionally, clients in
the Normal world are not isolated from one another. Therefore, if an end user wants to add a new
Secure Partition (SP) (such as a software TPM) that accesses the Crypto service via the SE-Proxy,
they are responsible for implementing their own isolation mechanisms to ensure proper security boundaries.
- DSTREAM debug probe may experience unreliable USB connectivity when used with Arm DS for secure debug.
This issue is under active investigation, and we are working to identify and resolve compatibility issues in a future update.
As a more stable alternative, the ULINKpro debug probe is recommended for use with Corstone-1000 in secure debug scenarios.
## Release notes - 2025.12 {.reference}
The following knowns issues and limitations are present in this release:
- Corstone-1000 with Cortex-A320 FVP does not currently support Symmetric Multiprocessing
- Corstone-1000 with Cortex-A320 FVP becomes unresponsive when the Linux kernel driver for the Ethos-U85 NPU loads automatically after a software reboot.
- Crypto isolation is not supported in the Secure world of Corstone-1000. Additionally, clients in
the Normal world are not isolated from one another. Therefore, if an end user wants to add a new
Secure Partition (SP) (such as a software TPM) that accesses the Crypto service via the SE-Proxy,
they are responsible for implementing their own isolation mechanisms to ensure proper security boundaries.
- DSTREAM debug probe may experience unreliable USB connectivity when used with Arm DS for secure debug.
This issue is under active investigation, and we are working to identify and resolve compatibility issues in a future update.
As a more stable alternative, the ULINKpro debug probe is recommended for use with Corstone-1000 in secure debug scenarios.
## Support {.reference}
For technical support, email [Arm subsystem support](mailto:support-subsystem-iot@arm.com).
For security issues, contact [Arm Security](mailto:psirt@arm.com).
@@ -1,311 +0,0 @@
# Software architecture {.chapter permissions=non-confidential}
The combination of Corstone-1000 software and hardware reference solution is [PSA Level-2 ready certified]($psa_l2_ready) as well as [Arm SystemReady Devicetree certified]($systemready_ir_certification). Please rely on the Corstone-1000 platform for certification needs.
More information on the Corstone-1000 subsystems product(s), variants and design can be
found on [Arm Developer]($arm_developer_cs1000_website).
This document explicitly focuses on the software part of the solution and
provides internal details on the software components. The reference
software package of the platform can be retrieved following instructions
present in the user guide document.
## Design overview {.reference}
This variant of the Corstone-1000 platform replaces the Host System's Cortex-A35
processor with a Cortex-A320. In this configuration, the optional External System
(previously a Cortex-M3) is replaced by an Arm Ethos-U85 Neural Processing Unit (NPU).
The Ethos-U85 runs in the direct drive configuration, where the Host System is
responsible for managing the NPU directly.
![Cortex-A320 subsystems](../images/CorstoneA320Subsystems.png)
## Secure boot chain {.reference}
For the security of a device, it is essential that only authorized
software should run on the device.
The Corstone-1000 boot uses a [Secure boot]($arm_developer_secureboot_website) chain process
where an already authenticated image verifies and loads the following software in the chain.
For the boot chain process to work, the start of the chain should be trusted, forming the
Root of Trust (RoT) of the device. The RoT of the device is immutable in
nature and encoded into the device by the device manufacturer before it
is deployed into the field.
In Corstone-1000, the content of the ROM and CC312 One Time Programmable (OTP) memory forms the RoT.
Verification of an image can happen either by comparing the computed and stored hashes, or by
checking the signature of the image if the image is signed.
![Secure boot chain](../images/SecureBootChain.png)
It is a lengthy chain to boot the software on Corstone-1000.
### TF-M BL1\_1 {.reference}
On power-up, the Secure Enclave begins execution from TF-M BL1\_1, which resides in ROM and serves as
the Root of Trust (RoT) for the device.
TF-M BL1\_1 is the immutable bootloader and is responsible for:
- Provisioning the device during the first boot
- Performing hardware initialization
- Verifying the integrity and authenticity of the next stage in the boot chain
At boot time, TF-M BL1\_1:
- Copies the TF-M BL1\_2 image from OTP to RAM.
- Verifies the integrity of BL1\_2 by comparing its computed hash with the hash stored in OTP.
### TF-M BL1\_2 {.reference}
During provisioning, the TF-M BL1\_2 binary, along with its hashes and cryptographic keys, is stored
in One-Time Programmable (OTP) memory.
Once verified, TF-M BL1\_2:
- Takes control and verifies the next stage in the boot chain, which is TF-M BL2.
- Computes the hash of the BL2 image and compares it with the BL2 hash stored in OTP to ensure
integrity before transferring execution to BL2.
The TF-M BL1 design details can be found in the [TF-M design documents]($trusted_firmware_m_bl1_website).
:::note
Corstone-1000 has some differences compared to this design due to memory (OTP/ROM) limitations:
- BL1\_1 code size is larger than needed because it handles most of the hardware initialization instead of the BL1\_2.
- BL1\_2 cannot be updated during provisioning time because the provisioning bundle that contains its code is located in the ROM.
- BL1\_2 does not use the post-quantum LMS verification.
- BL2 cannot be updated because it is verified by comparing the computed hash to the hash stored in the OTP.
:::
### TF-M BL2 {.reference}
In this system, TF-M BL2 refers to MCUBoot.
On the first boot, MCUBoot can provision additional cryptographic keys. It is responsible for authenticating both:
- TF-M (Trusted Firmware-M), and
- The initial bootloader of the Host system, [Trusted Firmware-A (TF-A) BL2]($trusted_firmware_a_bl2_website)
This authentication is done by verifying the digital signatures of the respective images.
MCUBoot performs image verification in the following steps:
1. Load the image from non-volatile memory into RAM.
2. Validate the image's signature using the corresponding public key.
:::note
The public key present in the image header is validated by comparing with the hash. Depending on the image, the hash of the public key is either stored in the OTP or part of the software which is being already verified in the previous stages.
:::
The execution control is passed to TF-M after the verification.
As the runtime executable of the Secure Enclave, TF-M initializes itself before
bringing the Host system out of reset.
### Host system authentication {.reference}
The Host system follows the boot standard defined in [Trusted Board Boot Requirements Client]($trusted_board_boot_requirements_client_pdf)
to authenticate the Secure and Non-secure software.
The [Firmware Image Package (FIP)]($trusted_firmware_a_fip_guide) packs bootloader images and
other payloads into a single archive.
![FIPDiagram](../images/FIPDiagram.png)
The FIP for Corstone-1000 contains:
- Trusted firmware-A BL2
- AP EL3 Runtime firmware, BL31 image
- AP Secure Payload, BL32 image
- AP Normal world firmware -U-boot, BL33 image
- Trusted OS Firmware configuration file used by Trusted OS (BL32), TOS_FW_CONFIG
- Key certificates
- Content certificates
To load and validate TF-A BL2, TF-M BL2 first parses the GUID Partition Table (GPT)
to locate the FIP. It then determines the offset of TF-A BL2 within the FIP.
:::note
TF-M does not check the FIP signature, it only checks the TF-A BL2's signature in the FIP.
:::
The implicitly trusted components are:
- A SHA-256 hash of the Root of Trust Public Key (ROTPK.) For development purposes, a development ROTPK is used and its hash embedded into the TF-A BL2 image. This public key is provided by the TF-A source code.
- TF-A BL2 image - it can be trusted because it has been verified by TF-M BL2 before starting TF-A.
The remaining components in the Chain of Trust (CoT) are either certificates or bootloader images.
#### Bootloader authentication {.reference}
The FIP contains two types of certificates:
- Content Certificates used to store the hash of a bootloader image.
- Key Certificates used to verify public keys used to sign Content Certificates.
The Host system bootloader images are authenticated by computing their hash and comparing it to the corresponding hash found in the Content Certificate.
#### Certificates verification {.reference}
The public keys defined in the Trusted Key Certificate are used to verify the later certificates in
the CoT process. The Trusted Key Certificate is verified with the Root of Trust Public Key.
#### UEFI authenticated variables {.reference}
For UEFI Secure Boot, authenticated variables can be accessed from the secure flash.
The feature has been integrated in U-Boot, which authenticates the images as per the UEFI
specification before executing them.
## Secure services {.reference}
Corstone-1000 is unique in offering a secure environment for running trusted workloads.
While the Host system includes TrustZone technology, the platform also features a hardware-isolated
Secure Enclave, specifically designed to execute these secure workloads.
In Corstone-1000, essential Secure Services—such as Cryptography, Protected Storage,
Internal Trusted Storage, and Attestation—are provided through PSA Functional APIs implemented in TF-M.
From the user's perspective, there is no difference when communicating with these services,
whether they run in the Secure Enclave or in the Secure world of the Host system.
The diagram below illustrates the data flow for such calls.
![Secure services](../images/SecureServices.png)
The Secure Enclave Proxy Secure Partition (SE Proxy SP) is a proxy managed by OP-TEE that forwards
Secure Service calls to the Secure Enclave. This communication uses the
[RSE communication protocol](https://tf-m-user-guide.trustedfirmware.org/platform/arm/rse/rse_comms.html).
While the protocol supports shared memory and MHU interrupts as a doorbell mechanism between cores,
in Corstone-1000, the entire message is currently transmitted through the MHU channels.
Corstone-1000 implements Isolation Level 2 using the Cortex-M0+ Memory Protection Unit (MPU).
Users can define their own secure services to run either in the Host system's Secure World or in
the Secure Enclave. This choice involves a trade-off between latency and security.
Services running in the Secure Enclave benefit from strong, hardware-enforced isolation,
offering higher security but at the cost of increased latency. In contrast, services running in the
Host Secure World experience lower latency, but rely on TrustZone technology for virtualized isolation,
which offers comparatively less robust security.
## PSA secure firmware update {.reference}
The Corstone-1000 platform necessitates a robust, secure, and flexible firmware update mechanism
including partial capsule update to ensure fielded devices can receive critical patches, feature enhancements,
and security fixes without compromising system integrity. To meet these requirements, we have implemented the
Platform Security Architecture (PSA) Firmware Update (FWU) framework on Corstone-1000, leveraging Trusted Firmware-M (TF-M)
for the Secure Enclave, U-Boot as the host-side client on Cortex-A, and the UEFI capsule update mechanism for payload
encapsulation. This design supports the Fixed Virtual Platform (FVP) target, providing consistent behavior across
simulation-based deployments. The Corstone-1000 supports FWU
which complies with the
[Platform Security Firmware Update for the A-profile Arm Architecture]($platform_security_fwu_for_a_profile_pdf)
and [PSA Firmware Update IHI 0093]($psa_firmware_update_ihi_0093_api_reference_website)
specifications.
To standardize and streamline capsule creation with multiple FMP payloads, the
[EDK2 capsule generation tool]($edk2_capsule_generation_tool_repository)
tool has been integrated into the meta-arm Yocto layer for Corstone-1000. This integration involves defining
build rules for generating UEFI capsules as part of the firmware image build process. Configuration parameters
exposed in the recipe allow developers to specify the number of FMP payloads, target image GUIDs, version numbers etc.
This capsule ensures that all update payloads conform to the UEFI FMP specification and are ready for
validation and delivery by UBoot.
The FWU solution for Corstone-1000 is composed of three primary domains:
- Host System
- Trusted Services intermediary
- Secure Enclave
Each domain has distinct responsibilities and communicates through standardized interfaces.
![System architecture PSA firmware update](../images/SystemArchitecturePSAFirmwareUpdate.png)
On the host side, U-Boot functions as the FWU client and orchestrates the update process from capsule retrieval to
payload delivery based on [PSA FWU DEN0018 specification]($psa_fwu_den0018_specification_website)
via Arm FF-A framework. The Trusted-Services SE Proxy secure partition serves as a gateway between the non-secure host
environment and the Secure Enclave. The [PSA FWU service]($ts_psa_fwu_service_website) running in the Trusted Services
implementation forwards the data to the Secure Enclave via MHU-based PSA calls. Within the Secure Enclave, the PSA FWU
Agent, conforming to [PSA Firmware Update IHI 0093]($psa_firmware_update_ihi_0093_api_reference_website) specification,
orchestrates the actual flash programming, metadata management, and rollback protection mechanisms. The agent relies on a
bespoke [shim layer]($tfm_shim_layer_website) to abstract hardwarespecific flash operations and bootloader interactions.
As defined in the specification, the external flash is divided into two banks: one bank holds the
currently running images, while the other is used to stage new images.
There are four updatable components: **BL2**, **TF-M**, **the FIP** and **the Kernel Image** (the initramfs bundle).
New images are delivered and accepted in the form of UEFI capsules.
![External flash](../images/ExternalFlash.png)
When a FWU is initiated on Corstone-1000, the following sequence of operations takes place:
1. Capsule Retrieval and Preparation
U-Boot on the host system retrieves the firmware capsule.
It validates the capsule header and parses the FMP (Firmware Management Protocol) descriptor list to identify the payloads to be updated.
For each FMP descriptor, U-Boot:
Splits the firmware payload into 4 KiB chunks.
Invokes the PSA_FWU_Update API for each chunk, transmitting the buffer address via the FF-A (Firmware Framework for Arm) shared memory interface.
2. Secure Transmission and Forwarding
The PSA Firmware Update (FWU) service, running as part of Trusted Services, receives the chunks through Secure Partition Client (SPC) calls.
It forwards these chunks to the Secure Enclave using MHU-based PSA calls.
3. Flashing Within the Secure Enclave
Inside the Secure Enclave, the PSA FWU Agent dispatches each chunk to the shim layer.
The shim layer:
Erases the corresponding sectors in the non-active flash bank.
Writes the received firmware chunks at the correct offsets.
During partial updates, it also copies static partitions from the active bank to the non-active one to maintain consistency.
4. Finalization and Boot Preparation
After all chunks are successfully written:
The shim updates the firmware manifest and the EFI System Resource Table (ESRT) entries to reflect the new image version.
This step enables the bootloader to recognize the new firmware for a trial boot.
The platform then performs an automatic reset, booting into the non-active bank in trial mode.
5. Trial Boot and Confirmation
In trial mode, U-Boot evaluates the new firmware and issues either an accept or reject command using the PSA FWU ABI.
These commands are sent to the Secure Enclave, instructing the shim to update the firmware metadata accordingly.
6. Recovery and Fallback Mechanism
If the trial boot is successful, the host sends an acknowledgment, transitioning the firmware state from 'trial' to 'regular'.
If the system fails or becomes unresponsive:
A watchdog timer triggers a system reset.
The BL1 firmware in the Secure Enclave detects repeated failures and reverts to the previously known-good flash bank.
This rollback mechanism ensures the device remains operational and recoverable, even after a failed update.
![Secure firmware update](../images/SecureFirmwareUpdate.png)
## UEFI runtime support in U-Boot {.reference}
The implementation of UEFI boot-time and runtime APIs requires persistent variable storage. In
Corstone-1000, UEFI variables are stored using the Protected Storage (PS) service.
The diagram below illustrates the data flow for storing UEFI variables. U-Boot's UEFI subsystem
communicates with the Secure World using the U-Boot FF-A driver, which interfaces with the
[UEFI System Management Mode (SMM) service]($trusted_services_uefi_smm_website).
The SMM service provides support for the UEFI System Management Mode. This support is implemented by the SMM Gateway secure partition.
The SMM service then uses the Proxy Protected Storage (PS) provided by the SE Proxy SP.
These PS calls are forwarded to the Secure Enclave, following the communication path described earlier.
![UEFI runtime support flow](../images/UEFISupport.png)
## References {.reference}
For more information, see:
- [Arm Developer]($arm_developer_cs1000_search)
- [Arm Security Architectures]($arm_architecture_security_features_platform_security)
File diff suppressed because it is too large Load Diff
@@ -1,265 +0,0 @@
# Build, flash and run {.chapter permissions=non-confidential}
The Arm Corstone-1000 with Cortex-A320 software stack uses the Yocto Project to build a tiny Linux distribution suitable for the Arm Corstone-1000 with Cortex-A320 platform (kernel and initramfs filesystem less than 6 MB on the flash).
The Corstone-1000 with Cortex-A320 software stack can be run on [Arm Corstone-1000 with Cortex-A320 FVP (Fixed Virtual Platform)](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) and is built on top of Yocto Project's [Wrynose release]($meta_arm_repository_release_branch).
The Yocto Project relies on the [BitBake](https://docs.yoctoproject.org/bitbake.html#bitbake-documentation) tool as its build tool. Please see the [Yocto Project documentation](https://docs.yoctoproject.org/) for more information.
## Prerequisites {.reference}
This guide assumes that your host machine is running Ubuntu 24.04 LTS (with `sudo` rights), with at least
32GB of free disk space and 16GB of RAM as minimum requirement.
The following prerequisites must be available on the host system:
- Git 2.39.2 or greater.
- Python 3.11.2 or greater.
- GNU Tar 1.34 or greater.
- GNU Compiler Collection 12.2 or greater.
- GNU Make 4.3 or greater.
- tmux 3.3 or greater.
Please follow the steps described in the Yocto mega manual:
- [Compatible Linux Distribution](https://docs.yoctoproject.org/singleindex.html#compatible-linux-distribution)
- [Build Host Packages](https://docs.yoctoproject.org/singleindex.html#build-host-packages)
## Software components {.reference}
Within the Yocto Project, each component included in the Corstone-1000 with Cortex-A320 software stack is specified as
a [BitBake recipe](https://docs.yoctoproject.org/bitbake/2.2/bitbake-user-manual/bitbake-user-manual-intro.html#recipes).
The recipes specific to the Corstone-1000 with Cortex-A320 BSP are located at:
`${WORKSPACE}/meta-arm/meta-arm-bsp/`.
`${WORKSPACE}` refers to the absolute path to your workspace where the `meta-arm` repository will be cloned. Consider exporting it (e.g., `export WORKSPACE=$(realpath .)`) if you're already in the workspace directory,
so you can copy and paste the commands from this guide verbatim.
The Yocto machine config files are at:
- `${WORKSPACE}/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000-a320.inc`
- `${WORKSPACE}/meta-arm/meta-arm-bsp/conf/machine/corstone1000-a320-fvp.conf`
:::note
All the paths stated in this document are absolute paths.
:::
### Host processor components {.reference}
This section describes the components used in the host processor.
#### Trusted Firmware-A {.reference}
The following [Trusted Firmware-A](https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git) components are used:
Table: Trusted Firmware-A components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.14.1.bb` |
#### Trusted Services {.reference}
The following [Trusted Services](https://trusted-services.readthedocs.io/en/latest/index.html) components are used:
Table: Trusted Services components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-iat-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-its-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-ps-api-test_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-smm-gateway_git.bb` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/trusted-services/ts-sp-se-proxy_git.bb` |
#### OP-TEE {.reference}
The following [OP-TEE](https://git.trustedfirmware.org/OP-TEE/optee_os.git) components are used:
Table: OP-TEE components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-security/optee/optee-os_4.9.0.bb` |
#### U-Boot {.reference}
The following [U-Boot](https://github.com/u-boot/u-boot.git) components are used:
Table: U-Boot components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend` |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2025.10.bb` |
#### Linux {.reference}
The distribution is based on the [Poky](https://docs.yoctoproject.org/ref-manual/terms.html#term-Poky)
distribution which is a Linux distribution stripped down to a minimal configuration.
The provided distribution is based on [BusyBox](https://www.busybox.net/) and built using [musl libc](https://musl.libc.org/).
The following Linux components are used:
Table: Linux components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.19.bb` |
| defconfig | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig` |
### Secure enclave components {.reference}
This section describes the secure enclave components.
#### Trusted Firmware-M {.reference}
The following [Trusted Firmware-M](https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git) are used:
Table: Trusted Firmware-M secure enclave components
| Type | Path |
| --------- | ---------------------------------------------------------------------------------------------------------------- |
| bbappend | `${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend` |
| Recipe | `${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.2.2.bb` |
## Build {.reference}
To build the software stack, do the following:
:::note
Building binaries natively on Windows and AArch64 Linux is not supported. Use an Intel or AMD 64-bit architecture Linux based development machine to build the software stack and transfer the binaries to run the software stack on an FVP in Windows or AArch64 Linux if required.
:::
1. Create a new folder that will be your workspace:
```
mkdir ${WORKSPACE}
cd ${WORKSPACE}
```
2. Install kas version 4.4 with `sudo` rights:
```
sudo pip3 install kas==4.4
```
Ensure the kas installation directory is visible on the `$PATH` environment variable.
3. Clone the `meta-arm` Yocto layer in the workspace `${WORKSPACE}`.
```
cd ${WORKSPACE}
git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2026.05
```
4. Accept the EULA on the [Arm Developer](https://developer.arm.com/downloads/-/arm-ecosystem-fvps/eula) site to build a Corstone-1000 with Cortex-A320 image for FVP as follows:
```
export ARM_FVP_EULA_ACCEPT="True"
```
5. Build a Corstone-1000 with Cortex-A320 image:
```
kas build meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml
```
A clean build takes a significant amount of time given that all of the development machine utilities are also
built along with the target images. Those development machine utilities include executables (Python,
CMake, etc.) and the required toolchains.
Once the build succeeds, all output binaries will be placed in `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/`.
Everything apart from the Secure Enclave ROM firmware is bundled into a single binary, the
`corstone1000-flash-firmware-image-corstone1000-a320-fvp.wic` file.
The output binaries run in the Corstone-1000 with Cortex-A320 platform are the following:
- The Secure Enclave ROM firmware: `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/trusted-firmware-m/bl1.bin`
- The internal firmware flash image: `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/corstone1000-flash-firmware-image-corstone1000-a320-fvp.wic`
## Build with SSH {.reference}
The `meta-arm/kas/corstone1000-a320-fvp.yml` build produces an image for booting from flash.
To build a bootable mass storage OS image with Dropbear SSH enabled, run:
```
kas build meta-arm/ci/corstone1000-a320-fvp.yml:meta-arm/kas/corstone1000-ssh.yml
```
The mass storage OS image can be found at `${WORKSPACE}/build/tmp/deploy/images/corstone1000-a320-fvp/core-image-minimal-corstone1000-a320-fvp.wic`
:::note
The generated `core-image-minimal-corstone1000-a320-fvp.fvpconf` attaches the mass storage OS image to `board.msd_mmc.p_mmc_file`.
:::
## Run {.reference}
Once the platform is turned ON, the Secure Enclave will start to boot, wherein the relevant memory contents of the `*.wic`
file are copied to their respective memory locations. Firewall policies are enforced
on memories and peripherals before bringing the Host Processor out of reset.
The Host Processor will boot TrustedFirmware-A, OP-TEE, U-Boot and then Linux before presenting a login prompt.
A Fixed Virtual Platform (FVP) model of the Corstone-1000 with Cortex-A320 platform must be available to run the
Corstone-1000 with Cortex-A320 FVP software image.
A Yocto recipe is provided to download the latest supported FVP version.
The recipe is located at `${WORKSPACE}/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000-a320.bb`.
The latest FVP version is `11.31.cs1000_a320_2` for Corstone-1000 with Cortex-A320, and the model is automatically downloaded and installed when using the `runfvp` command as follows:
```
kas shell meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml \
-c "../meta-arm/scripts/runfvp -- --version"
```
The FVP can also be manually downloaded from [Arm Developer](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) to download the Corstone-1000 with Cortex-A320 FVP package.
To set up the FVP:
1. Run `tmux`:
```
cd ${WORKSPACE} && tmux
```
2. Run the FVP within `tmux`:
```
kas shell meta-arm/kas/corstone1000-a320-fvp.yml:meta-arm/ci/debug.yml \
-c "../meta-arm/scripts/runfvp --terminals=tmux"
```
When the script is executed, three terminal instances will be launched:
- one for the Secure Enclave processing element
- two for the Host processor processing element.
```
corstone1000-a320-fvp login:
```
3. Log in using the `root` username.
## Security issue reporting {.reference}
To report any security issues identified with Corstone-1000 with Cortex-A320, please send an email to [psirt@arm.com](mailto:psirt@arm.com).
@@ -10,71 +10,6 @@ Change Log
This document contains a summary of the new features, changes and
fixes in each release of Corstone-1000 software stack.
***************
Version 2026.05
***************
Changes
=======
- Upgraded key Corstone-1000 components to U-Boot 2025.10, TF-A 2.14.1, TF-M 2.2.2, OP-TEE 4.9.0, Trusted Services 1.3.0, and Linux 6.19.
- Added GPT support in TF-M and updated MCUboot to use the GPT library for firmware-update partitions.
- Extended the TF-M firmware update flow with GPT fixes, partition create/remove/duplicate operations, metadata-only handling, flash erase protection, stale partition cleanup, and better handling of older images during PSA FWU.
- Added SSH-enabled build overlay for FVP mass-storage images.
- Removed GRUB from the initramfs boot package set.
Corstone-1000 components versions
=================================
+-------------------------------------------+-------------------+
| linux-yocto | 6.19 |
+-------------------------------------------+-------------------+
| u-boot | 2025.10 |
+-------------------------------------------+-------------------+
| external-system | 0.1.0 |
+-------------------------------------------+-------------------+
| optee-client | 4.9.0 |
+-------------------------------------------+-------------------+
| optee-os | 4.9.0 |
+-------------------------------------------+-------------------+
| trusted-firmware-a | 2.14.1 |
+-------------------------------------------+-------------------+
| trusted-firmware-m | 2.2.2 |
+-------------------------------------------+-------------------+
| libts | v1.3.0 |
+-------------------------------------------+-------------------+
| ts-sp-{se-proxy, smm-gateway} | v1.3.0 |
+-------------------------------------------+-------------------+
| ts-psa-{crypto, iat, its. ps}-api-test | 74dc6646ff |
+-------------------------------------------+-------------------+
Yocto distribution components versions
======================================
+-------------------------------------------+----------------+
| meta-arm | wrynose |
+-------------------------------------------+----------------+
| bitbake | 22021758e6 |
+-------------------------------------------+----------------+
| meta-openembedded | 9af4488d46 |
+-------------------------------------------+----------------+
| openembedded-core | 06dd66e622 |
+-------------------------------------------+----------------+
| meta-yocto | 8251bdad5f |
+-------------------------------------------+----------------+
| meta-secure-core | 07a99ae241 |
+-------------------------------------------+----------------+
| busybox | 1.37.0 |
+-------------------------------------------+----------------+
| musl | 1.2.6 |
+-------------------------------------------+----------------+
| gcc-arm-none-eabi | 15.2.rel1 |
+-------------------------------------------+----------------+
| gcc-cross-aarch64 | 15.2.0 |
+-------------------------------------------+----------------+
| openssl | 3.5.6 |
+-------------------------------------------+----------------+
***************
Version 2025.12
***************
@@ -131,6 +66,10 @@ Yocto distribution components versions
+-------------------------------------------+----------------+
| meta-secure-core | 63209fb150 |
+-------------------------------------------+----------------+
| meta-ethos | aa2504a32f |
+-------------------------------------------+----------------+
| meta-sca | e68f1a9d17 |
+-------------------------------------------+----------------+
| busybox | 1.37.0 |
+-------------------------------------------+----------------+
| musl | 1.2.5 |
@@ -19,12 +19,6 @@ intended for safety-critical applications. Should Your Software or Your Hardware
prove defective, you assume the entire cost of all necessary servicing, repair
or correction.
***********************
Release notes - 2026.05
***********************
The same notes as the 2025.05 release still apply.
***********************
Release notes - 2025.12
***********************
@@ -116,6 +116,19 @@ The Corstone-1000 architecture is designed to cover a range of
`Power, Performance, and Area (PPA) <ppa-website_>`__ applications, and enable extension
for use-case specific applications, for example, sensors, cloud connectivity, and edge computing.
**************************************
Corstone-1000 with Cortex-A320 Variant
**************************************
This variant of the Corstone-1000 platform replaces the Host System's Cortex-A35 processor
with a Cortex-A320. In this configuration, the optional External System (previously a Cortex-M3)
is replaced by an Arm Ethos-U85 Neural Processing Unit (NPU).
The Ethos-U85 runs in the direct drive configuration, where the Host System is responsible for managing the NPU directly.
.. image:: images/CorstoneA320Subsystems.png
:width: 720
:alt: CorstoneA320Subsystems
*****************
Secure Boot Chain
*****************
@@ -50,7 +50,7 @@ The Corstone-1000 software stack can be run on:
Yocto Stable Branch
-------------------
Corstone-1000 software stack is built on top of Yocto Project's `Wrynose release <meta-arm-repository-release-branch_>`__.
Corstone-1000 software stack is built on top of Yocto Project's `Whinlatter release <meta-arm-repository-release-branch_>`__.
Software Components
-------------------
@@ -91,7 +91,7 @@ Host Processor Components
+----------+-------------------------------------------------------------------------------------------------------+
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend`` |
+----------+-------------------------------------------------------------------------------------------------------+
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.14.1.bb`` |
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.13.0.bb`` |
+----------+-------------------------------------------------------------------------------------------------------+
`Trusted Services <https://trusted-services.readthedocs.io/en/latest/index.html>`__
@@ -131,9 +131,9 @@ Host Processor Components
================================================================
+----------+------------------------------------------------------------------------------------------+
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_%.bbappend`` |
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_4.%.bbappend`` |
+----------+------------------------------------------------------------------------------------------+
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-security/optee/optee-os_4.9.0.bb`` |
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-security/optee/optee-os_4.7.0.bb`` |
+----------+------------------------------------------------------------------------------------------+
`U-Boot <https://github.com/u-boot/u-boot.git>`__
@@ -144,7 +144,7 @@ Host Processor Components
+----------+----------------------------------------------------------------------------------+
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend`` |
+----------+----------------------------------------------------------------------------------+
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2025.10.bb`` |
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2025.04.bb`` |
+----------+----------------------------------------------------------------------------------+
Linux
@@ -157,7 +157,7 @@ The provided distribution is based on `BusyBox <https://www.busybox.net/>`__ and
+-----------+------------------------------------------------------------------------------------------------+
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend`` |
+-----------+------------------------------------------------------------------------------------------------+
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.19.bb`` |
| Recipe | ``${WORKSPACE}/core/meta/recipes-kernel/linux/linux-yocto_6.12.bb`` |
+-----------+------------------------------------------------------------------------------------------------+
| defconfig | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig`` |
+-----------+------------------------------------------------------------------------------------------------+
@@ -172,7 +172,7 @@ Secure Enclave Components
+----------+-------------------------------------------------------------------------------------------------------+
| bbappend | ``${WORKSPACE}/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend`` |
+----------+-------------------------------------------------------------------------------------------------------+
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.2.2.bb`` |
| Recipe | ``${WORKSPACE}/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.2.1.bb`` |
+----------+-------------------------------------------------------------------------------------------------------+
************************************
@@ -223,7 +223,7 @@ Build
.. code-block:: console
cd ${WORKSPACE}
git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2026.05
git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2025.12
#. Build a Corstone-1000 image:
@@ -243,6 +243,8 @@ Build
.. warning::
**The External System Processor is not available on the Corstone-1000 with Cortex-A320 FVP.**
Access to the External System Processor is disabled by default on **Corstone-1000 with Cortex-A35**.
To build the Corstone-1000 image with External System Processor enabled, run:
@@ -251,6 +253,18 @@ Build
kas build meta-arm/kas/corstone1000-${TARGET}.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-extsys.yml
.. warning::
**The Ethos-U85 Neural Processing Unit (NPU) is only available on
the Corstone-1000 with Cortex-A320 FVP.**
To build the Corstone-1000 image with the Ethos-U85 NPU enabled, run:
.. code-block:: console
kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-a320.yml
A clean build takes a significant amount of time given that all of the development machine utilities are also
built along with the target images. Those development machine utilities include executables (Python,
CMake, etc.) and the required toolchains.
@@ -262,38 +276,10 @@ Everything apart from the Secure Enclave ROM firmware and External System firmwa
``corstone1000-flash-firmware-image-corstone1000-${TARGET}.wic`` file.
The output binaries run in the Corstone-1000 platform are the following:
- The Secure Enclave ROM firmware: ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-${TARGET}/trusted-firmware-m/bl1.bin``
- The Secure Enclave ROM firmware: ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-${TARGET}/bl1.bin``
- The External System Processor firmware: ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-${TARGET}/es_flashfw.bin``
- The internal firmware flash image: ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-${TARGET}/corstone1000-flash-firmware-image-corstone1000-${TARGET}.wic``
Build with SSH
--------------
The ``meta-arm/kas/corstone1000-${TARGET}.yml`` build produces an image for
booting from flash.
.. important::
The SSH-enabled mass storage image is supported only for the FVP target.
It is not supported for the MPS3 target, because it relies on pre-generated
SSH host keys intended for virtual platforms.
To build a bootable mass storage OS image with Dropbear SSH enabled for FVP,
run:
.. code-block:: console
kas build meta-arm/ci/corstone1000-fvp.yml:meta-arm/kas/corstone1000-ssh.yml
The mass storage OS image can be found at
``${WORKSPACE}/build/tmp/deploy/images/corstone1000-fvp/core-image-minimal-corstone1000-fvp.wic``
.. note::
The generated ``core-image-minimal-corstone1000-fvp.fvpconf`` configures
the mass storage OS image using ``board.msd_mmc.p_mmc_file``.
.. _flashing-firmware-images:
Flash
@@ -384,9 +370,9 @@ Flash
IMAGE2FILE: \SOFTWARE\es0.bin
#. Copy ``bl1.bin`` from ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3/trusted-firmware-m/`` to the ``SOFTWARE`` directory of the FPGA bundle.
#. Remove ``ES0.bin`` from the ``SOFTWARE`` directory of the FPGA bundle. Copy ``es_flashfw.bin`` from
``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3`` to the ``SOFTWARE`` directory of the FPGA bundle and rename the binary to ``es0.bin``.
#. Copy ``bl1.bin`` from ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3`` to the ``SOFTWARE`` directory of the FPGA bundle.
#. Copy ``es_flashfw.bin`` from ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3`` to the ``SOFTWARE`` directory of the FPGA bundle
and rename the binary to ``es0.bin``.
#. Copy ``corstone1000-flash-firmware-image-corstone1000-mps3.wic`` from ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3`` to the ``SOFTWARE``
directory of the FPGA bundle and rename the wic image to ``cs1000.bin``.
@@ -471,9 +457,14 @@ Corstone-1000 FVP software image.
A Yocto recipe is provided to download the latest supported FVP version.
The recipe is located at ``${WORKSPACE}/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb``.
This recipe supports selecting different Corstone1000 FVP models via MACHINE_FEATURES:
The latest FVP version is ``11.23.25`` and is automatically
downloaded and installed when using the ``runfvp`` command as detailed below.
- ``cortexa320`` use the Cortex-A320 Host Processor with Ethos U85 enabled FVP build
- (default) use the Cortex-A35 Host Processor with Cortex-M3 External System FVP build
The latest FVP version is ``11.23.25`` for Corstone-1000 with Cortex-A35 and ``11.30.27`` for
Corstone-1000 with Cortex-A320, and each model is automatically downloaded and installed when using
the ``runfvp`` command as detailed below.
.. note::
@@ -530,8 +521,8 @@ Tests
Reports
-------
Reports for the tests conducted on the `Corstone-1000 software (CORSTONE1000-2026.05) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2026.05>`__
release are available for reference `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/CORSTONE1000-2026.05/embedded-a/corstone1000/CORSTONE1000-2026.05?ref_type=tags>`__.
Reports for the tests conducted on the `Corstone-1000 software (CORSTONE1000-2025.12) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2025.12>`__
release are available for reference `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/CORSTONE1000-2025.12/embedded-a/corstone1000/CORSTONE1000-2025.12?ref_type=tags>`__.
.. _clean-secure-flash:
@@ -545,18 +536,18 @@ Clean Secure Flash
This is to erase the flash cleanly and prepare a clean board environment for testing.
#. Clone the `iot-platform-assets` repository to your ${WORKSPACE}.
#. Clone the `systemready-patch` repository to your ${WORKSPACE}.
.. code-block:: console
cd ${WORKSPACE}
git clone https://git.gitlab.arm.com/arm-reference-solutions/iot-platform-assets.git -b CORSTONE1000-2026.05
git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2025.12
#. Copy the secure flash cleaning Git patch file to your copy of `meta-arm`.
.. code-block:: console
cp -f iot-platform-assets/corstone1000/erase_flash/0001-embedded-a-corstone1000-clean-secure-flash.patch meta-arm
cp -f systemready-patch/embedded-a/corstone1000/erase_flash/0001-embedded-a-corstone1000-clean-secure-flash.patch meta-arm
#. Apply the Git patch to `meta-arm`.
@@ -574,7 +565,7 @@ Clean Secure Flash
bitbake -c cleansstate trusted-firmware-m corstone1000-flash-firmware-image
bitbake -c build corstone1000-flash-firmware-image
#. Replace the ``bl1.bin`` file on the SD card with ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3/trusted-firmware-m/bl1.bin``.
#. Replace the ``bl1.bin`` file on the SD card with ``${WORKSPACE}/build/tmp/deploy/images/corstone1000-mps3/bl1.bin``.
#. Reboot the board to completely erase the secure flash.
@@ -788,12 +779,7 @@ MPS3
cd ${WORKSPACE}/arm-systemready/IR/prebuilt_images/v23.09_2.1.0
sudo dd if=ir-acs-live-image-generic-arm64.wic of=/dev/sdc iflag=direct oflag=direct bs=1M status=progress; sync
#. Unplug the ESP USB drive from the MPS3, if connected.
#. Plug only the ACS image USB drive to the MPS3.
The ESP USB drive must remain unplugged while the ACS image is booting,
otherwise GRUB might fail to find the bootable partition on the ACS image USB drive.
#. Plug the USB drive to the MPS3. At this point you should have both the USB drive with the ESP and the USB drive with the ACS image plugged to the MPS3.
#. Reboot the MPS3.
@@ -801,10 +787,12 @@ The MPS3 will reset multiple times during the test, and it might take approximat
.. important::
Keep the ESP USB drive unplugged until the GRUB menu is displayed during
the Linux boot timeout workaround described below. Plug the ESP USB drive
back in just before selecting the `Linux Boot` option, so it is available
for the remaining ACS tests.
Unplug the ESP USB drive from the MPS3 if it is preventing GRUB
from finding the bootable partition. Leave only the ACS image USB drive
plugged in to run the ACS tests.
The ESP USB drive can be plugged in again after
selecting the `Linux Boot` option in the GRUB menu at the end of the ACS tests.
.. warning::
@@ -815,7 +803,6 @@ The MPS3 will reset multiple times during the test, and it might take approximat
#. Press Enter at the Linux prompt.
#. Open the file `/etc/systemd/system.conf` and set `DefaultDeviceTimeoutSec=infinity`.
#. Reboot the platform using the `reboot` command.
#. When the GRUB menu appears, plug the ESP USB drive back into the MPS3.
#. Select the `Linux Boot` option from the GRUB menu.
#. Allow Linux to boot and run the remaining ACS tests until completion.
@@ -860,7 +847,7 @@ If GRUB is not interrupted, the tests are executed automatically in the followin
- UEFI BSA
- FWTS
The results can be fetched from the `acs_results` folder in the ``BOOT`` partition of the ACS image USB drive (for MPS3) or SD Card (for FVP).
The results can be fetched from the `acs_results` folder in the ``BOOT`` partition of the USB drive (for MPS3) or SD Card (for FVP).
.. note::
@@ -878,6 +865,32 @@ The results can be fetched from the `acs_results` folder in the ``BOOT`` partiti
Capsule Update
--------------
.. warning::
The **Corstone-1000 with Cortex-A320 FVP** becomes unresponsive when the Linux kernel driver for the
Ethos-U85 NPU loads automatically after a software reboot.
This behavior results from a power reset control issue in the **Corstone-1000 with Cortex-A320 FVP** model.
To prevent the failure and complete the test successfully,
rebuild the **Corstone-1000 with Cortex-A320** firmware image using the following steps:
#. Clone the `systemready-patch` repository to your ``${WORKSPACE}``.
.. code-block:: console
cd ${WORKSPACE}
git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git \
-b CORSTONE1000-2025.12
#. Re-Build the **Corstone-1000 with Cortex-A320 FVP** software stack as follows:
.. code-block:: console
kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-a320.yml:\
systemready-patch/embedded-a/corstone1000/disable_module_autoloading/disable_module_autoloading.yml
.. important::
Payload GUIDs (``${BL2_GUID}``, ``${TFM_S_GUID}``, ``${FIP_GUID}``, and ``${INITRAMFS_GUID}``)
@@ -931,11 +944,6 @@ Generate Capsules
for the host machine during the firmware image building process.
The tool can be found at ``${WORKSPACE}/build/tmp/sysroots-components/aarch64/edk2-basetools-native/usr/bin/edk2-BaseTools/BinWrappers/PosixLike/GenerateCapsule``.
.. note::
The ``aarch64`` part of this path depends on the build host architecture
and can be different on another host.
A JSON file containing metadata about the capsule payloads needs to be created using the script
found at ``${WORKSPACE}/meta-arm/meta-arm/scripts/generate_capsule_json_multiple.py``.
This JSON file is required by EDK II's ``GenerateCapsule`` tool to generate the capsule.
@@ -978,9 +986,9 @@ Use the following commands to generate the `capsule_config.json` file, which is
--monotonic_counts 1 1 1 1 1 1 \
--payloads \
build/tmp/work/corstone1000_${TARGET}-poky-linux-musl/corstone1000-flash-firmware-image/1.0/sources/corstone1000-flash-firmware-image-1.0/dummy.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/trusted-firmware-m/bl2_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/trusted-firmware-m/tfm_s_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/signed_fip.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/bl2_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/tfm_s_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/signed_fip-corstone1000.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/Image.gz-initramfs-corstone1000-${TARGET}.bin \
build/tmp/work/corstone1000_${TARGET}-poky-linux-musl/corstone1000-flash-firmware-image/1.0/sources/corstone1000-flash-firmware-image-1.0/dummy.bin \
--update_image_indexes 5 1 2 3 4 6 \
@@ -1037,9 +1045,9 @@ Use the following commands to generate the `capsule_config.json` file, which is
--monotonic_counts 1 1 1 1 1 1 \
--payloads \
build/tmp/work/corstone1000_${TARGET}-poky-linux-musl/corstone1000-flash-firmware-image/1.0/sources/corstone1000-flash-firmware-image-1.0/dummy.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/trusted-firmware-m/bl2_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/trusted-firmware-m/tfm_s_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/signed_fip.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/bl2_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/tfm_s_signed.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/signed_fip-corstone1000.bin \
build/tmp/deploy/images/corstone1000-${TARGET}/Image.gz-initramfs-corstone1000-${TARGET}.bin \
build/tmp/work/corstone1000_${TARGET}-poky-linux-musl/corstone1000-flash-firmware-image/1.0/sources/corstone1000-flash-firmware-image-1.0/dummy.bin \
--update_image_indexes 5 1 2 3 4 6 \
@@ -1084,7 +1092,7 @@ MPS3
#. Prepare a USB drive as explained in `this <mps3-instructions-for-acs-image_>`_ section.
#. Copy the capsule files to the root directory of the ``BOOT`` partition in the USB drive.
#. Copy the capsule file to the root directory of the ``BOOT`` partition in the USB drive.
.. code-block:: console
@@ -1168,7 +1176,7 @@ This will be followed by using the invalid capsule to run the rollback protectio
Positive Full Capsule Update Test
=================================
#. Run Corstone-1000 with the ACS image containing the capsule files:
#. Run Corstone-1000 with the ACS image containing the two capsule files:
- MPS3:
@@ -1231,40 +1239,42 @@ Positive Full Capsule Update Test
The software stack copies the capsule content to the external flash, which is shared between the Secure Enclave and the Host Processor
before rebooting the system, and the following logs should be displayed on the Secure Enclave terminal (``ttyUSB1`` for MPS3):
before rebooting the system.
After the first reboot, TrustedFirmware-M should apply the valid capsule and display the following log on the Secure Enclave terminal (``ttyUSB1`` for MPS3)
before rebooting the system a second time:
.. code-block:: console
...
fwu_bootloader_install_image: enter
metadata_read: success: active = 0, previous = 1
fwu_update_metadata: enter
SysTick_Handler: counted = 10, expiring on = 360
SysTick_Handler: counted = 20, expiring on = 360
SysTick_Handler: counted = 30, expiring on = 360
...
metadata_write: success: active = 1, previous = 0
fwu_update_metadata: exit: ret = 0
fwu_bootloader_install_image: exit: ret = 0
flash_full_capsule: exit
corstone1000_fwu_flash_image: exit: ret = 0
...
The above log snippet indicates that the new capsule image is successfully applied.
After the first reboot,
The above log snippet indicates that the new capsule image is successfully applied, and the board is booting with the external flash's Bank-1.
After a second reboot, the following log should be displayed on on the Secure Enclave terminal (``ttyUSB1``):
.. code-block:: console
...
fmp_set_image_info:133 Enter
FMP image update: image id = 0
FMP image update: status = 0version=6 last_attempt_version=6.
fmp_set_image_info:157 Exit.
corstone1000_fwu_host_ack: exit: ret = 0
...
#. Interrupt the U-Boot shell.
.. code-block:: console
Hit any key to stop autoboot:
After the first reboot, TrustedFirmware-M should display the following log on the Secure Enclave terminal (``ttyUSB1`` for MPS3):
.. code-block:: console
...
[INF] Starting TF-M BL1_1
metadata_read: success: active = 1, previous = 0
get_fwu_agent_state: exit: FWU Agent PSA_FWU_TRIAL (index mismatch)
bl1_get_active_bl2_image: booting from trial bank: 1
bl1_get_active_bl2_image: exit: booting from bank = 1, offset = 0x1002000
...
#. Run the following commands in order to run the Corstone-1000 Linux kernel.
@@ -1277,18 +1287,6 @@ Positive Full Capsule Update Test
$ loadm 0x90000000 $kernel_addr_r $filesize
$ bootefi $kernel_addr_r $fdtcontroladdr
After executing above set of commands, the following log should be displayed on the Secure Enclave terminal (``ttyUSB1``):
.. code-block:: console
...
fwu_accept_image: success: fwu state is changed to regular
update_nv_counters: success
disable_host_ack_timer: timer to reset is disabled
FMP image update: status = 0version=6 last_attempt_version=6.
fwu_bootloader_mark_image_accepted: exit: ret = 0
...
#. The first boot after a capsule update is considered the trial stage, during which the FWU image is accepted.
However, to view the updated contents of the EFI System Resource Table (ESRT), an additional reboot is required.
@@ -1382,20 +1380,21 @@ Rollback Protection Capsule Update Test
.. code-block:: console
...
fwu_bootloader_load_image: enter: block_offset = 0
FMP version: 0x5, metadata version : 0x7
private_metadata_write: enter: boot_index = 0
private_metadata_write: success
fmp_set_image_info:160 Enter
FMP image update: image id = 0
FMP image update: status = 1version=7 last_attempt_version=5.
fmp_set_image_info:184 Exit.
ERROR: fwu_bootloader_load_image: version error
remove_all_stale_partitions: Removed GPT partition 'bl2_secondary'
remove_all_stale_partitions: Removed GPT partition 'tfm_secondary'
remove_all_stale_partitions: Removed GPT partition 'FIP_B'
remove_all_stale_partitions: Removed GPT partition 'kernel_secondary'
fwu_bootloader_load_image: exit: ret = -248
uefi_capsule_retrieve_images: image 0 at 0xa0000070, size=15654928
uefi_capsule_retrieve_images: exit
flash_full_capsule: enter: image = 0x0xa0000070, size = 7764541, version = 5
ERROR: flash_full_capsule: version error
private_metadata_write: enter: boot_index = 1
private_metadata_write: success
fmp_set_image_info:133 Enter
FMP image update: image id = 0
FMP image update: status = 1version=6 last_attempt_version=5.
fmp_set_image_info:157 Exit.
corstone1000_fwu_flash_image: exit: ret = -1
fmp_get_image_info:232 Enter
pack_image_info:207 ImageInfo size = 105, ImageName size = 34, ImageVersionName
size = 36
fmp_get_image_info:236 Exit
...
The Secure Enclave tries to load the new image a predetermined number of times
@@ -1658,7 +1657,7 @@ Corstone-1000 on-board non-volatile storage size is insufficient for installing
dd if=/dev/zero of=${WORKSPACE}/fvp_distro_system_drive.img \
bs=1 count=0 seek=10G; sync; \
parted -s ${WORKSPACE}/fvp_distro_system_drive.img mklabel gpt
parted -s fvp_distro_system_drive.img mklabel gpt
#. This MMC image will be used as the primary drive to boot the distribution.
@@ -1712,10 +1711,6 @@ FVP
-C board.msd_mmc.p_mmc_file=${WORKSPACE}/fvp_distro_system_drive.img \
-C board.msd_mmc_2.p_mmc_file=${DISTRO_INSTALLER_ISO_PATH}"
.. note::
The FVP distribution installation process can take 6-8 hours to complete.
The Linux distribution will be installed on ``fvp_distro_system_drive.img``.
@@ -1724,7 +1719,7 @@ Debian Installation Extra Steps
Debian installation may need some extra steps, that are indicated below:
#. Answer ``Yes`` to the question ``Install the GRUB boot loader``.
#. Answer ``Yes`` to the question ``Force grub installation to the EFI removable media path?``.
If the GRUB installation fails, these are the steps to follow on the subsequent
popups:
@@ -1876,14 +1871,15 @@ Generate Keys, Signed Image and Unsigned Image
#. Build an EFI System Partition as described `here <build-efi-system-partition_>`__.
#. Clone the `iot-platform-assets` repository to your workspace.
#. Clone the `systemready-patch` repository to your workspace.
.. code-block:: console
cd ${WORKSPACE}
git clone https://gitlab.arm.com/arm-reference-solutions/iot-platform-assets \
-b CORSTONE1000-2026.05
git clone https://gitlab.arm.com/arm-reference-solutions/systemready-patch \
-b CORSTONE1000-2025.12
#. Set the current working directory to build directory's subdirectory containing the software stack build images.
@@ -1895,7 +1891,7 @@ Generate Keys, Signed Image and Unsigned Image
.. code-block:: console
${WORKSPACE}/iot-platform-assets/corstone1000/secureboot/create_keys_and_sign.sh \
./${WORKSPACE}/systemready-patch/embedded-a/corstone1000/secureboot/create_keys_and_sign.sh \
-d ${TARGET} \
-v ${CERTIFICATE_VALIDITY_DURATION_IN_DAYS}
@@ -1929,7 +1925,7 @@ MPS3
#. Perform a cold boot of the MPS3.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Hit any key to stop autoboot``.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Press any key to stop``.
.. warning::
@@ -2002,7 +1998,7 @@ FVP
#. Run the software stack as described `here <running-software-stack-fvp_>`__.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Hit any key to stop autoboot``.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Press any key to stop``.
.. warning::
@@ -2103,12 +2099,9 @@ As a result, U-Boot reads these variables and verifies the Linux kernel image be
In a typical boot scenario, the Linux kernel image is not signed, which will prevent the system from booting due to failed image authentication.
To resolve this, the Platform Key (one of the UEFI authenticated variables for secure boot) needs to be deleted.
#. For MPS3, perform a cold boot.
#. Perform a cold boot of the MPS3.
#. For FVP, continue in the same boot cycle in which the UEFI secure boot keys were enrolled.
Do not cold boot FVP before deleting the Platform Key, because the secure flash contents are not preserved across an FVP cold boot.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Hit any key to stop autoboot``.
#. On the Host Processor terminal host side, stop the execution of U-Boot when prompted to do so with the message ``Press any key to stop``.
#. On the U-Boot console, delete the Platform Key (PK).
@@ -2189,21 +2182,23 @@ Symmetric Multiprocessing
.. warning::
Symmetric multiprocessing (SMP) mode is supported on FVP but is disabled by default.
Symmetric multiprocessing (SMP) mode is only supported on Corstone-1000 with Cortex-A35 FVP but is disabled by default.
#. Build the software stack with SMP mode enabled:
.. code-block:: console
.. code-block:: console
kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-multicore.yml
kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-fvp-multicore.yml
#. Run the Corstone-1000 FVP.
#. Run the Corstone-1000 FVP:
.. code-block:: console
kas shell meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-multicore.yml \
kas shell meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-fvp-multicore.yml \
-c "../meta-arm/scripts/runfvp"
#. Verify that the FVP is running the Host Processor with more than one CPU core:
.. code-block:: console
@@ -2211,6 +2206,72 @@ Symmetric Multiprocessing
nproc
4 # number of processing units
Ethos-U85 NPU
-------------
.. warning::
The Ethos-U85 NPU is only supported on Corstone-1000 with Cortex-A320 FVP.
#. Clone the `systemready-patch` repository to your ``${WORKSPACE}``.
.. code-block:: console
cd ${WORKSPACE}
git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git \
-b CORSTONE1000-2025.12
#. Copy the additional kas configuration file to:
.. code-block:: console
cp ${WORKSPACE}/systemready-patch/embedded-a/corstone1000/ethos-u85_test/ethos-u85_test.yml \
${WORKSPACE}/meta-arm/kas/
#. Re-Build the Corstone-1000 with Cortex-A320 FVP software stack as follows:
.. code-block:: console
kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-a320.yml:\
meta-arm/kas/ethos-u85_test.yml
#. Run the Corstone-1000 with Cortex-320 FVP:
.. code-block:: console
kas shell meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml:meta-arm/kas/corstone1000-a320.yml:\
systemready-patch/embedded-a/corstone1000/ethos-u85_test/ethos-u85_test.yml \
-c "../meta-arm/scripts/runfvp"
#. To verify you are running the Corstone-1000 with Cortex-A320, build and run the FVP and inspect the CPU model
reported in ``/proc/cpuinfo`` as shown below. Inside the FVP shell, confirm the core type:
.. code-block:: console
grep -E 'CPU part|model name' /proc/cpuinfo
# Expect: CPU part : 0xd8f (which corresponds to Cortex-A320)
#. Run the `delegate_runner` test application inside the FVP shell as follows:
.. code-block:: console
delegate_runner -l /usr/lib/libethosu_op_delegate.so \
-n /usr/share/ethosu/mobilenet_v2_1.0_224_INT8_vela.tflite \
-i /usr/share/ethosu/input_data0.bin \
-o /usr/share/ethosu/actual_output_data0.bin
The test completes in approximately one minute.
#. Run the following command to compare the generated output binary with the expected output binary:
.. code-block:: console
cmp -s /usr/share/ethosu/expected_output_data0.bin /usr/share/ethosu/actual_output_data0.bin
The two binary files should be identical.
Secure Debug
------------
@@ -2309,7 +2370,7 @@ and `Arm Development Studio <arm-ds-website_>`__ versions 2022.2, 2022.c, or 202
.. _arm-developer-fvp: https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps
.. _secure-debug-manager-repo-readme: https://github.com/ARM-software/secure-debug-manager/tree/master?tab=readme-ov-file#secure-debug-manager-psa-adac--sdc-600
.. _secure-debug-manager-armds-integration: https://github.com/ARM-software/secure-debug-manager?tab=readme-ov-file#arm-development-studio-integration
.. _meta-arm-repository-release-branch: https://docs.yoctoproject.org/next/migration-guides/migration-6.0.html
.. _meta-arm-repository-release-branch: https://docs.yoctoproject.org/next/migration-guides/migration-5.3.html
.. _arm-ulink-pro-website: https://www.arm.com/products/development-tools/debug-probes/ulink-pro
.. _arm-ds-website: https://www.arm.com/products/development-tools/embedded-and-software/arm-development-studio
.. _edk2-repository: https://github.com/tianocore/edk2
@@ -7,6 +7,5 @@ jinja2==3.1.1
# Required to build the documentation
sphinx==7.1.2
myst-parser~=3.0.1
sphinx_rtd_theme~=3.0.0
docutils~=0.18.1
@@ -0,0 +1,2 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files/${MACHINE}:"
SRC_URI:append = " file://report.txt"
@@ -0,0 +1 @@
include arm-systemready-ir-acs-${MACHINE}.inc
@@ -0,0 +1,5 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files/fvp-base:"
SRC_URI:append = " \
file://0001-check-sr-results-Change-the-expected-SR-result-confi.patch \
"
@@ -0,0 +1 @@
include arm-systemready-scripts-native-${MACHINE}.inc
@@ -0,0 +1,227 @@
From e3e0465a25f9b1607b2e5ed42afb7b556aa8b9bc Mon Sep 17 00:00:00 2001
From: Debbie Martin <Debbie.Martin@arm.com>
Date: Wed, 4 Oct 2023 18:40:18 +0100
Subject: [PATCH] [PATCH] check-sr-results: Change the expected SR result
config
Update the check-sr-results.yaml and format-sr-results.yaml files for the
Systemready IR suite. These changes are required because of the
following known differences of fvp-base outputs to those expected by the
SystemReady scripts.
Changes to check-sr-results.yaml:
1. acs-console.log:
a. must-have-esp: EFI partition/variable persistence not supported due to
FVP reset.
b. warn-once-if-contains "-dirty": BL1, BL2, and BL31 have dirty versions.
c. must-contain "efi: ESRT=0x" and "'esrt: Reserving ESRT space from 0x'":
Capsule updates are not supported.
d. error-if-contains: "No EFI system partition" and "Failed to persist
EFI variables": EFI partition/variable persistence not supported due to
FVP reset.
2. acs_results/result.md:
a. must-contain "Failure: |0|": Capsule and EFI partition failures make
the total 20.
3. acs_results/CapsuleApp_ESRT_table_info.log:
a. capsuleapp-esrt: Capsule updates are not supported.
b. must-contain "'EFI_SYSTEM_RESOURCE_TABLE:'" and
"EFI_SYSTEM_RESOURCE_ENTRY": EFI partition/variable persistence not
supported due to FVP reset.
c. must-contain "FwClass": Capsule updates are not supported.
d. error-if-contains "ESRT - Not Found": Capsule updates are not
supported.
4. acs_results/CapsuleApp_FMP_protocol_info.log:
a. warn-if-contains "Aborted test": Capsule updates are not supported.
This patch also adds must-contain for the specific totals of the test
categories due to allowing the "Aborted test" string.
5. acs_results/linux_dump/firmware/efi/esrt:
a. Remove whole directory because capsule updates are not supported.
6. acs_results/uefi/temp:
a. Set min-entries to 0: this defaults to 1 despite the directory being
optional, so errors if a directory is empty.
7. acs_results/uefi_dump:
a. min-entries is 13: change this to 11 due to smbiosview.log being
optional and the change to make map.log optional.
8. acs_results/uefi_dump/dh.log:
a. must-contain "EFISystemPartition": EFI partition/variable persistence
not supported due to FVP reset.
b. must-contain "FirmwareManagement": Capsule updates are not supported.
9. acs_results/uefi_dump/map.log:
a. Make optional because it isn't populated for IR.
10. fw:
a. Make optional because capsule updates are not supported.
11. os-logs:
a. Make optional because distro installation isn't done as part of ACS.
Changes to format-sr-results.yaml:
1. Remove the SIE section (not supported on fvp-base and, if present, causes
format-sr-results.py to error).
Upstream-Status: Inappropriate
Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
---
check-sr-results.yaml | 34 ++++++++++++++--------------------
format-sr-results.yaml | 15 ---------------
2 files changed, 14 insertions(+), 35 deletions(-)
diff --git a/check-sr-results.yaml b/check-sr-results.yaml
index a4235de..555fb71 100644
--- a/check-sr-results.yaml
+++ b/check-sr-results.yaml
@@ -10,7 +10,6 @@ check-sr-results-configuration:
# The following tree applies to all ACS-IR 2.0 versions.
tree:
- file: acs-console.log
- must-have-esp:
must-contain:
- Booting `bbr/bsa'
- Press any key to stop the EFI SCT running
@@ -24,8 +23,6 @@ tree:
- 'EFI stub: Booting Linux Kernel...'
- 'EFI stub: Using DTB from configuration table'
- Linux version
- - 'efi: ESRT=0x'
- - 'esrt: Reserving ESRT space from 0x'
- systemd
- Executing FWTS for EBBR
- 'Test: UEFI'
@@ -36,13 +33,9 @@ tree:
- ACS run is completed
- Please press <Enter> to continue ...
warn-once-if-contains:
- - -dirty
- 'EFI stub: ERROR:'
- 'FIRMWARE BUG:'
- OVERLAP DETECTED
- error-if-contains:
- - No EFI system partition
- - Failed to persist EFI variables
- dir: acs_results
min-entries: 8 # Allow missing result.md
max-entries: 9
@@ -53,7 +46,7 @@ tree:
must-contain:
- SCT Summary
- Dropped:|0|
- - Failure:|0|
+ - Failure:|20|
- Warning:|0|
- Dropped by group
- Failure by group
@@ -64,16 +57,11 @@ tree:
max-entries: 2
tree:
- file: CapsuleApp_ESRT_table_info.log
- capsuleapp-esrt:
must-contain:
- ESRT TABLE
- - 'EFI_SYSTEM_RESOURCE_TABLE:'
- - EFI_SYSTEM_RESOURCE_ENTRY
- - FwClass
error-if-contains:
- FwResourceCount - 0x0
- FwResourceCountMax - 0x0
- - ESRT - Not Found
- file: CapsuleApp_FMP_protocol_info.log
must-contain:
- FMP DATA
@@ -95,9 +83,14 @@ tree:
- 'Medium failures: NONE'
- 'Low failures: NONE'
- 'Other failures: NONE'
+ - 'dt_base | 3| | | | | |'
+ - 'esrt | | | 2| | | |'
+ - 'uefibootpath | | | | | | |'
+ - 'uefirtmisc | 1| | | | 8| |'
+ - 'uefirttime | 4| | | | 35| |'
+ - 'uefirtvariable | 2| | | | 10| |'
+ - 'uefivarinfo | | | | | 1| |'
- 'Total:'
- warn-if-contains:
- - Aborted test
error-if-contains:
- FAILED
- This is an invalid entry.
@@ -180,6 +173,7 @@ tree:
tree:
- file: OsIndicationsSupported-*
- dir: esrt
+ optional:
tree:
- dir: entries
tree:
@@ -314,8 +308,9 @@ tree:
- BSA tests complete. Reset the system.
- dir: temp # This sometimes remains; ignore it
optional:
+ min-entries: 0
- dir: uefi_dump
- min-entries: 13
+ min-entries: 11
max-entries: 13
tree:
- file: bcfg.log
@@ -331,8 +326,6 @@ tree:
must-contain:
- Handle dump
- DevicePath
- - EFISystemPartition
- - FirmwareManagement
- SimpleTextOut
- file: dmem.log
must-contain:
@@ -355,6 +348,7 @@ tree:
- DRIVER NAME
- file: ifconfig.log
- file: map.log
+ optional:
must-contain:
- Mapping table
- /HD(1,GPT,
@@ -392,7 +386,7 @@ tree:
- dir: docs
optional:
- dir: fw
- min-entries: 3
+ optional:
tree:
- file: u-boot-sniff.log
must-contain:
@@ -500,7 +494,7 @@ tree:
- dir: manual-results
optional:
- dir: os-logs
- min-entries: 2
+ optional:
tree:
- file: 'OS-image-download-links.txt'
optional:
diff --git a/format-sr-results.yaml b/format-sr-results.yaml
index dd34cd6..20b69de 100644
--- a/format-sr-results.yaml
+++ b/format-sr-results.yaml
@@ -47,21 +47,6 @@ subs:
extract:
filename: "acs_results/linux_dump/firmware/devicetree/base/psci/\
compatible"
- - heading: BBSR Compliance
- paragraph: TBD
- subs:
- - heading: SIE SCT
- extract:
- filename: acs_results/SIE/result.md
- find: '# SCT Summary'
- first-line: 4
- last-line:
- paragraph: TBD
- - heading: SIE FWTS
- extract:
- filename: acs_results/SIE/fwts/FWTSResults.log
- find: Test Failure Summary
- paragraph: TBD
- heading: BSA Compliance (informative)
paragraph: TBD
subs:
--
2.25.1
@@ -0,0 +1,34 @@
General information
-------------------
- Arm SystemReady Band: IR
- System name: FVP Base A AEM
- Prepared by:
- E-mail:
- Date:
System information
------------------
- Company: Arm
- System: FVP Base A AEM
- SoC:
- FW version:
- Memory:
- Storage devices / disks:
- Network controllers:
- Other Hardware information:
Test Logs and Results
---------------------
- ACS version used: 2.0
- ACS URL (if pre-built binary): https://github.com/ARM-software/arm-systemready/blob/v23.03_IR_2.0.0/IR/prebuilt_images/v23.03_2.0.0/ir-acs-live-image-generic-arm64.wic.xz
- Changes to ACS (if built from source):
- Test Logs collected
[X] ACS - SCT
[X] ACS - BSA - UEFI
[X] ACS - BSA - Linux
[X] ACS - FWTS
[X] ACS - Linux boot log
[X] ACS - Linux dumps
[X] ACS - UEFI Shell dumps
[ ] ACS - Capsule Update
@@ -1,34 +0,0 @@
# WIC partitioning for corstone1000 internal flash
# Layout and maximum sizes (to be defined):
#
# The entries with --offset parameter should not be relocated
# because BL1 code is statically configured for the given positions
# Partition sizes are fixed since corstone1000 does not support partial update
# and has a limit for each partition to grow.
part --source empty --size 3k --offset 17k --part-name="reserved_1" --uuid B1F2FC8C-A7A3-4485-87CB-16961B8847D7
part --source empty --size 4k --align 4 --offset 20k --part-name="FWU-Metadata" --uuid 3FDFFEE1-3223-4C6B-80F9-B0E7D780C21D --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 24k --part-name="Bkup-FWU-Metadata" --uuid B3068316-5351-4998-823A-3A7B09133EC1 --part-type 8A7A84A0-8387-40F6-AB41-A8B9A5A60D23
part --source empty --size 4k --align 4 --offset 28k --part-name="private_metadata_replica_1" --uuid 3CC3B456-DEC8-4CE3-BC5C-965483CE4828 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
part --source empty --size 4k --align 4 --offset 32k --part-name="private_metadata_replica_2" --uuid DCE9C503-8DFD-4DCB-8889-647E49641552 --part-type ECB55DC3-8AB7-4A84-AB56-EB0A9974DB42
# The partition type of each of these four partitions should match the type of the images
# in a fiwmare update capsule
# The size has to be aligned to TF-M's SE_BL2_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 144k --sourceparams="file=trusted-firmware-m/bl2_signed.bin" --offset 36k --align 4 --part-name="bl2_primary" --uuid 9A3A8FBF-55EF-439C-80C9-A3F728033929 --part-type F1D883F9-DFEB-5363-98D8-686EE3B69F4F
# The size has to be aligned to TF-M's TFM_PARTITION_SIZE (tfm/platform/ext/target/arm/corstone1000/partition/flash_layout.h)
part --source rawcopy --size 320k --sourceparams="file=trusted-firmware-m/tfm_s_signed.bin" --align 4 --part-name="tfm_primary" --uuid 07F9616C-1233-439C-ACBA-72D75421BF70 --part-type 7FAD470E-5EC5-5C03-A2C1-4756B495DE61
# Rawcopy of the FIP binary
part --source rawcopy --size 2 --sourceparams="file=signed_fip.bin" --align 4 --part-name="FIP_A" --uuid B9C7AC9D-40FF-4675-956B-EEF4DE9DF1C5 --part-type F1933675-5A8C-5B6D-9EF4-846739E89BC8
# Rawcopy of kernel with initramfs
part --source rawcopy --size 12 --sourceparams="file=Image.gz-initramfs-${MACHINE}.bin" --align 4 --part-name="kernel_primary" --uuid BF7A6142-0662-47FD-9434-6A8811980816 --part-type F771AFF9-C7E9-5F99-9EDA-2369DD694F61
# This ensures wic sets the size of the flash as 64MiB in the GPT header, despite only half being filled
part --source empty --size 3k --offset 32748k --part-name="reserved_2" --uuid CCB18569-C0BA-42E0-A429-FE1DC862D660
bootloader --ptable gpt
@@ -6,4 +6,3 @@ psci: failed to boot CPU3 (-95)
CPU3: failed to boot: -95
ARM FF-A: Notification setup failed -95, not enabled
ARM FF-A: Failed to register driver sched callback -95
basic-mmio-gpio: Failed to locate of_node [id: -2]
@@ -1,2 +0,0 @@
arch_timer: Failed to initialize memory-mapped timer.
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
@@ -1,3 +0,0 @@
can't derive routing for PCI INT A
jitterentropy: Initialization failed with host not compliant with requirements: 2
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
@@ -1,2 +0,0 @@
arch_timer: Failed to initialize memory-mapped timer.
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
@@ -1,8 +1,8 @@
# The release of EDK2 after 202402 should fix this
NUMA: Failed to initialise from firmware
# TODO: we should be using bochsdrm over efifb?
efifb: cannot reserve video memory at 0x80000000
# TODO: debug why this sometimes happens
failed to find screen to remove
# appears with upgrade to kernel 6.18
PCI: OF: of_root node is NULL, cannot create PCI host bridge node
@@ -21,13 +21,16 @@ PRODUCT = "corstone-1000"
B = "${WORKDIR}/build"
# remove once arm-none-eabi-gcc updates to 13 or newer like poky
DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map"
LDFLAGS[unexport] = "1"
do_compile() {
oe_runmake -C ${S} V=y \
BUILD_PATH=${B} \
PRODUCT=${PRODUCT} \
CROSS_COMPILE=arm-none-eabi- \
PRODUCT=${PRODUCT} \
CROSS_COMPILE=arm-none-eabi- \
all
}
@@ -1,7 +1,7 @@
COMPATIBLE_MACHINE = "corstone1000"
FIRMWARE_BINARIES = "corstone1000-flash-firmware-image-${MACHINE}.wic \
trusted-firmware-m/bl1.bin \
bl1.bin \
${@bb.utils.contains('MACHINE_FEATURES', \
'corstone1000-extsys', \
'es_flashfw.bin', \
@@ -79,7 +79,7 @@ CAPSULE_INDEXES += "${PAYLOAD_BL2_INDEX} "
CAPSULE_HARDWARE_INSTANCES += "${PAYLOAD_HARDWARE_INSTANCE} "
CAPSULE_MONOTONIC_COUNTS += "${PAYLOAD_MONOTONIC_COUNT} "
CAPSULE_PRIVATE_KEY_PATHS += "${PAYLOAD_PRIVATE_KEY_PATH} "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/trusted-firmware-m/bl2_signed.bin "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/bl2_signed.bin "
CAPSULE_FW_VERSIONS += "${PAYLOAD_BL2_VERSION} "
CAPSULE_LOWEST_SUPPORTED_VERSIONS += "${PAYLOAD_BL2_LOWEST_SUPPORTED_VERSION} "
@@ -97,7 +97,7 @@ CAPSULE_INDEXES += "${PAYLOAD_TFM_S_INDEX} "
CAPSULE_HARDWARE_INSTANCES += "${PAYLOAD_HARDWARE_INSTANCE} "
CAPSULE_MONOTONIC_COUNTS += "${PAYLOAD_MONOTONIC_COUNT} "
CAPSULE_PRIVATE_KEY_PATHS += "${PAYLOAD_PRIVATE_KEY_PATH} "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/trusted-firmware-m/tfm_s_signed.bin "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/tfm_s_signed.bin "
CAPSULE_FW_VERSIONS += "${PAYLOAD_TFM_S_VERSION} "
CAPSULE_LOWEST_SUPPORTED_VERSIONS += "${PAYLOAD_TFM_S_LOWEST_SUPPORTED_VERSION} "
@@ -115,7 +115,7 @@ CAPSULE_INDEXES += "${PAYLOAD_FIP_INDEX} "
CAPSULE_HARDWARE_INSTANCES += "${PAYLOAD_HARDWARE_INSTANCE} "
CAPSULE_MONOTONIC_COUNTS += "${PAYLOAD_MONOTONIC_COUNT} "
CAPSULE_PRIVATE_KEY_PATHS += "${PAYLOAD_PRIVATE_KEY_PATH} "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/signed_fip.bin "
UEFI_FIRMWARE_BINARIES += "${DEPLOY_DIR_IMAGE}/signed_fip-corstone1000.bin "
CAPSULE_FW_VERSIONS += "${PAYLOAD_FIP_VERSION} "
CAPSULE_LOWEST_SUPPORTED_VERSIONS += "${PAYLOAD_FIP_LOWEST_SUPPORTED_VERSION} "
@@ -155,8 +155,8 @@ CAPSULE_FW_VERSIONS += "${PAYLOAD_DUMMY_END_VERSION}"
CAPSULE_LOWEST_SUPPORTED_VERSIONS += "${PAYLOAD_DUMMY_END_LOWEST_SUPPORTED_VERSION}"
# TF-A settings for signing host images
TFA_BL2_BINARY = "bl2.bin"
TFA_FIP_BINARY = "fip.bin"
TFA_BL2_BINARY = "bl2-corstone1000.bin"
TFA_FIP_BINARY = "fip-corstone1000.bin"
TFA_BL2_RE_IMAGE_LOAD_ADDRESS = "0x62353000"
TFA_BL2_RE_SIGN_BIN_SIZE = "0x2d000"
TFA_FIP_RE_IMAGE_LOAD_ADDRESS = "0x68130000"
@@ -167,11 +167,11 @@ RE_IMAGE_OFFSET = "0x1000"
do_sign_images() {
# Sign TF-A BL2
sign_host_image ${RECIPE_SYSROOT}/firmware/trusted-firmware-a/${TFA_BL2_BINARY} \
sign_host_image ${RECIPE_SYSROOT}/firmware/${TFA_BL2_BINARY} \
${TFA_BL2_RE_IMAGE_LOAD_ADDRESS} ${TFA_BL2_RE_SIGN_BIN_SIZE}
# Update BL2 in the FIP image
cp ${RECIPE_SYSROOT}/firmware/trusted-firmware-a/${TFA_FIP_BINARY} .
cp ${RECIPE_SYSROOT}/firmware/${TFA_FIP_BINARY} .
fiptool update --tb-fw \
${TFM_IMAGE_SIGN_DEPLOY_DIR}/signed_${TFA_BL2_BINARY} \
${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY}
@@ -35,13 +35,13 @@ do_compile[noexec] = "1"
# packages for this recipe.
do_install() {
cp -a ${S} ${D}/
cp -f ${RECIPE_SYSROOT}/firmware/trusted-firmware-a/bl1.bin \
cp -f ${RECIPE_SYSROOT}/firmware/bl1-juno.bin \
${D}/${FIRMWARE_DIR}/SOFTWARE/bl1.bin
cp -f ${RECIPE_SYSROOT}/firmware/trusted-firmware-a/fip.bin \
cp -f ${RECIPE_SYSROOT}/firmware/fip-juno.bin \
${D}/${FIRMWARE_DIR}/SOFTWARE/fip.bin
cp -f ${RECIPE_SYSROOT}/firmware/scp-firmware/scp_romfw_bypass.bin \
cp -f ${RECIPE_SYSROOT}/firmware/scp_romfw_bypass.bin \
${D}/${FIRMWARE_DIR}/SOFTWARE/scp_bl1.bin
# u-boot environment file
@@ -8,8 +8,8 @@ FW_INSTALL:append = " romfw_bypass"
do_install:append() {
for TYPE in ${FW_INSTALL}; do
if [ "$TYPE" = "romfw_bypass" ]; then
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.bin" "${D}${FIRMWARE_DIR}/${FW}_${TYPE}.bin"
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.elf" "${D}${FIRMWARE_DIR}/${FW}_${TYPE}.elf"
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.bin" "${D}/firmware/${FW}_${TYPE}.bin"
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.elf" "${D}/firmware/${FW}_${TYPE}.elf"
fi
done
}
@@ -1,14 +0,0 @@
# RD N2 specific SCP configurations and build instructions
COMPATIBLE_MACHINE:rdn2 = "rdn2"
SCP_PRODUCT_GROUP = "neoverse-rd"
SCP_PLATFORM = "rdn2"
EXTRA_OECMAKE += "-D SCP_PLATFORM_VARIANT=0"
SCP_LOG_LEVEL = "DEBUG"
SRC_URI_SCP_FIRMWARE = "gitsm://gitlab.arm.com/infra-solutions/reference-design/platsw/scp-firmware.git;protocol=https"
SRCBRANCH = "refinfra-bmc"
# Use the RD-INFRA-2024.12.20 tag
SRCREV = "62bc3f079d1ae5780df1459d4c66de2dbee54359"
@@ -1,14 +0,0 @@
# RD V2 specific SCP configurations and build instructions
COMPATIBLE_MACHINE:rdv2 = "rdv2"
SCP_PRODUCT_GROUP = "neoverse-rd"
SCP_PLATFORM = "rdn2"
EXTRA_OECMAKE += "-D SCP_PLATFORM_VARIANT=0"
SCP_LOG_LEVEL = "DEBUG"
SRC_URI_SCP_FIRMWARE = "gitsm://gitlab.arm.com/infra-solutions/reference-design/platsw/scp-firmware.git;protocol=https"
SRCBRANCH = "refinfra-bmc"
# Use the RD-INFRA-2024.12.20 tag
SRCREV = "62bc3f079d1ae5780df1459d4c66de2dbee54359"
@@ -0,0 +1,6 @@
# SGI575 specific SCP configurations and build instructions
COMPATIBLE_MACHINE:sgi575 = "sgi575"
SCP_PRODUCT_GROUP = "neoverse-rd"
SCP_LOG_LEVEL = "INFO"
@@ -3,7 +3,6 @@
MACHINE_SCP_REQUIRE ?= ""
MACHINE_SCP_REQUIRE:juno = "scp-firmware-juno.inc"
MACHINE_SCP_REQUIRE:rdn2 = "scp-firmware-rdn2.inc"
MACHINE_SCP_REQUIRE:rdv2 = "scp-firmware-rdv2.inc"
MACHINE_SCP_REQUIRE:sgi575 = "scp-firmware-sgi575.inc"
require ${MACHINE_SCP_REQUIRE}
@@ -1,4 +1,4 @@
From efce372dfac4ccef239b67abb4ec1cc450096329 Mon Sep 17 00:00:00 2001
From adaa22bc2f529bb34e9d4fe89ff5c65f0c83ca0c Mon Sep 17 00:00:00 2001
From: emeara01 <emekcan.aras@arm.com>
Date: Wed, 11 May 2022 14:37:06 +0100
Subject: [PATCH] Fix FF-A version in SPMC manifest
@@ -1,4 +1,4 @@
From 4e23e72e65481fe917d8a0af355b3b7669d5acb6 Mon Sep 17 00:00:00 2001
From 977f06e10e549d01a641a62a1d4850a06d6f0df4 Mon Sep 17 00:00:00 2001
From: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Date: Thu, 7 Aug 2025 10:05:02 +0000
Subject: [PATCH] plat: corstone1000: add Cortex-A320 support
@@ -41,12 +41,12 @@ Signed-off-by: Michael Safwat <michael.safwat@arm.com>
.../common/corstone1000_helpers.S | 35 ++++++++++++++++++-
.../corstone1000/common/corstone1000_plat.c | 4 +++
.../corstone1000/common/corstone1000_pm.c | 8 +++++
.../common/include/platform_def.h | 26 ++++++++++++++
.../common/include/platform_def.h | 28 ++++++++++++++-
plat/arm/board/corstone1000/platform.mk | 11 ++++++
5 files changed, 83 insertions(+), 1 deletion(-)
5 files changed, 84 insertions(+), 2 deletions(-)
diff --git a/plat/arm/board/corstone1000/common/corstone1000_helpers.S b/plat/arm/board/corstone1000/common/corstone1000_helpers.S
index a4ca9fe98223..665dbc61a92e 100644
index a4ca9fe98..665dbc61a 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_helpers.S
+++ b/plat/arm/board/corstone1000/common/corstone1000_helpers.S
@@ -1,5 +1,5 @@
@@ -97,7 +97,7 @@ index a4ca9fe98223..665dbc61a92e 100644
* void plat_secondary_cold_boot_setup (void);
*
diff --git a/plat/arm/board/corstone1000/common/corstone1000_plat.c b/plat/arm/board/corstone1000/common/corstone1000_plat.c
index e388c82f311b..d34e80b29bb0 100644
index e388c82f3..d34e80b29 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_plat.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_plat.c
@@ -26,6 +26,10 @@ const mmap_region_t plat_arm_mmap[] = {
@@ -112,7 +112,7 @@ index e388c82f311b..d34e80b29bb0 100644
};
diff --git a/plat/arm/board/corstone1000/common/corstone1000_pm.c b/plat/arm/board/corstone1000/common/corstone1000_pm.c
index ac808873b9e7..a87697e97f11 100644
index ac808873b..a87697e97 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_pm.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_pm.c
@@ -8,7 +8,11 @@
@@ -140,9 +140,16 @@ index ac808873b9e7..a87697e97f11 100644
/* Flush and invalidate data cache */
dcsw_op_all(DCCISW);
diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
index 200383475c80..ffb1e2dec0e1 100644
index caf3d462f..ee0babbf8 100644
--- a/plat/arm/board/corstone1000/common/include/platform_def.h
+++ b/plat/arm/board/corstone1000/common/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -112,12 +112,19 @@
#define ARM_SHARED_RAM_SIZE (SZ_8K) /* 8 KB */
#define ARM_SHARED_RAM_BASE ARM_TRUSTED_SRAM_BASE
@@ -163,7 +170,7 @@ index 200383475c80..ffb1e2dec0e1 100644
#define PLAT_ARM_MAX_BL2_SIZE (180 * SZ_1K) /* 180 KB */
@@ -208,8 +215,13 @@
@@ -209,8 +216,13 @@
#define MAX_IO_BLOCK_DEVICES 1
/* GIC related constants */
@@ -177,7 +184,7 @@ index 200383475c80..ffb1e2dec0e1 100644
/* MHUv2 Secure Channel receiver and sender */
#define PLAT_SDK700_MHU0_SEND 0x1B800000
@@ -334,6 +346,20 @@
@@ -335,6 +347,20 @@
CORSTONE1000_DEVICE_BASE, \
CORSTONE1000_DEVICE_SIZE, \
MT_DEVICE | MT_RW | MT_SECURE)
@@ -199,7 +206,7 @@ index 200383475c80..ffb1e2dec0e1 100644
#define ARM_IRQ_SEC_PHY_TIMER 29
diff --git a/plat/arm/board/corstone1000/platform.mk b/plat/arm/board/corstone1000/platform.mk
index 65be9c1f5ad7..fe3e94865fca 100644
index 65be9c1f5..fe3e94865 100644
--- a/plat/arm/board/corstone1000/platform.mk
+++ b/plat/arm/board/corstone1000/platform.mk
@@ -9,7 +9,14 @@ ifeq ($(filter ${TARGET_PLATFORM}, fpga fvp),)
@@ -229,3 +236,6 @@ index 65be9c1f5ad7..fe3e94865fca 100644
BL2_SOURCES += plat/arm/board/corstone1000/common/corstone1000_security.c \
plat/arm/board/corstone1000/common/corstone1000_err.c \
--
2.50.1
@@ -1,113 +0,0 @@
From a9801643d9d4d3f24960c5f24d5f5c3fd4889cc1 Mon Sep 17 00:00:00 2001
From: Alex Chapman <alecha05@e142473.arm.com>
Date: Tue, 3 Mar 2026 17:00:58 +0000
Subject: [PATCH] feat(corestone-1000): make mutlicore support platform generic
To improve portability, testing coverage, and future platform enablement.
- Replace FVP-only multicore checks with platform-generic checks.
- Add the corresponding TF-M patch to the Corstone-1000 recipe.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/49092]
Signed-off-by: Alex Chapman <alex.chapman@arm.com>
---
plat/arm/board/corstone1000/common/corstone1000_helpers.S | 4 ++--
plat/arm/board/corstone1000/common/corstone1000_pm.c | 6 +++---
plat/arm/board/corstone1000/common/include/platform_def.h | 4 ++--
plat/arm/board/corstone1000/platform.mk | 6 ++----
4 files changed, 9 insertions(+), 11 deletions(-)
diff --git a/plat/arm/board/corstone1000/common/corstone1000_helpers.S b/plat/arm/board/corstone1000/common/corstone1000_helpers.S
index 665dbc61a..d41df4ebe 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_helpers.S
+++ b/plat/arm/board/corstone1000/common/corstone1000_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2025 Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2026 Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -54,7 +54,7 @@ endfunc plat_arm_calc_core_pos
* --------------------------------------------------------------------
*/
func plat_secondary_cold_boot_setup
-#if defined(CORSTONE1000_FVP_MULTICORE)
+#if defined(CORSTONE1000_MULTICORE)
/* Calculate the address of our hold entry */
bl plat_my_core_pos
diff --git a/plat/arm/board/corstone1000/common/corstone1000_pm.c b/plat/arm/board/corstone1000/common/corstone1000_pm.c
index a87697e97..2c7a2c67b 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_pm.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2026, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -41,7 +41,7 @@ static void corstone1000_system_reset(void)
*watchdog_ctrl_reg = SECURE_WATCHDOG_MASK_ENABLE;
}
-#if defined(CORSTONE1000_FVP_MULTICORE)
+#if defined(CORSTONE1000_MULTICORE)
int corstone1000_validate_ns_entrypoint(uintptr_t entrypoint)
{
/*
@@ -77,7 +77,7 @@ void corstone1000_pwr_domain_on_finish(const psci_power_state_t *target_state)
#endif
plat_psci_ops_t plat_arm_psci_pm_ops = {
-#if defined(CORSTONE1000_FVP_MULTICORE)
+#if defined(CORSTONE1000_MULTICORE)
.pwr_domain_on = corstone1000_pwr_domain_on,
.pwr_domain_on_finish = corstone1000_pwr_domain_on_finish,
.validate_ns_entrypoint = corstone1000_validate_ns_entrypoint,
diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
index ffb1e2dec..4682b8b5d 100644
--- a/plat/arm/board/corstone1000/common/include/platform_def.h
+++ b/plat/arm/board/corstone1000/common/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2026, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -266,7 +266,7 @@
#define PLAT_ARM_TRUSTED_MAILBOX_BASE ARM_TRUSTED_SRAM_BASE
-#if defined(CORSTONE1000_FVP_MULTICORE)
+#if defined(CORSTONE1000_MULTICORE)
/* The secondary core entrypoint address points to bl31_warm_entrypoint
* and the address size is 8 bytes */
#define CORSTONE1000_SECONDARY_CORE_ENTRYPOINT_ADDRESS_SIZE UL(0x8)
diff --git a/plat/arm/board/corstone1000/platform.mk b/plat/arm/board/corstone1000/platform.mk
index fe3e94865..dee40f3b3 100644
--- a/plat/arm/board/corstone1000/platform.mk
+++ b/plat/arm/board/corstone1000/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2025 Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2021-2026 Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -44,10 +44,8 @@ $(eval $(call add_define,CORSTONE1000_WITH_BL32))
endif
ENABLE_MULTICORE := 0
-ifneq ($(filter ${TARGET_PLATFORM}, fvp),)
ifeq (${ENABLE_MULTICORE},1)
-$(eval $(call add_define,CORSTONE1000_FVP_MULTICORE))
-endif
+$(eval $(call add_define,CORSTONE1000_MULTICORE))
endif
ifdef CORSTONE1000_CORTEX_A320
--
2.43.0
@@ -0,0 +1,33 @@
From 328bfd8cd95bb0973e4966dcb4e3efa05d62f3f9 Mon Sep 17 00:00:00 2001
From: Christophe Thiblot <christophe.thiblot@arm.com>
Date: Wed, 2 Jul 2025 15:03:55 +0000
Subject: [PATCH] fix: exclude Boot requirement tests for Corstone-1000
A test compares the value of the Generic Timer register CNTFRQ visible in
two frames CNTBaseN and CNTCTLBase that are linked in Armv8-A and reflect
the same value.
An issue in Corstone-1000 (errata 2142118) makes the CNTFRQ views
inconsistents and the then test fails. There is no workaround and
the test is skipped.
Errata: https://developer.arm.com/documentation/sden2142076/0002/?lang=en
Signed-off-by: Christophe Thiblot <christophe.thiblot@arm.com>
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-A/tf-a-tests/+/40810]
---
plat/arm/corstone1000/tests_to_skip.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/plat/arm/corstone1000/tests_to_skip.txt b/plat/arm/corstone1000/tests_to_skip.txt
index d937e42..afa3992 100644
--- a/plat/arm/corstone1000/tests_to_skip.txt
+++ b/plat/arm/corstone1000/tests_to_skip.txt
@@ -16,3 +16,4 @@ PSCI CPU Suspend in OSI mode
PSCI STAT/for valid composite state CPU suspend
FF-A Setup and Discovery/FF-A RXTX remap unmapped region success
FF-A Memory Sharing/Normal World VM retrieve request into SPMC
+Boot requirement tests
--
2.43.0
@@ -1,4 +1,4 @@
From ff4bb404474a3310654827c36c4ac882eb0344b5 Mon Sep 17 00:00:00 2001
From 82ca3fcf5c323aec4ce8191c349fd7e00a840e02 Mon Sep 17 00:00:00 2001
From: Michael Safwat <michael.safwat@arm.com>
Date: Tue, 26 Aug 2025 11:20:01 +0000
Subject: [PATCH] plat: corstone1000: Add Cortex-A320 support
@@ -24,15 +24,15 @@ Signed-off-by: Michael Safwat <michael.safwat@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Upstream-Status: Submitted (https://review.trustedfirmware.org/c/TF-A/tf-a-tests/+/42352)
---
plat/arm/corstone1000/corstone1000_def.h | 12 ++++++++++-
plat/arm/corstone1000/include/platform_def.h | 11 +++++-----
plat/arm/corstone1000/platform.mk | 20 ++++++++++++++++++
.../tests_to_skip_cortex_a320.txt | 21 +++++++++++++++++++
4 files changed, 58 insertions(+), 6 deletions(-)
plat/arm/corstone1000/corstone1000_def.h | 12 +++++++++-
plat/arm/corstone1000/include/platform_def.h | 11 +++++----
plat/arm/corstone1000/platform.mk | 23 +++++++++++++++++++
.../tests_to_skip_cortex_a320.txt | 21 +++++++++++++++++
4 files changed, 61 insertions(+), 6 deletions(-)
create mode 100644 plat/arm/corstone1000/tests_to_skip_cortex_a320.txt
diff --git a/plat/arm/corstone1000/corstone1000_def.h b/plat/arm/corstone1000/corstone1000_def.h
index 3e6f036acc9a..c4fa9a3b5f68 100644
index 3e6f036a..c4fa9a3b 100644
--- a/plat/arm/corstone1000/corstone1000_def.h
+++ b/plat/arm/corstone1000/corstone1000_def.h
@@ -26,13 +26,23 @@
@@ -61,7 +61,7 @@ index 3e6f036acc9a..c4fa9a3b5f68 100644
* PL011 related constants
******************************************************************************/
diff --git a/plat/arm/corstone1000/include/platform_def.h b/plat/arm/corstone1000/include/platform_def.h
index 91f4cda19a90..2a9e5c4c35bb 100644
index a0d6f7b3..1fc505d0 100644
--- a/plat/arm/corstone1000/include/platform_def.h
+++ b/plat/arm/corstone1000/include/platform_def.h
@@ -98,12 +98,13 @@
@@ -84,27 +84,30 @@ index 91f4cda19a90..2a9e5c4c35bb 100644
/*******************************************************************************
diff --git a/plat/arm/corstone1000/platform.mk b/plat/arm/corstone1000/platform.mk
index cd7a19162bcf..dfdd27abd897 100644
index a5a011d5..fd98724a 100644
--- a/plat/arm/corstone1000/platform.mk
+++ b/plat/arm/corstone1000/platform.mk
@@ -6,6 +6,16 @@
@@ -6,6 +6,19 @@
PLAT_INCLUDES := -Iplat/arm/corstone1000/include/
+CORSTONE1000_CORTEX_A320 := 0
+ifeq (${CORSTONE1000_CORTEX_A320},1)
+PLAT_SOURCES := drivers/arm/timer/private_timer.c \
+ drivers/arm/timer/system_timer.c \
+ plat/arm/corstone1000/plat_helpers.S \
+ plat/arm/corstone1000/corstone1000_pwr_state.c \
+ plat/arm/corstone1000/corstone1000_topology.c \
+ plat/arm/corstone1000/corstone1000_mem_prot.c \
+ plat/arm/corstone1000/plat_setup.c
+PLAT_SOURCES := drivers/arm/gic/arm_gic_v2v3.c \
+ drivers/arm/gic/gic_v2.c \
+ drivers/arm/gic/gic_v3.c \
+ drivers/arm/timer/private_timer.c \
+ drivers/arm/timer/system_timer.c \
+ plat/arm/corstone1000/plat_helpers.S \
+ plat/arm/corstone1000/corstone1000_pwr_state.c \
+ plat/arm/corstone1000/corstone1000_topology.c \
+ plat/arm/corstone1000/corstone1000_mem_prot.c \
+ plat/arm/corstone1000/plat_setup.c
+else
PLAT_SOURCES := drivers/arm/timer/private_timer.c \
drivers/arm/timer/system_timer.c \
plat/arm/corstone1000/plat_helpers.S \
@@ -13,6 +23,7 @@ PLAT_SOURCES := drivers/arm/timer/private_timer.c \
PLAT_SOURCES := drivers/arm/gic/arm_gic_v2.c \
drivers/arm/gic/gic_v2.c \
drivers/arm/timer/private_timer.c \
@@ -15,6 +28,7 @@ PLAT_SOURCES := drivers/arm/gic/arm_gic_v2.c \
plat/arm/corstone1000/corstone1000_topology.c \
plat/arm/corstone1000/corstone1000_mem_prot.c \
plat/arm/corstone1000/plat_setup.c
@@ -112,7 +115,7 @@ index cd7a19162bcf..dfdd27abd897 100644
PLAT_SUPPORTS_NS_RESET := 1
@@ -21,6 +32,15 @@ $(eval $(call assert_boolean,PLAT_SUPPORTS_NS_RESET))
@@ -23,6 +37,15 @@ $(eval $(call assert_boolean,PLAT_SUPPORTS_NS_RESET))
$(eval $(call add_define,TFTF_DEFINES,PLAT_SUPPORTS_NS_RESET))
FIRMWARE_UPDATE := 0
@@ -130,7 +133,7 @@ index cd7a19162bcf..dfdd27abd897 100644
include plat/arm/common/arm_common.mk
diff --git a/plat/arm/corstone1000/tests_to_skip_cortex_a320.txt b/plat/arm/corstone1000/tests_to_skip_cortex_a320.txt
new file mode 100644
index 000000000000..87b9241daba0
index 00000000..87b9241d
--- /dev/null
+++ b/plat/arm/corstone1000/tests_to_skip_cortex_a320.txt
@@ -0,0 +1,21 @@
@@ -155,3 +158,6 @@ index 000000000000..87b9241daba0
+Boot requirement tests
+CPU extensions/AMUv1 suspend/resume
+CPU extensions/Use trace buffer control Registers
--
2.43.0
@@ -12,5 +12,9 @@ TFTF_MODE:corstone1000 = "release"
FILESEXTRAPATHS:prepend:corstone1000 := "${THISDIR}/files/corstone1000/tf-a-tests:"
SRC_URI:append:corstone1000 = " \
file://0001-plat-corstone1000-Add-Cortex-A320-support.patch \
file://0001-fix-exclude-Boot-requirement-tests-for-Corstone-1000.patch \
"
SRC_URI:append:corstone1000 = " \
file://0002-plat-corstone1000-Add-Cortex-A320-support.patch \
"
@@ -6,7 +6,6 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files/corstone1000:"
SRC_URI:append = " \
file://0001-Fix-FF-A-version-in-SPMC-manifest.patch \
file://0002-plat-corstone1000-add-Cortex-A320-support.patch \
file://0003-feat-corestone-1000-make-mutlicore-support-platform-.patch \
"
TFA_DEBUG = "1"
@@ -23,10 +22,10 @@ TFA_SPMD_SPM_AT_SEL2 = "0"
# BL2 loads BL32 (optee). So, optee needs to be built first:
DEPENDS += "optee-os"
ENABLE_CORTEX_A_ERRATA = " \
ENABLE_CORTEX_A35_ERRATA = " \
ERRATA_A35_855472=1 \
"
ENABLE_CORTEX_A_ERRATA:cortexa320 = ""
ENABLE_CORTEX_A35_ERRATA:cortexta320 = ""
FVP_GIC_DRIVER ?= "FVP_GICV2"
FVP_GIC_DRIVER:cortexa320 = "FVP_GICV3"
@@ -54,12 +53,12 @@ EXTRA_OEMAKE:append = " \
NR_OF_IMAGES_IN_FW_BANK=4 \
COT=tbbr \
ARM_ROTPK_LOCATION=devel_rsa \
${ENABLE_CORTEX_A_ERRATA} \
${ENABLE_CORTEX_A35_ERRATA} \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
BL32=${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin \
FVP_USE_GIC_DRIVER=${FVP_GIC_DRIVER} \
"
EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'corstone1000_smp', ' ENABLE_MULTICORE=1', '', d)}"
EXTRA_OEMAKE:append:corstone1000-fvp = "${@bb.utils.contains('MACHINE_FEATURES', 'corstone1000_fvp_smp', ' ENABLE_MULTICORE=1', '', d)}"
# Add Cortex-A320 specific configurations
EXTRA_OEMAKE:append:cortexa320 = " \
@@ -80,5 +79,5 @@ EXTRA_OEMAKE:append:cortexa320 = " \
# If GENERATE_COT is set, then TF-A will try to use local poetry install
# to run the python cot-dt2c command. Disable the local poetry and use
# the provided cot-dt2c.
EXTRA_OEMAKE += "host-poetry=''"
EXTRA_OEMAKE += "POETRY=''"
DEPENDS += "cot-dt2c-native"
@@ -69,5 +69,5 @@ EXTRA_OEMAKE += "ARM_ARCH_MAJOR=${ARM_ISA_MAJOR} ARM_ARCH_MINOR=${ARM_ISA_MINOR}
# If GENERATE_COT is set, then tf-a will try to use local poetry install
# to run the python cot-dt2c command. Disable the local poetry and use
# the provided cot-dt2c.
EXTRA_OEMAKE += "host-poetry=''"
EXTRA_OEMAKE += "POETRY=''"
DEPENDS += "cot-dt2c-native"
@@ -10,4 +10,4 @@ TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip"
# Juno needs the System Control Processor Firmware
DEPENDS += "virtual/control-processor-firmware"
EXTRA_OEMAKE:append = " SCP_BL2=${RECIPE_SYSROOT}${FIRMWARE_BASE_DIR}/scp-firmware/scp_ramfw.bin"
EXTRA_OEMAKE:append = " SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"
@@ -1,29 +0,0 @@
# RD N2 specific TFA support
COMPATIBLE_MACHINE = "rdn2"
TFA_PLATFORM = "rdn2"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# If GENERATE_COT is set, then tf-a will try to use local poetry install
# to run the python cot-dt2c command. Disable the local poetry and use
# the provided cot-dt2c.
EXTRA_OEMAKE += "POETRY=''"
DEPENDS += "cot-dt2c-native"
SRC_URI_TRUSTED_FIRMWARE_A = "git://gitlab.arm.com/infra-solutions/reference-design/platsw/trusted-firmware-a.git;protocol=https"
SRCBRANCH = "refinfra"
# SHA not in any branches. so use RD-INFRA-2025.07.03
SRCREV_tfa = "a4b376b128bb5b91771002f7808566f53c8d9f3a"
# FIXME - hacking around using the 2.14 based recipe
SRC_URI:remove = "file://0001-feat-build-add-HOSTLDFLAGS-to-pass-flags-to-host-lin.patch"
LIC_FILES_CHKSUM:remove = "file://docs/license.rst;md5=6ed7bace7b0bc63021c6eba7b524039e"
LIC_FILES_CHKSUM += "file://docs/license.rst;md5=1118e32884721c0be33267bd7ae11130"
@@ -1,29 +0,0 @@
# RD V2 specific TFA support
COMPATIBLE_MACHINE = "rdv2"
TFA_PLATFORM = "rdn2"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# If GENERATE_COT is set, then tf-a will try to use local poetry install
# to run the python cot-dt2c command. Disable the local poetry and use
# the provided cot-dt2c.
EXTRA_OEMAKE += "POETRY=''"
DEPENDS += "cot-dt2c-native"
SRC_URI_TRUSTED_FIRMWARE_A = "git://gitlab.arm.com/infra-solutions/reference-design/platsw/trusted-firmware-a.git;protocol=https"
SRCBRANCH = "refinfra"
# SHA not in any branches. so use RD-INFRA-2025.07.03
SRCREV_tfa = "a4b376b128bb5b91771002f7808566f53c8d9f3a"
# FIXME - hacking around using the 2.14 based recipe
SRC_URI:remove = "file://0001-feat-build-add-HOSTLDFLAGS-to-pass-flags-to-host-lin.patch"
LIC_FILES_CHKSUM:remove = "file://docs/license.rst;md5=6ed7bace7b0bc63021c6eba7b524039e"
LIC_FILES_CHKSUM += "file://docs/license.rst;md5=1118e32884721c0be33267bd7ae11130"

Some files were not shown because too many files have changed in this diff Show More