diff options
Diffstat (limited to 'meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst')
-rw-r--r-- | meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst | 685 |
1 files changed, 685 insertions, 0 deletions
diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst new file mode 100644 index 0000000000..d5930fc8e5 --- /dev/null +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst @@ -0,0 +1,685 @@ +.. + # Copyright (c) 2022, Arm Limited. + # + # SPDX-License-Identifier: MIT + +########## +User Guide +########## + +Notice +------ +The corstone1000 software stack uses the `Yocto Project <https://www.yoctoproject.org/>`__ to build +a tiny Linux distribution suitable for the corstone1000 platform. The Yocto Project relies on the +`Bitbake <https://docs.yoctoproject.org/bitbake.html#bitbake-documentation>`__ +tool as its build tool. Please see `Yocto Project documentation <https://docs.yoctoproject.org/>`__ +for more information. + + +Prerequisites +------------- +These instructions assume your host PC is running Ubuntu Linux 18.04 or 20.04 LTS, with +at least 32GB of free disk space and 16GB of RAM as minimum requirement. The +following instructions expect that you are using a bash shell. + +The following prerequisites must be available on the host system. To resolve these dependencies, run: + +:: + + sudo apt-get update + sudo apt-get install gawk wget git-core diffstat unzip texinfo gcc-multilib \ + build-essential chrpath socat cpio python3 python3-pip python3-pexpect \ + xz-utils debianutils iputils-ping python3-git libegl1-mesa libsdl1.2-dev \ + xterm zstd liblz4-tool picocom + sudo apt-get upgrade libstdc++6 + +Provided components +------------------- +Within the Yocto Project, each component included in the corstone1000 software stack is specified as +a `bitbake recipe <https://www.yoctoproject.org/docs/1.6/bitbake-user-manual/bitbake-user-manual.html#recipes>`__. +The recipes specific to the corstone1000 BSP are located at: +``<_workspace>/meta-arm/meta-arm-bsp/``. + +The Yocto machine config files for the corstone1000 FVP and FPGA are: + + - ``<_workspace>/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc`` + - ``<_workspace>/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf`` + - ``<_workspace>/meta-arm/meta-arm-bsp/conf/machine/corstone1000-mps3.conf`` + +***************** +Software for Host +***************** + +Trusted Firmware-A +================== +Based on `Trusted Firmware-A <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git>`__ + ++----------+---------------------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.bbappend | ++----------+---------------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.bb | ++----------+---------------------------------------------------------------------------------------------------+ + +OP-TEE +====== +Based on `OP-TEE <https://git.trustedfirmware.org/OP-TEE/optee_os.git>`__ + ++----------+------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend | ++----------+------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm/recipes-security/optee/optee-os_3.18.0.bb | ++----------+------------------------------------------------------------------------------------+ + +U-Boot +======= +Based on `U-Boot <https://gitlab.com/u-boot>`__ + ++----------+---------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend | ++----------+---------------------------------------------------------------------+ +| Recipe | <_workspace>/poky/meta/recipes-bsp/u-boot/u-boot_2022.07.bb | ++----------+---------------------------------------------------------------------+ + +Linux +===== +The distro is based on the `poky-tiny <https://wiki.yoctoproject.org/wiki/Poky-Tiny>`__ +distribution which is a Linux distribution stripped down to a minimal configuration. + +The provided distribution is based on busybox and built using muslibc. The +recipe responsible for building a tiny version of linux is listed below. + ++-----------+----------------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend | ++-----------+----------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/poky/meta/recipes-kernel/linux/linux-yocto_5.19.bb | ++-----------+----------------------------------------------------------------------------------------------+ +| defconfig | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig | ++-----------+----------------------------------------------------------------------------------------------+ + +************************************************** +Software for Boot Processor (a.k.a Secure Enclave) +************************************************** +Based on `Trusted Firmware-M <https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git>`__ + ++----------+-------------------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend | ++----------+-------------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb | ++----------+-------------------------------------------------------------------------------------------------+ + +Building the software stack +--------------------------- +Create a new folder that will be your workspace and will henceforth be referred +to as ``<_workspace>`` in these instructions. To create the folder, run: + +:: + + mkdir <_workspace> + cd <_workspace> + +corstone1000 is a Bitbake based Yocto Project which uses kas and bitbake +commands to build the stack. To install kas tool, run: + +:: + + pip3 install kas + +In the top directory of the workspace ``<_workspace>``, run: + +:: + + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.04.07 + +To build corstone1000 image for MPS3 FPGA, run: + +:: + + kas build meta-arm/kas/corstone1000-mps3.yml + +Alternatively, to build corstone1000 image for FVP, run: + +:: + + kas build meta-arm/kas/corstone1000-fvp.yml + +The initial clean build will be lengthy, given that all host utilities are to +be built as well as the target images. This includes host executables (python, +cmake, etc.) and the required toolchain(s). + +Once the build is successful, all output binaries will be placed in the following folders: + - ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/`` folder for FVP build; + - ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/`` folder for FPGA build. + +Everything apart from the ROM firmware is bundled into a single binary, the +``corstone1000-image-corstone1000-{mps3,fvp}.wic.nopt`` file. The ROM firmware is the +``bl1.bin`` file. + +The output binaries used by FVP are the following: + - The ROM firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/bl1.bin`` + - The flash image: ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic.nopt`` + +The output binaries used by FPGA are the following: + - The ROM firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/bl1.bin`` + - The flash image: ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt`` + +Flash the firmware image on FPGA +-------------------------------- + +The user should download the FPGA bit file image from `this link <https://developer.arm.com/tools-and-software/development-boards/fpga-prototyping-boards/download-fpga-images>`__ +and under the section ``Arm® Corstone™-1000 for MPS3``. + +The directory structure of the FPGA bundle is shown below. + +:: + + Boardfiles + ├── MB + │ ├── BRD_LOG.TXT + │ ├── HBI0309B + │ │ ├── AN550 + │ │ │ ├── AN550_v1.bit + │ │ │ ├── an550_v1.txt + │ │ │ └── images.txt + │ │ ├── board.txt + │ │ └── mbb_v210.ebf + │ └── HBI0309C + │ ├── AN550 + │ │ ├── AN550_v1.bit + │ │ ├── an550_v1.txt + │ │ └── images.txt + │ ├── board.txt + │ └── mbb_v210.ebf + ├── SOFTWARE + │ ├── ES0.bin + │ ├── SE.bin + │ └── an550_st.axf + └── config.txt + +Depending upon the MPS3 board version (printed on the MPS3 board) you should update the images.txt file +(in corresponding HBI0309x folder) so that the file points to the images under SOFTWARE directory. + +Here is an example + +:: + + ;************************************************ + ; Preload port mapping * + ;************************************************ + ; PORT 0 & ADDRESS: 0x00_0000_0000 QSPI Flash (XNVM) (32MB) + ; PORT 0 & ADDRESS: 0x00_8000_0000 OCVM (DDR4 2GB) + ; PORT 1 Secure Enclave (M0+) ROM (64KB) + ; PORT 2 External System 0 (M3) Code RAM (256KB) + ; PORT 3 Secure Enclave OTP memory (8KB) + ; PORT 4 CVM (4MB) + ;************************************************ + + [IMAGES] + TOTALIMAGES: 2 ;Number of Images (Max: 32) + + IMAGE0PORT: 1 + IMAGE0ADDRESS: 0x00_0000_0000 + IMAGE0UPDATE: RAM + IMAGE0FILE: \SOFTWARE\bl1.bin + + IMAGE1PORT: 0 + IMAGE1ADDRESS: 0x00_00010_0000 + IMAGE1UPDATE: AUTOQSPI + IMAGE1FILE: \SOFTWARE\cs1000.bin + +OUTPUT_DIR = ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3`` + +1. Copy ``bl1.bin`` from OUTPUT_DIR directory to SOFTWARE directory of the FPGA bundle. +2. Copy ``corstone1000-image-corstone1000-mps3.wic.nopt`` from OUTPUT_DIR directory to SOFTWARE + directory of the FPGA bundle and rename the wic image to ``cs1000.bin``. + +**NOTE:** Renaming of the images are required because MCC firmware has +limitation of 8 characters before .(dot) and 3 characters after .(dot). + +Now, copy the entire folder to board's SDCard and reboot the board. + +Running the software on FPGA +---------------------------- + +On the host machine, open 3 minicom sessions. In case of Linux machine it will +be ttyUSB0, ttyUSB1, ttyUSB2 and it might be different on Window machine. + + - ttyUSB0 for MCC, OP-TEE and Secure Partition + - ttyUSB1 for Boot Processor (Cortex-M0+) + - ttyUSB2 for Host Processor (Cortex-A35) + +Run following commands to open minicom sessions on Linux: + +:: + + sudo picocom -b 115200 /dev/ttyUSB0 # in one terminal + sudo picocom -b 115200 /dev/ttyUSB1 # in another terminal + sudo picocom -b 115200 /dev/ttyUSB2 # in another terminal. + +Once the system boot is completed, you should see console +logs on the minicom sessions. Once the HOST(Cortex-A35) is +booted completely, user can login to the shell using +**"root"** login. + +Running the software on FVP +--------------------------- +An FVP (Fixed Virtual Platform) of the corstone1000 platform must be available to execute the +included run script. + +The Fixed Virtual Platform (FVP) version 11.17_23 can be downloaded from the +`Arm Ecosystem FVPs`_ page. On this page, navigate to "Corstone IoT FVPs" +section to download the Corstone1000 platform FVP installer. Follow the +instructions of the installer and setup the FVP. + +<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf + +When the script is executed, three terminal instances will be launched, one for the boot processor +(aka Secure Enclave) processing element and two for the Host processing element. Once the FVP is +executing, the Boot Processor will start to boot, wherein the relevant memory contents of the .wic +file are copied to their respective memory locations within the model, enforce firewall policies +on memories and peripherals and then, bring the host out of reset. + +The host will boot trusted-firmware-a, OP-TEE, U-Boot and then Linux, and present a login prompt +(FVP host_terminal_0): + +:: + corstone1000-fvp login: + +Login using the username root. + +Running test applications +------------------------- + +**NOTE**: Running the SystemReady-IR tests described below requires the user to +work with USB sticks. In our testing, not all USB stick models work well with +MPS3 FPGA. Here are the USB sticks models that are stable in our test +environment. + + - HP V165W 8 GB USB Flash Drive + - SanDisk Ultra 32GB Dual USB Flash Drive USB M3.0 + - SanDisk Ultra 16GB Dual USB Flash Drive USB M3.0 + +**NOTE**: +Before running each of the tests in this chapter, the user should follow the +steps described in following section "Clean Secure Flash Before Testing" to +erase the SecureEnclave flash cleanly and prepare a clean board environment for +the testing. + +Clean Secure Flash Before Testing (applicable to FPGA only) +----------------------------------------------------------- +To prepare a clean board environment with clean secure flash for the testing, +the user should prepare an image that erases the secure flash cleanly during +boot. Run following commands to build such image. + +:: + + cd <_workspace> + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.02.18 + git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git + cp -f systemready-patch/embedded-a/corstone1000/erase_flash/0001-arm-bsp-trusted-firmware-m-corstone1000-Clean-Secure.patch meta-arm + cd meta-arm + git apply 0001-arm-bsp-trusted-firmware-m-corstone1000-Clean-Secure.patch + cd .. + kas build meta-arm/kas/corstone1000-mps3.yml + +Replace the bl1.bin and cs1000.bin files on the SD card with following files: + - The ROM firmware: <_workspace>/build/tmp/deploy/images/corstone1000-mps3/bl1.bin + - The flash image: <_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt + +Now reboot the board. This step erases the Corstone1000 SecureEnclave flash +completely, the user should expect following message from TF-M log: + +:: + + !!!SECURE FLASH HAS BEEN CLEANED!!! + NOW YOU CAN FLASH THE ACTUAL CORSTONE1000 IMAGE + PLEASE REMOVE THE LATEST ERASE SECURE FLASH PATCH AND BUILD THE IMAGE AGAIN + +Then the user should follow "Building the software stack" to build a clean +software stack and flash the FPGA as normal. And continue the testing. + +Run SystemReady-IR ACS tests +----------------------------- + +ACS image contains two partitions. BOOT partition and RESULTS partition. +Following packages are under BOOT partition + + * SCT + * FWTS + * BSA uefi + * BSA linux + * grub + * uefi manual capsule application + +RESULTS partition is used to store the test results. +PLEASE MAKE SURE THAT THE RESULTS PARTITION IS EMPTY BEFORE YOU START THE TESTING. OTHERWISE THE TEST RESULTS +WILL NOT BE CONSISTENT + +FPGA instructions for ACS image +------------------------------- + +This section describes how the user can build and run Architecture Compliance +Suite (ACS) tests on Corstone1000. + +First, the user should download the `Arm SystemReady ACS repository <https://github.com/ARM-software/arm-systemready/>`__. +This repository contains the infrastructure to build the Architecture +Compliance Suite (ACS) and the bootable prebuilt images to be used for the +certifications of SystemReady-IR. To download the repository, run command: + +:: + + cd <_workspace> + git clone https://github.com/ARM-software/arm-systemready.git -b v21.09_REL1.0 + +Once the repository is successfully downloaded, the prebuilt ACS live image can be found in: + - ``<_workspace>/arm-systemready/IR/prebuilt_images/v21.07_0.9_BETA/ir_acs_live_image.img.xz`` + +**NOTE**: This prebuilt ACS image includes v5.13 kernel, which doesn't provide +USB driver support for Corstone1000. The ACS image with newer kernel version +and with full USB support for Corstone1000 will be available in the next +SystemReady release in this repository. + +Then, the user should prepare a USB stick with ACS image. In the given example here, +we assume the USB device is ``/dev/sdb`` (the user should use ``lsblk`` command to +confirm). Be cautious here and don't confuse your host PC's own hard drive with the +USB drive. Run the following commands to prepare the ACS image in USB stick: + +:: + + cd <_workspace>/arm-systemready/IR/scripts/output/ + unxz ir_acs_live_image.img.xz + sudo dd if=ir_acs_live_image.img of=/dev/sdb iflag=direct oflag=direct bs=1M status=progress; sync + +Once the USB stick with ACS image is prepared, the user should make sure that +ensure that only the USB stick with the ACS image is connected to the board, +and then boot the board. + +FVP instructions for ACS image and run +--------------------------------------- + +Download acs image from: + - ``https://gitlab.arm.com/systemready/acs/arm-systemready/-/tree/linux-5.17-rc7/IR/prebuilt_images/v22.04_1.0-Linux-v5.17-rc7`` + +Use the below command to run the FVP with acs image support in the +SD card. + +:: + + unxz ${<path-to-img>/ir_acs_live_image.img.xz} + +<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${<path-to-img>/ir_acs_live_image.img}" + +The test results can be fetched using following commands: + +:: + + sudo mkdir /mnt/test + sudo mount -o rw,offset=<offset_2nd_partition> <path-to-img>/ir_acs_live_image.img /mnt/test/ + fdisk -lu <path-to-img>/ir_acs_live_image.img + -> Device Start End Sectors Size Type + /home/emeara01/Downloads/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data + /home/emeara01/Downloads/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + + -> <offset_2nd_partition> = 1050624 * 512 (sector size) = 537919488 + +The FVP will reset multiple times during the test, and it might take up to 1 day to finish +the test. At the end of test, the FVP host terminal will halt showing a shell prompt. +Once test is finished, the FVP can be stoped, and result can be copied following above +instructions. + +Common to FVP and FPGA +----------------------- + +U-Boot should be able to boot the grub bootloader from +the 1st partition and if grub is not interrupted, tests are executed +automatically in the following sequence: + + - SCT + - UEFI BSA + - FWTS + - BSA Linux + +The results can be fetched from the ``acs_results`` partition of the USB stick (FPGA) / SD Card (FVP). + +Manual capsule update test +-------------------------- + +The following steps describe running manual capsule update with the ``direct`` +method. + +Check the "Run SystemReady-IR ACS tests" section above to download and unpack the acs image file + - ``ir_acs_live_image.img.xz`` + +Download edk2 and generate capsule file: + +:: + + git clone https://github.com/tianocore/edk2.git + edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + cs1k_cap --fw-version 1 --lsv 0 --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ + 0 --verbose <binary_file> + +The <binary_file> here should be a corstone1000-image-corstone1000-fvp.wic.nopt image for FVP and +corstone1000-image-corstone1000-mps3.wic.nopt for FPGA. And this input binary file +(capsule) should be less than 15 MB. + +Based on the user's requirement, the user can change the firmware version +number given to ``--fw-version`` option (the version number needs to be >= 1). + +Capsule Copy instructions for FPGA +----------------------------------- + +The user should prepare a USB stick as explained in ACS image section (see above). +Place the generated ``cs1k_cap`` file in the root directory of the boot partition +in the USB stick. Note: As we are running the direct method, the ``cs1k_cap`` file +should not be under the EFI/UpdateCapsule directory as this may or may not trigger +the on disk method. + +Capsule Copy instructions for FVP +--------------------------------- + +Run below commands to copy capsule into the +image file and run FVP software. + +:: + + sudo mkdir /mnt/test + sudo mount -o rw,offset=<offset_1st_partition> <path-to-img>/ir_acs_live_image.img /mnt/test/ + sudo cp cs1k_cap /mnt/test/ + sudo umount /mnt/test + exit + +<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C "board.msd_mmc.p_mmc_file ${<path-to-img>/ir_acs_live_image.img}" + +Size of first partition in the image file is calculated in the following way. The data is +just an example and might vary with different ir_acs_live_image.img files. + +:: + + fdisk -lu <path-to-img>/ir_acs_live_image.img + -> Device Start End Sectors Size Type + /home/emeara01/Downloads/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data + /home/emeara01/Downloads/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + + -> <offset_1st_partition> = 2048 * 512 (sector size) = 1048576 + +Common to FVP and FPGA +----------------------- +Reach u-boot then interrupt shell to reach EFI shell. Use below command at EFI shell. + +:: + + FS0: + EFI/BOOT/app/CapsuleApp.efi cs1k_cap + +For this test, the user can provide two capsules for testing: a positive test +case capsule which boots the board correctly, and a negative test case with an +incorrect capsule which fails to boot the host software. + +In the positive case scenario, the user should see following log in TF-M log, +indicating the new capsule image is successfully applied, and the board boots +correctly. + +:: + + ... + SysTick_Handler: counted = 10, expiring on = 360 + SysTick_Handler: counted = 20, expiring on = 360 + SysTick_Handler: counted = 30, expiring on = 360 + ... + metadata_write: success: active = 1, previous = 0 + accept_full_capsule: exit: fwu state is changed to regular + ... + + +In the negative case scenario, the user should see appropriate logs in +the secure enclave terminal. If capsule pass initial verification, but fails +verifications performed during boot time, secure enclave will try new images +predetermined number of times (defined in the code), before reverting back to +the previous good bank. + +:: + + ... + metadata_write: success: active = 0, previous = 1 + fwu_select_previous: in regular state by choosing previous active bank + ... + +******************************************************* +Linux distro install and boot (applicable to FPGA only) +******************************************************* + +To test Linux distro install and boot, the user should prepare two empty USB sticks. + +Download one of following Linux distro images: + - Debian installer image: https://cdimage.debian.org/cdimage/weekly-builds/arm64/iso-dvd/ + - OpenSUSE Tumbleweed installer image: http://download.opensuse.org/ports/aarch64/tumbleweed/iso/ + - The user should look for a DVD Snapshot like openSUSE-Tumbleweed-DVD-aarch64-Snapshot20211125-Media.iso + +Once the .iso file is downloaded, the .iso file needs to be flashed to your USB drive. + +In the given example here, we assume the USB device is ``/dev/sdb`` (the user +should use `lsblk` command to confirm). Be cautious here and don't confuse your +host PC's own hard drive with the USB drive. Then copy the contents of an iso +file into the first USB stick, run: + +:: + + sudo dd if=</path/to/iso_file> of=/dev/sdb iflag=direct oflag=direct status=progress bs=1M; sync; + +Boot the MSP3 board with the first USB stick connected. Open following minicom sessions: + +:: + + sudo picocom -b 115200 /dev/ttyUSB0 # in one terminal + sudo picocom -b 115200 /dev/ttyUSB2 # in another terminal. + +Press <Ctrl+x>. + +Now plug in the second USB stick, the distro installation process will start. + +**NOTE:** Due to the performance limitation of Corstone1000 MPS3 FPGA, the +distro installation process can take up to 24 hours to complete. + +Once installation is complete, unplug the first USB stick and reboot the board. +After successfully installing and booting the Linux distro, the user should see +a login prompt: + +:: + + debian login: + +Login with the username root. + +Run psa-arch-test (applicable to both FPGA and FVP) +--------------------------------------------------- + +When running psa-arch-test on MPS3 FPGA, the user should make sure there is no +USB stick connected to the board. Power on the board and boot the board to +Linux. Then, the user should follow the steps below to run the psa_arch_tests. + +When running psa-arch-test on Corstone1000 FVP, the user should follow the +instructions in `Running the software on FVP`_ section to boot Linux in FVP +host_terminal_0, and login using the username ``root``. + +As a reference for the user's test results, the psa-arch-test report for `Corstone1000 software (CORSTONE1000-2022.02.18) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2022.02.18>`__ +can be found in `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000>`__. + +First, create a file containing SE_PROXY_SP UUID. Run: + +:: + + echo 46bb39d1-b4d9-45b5-88ff-040027dab249 > sp_uuid_list.txt + +Then, load FFA driver module into Linux kernel. Run: + +:: + + load_ffa_debugfs.sh . + +Then, check whether the FFA driver loaded correctly by using the following command: + +:: + + cat /proc/modules | grep arm_ffa_user + +The output should be: + +:: + + arm_ffa_user 16384 - - Live 0xffffffc0084b0000 (O) + +Now, run the PSA arch tests with following commands. The user should run the +tests in following order: + +:: + + psa-iat-api-test + psa-crypto-api-test + psa-its-api-test + psa-ps-api-test + +******************************************************** +Linux distro: OpenSUSE Raw image installation (FVP Only) +******************************************************** + +Steps to download openSUSE Tumbleweed raw image: + - Go to: http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/ + - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-2022.03.18-Snapshot20220331.raw.xz`` + +Once the .raw.xz file is downloaded, the raw image file needs to be extracted: + +:: + + unxz <file-name.raw.xz> + + +The above command will generate a file ending with extension .raw image. Now, use the following command +to run FVP with raw image installation process. + +:: + +<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${openSUSE raw image file path}" + +After successfully installing and booting the Linux distro, the user should see +a openSUSE login prompt. + +:: + + localhost login: + +Login with the username 'root' and password 'linux'. + +************************************** +Running the software on FVP on Windows +************************************** +If the user needs to run the Corstone1000 software on FVP on Windows. The user +should follow the build instructions in this document to build on Linux host +PC, and copy the output binaries to the Windows PC where the FVP is located, +and launch the FVP binary. + +-------------- + +*Copyright (c) 2021, Arm Limited. All rights reserved.* + +.. _Arm Ecosystem FVPs: https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps |