diff options
Diffstat (limited to 'meta-arm/meta-arm-bsp')
153 files changed, 2987 insertions, 2093 deletions
diff --git a/meta-arm/meta-arm-bsp/conf/layer.conf b/meta-arm/meta-arm-bsp/conf/layer.conf index 97d9728c87..71f64d9a57 100644 --- a/meta-arm/meta-arm-bsp/conf/layer.conf +++ b/meta-arm/meta-arm-bsp/conf/layer.conf @@ -13,9 +13,14 @@ LAYERSERIES_COMPAT_meta-arm-bsp = "nanbield" LAYERDEPENDS_meta-arm-bsp = "core meta-arm" # This won't be used by layerindex-fetch, but works everywhere else -LAYERDEPENDS_meta-arm-bsp:append:corstone1000 = " meta-python openembedded-layer" +LAYERDEPENDS_meta-arm-bsp:append:corstone1000 = " meta-python openembedded-layer efi-secure-boot" LAYERDEPENDS_meta-arm-bsp:append:musca-b1 = " meta-python" LAYERDEPENDS_meta-arm-bsp:append:musca-s1 = " meta-python" # Additional license directories. LICENSE_PATH += "${LAYERDIR}/custom-licenses" + +BBFILES_DYNAMIC += " \ + meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bb \ + meta-arm-systemready:${LAYERDIR}/dynamic-layers/meta-arm-systemready/*/*/*.bbappend \ +" diff --git a/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf b/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf index 5b3e150260..9c070b3d8a 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf @@ -16,6 +16,9 @@ FVP_PROVIDER ?= "fvp-corstone1000-native" FVP_EXE ?= "FVP_Corstone-1000" FVP_CONSOLE ?= "host_terminal_0" +#Disable Time Annotation +FASTSIM_DISABLE_TA = "0" + # FVP Parameters FVP_CONFIG[se.trustedBootROMloader.fname] ?= "bl1.bin" FVP_CONFIG[board.xnvm_size] ?= "64" @@ -49,10 +52,19 @@ FVP_CONFIG[board.msd_mmc.p_fast_access] ?= "0" FVP_CONFIG[board.msd_mmc.diagnostics] ?= "2" FVP_CONFIG[board.msd_mmc.p_max_block_count] ?= "0xFFFF" FVP_CONFIG[board.msd_config.pl180_fifo_depth] ?= "16" +FVP_CONFIG[board.msd_mmc.support_unpadded_images] ?= "true" # MMC2 card configuration FVP_CONFIG[board.msd_mmc_2.card_type] ?= "SDHC" FVP_CONFIG[board.msd_mmc_2.p_fast_access] ?= "0" FVP_CONFIG[board.msd_mmc_2.diagnostics] ?= "2" FVP_CONFIG[board.msd_mmc_2.p_max_block_count] ?= "0xFFFF" -FVP_CONFIG[board.msd_config_2.pl180_fifo_depth] ?= "16"
\ No newline at end of file +FVP_CONFIG[board.msd_config_2.pl180_fifo_depth] ?= "16" +FVP_CONFIG[board.msd_mmc_2.support_unpadded_images] ?= "true" + +# Virtio-Net configuration +FVP_CONFIG[board.virtio_net.enabled] ?= "1" +FVP_CONFIG[board.virtio_net.hostbridge.interfaceName] ?= "eth1" +FVP_CONFIG[board.virtio_net.hostbridge.userNetworking] ?= "true" +FVP_CONFIG[board.virtio_net.hostbridge.userNetPorts] ?= "5555=5555,8080=80,2222=22" +FVP_CONFIG[board.virtio_net.transport] ?= "legacy" diff --git a/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf b/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf index 3a923badb0..39ef38be56 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf @@ -4,15 +4,57 @@ #@NAME: Armv8-A Base Platform FVP machine #@DESCRIPTION: Machine configuration for Armv8-A Base Platform FVP model -require conf/machine/include/fvp-common.inc -require conf/machine/include/arm/arch-armv8a.inc +require conf/machine/include/arm/arch-armv8-4a.inc -TUNE_FEATURES = "aarch64" +ARM_SYSTEMREADY_FIRMWARE = "trusted-firmware-a:do_deploy" +ARM_SYSTEMREADY_ACS_CONSOLE = "default" +EXTRA_IMAGEDEPENDS = "${ARM_SYSTEMREADY_FIRMWARE}" -# FVP u-boot configuration -UBOOT_MACHINE = "vexpress_aemv8a_semi_defconfig" +MACHINE_FEATURES = "efi" + +IMAGE_NAME_SUFFIX = "" +IMAGE_FSTYPES += "wic" +WKS_FILE ?= "efi-disk.wks.in" +SERIAL_CONSOLES = "115200;ttyAMA0" + +PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto" +KERNEL_DEVICETREE = "arm/fvp-base-revc.dtb" KERNEL_IMAGETYPE = "Image" +EXTRA_IMAGEDEPENDS += "trusted-firmware-a" + +# FVP u-boot configuration +UBOOT_MACHINE = "vexpress_fvp_defconfig" + +EFI_PROVIDER ?= "grub-efi" + +# As this is a virtual target that will not be used in the real world there is +# no need for real SSH keys. +MACHINE_EXTRA_RRECOMMENDS += "ssh-pregen-hostkeys" + +TEST_TARGET = "OEFVPTarget" +TEST_TARGET_IP = "127.0.0.1:2222" +DEFAULT_TEST_SUITES:append = " fvp_boot fvp_devices" +TEST_FVP_DEVICES ?= "rtc watchdog networking virtiorng cpu_hotplug" + +FVP_PROVIDER ?= "fvp-base-a-aem-native" +FVP_EXE ?= "FVP_Base_RevC-2xAEMvA" +FVP_CONFIG[bp.ve_sysregs.exit_on_shutdown] ?= "1" +FVP_CONFIG[bp.virtio_net.enabled] ?= "1" +FVP_CONFIG[bp.virtio_net.hostbridge.userNetworking] ?= "1" +# Tell testimage to connect to localhost:2222, and forward that to SSH in the FVP. +FVP_CONFIG[bp.virtio_net.hostbridge.userNetPorts] = "2222=22" FVP_CONFIG[bp.virtio_rng.enabled] ?= "1" -IMAGE_NAME_SUFFIX = "" +FVP_CONFIG[cache_state_modelled] ?= "0" +FVP_CONFIG[bp.secureflashloader.fname] ?= "bl1-fvp.bin" +FVP_CONFIG[bp.flashloader0.fname] ?= "fip-fvp.bin" +FVP_CONFIG[bp.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic" +# Set the baseline to ARMv8.4, as the default is 8.0. +FVP_CONFIG[cluster0.has_arm_v8-4] = "1" +FVP_CONFIG[cluster1.has_arm_v8-4] = "1" +FVP_CONSOLES[default] = "terminal_0" +FVP_TERMINALS[bp.terminal_0] ?= "Console" +FVP_TERMINALS[bp.terminal_1] ?= "" +FVP_TERMINALS[bp.terminal_2] ?= "" +FVP_TERMINALS[bp.terminal_3] ?= "" diff --git a/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc index 5a66f54d20..749350e1d8 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc +++ b/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc @@ -52,7 +52,7 @@ EXTRA_IMAGEDEPENDS += "external-system" # Linux kernel PREFERRED_PROVIDER_virtual/kernel:forcevariable = "linux-yocto" -PREFERRED_VERSION_linux-yocto = "6.4%" +PREFERRED_VERSION_linux-yocto = "6.5%" KERNEL_IMAGETYPE = "Image.gz" INITRAMFS_IMAGE_BUNDLE ?= "1" diff --git a/meta-arm/meta-arm-bsp/conf/machine/include/fvp-common.inc b/meta-arm/meta-arm-bsp/conf/machine/include/fvp-common.inc deleted file mode 100644 index e6e4443199..0000000000 --- a/meta-arm/meta-arm-bsp/conf/machine/include/fvp-common.inc +++ /dev/null @@ -1,50 +0,0 @@ -# FVP common parameters - -# -# Capturing FVP common configurations (Armv8-A Base Platform FVP, -# Armv8-A Foundation Platform and Armv7-A Base Platform FVP). -# - -MACHINE_FEATURES = "optee" - -IMAGE_FSTYPES += "wic" -WKS_FILE ?= "fvp-base.wks" - -SERIAL_CONSOLES = "115200;ttyAMA0" - -PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto" - -KERNEL_DEVICETREE = "arm/fvp-base-revc.dtb" - -EXTRA_IMAGEDEPENDS += "trusted-firmware-a" - -# As this is a virtual target that will not be used in the real world there is -# no need for real SSH keys. -MACHINE_EXTRA_RRECOMMENDS += "ssh-pregen-hostkeys" - -TEST_TARGET = "OEFVPTarget" -TEST_TARGET_IP = "127.0.0.1:2222" -TEST_SUITES:append = " fvp_boot fvp_devices" -TEST_FVP_DEVICES ?= "rtc watchdog networking virtiorng cpu_hotplug" - -FVP_PROVIDER ?= "fvp-base-a-aem-native" -FVP_EXE ?= "FVP_Base_RevC-2xAEMvA" -FVP_CONFIG[bp.ve_sysregs.exit_on_shutdown] ?= "1" -FVP_CONFIG[bp.virtio_net.enabled] ?= "1" -FVP_CONFIG[bp.virtio_net.hostbridge.userNetworking] ?= "1" -# Tell testimage to connect to localhost:2222, and forward that to SSH in the FVP. -FVP_CONFIG[bp.virtio_net.hostbridge.userNetPorts] = "2222=22" -FVP_CONFIG[cache_state_modelled] ?= "0" -FVP_CONFIG[bp.secureflashloader.fname] ?= "bl1-fvp.bin" -FVP_CONFIG[bp.flashloader0.fname] ?= "fip-fvp.bin" -FVP_CONFIG[bp.virtioblockdevice.image_path] ?= "${IMAGE_NAME}.wic" -# Set the baseline to ARMv8.4, as the default is 8.0. -FVP_CONFIG[cluster0.has_arm_v8-4] = "1" -FVP_CONFIG[cluster1.has_arm_v8-4] = "1" -FVP_CONSOLE ?= "terminal_0" -FVP_DATA ?= "cluster0.cpu0=${KERNEL_IMAGETYPE}@0x80080000 \ - cluster0.cpu0=fvp-base-revc.dtb@0x8fc00000" -FVP_TERMINALS[bp.terminal_0] ?= "Console" -FVP_TERMINALS[bp.terminal_1] ?= "" -FVP_TERMINALS[bp.terminal_2] ?= "" -FVP_TERMINALS[bp.terminal_3] ?= "" diff --git a/meta-arm/meta-arm-bsp/conf/machine/n1sdp.conf b/meta-arm/meta-arm-bsp/conf/machine/n1sdp.conf index b93e053d1f..74a0a66fdc 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/n1sdp.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/n1sdp.conf @@ -19,12 +19,16 @@ WKS_FILE_DEPENDS:append = " ${EXTRA_IMAGEDEPENDS}" # Use kernel provided by yocto PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto" -PREFERRED_VERSION_linux-yocto ?= "6.4%" +PREFERRED_VERSION_linux-yocto ?= "6.5%" # RTL8168E Gigabit Ethernet Controller is attached to the PCIe interface MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "linux-firmware-rtl8168" +# TF-A EXTRA_IMAGEDEPENDS += "trusted-firmware-a" +TFA_PLATFORM = "n1sdp" + +# SCP EXTRA_IMAGEDEPENDS += "virtual/control-processor-firmware" #UEFI EDK2 firmware diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/.readthedocs.yaml b/meta-arm/meta-arm-bsp/documentation/corstone1000/.readthedocs.yaml new file mode 100644 index 0000000000..1b07ce8164 --- /dev/null +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/.readthedocs.yaml @@ -0,0 +1,12 @@ +version: 2 +build: + os: "ubuntu-22.04" + tools: + python: "3.9" +sphinx: + configuration: meta-arm-bsp/documentation/corstone1000/conf.py +formats: + - pdf +python: + install: + - requirements: meta-arm-bsp/documentation/requirements.txt diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst index 32d6529279..173823b6c2 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst @@ -11,6 +11,77 @@ This document contains a summary of the new features, changes and fixes in each release of Corstone-1000 software stack. *************** +Version 2023.11 +*************** + +Changes +======= + +- Making Corstone-1000 SystemReady IR 2.0 certifiable +- Allow booting Debian & OpenSUSE on FVP +- Add support for two MMC cards for the FVP +- Add signed capsule update support +- Enable on-disk capsule update +- Add the feature of purging specific DT nodes in U-Boot before Linux +- Add Ethernet over VirtIO support in U-Boot +- Add support for unaligned MMC card images +- Reducing the out-of-tree patches by upstreaming them to the corresponding open-source projects +- SW components upgrades +- Bug fixes + +Corstone-1000 components versions +================================= + ++-------------------------------------------+-----------------------------------------------------+ +| arm-ffa-tee | 1.1.2-r0 | ++-------------------------------------------+-----------------------------------------------------+ +| linux-yocto | 6.5.7 | ++-------------------------------------------+-----------------------------------------------------+ +| u-boot | 2023.07 | ++-------------------------------------------+-----------------------------------------------------+ +| external-system | 0.1.0+gitAUTOINC+8c9dca74b1-r0 | ++-------------------------------------------+-----------------------------------------------------+ +| optee-client | 3.22.0 | ++-------------------------------------------+-----------------------------------------------------+ +| optee-os | 3.22.0 | ++-------------------------------------------+-----------------------------------------------------+ +| trusted-firmware-a | 2.9.0 | ++-------------------------------------------+-----------------------------------------------------+ +| trusted-firmware-m | 1.8.1 | ++-------------------------------------------+-----------------------------------------------------+ +| libts | 08b3d39471 | ++-------------------------------------------+-----------------------------------------------------+ +| ts-newlib | 4.1.0 | ++-------------------------------------------+-----------------------------------------------------+ +| ts-psa-{crypto, iat, its. ps}-api-test | 38cb53a4d9 | ++-------------------------------------------+-----------------------------------------------------+ +| ts-sp-{se-proxy, smm-gateway} | 08b3d39471 | ++-------------------------------------------+-----------------------------------------------------+ + +Yocto distribution components versions +====================================== + ++-------------------------------------------+------------------------------+ +| meta-arm | nanbield | ++-------------------------------------------+------------------------------+ +| poky | nanbield | ++-------------------------------------------+------------------------------+ +| meta-openembedded | nanbield | ++-------------------------------------------+------------------------------+ +| meta-secure-core | nanbield | ++-------------------------------------------+------------------------------+ +| busybox | 1.36.1 | ++-------------------------------------------+------------------------------+ +| musl | 1.2.4 | ++-------------------------------------------+------------------------------+ +| gcc-arm-none-eabi | 11.2-2022.02 | ++-------------------------------------------+------------------------------+ +| gcc-cross-aarch64 | 13.2.0 | ++-------------------------------------------+------------------------------+ +| openssl | 3.1.3 | ++-------------------------------------------+------------------------------+ + +*************** Version 2023.06 *************** diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst index 62e3f8ff66..501a153ed7 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst @@ -20,6 +20,27 @@ prove defective, you assume the entire cost of all necessary servicing, repair or correction. *********************** +Release notes - 2023.11 +*********************** + +Known Issues or Limitations +--------------------------- + + - Use Ethernet over VirtIO due to lan91c111 Ethernet driver support dropped from U-Boot. + - Temporally removing the External system support in Linux due to it using multiple custom devicetree bindings that caused problems with SystemReady IR 2.0 certification. For External system support please refer to the version 2023.06. We are aiming to restore it in a more standardised manner in our next release. + - Due to the performance uplimit of MPS3 FPGA and FVP, some Linux distros like Fedora Rawhide can not boot on Corstone-1000 (i.e. user may experience timeouts or boot hang). + - PSA Crypto tests (psa-crypto-api-test command) approximately take 30 minutes to complete for FVP and MPS3. + - Corstone-1000 SoC on FVP doesn't have a secure debug peripheral. It does on the MPS3. + - See previous release notes for the known limitations regarding ACS tests. + +Platform Support +----------------- + - This software release is tested on Corstone-1000 FPGA version AN550_v2 + https://developer.arm.com/downloads/-/download-fpga-images + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.23_25 + https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps + +*********************** Release notes - 2023.06 *********************** diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/software-architecture.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/software-architecture.rst index bf3535b2ec..ce8bd7e0d0 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/software-architecture.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/software-architecture.rst @@ -72,8 +72,10 @@ non-secure and the secure world is performed via FF-A messages. An external system is intended to implement use-case specific functionality. The system is based on Cortex-M3 and run RTX RTOS. -Communictaion between external system and Host(cortex-A35) is performed -using MHU as transport mechanism and rpmsg messaging system. +Communication between the external system and Host (Cortex-A35) is performed +using MHU as transport mechanism and rpmsg messaging system (the external system +support in Linux is disabled in this release. More info about this change can be found in the +release-notes). Overall, the Corstone-1000 architecture is designed to cover a range of Power, Performance, and Area (PPA) applications, and enable extension @@ -157,9 +159,9 @@ Secure Firmware Update ********************** Apart from always booting the authorized images, it is also essential that -the device only accepts the authorized images in the firmware update +the device only accepts the authorized (signed) images in the firmware update process. Corstone-1000 supports OTA (Over the Air) firmware updates and -follows Platform Security Firmware Update sepcification (`FWU`_). +follows Platform Security Firmware Update specification (`FWU`_). As standardized into `FWU`_, the external flash is divided into two banks of which one bank has currently running images and the other bank is @@ -172,7 +174,10 @@ Image (the initramfs bundle). The new images are accepted in the form of a UEFI :width: 690 :alt: ExternalFlash - +When Firmware update is triggered, u-boot verifies the capsule by checking the +capsule signature, version number and size. Then it signals the Secure Enclave +that can start writing UEFI capsule into the flash. Once this operation finishes +,Secure Enclave resets the entire system. The Metadata Block in the flash has the below firmware update state machine. TF-M runs an OTA service that is responsible for accepting and updating the images in the flash. The communication between the UEFI Capsule update diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst index 96dee072e2..134ed41d01 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst @@ -68,33 +68,33 @@ Trusted Firmware-A ================== Based on `Trusted Firmware-A <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git>`__ -+----------+-----------------------------------------------------------------------------------------------------+ -| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend | -+----------+-----------------------------------------------------------------------------------------------------+ -| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.0.bb | -+----------+-----------------------------------------------------------------------------------------------------+ ++----------+-------------------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend | ++----------+-------------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.9.0.bb | ++----------+-------------------------------------------------------------------------------------------------+ OP-TEE ====== Based on `OP-TEE <https://git.trustedfirmware.org/OP-TEE/optee_os.git>`__ -+----------+------------------------------------------------------------------------------------+ -| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend | -+----------+------------------------------------------------------------------------------------+ -| Recipe | <_workspace>/meta-arm/meta-arm/recipes-security/optee/optee-os_3.20.0.bb | -+----------+------------------------------------------------------------------------------------+ ++----------+----------------------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend | ++----------+----------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bb | ++----------+----------------------------------------------------------------------------------------+ U-Boot ====== Based on `U-Boot repo`_ -+----------+-------------------------------------------------------------------------+ -| bbappend | <_workspace>/meta-arm/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend | -+----------+-------------------------------------------------------------------------+ -| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend | -+----------+-------------------------------------------------------------------------+ -| Recipe | <_workspace>/poky/meta/recipes-bsp/u-boot/u-boot_2023.01.bb | -+----------+-------------------------------------------------------------------------+ ++----------+----------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend | ++----------+----------------------------------------------------------------------------+ +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend | ++----------+----------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2023.07.02.bb | ++----------+----------------------------------------------------------------------------+ Linux ===== @@ -107,30 +107,20 @@ recipe responsible for building a tiny version of Linux is listed below. +-----------+----------------------------------------------------------------------------------------------+ | bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend | +-----------+----------------------------------------------------------------------------------------------+ -| Recipe | <_workspace>/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb | +| Recipe | <_workspace>/poky/meta/recipes-kernel/linux/linux-yocto_6.5.bb | +-----------+----------------------------------------------------------------------------------------------+ | defconfig | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig | +-----------+----------------------------------------------------------------------------------------------+ -External System Tests -===================== -Based on `Corstone-1000/applications <https://git.gitlab.arm.com/arm-reference-solutions/corstone1000/applications>`__ - -+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| Recipe | <_workspace>/meta-arm/meta-arm-bsp/recipes-test/corstone1000-external-sys-tests/corstone1000-external-sys-tests_1.0.bb | -+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - -The recipe provides the systems-comms-tests command run in Linux and used for testing the External System. - ************************************************** Software for Boot Processor (a.k.a Secure Enclave) ************************************************** Based on `Trusted Firmware-M <https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git>`__ +----------+-----------------------------------------------------------------------------------------------------+ -| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.7.%.bbappend | +| bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_%.bbappend | +----------+-----------------------------------------------------------------------------------------------------+ -| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.7.0.bb | +| Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.8.1.bb | +----------+-----------------------------------------------------------------------------------------------------+ ******************************** @@ -156,7 +146,7 @@ to as ``<_workspace>`` in these instructions. To create the folder, run: cd <_workspace> Corstone-1000 software is based on the Yocto Project which uses kas and bitbake -commands to build the stack. To install kas tool, run: +commands to build the stack. kas version 4 is required. To install kas, run: :: @@ -168,13 +158,13 @@ In the top directory of the workspace ``<_workspace>``, run: :: - git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2023.06 + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2023.11 To build a Corstone-1000 image for MPS3 FPGA, run: :: - kas build meta-arm/kas/corstone1000-mps3.yml + kas build meta-arm/kas/corstone1000-mps3.yml:meta-arm/ci/debug.yml Alternatively, to build a Corstone-1000 image for FVP, you need to accept the EULA at https://developer.arm.com/downloads/-/arm-ecosystem-fvps/eula @@ -188,7 +178,7 @@ then run: :: - kas build meta-arm/kas/corstone1000-fvp.yml + kas build meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml The initial clean build will be lengthy, given that all host utilities are to be built as well as the target images. This includes host executables (python, @@ -343,7 +333,7 @@ A Yocto recipe is provided and allows to download the latest supported FVP versi The recipe is located at <_workspace>/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb -The latest supported Fixed Virtual Platform (FVP) version is 11.19_21 and is automatically downloaded and installed when using the runfvp command as detailed below. The FVP version can be checked by running the following command: +The latest supported Fixed Virtual Platform (FVP) version is 11_23.25 and is automatically downloaded and installed when using the runfvp command as detailed below. The FVP version can be checked by running the following command: :: @@ -374,8 +364,6 @@ The host will boot trusted-firmware-a, OP-TEE, U-Boot and then Linux, and presen Login using the username root. -The External System can be released out of reset on demand using the systems-comms-tests command. - SystemReady-IR tests -------------------- @@ -398,6 +386,107 @@ steps described in following section "Clean Secure Flash Before Testing" to erase the SecureEnclave flash cleanly and prepare a clean board environment for the testing. +Prepare EFI System Partition +=========================================================== +Corstone-1000 FVP and FPGA do not have enough on-chip nonvolatile memory to host +an EFI System Partition (ESP). Thus, Corstone-1000 uses mass storage device for +ESP. The instructions below should be followed for both FVP and FPGA before +running the ACS tests. + +**Common to FVP and FPGA:** + +#. Create an empty 100 MB partition: + :: + + dd if=/dev/zero of=corstone1000-efi-partition.img iflag=fullblock bs=512 count=204800 && sync + +#. Use OpenSuse Raw image to copy the contents of EFI partition. + + To download OpenSUSE Tumbleweed raw image: + - Under `OpenSUSE Tumbleweed appliances <http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/>`__ + - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, + ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw.xz`` + + Once the .raw.xz file is downloaded, the raw image file needs to be extracted: + + :: + + unxz <file-name.raw.xz> + + + The above command will generate a file ending with extension .raw image. Use the + following command to get address of the first partition + + :: + + fdisk -lu <path-to-img>/openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw + -> Device Start End Sectors Size Type + <path-to-img>/openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw1 8192 40959 32768 16M EFI System + <path-to-img>/openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw2 40960 1064959 1024000 500M Linux swap + <path-to-img>/openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw3 1064960 5369822 4304863 2.1G Linux filesystem + + -> <blockaddress_1st_partition> = 8192 + -> <sectorsize_1st_partition> = 32768 + +#. Copy the ESP from opensuse image to empty image: + + :: + + dd conv=notrunc if=openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw skip=<blockaddress_1st_partition> of=corstone1000-efi-partition.img seek=<blockaddress_1st_partition> iflag=fullblock seek=<blockaddress_1st_partition> bs=512 count=<sectorsize_1s_partition> && sync + + +#. Use the provided disk-layout below to label the ESP correctly. + + efi_disk.layout + :: + + label: gpt + label-id: AC53D121-B818-4515-9031-BE02CCEB8701 + device: corstone1000-efi-partition.img + unit: sectors + first-lba: 34 + last-lba: 204766 + + corstone1000-efi-partition.img : start=8192, size=32768, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=792D821F-98AE-46E3-BABD-948003A650F8, name="p.UEFI" + + And use the following command the label the newly created ESP. + + :: + + sfdisk corstone1000-efi-partition.img < efi_disk.layout + + To test the image, you can now mount the disk image + + :: + + fdisk -lu corstone1000-efi-partition.img + -> Device Start End Sectors Size Type + corstone1000-efi-partition.img1 8192 40959 32768 16M EFI System + + <offset_1st_partition> = 8192 * 512 (sector size) = 4194304 + + sudo mount -o loop,offset=4194304 corstone1000-efi-partition.img /mount_point + +**Using ESP in FPGA:** + +Once the ESP is created, it needs to be flashed to a second USB drive different than ACS image. +This can be done with the development machine. + +:: + + sudo dd if=corstone1000-efi-partition.img of=/dev/sdb iflag=direct oflag=direct status=progress bs=512; sync; + +Now you can plug this USB stick to the board together with ACS test USB stick. + +**Using ESP in FVP:** + +The ESP disk image can directly be used in Corstone-1000 FVP by simply passing it as +the 2nd MMC card image. + +:: + + <_workspace>/meta-arm/scripts/runfvp <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${<path-to-img>/ir_acs_live_image.img}" -C board.msd_mmc_2.p_mmc_file="${<path-to-img>/corstone1000-efi-partition.img}" + Clean Secure Flash Before Testing (applicable to FPGA only) =========================================================== @@ -408,13 +497,13 @@ boot. Run following commands to build such image. :: cd <_workspace> - git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2023.06 - git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.06 + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2023.11 + git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.11 cp -f systemready-patch/embedded-a/corstone1000/erase_flash/0001-embedded-a-corstone1000-clean-secure-flash.patch meta-arm cd meta-arm git apply 0001-embedded-a-corstone1000-clean-secure-flash.patch cd .. - kas build meta-arm/kas/corstone1000-mps3.yml + kas build meta-arm/kas/corstone1000-mps3.yml:meta-arm/ci/debug.yml Replace the bl1.bin and cs1000.bin files on the SD card with following files: - The ROM firmware: <_workspace>/build/tmp/deploy/images/corstone1000-mps3/bl1.bin @@ -488,10 +577,10 @@ certifications of SystemReady-IR. To download the repository, run command: :: cd <_workspace> - git clone https://github.com/ARM-software/arm-systemready.git -b v21.09_REL1.0 + git clone https://github.com/ARM-software/arm-systemready.git Once the repository is successfully downloaded, the prebuilt ACS live image can be found in: - - ``<_workspace>/arm-systemready/IR/prebuilt_images/v21.07_0.9_BETA/ir_acs_live_image.img.xz`` + - ``<_workspace>/arm-systemready/IR/prebuilt_images/v23.03_2.0.0/ir-acs-live-image-generic-arm64.wic.xz`` **NOTE**: This prebuilt ACS image includes v5.13 kernel, which doesn't provide USB driver support for Corstone-1000. The ACS image with newer kernel version @@ -505,12 +594,12 @@ USB drive. Run the following commands to prepare the ACS image in USB stick: :: - cd <_workspace>/arm-systemready/IR/prebuilt_images/v21.07_0.9_BETA - unxz ir_acs_live_image.img.xz - sudo dd if=ir_acs_live_image.img of=/dev/sdb iflag=direct oflag=direct bs=1M status=progress; sync + cd <_workspace>/arm-systemready/IR/prebuilt_images/v23.03_2.0.0 + unxz ir-acs-live-image-generic-arm64.wic.xz + sudo dd if=ir-acs-live-image-generic-arm64.wic of=/dev/sdb iflag=direct oflag=direct bs=1M status=progress; sync Once the USB stick with ACS image is prepared, the user should make sure that -ensure that only the USB stick with the ACS image is connected to the board, +ensure that both USB sticks (ESP and ACS image) are connected to the board, and then boot the board. The FPGA will reset multiple times during the test, and it might take approx. 24-36 hours to finish the test. @@ -520,31 +609,30 @@ FVP instructions for ACS image and run ====================================== Download ACS image from: - - ``https://gitlab.arm.com/systemready/acs/arm-systemready/-/tree/linux-5.17-rc7/IR/prebuilt_images/v22.04_1.0-Linux-v5.17-rc7`` + - ``https://gitlab.arm.com/systemready/acs/arm-systemready/-/tree/main/IR/prebuilt_images/v23.03_2.0.0`` -Use the below command to run the FVP with ACS image support in the -SD card. +Use the below command to run the FVP with EFI and ACS image support in the +SD cards. :: - unxz ${<path-to-img>/ir_acs_live_image.img.xz} - - tmux + unxz ${<path-to-img>/ir-acs-live-image-generic-arm64.wic.xz} - <_workspace>/meta-arm/scripts/runfvp <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${<path-to-img>/ir_acs_live_image.img}" + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file=<path-to-img>/ir-acs-live-image-generic-arm64.wic -C board.msd_mmc_2.p_mmc_file="${<path-to-img>/corstone1000-efi-partition.img}" The test results can be fetched using following commands: :: sudo mkdir /mnt/test - sudo mount -o rw,offset=<offset_2nd_partition> <path-to-img>/ir_acs_live_image.img /mnt/test/ - fdisk -lu <path-to-img>/ir_acs_live_image.img + sudo mount -o rw,offset=<offset_3rd_partition> <path-to-img>/ir-acs-live-image-generic-arm64.wic /mnt/test/ + fdisk -lu <path-to-img>/ir-acs-live-image-generic-arm64.wic -> Device Start End Sectors Size Type - <path-to-img>/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data - <path-to-img>/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + <path-to-img>/ir-acs-live-image-generic-arm64.wic1 2048 206847 204800 100M Microsoft basic data + <path-to-img>/ir-acs-live-image-generic-arm64.wic2 206848 1024239 817392 399.1M Linux filesystem + <path-to-img>/ir-acs-live-image-generic-arm64.wic3 1026048 1128447 102400 50M Microsoft basic data - -> <offset_2nd_partition> = 1050624 * 512 (sector size) = 537919488 + -> <offset_3rd_partition> = 1026048 * 512 (sector size) = 525336576 The FVP will reset multiple times during the test, and it might take up to 1 day to finish the test. At the end of test, the FVP host terminal will halt showing a shell prompt. @@ -580,20 +668,23 @@ A positive test case capsule which boots the platform correctly until the Linux incorrect capsule (corrupted or outdated) which fails to boot to the host software. Check the "Run SystemReady-IR ACS tests" section above to download and unpack the ACS image file - - ``ir_acs_live_image.img.xz`` + - ``ir-acs-live-image-generic-arm64.wic.xz`` + -Download edk2 under <_workspace>: +Download u-boot under <_workspace> and install tools: :: - git clone https://github.com/tianocore/edk2.git - cd edk2 - git checkout f2188fe5d1553ad1896e27b2514d2f8d0308da8a + git clone https://github.com/u-boot/u-boot.git + cd u-boot + git checkout 83aa0ed1e93e1ffac24888d98d37a5b04ed3fb07 + make tools-only_defconfig + make tools-only Download systemready-patch repo under <_workspace>: :: - git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.06 + git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.11 ******************* Generating Capsules @@ -613,13 +704,14 @@ generate a UEFI capsule. :: cd <_workspace> - edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o cs1k_cap_mps3_v6 --fw-version 6 \ - --lsv 0 --guid e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index 0 \ - --verbose build/tmp/deploy/images/corstone1000-mps3/corstone1000_image.nopt - edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o cs1k_cap_mps3_v5 --fw-version 5 \ - --lsv 0 --guid e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index 0 \ - --verbose build/tmp/deploy/images/corstone1000-mps3/corstone1000_image.nopt + ./u-boot/tools/mkeficapsule --monotonic-count 1 --private-key build/tmp/deploy/images/corstone1000-mps3/corstone1000_capsule_key.key \ + --certificate build/tmp/deploy/images/corstone1000-mps3/corstone1000_capsule_cert.crt --index 1 --guid 989f3a4e-46e0-4cd0-9877-a25c70c01329 \ + --fw-version 6 build/tmp/deploy/images/corstone1000-mps3/corstone1000_image.nopt cs1k_cap_mps3_v6 + + ./u-boot/tools/mkeficapsule --monotonic-count 1 --private-key build/tmp/deploy/images/corstone1000-mps3/corstone1000_capsule_key.key \ + --certificate build/tmp/deploy/images/corstone1000-mps3/corstone1000_capsule_cert.crt --index 1 --guid 989f3a4e-46e0-4cd0-9877-a25c70c01329 \ + --fw-version 5 build/tmp/deploy/images/corstone1000-mps3/corstone1000_image.nopt cs1k_cap_mps3_v5 Generating FVP Capsules ======================= @@ -632,17 +724,16 @@ Generating FVP Capsules This will generate a file called "corstone1000_image.nopt" which will be used to generate a UEFI capsule. - :: cd <_workspace> - edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o cs1k_cap_fvp_v6 \ - --fw-version 6 --lsv 0 --guid e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ - 0 --verbose build/tmp/deploy/images/corstone1000-fvp/corstone1000_image.nopt + ./u-boot/tools/mkeficapsule --monotonic-count 1 --private-key build/tmp/deploy/images/corstone1000-fvp/corstone1000_capsule_key.key \ + --certificate build/tmp/deploy/images/corstone1000-fvp/corstone1000_capsule_cert.crt --index 1 --guid 989f3a4e-46e0-4cd0-9877-a25c70c01329 \ + --fw-version 6 build/tmp/deploy/images/corstone1000-fvp/corstone1000_image.nopt cs1k_cap_fvp_v6 - edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o cs1k_cap_fvp_v5 --fw-version 5 \ - --lsv 0 --guid e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ - 0 --verbose build/tmp/deploy/images/corstone1000-fvp/corstone1000_image.nopt + ./u-boot/tools/mkeficapsule --monotonic-count 1 --private-key build/tmp/deploy/images/corstone1000-fvp/corstone1000_capsule_key.key \ + --certificate build/tmp/deploy/images/corstone1000-fvp/corstone1000_capsule_cert.crt --index 1 --guid 989f3a4e-46e0-4cd0-9877-a25c70c01329 \ + --fw-version 5 build/tmp/deploy/images/corstone1000-fvp/corstone1000_image.nopt cs1k_cap_fvp_v5 Common Notes for FVP and FPGA @@ -681,7 +772,7 @@ First, mount the IR image: :: sudo mkdir /mnt/test - sudo mount -o rw,offset=1048576 <path-to-img>/ir_acs_live_image.img /mnt/test + sudo mount -o rw,offset=1048576 <path-to-img>/ir-acs-live-image-generic-arm64.wic /mnt/test Then, copy the capsules: @@ -700,14 +791,15 @@ Then, unmount the IR image: **NOTE:** The size of first partition in the image file is calculated in the following way. The data is -just an example and might vary with different ir_acs_live_image.img files. +just an example and might vary with different ir-acs-live-image-generic-arm64.wic files. :: - fdisk -lu <path-to-img>/ir_acs_live_image.img + fdisk -lu <path-to-img>/ir-acs-live-image-generic-arm64.wic -> Device Start End Sectors Size Type - <path-to-img>/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data - <path-to-img>/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + <path-to-img>/ir-acs-live-image-generic-arm64.wic1 2048 206847 204800 100M Microsoft basic data + <path-to-img>/ir-acs-live-image-generic-arm64.wic2 206848 1024239 817392 399.1M Linux filesystem + <path-to-img>/ir-acs-live-image-generic-arm64.wic3 1026048 1128447 102400 50M Microsoft basic data -> <offset_1st_partition> = 2048 * 512 (sector size) = 1048576 @@ -725,7 +817,12 @@ Run the FVP with the IR prebuilt image: :: - <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C "board.msd_mmc.p_mmc_file=${<path-to-img>/ir_acs_live_image.img}" + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file=<path-to-img>/ir-acs-live-image-generic-arm64.wic + +**NOTE:** + +<path-to-img> must start from the root directory. +make sure there are no spaces before or after of "=". board.msd_mmc.p_mmc_file=<path-to-img>/ir-acs-live-image-generic-arm64.wic. Running the FPGA with the IR prebuilt image =========================================== @@ -796,7 +893,7 @@ Run the following commands in order to run the Corstone-1000 Linux kernel and be :: $ unzip $kernel_addr 0x90000000 - $ loadm 0x90000000 $kernel_addr_r 0xf00000 + $ loadm 0x90000000 $kernel_addr_r $filesize $ bootefi $kernel_addr_r $fdtcontroladdr @@ -834,7 +931,7 @@ In the Linux command-line run the following: # cat * 0x0 - e2bb9c06-70e9-4b14-97a3-5a7913176e3f + 989f3a4e-46e0-4cd0-9877-a25c70c01329 0 6 0 @@ -843,7 +940,7 @@ In the Linux command-line run the following: .. line-block:: capsule_flags: 0x0 - fw_class: e2bb9c06-70e9-4b14-97a3-5a7913176e3f + fw_class: 989f3a4e-46e0-4cd0-9877-a25c70c01329 fw_type: 0 fw_version: 6 last_attempt_status: 0 @@ -851,8 +948,8 @@ In the Linux command-line run the following: lowest_supported_fw_ver: 0 -Negative scenario -================= +Negative scenario (Applicable to FPGA only) +=========================================== In the negative case scenario (rollback the capsule version), the user should see appropriate logs in the secure enclave terminal. @@ -899,7 +996,7 @@ In the Linux command-line run the following: # cat * 0x0 - e2bb9c06-70e9-4b14-97a3-5a7913176e3f + 989f3a4e-46e0-4cd0-9877-a25c70c01329 0 6 1 @@ -908,26 +1005,32 @@ In the Linux command-line run the following: .. line-block:: capsule_flags: 0x0 - fw_class: e2bb9c06-70e9-4b14-97a3-5a7913176e3f + fw_class: 989f3a4e-46e0-4cd0-9877-a25c70c01329 fw_type: 0 fw_version: 6 last_attempt_status: 1 last_attempt_version: 5 lowest_supported_fw_ver: 0 +**Note**: This test is currently not working properly in Corstone-1000 FVP. +However, it is not part of the System-Ready IR tests, and it won't affect the +SR-IR certification. All the compulsory `capsule update tests for SR-IR +<https://developer.arm.com/documentation/DUI1101/2-1/Test-SystemReady-IR/Test-UpdateCapsule>`__ +works on both Corstone-1000 FVP and FPGA. + Linux distros tests ------------------- ************************************************************* -Debian install and boot preparation (applicable to FPGA only) +Debian install and boot preparation ************************************************************* There is a known issue in the `Shim 15.7 <https://salsa.debian.org/efi-team/shim/-/tree/upstream/15.7?ref_type=tags>`__ provided with the Debian installer image (see below). This bug causes a fatal -error when attempting to boot media installer for Debian, and it resets the MPS3 before installation starts. +error when attempting to boot media installer for Debian, and it resets the platform before installation starts. A patch to be applied to the Corstone-1000 stack (only applicable when installing Debian) is provided to -`Skip the Shim <https://gitlab.arm.com/arm-reference-solutions/systemready-patch/-/blob/CORSTONE1000-2023.06/embedded-a/corstone1000/shim/0001-arm-bsp-u-boot-corstone1000-Skip-the-shim-by-booting.patch>`__. +`Skip the Shim <https://gitlab.arm.com/arm-reference-solutions/systemready-patch/-/blob/CORSTONE1000-2023.11/embedded-a/corstone1000/shim/0001-arm-bsp-u-boot-corstone1000-Skip-the-shim-by-booting.patch>`__. This patch makes U-Boot automatically bypass the Shim and run grub and allows the user to proceed with a normal installation. If at the moment of reading this document the problem is solved in the Shim, the user is encouraged to try the @@ -939,31 +1042,44 @@ documentation. :: cd <_workspace> - git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.06 + git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2023.11 cp -f systemready-patch/embedded-a/corstone1000/shim/0001-arm-bsp-u-boot-corstone1000-Skip-the-shim-by-booting.patch meta-arm cd meta-arm git am 0001-arm-bsp-u-boot-corstone1000-Skip-the-shim-by-booting.patch cd .. - kas shell meta-arm/kas/corstone1000-mps3.yml -c="bitbake u-boot trusted-firmware-a corstone1000-image -c cleansstate; bitbake corstone1000-image" -Please update the cs1000.bin on the SD card with the newly generated wic file. +**On FPGA** +:: + + kas shell meta-arm/kas/corstone1000-mps3.yml:meta-arm/ci/debug.yml -c="bitbake u-boot trusted-firmware-a corstone1000-image -c cleansstate; bitbake corstone1000-image" + +**On FVP** +:: + + kas shell meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml -c="bitbake u-boot trusted-firmware-a corstone1000-image -c cleansstate; bitbake corstone1000-image" + +On FPGA, please update the cs1000.bin on the SD card with the newly generated wic file. ************************************************* -Debian/openSUSE install (applicable to FPGA only) +Preparing the Installation Media ************************************************* -To test Linux distro install and boot, the user should prepare two empty USB -sticks (minimum size should be 4GB and formatted with FAT32). - Download one of following Linux distro images: - - `Debian 12.0.0 installer image <https://cdimage.debian.org/debian-cd/current/arm64/iso-dvd/debian-12.0.0-arm64-DVD-1.iso>`__ - - `OpenSUSE Tumbleweed installer image <http://download.opensuse.org/ports/aarch64/tumbleweed/iso/>`__ - + - `Debian installer image <https://cdimage.debian.org/debian-cd/current/arm64/iso-dvd/>`__ (Tested on: debian-12.2.0-arm64-DVD-1.iso) + - `OpenSUSE Tumbleweed installer image <http://download.opensuse.org/ports/aarch64/tumbleweed/iso/>`__ (Tested on: openSUSE-Tumbleweed-DVD-aarch64-Snapshot20231120-Media.iso) + **NOTE:** For OpenSUSE Tumbleweed, the user should look for a DVD Snapshot like openSUSE-Tumbleweed-DVD-aarch64-Snapshot<date>-Media.iso -Once the iso file is downloaded, the iso file needs to be flashed to your USB -drive. This can be done with your development machine. + +FPGA +================================================== + +To test Linux distro install and boot on FPGA, the user should prepare two empty USB +sticks (minimum size should be 4GB and formatted with FAT32). + +The downloaded iso file needs to be flashed to your USB drive. +This can be done with your development machine. In the example given below, we assume the USB device is ``/dev/sdb`` (the user should use the `lsblk` command to confirm). @@ -976,6 +1092,26 @@ following command in the development machine: sudo dd if=<path-to-iso_file> of=/dev/sdb iflag=direct oflag=direct status=progress bs=1M; sync; + +FVP +================================================== + +To test Linux distro install and boot on FVP, the user should prepare an mmc image. +With a minimum size of 8GB formatted with gpt. + +:: + #Generating mmc2 + dd if=/dev/zero of=<_workspace>/mmc2_file.img bs=1 count=0 seek=8G; sync; + parted -s mmc2_file.img mklabel gpt + + +************************************************* +Debian/openSUSE install +************************************************* + +FPGA +================================================== + Unplug the first USB stick from the development machine and connect it to the MSP3 board. At this moment, only the first USB stick should be connected. Open the following picocom sessions in your development machine: @@ -993,8 +1129,18 @@ the process. **NOTE:** Due to the performance limitation of Corstone-1000 MPS3 FPGA, the distro installation process can take up to 24 hours to complete. +FVP +================================================== + +:: + + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="<path-to-iso_file>" -C board.msd_mmc_2.p_mmc_file="<_workspace>/mmc2_file.img" + +The installer should now start. +The os will be installed on the second mmc 'mmc2_file.img'. + ******************************************************* -Debian install clarifications (applicable to FPGA only) +Debian install clarifications ******************************************************* As the installation process for Debian is different than the one for openSUSE, @@ -1032,75 +1178,69 @@ popups: 8. At this stage, the installation should proceed as normal. ***************************************************************** -Debian/openSUSE boot after installation (applicable to FPGA only) +Debian/openSUSE boot after installation ***************************************************************** +FPGA +=============== Once the installation is complete, unplug the first USB stick and reboot the board. The board will then enter recovery mode, from which the user can access a shell -after entering the password for the root user. Proceed to edit the following -files accordingly: +after entering the password for the root user. -:: +FVP +============== +Once the installation is complete, you will need to exit the shell instance +and run this command to boot into the installed OS: - vi /etc/systemd/system.conf - DefaultDeviceTimeoutSec=infinity +:: -The file to be editted next is different depending on the installed distro: + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="<_workspace>/mmc2_file.img" -:: - vi /etc/login.defs # Only applicable to Debian - vi /usr/etc/login.defs # Only applicable to openSUSE - LOGIN_TIMEOUT 180 +Once the FVP begins booting, you will need to quickly change the boot option in GRUB, +to boot into recovery mode. -To make sure the changes are applied, please run: +**NOTE:** This option will disappear quickly, so it's best to preempt it. -:: +Select 'Advanced Options for '<OS>' and then '<OS> (recovery mode)'. - systemctl daemon-reload +Common +============== -After applying the previous commands, please reboot the board. The user should -see a login prompt after booting, for example, for debian: +Proceed to edit the following files accordingly: :: - debian login: - -Login with the username root and its corresponding password (already set at -installation time). - -************************************************************ -OpenSUSE Raw image install and boot (applicable to FVP only) -************************************************************ - -Steps to download OpenSUSE Tumbleweed raw image: - - Under `OpenSUSE Tumbleweed appliances <http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/>`__ - - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, - ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw.xz`` + vi /etc/systemd/system.conf #Only applicable to Debian + DefaultDeviceTimeoutSec=infinity + vi /usr/lib/systemd/system.conf # Only applicable to openSUSE + DefaultDeviceTimeoutSec=infinity -Once the .raw.xz file is downloaded, the raw image file needs to be extracted: +The file to be edited next is different depending on the installed distro: :: - unxz <file-name.raw.xz> - + vi /etc/login.defs # Only applicable to Debian + vi /usr/etc/login.defs # Only applicable to openSUSE + LOGIN_TIMEOUT 180 -The above command will generate a file ending with extension .raw image. Now, use the following command -to run FVP with raw image installation process. +To make sure the changes are applied, please run: :: - <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${openSUSE raw image file path}" + systemctl daemon-reload + +After applying the previous commands, please reboot the board or restart the runfvp command. -After successfully installing and booting the Linux distro, the user should see -a openSUSE login prompt. +The user should see a login prompt after booting, for example, for debian: :: - localhost login: + debian login: -Login with the username 'root' and password 'linux'. +Login with the username root and its corresponding password (already set at +installation time). PSA API tests ------------- @@ -1121,7 +1261,7 @@ First, load FF-A TEE kernel module: :: - insmod /lib/modules/6.1.32-yocto-standard/extra/arm-ffa-tee.ko + insmod /lib/modules/*-yocto-standard/extra/arm-ffa-tee.ko Then, check whether the FF-A TEE driver is loaded correctly by using the following command: @@ -1146,105 +1286,20 @@ Now, run the PSA API tests in the following order: **NOTE:** The psa-crypto-api-test takes between 30 minutes to 1 hour to run. -External System tests ---------------------- - -************************************************************** -Running the External System test command (systems-comms-tests) -************************************************************** - -Test 1: Releasing the External System out of reset -================================================== - -Run this command in the Linux command-line: - -:: - - systems-comms-tests 1 - -The output on the External System terminal should be: - -:: - - ___ ___ - | / __| - |=== \___ - |___ |___/ - External System Cortex-M3 Processor - Running RTX RTOS - v0.1.0_2022-10-19_16-41-32-8c9dca7 - MHUv2 module 'MHU0_H' started - MHUv2 module 'MHU1_H' started - MHUv2 module 'MHU0_SE' started - MHUv2 module 'MHU1_SE' started - -Test 2: Communication -===================== - -Test 2 releases the External System out of reset if not already done. Then, it performs communication between host and External System. - -After running Test 1, run this command in the Linux command-line: - -:: - - systems-comms-tests 2 - -Additional output on the External System terminal will be printed: - -:: - - MHUv2: Message from 'MHU0_H': 0xabcdef1 - Received 'abcdef1' From Host MHU0 - CMD: Increment and return to sender... - MHUv2: Message from 'MHU1_H': 0xabcdef1 - Received 'abcdef1' From Host MHU1 - CMD: Increment and return to sender... - -When running Test 2 the first, Test 1 will be run in the background. - -The output on the External System terminal should be: - -:: - - ___ ___ - | / __| - |=== \___ - |___ |___/ - External System Cortex-M3 Processor - Running RTX RTOS - v0.1.0_2022-10-19_16-41-32-8c9dca7 - MHUv2 module 'MHU0_H' started - MHUv2 module 'MHU1_H' started - MHUv2 module 'MHU0_SE' started - MHUv2 module 'MHU1_SE' started - MHUv2: Message from 'MHU0_H': 0xabcdef1 - Received 'abcdef1' From Host MHU0 - CMD: Increment and return to sender... - MHUv2: Message from 'MHU1_H': 0xabcdef1 - Received 'abcdef1' From Host MHU1 - CMD: Increment and return to sender... - -The output on the Host terminal should be: - -:: - - Received abcdf00 from es0mhu0 - Received abcdf00 from es0mhu1 - - Tests results ------------- -As a reference for the end user, reports for various tests for `Corstone-1000 software (CORSTONE1000-2023.06) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2023.06>`__ +As a reference for the end user, reports for various tests for `Corstone-1000 software (CORSTONE1000-2023.11) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2023.11>`__ can be found `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000>`__. -Running the software on FVP on Windows --------------------------------------- +Running the software on FVP on Windows or AArch64 Linux +------------------------------------------------------------ + +The user should follow the build instructions in this document to build on a Linux host machine. Then, copy the output binaries to the Windows or Aarch64 Linux machine where the FVP is located. Then, launch the FVP binary. -If the user needs to run the Corstone-1000 software on FVP on Windows. The user -should follow the build instructions in this document to build on Linux host -PC, and copy the output binaries to the Windows PC where the FVP is located, -and launch the FVP binary. +Security Issue Reporting +------------------------ +To report any security issues identified with Corstone-1000, please send an email to arm-security@arm.com. -------------- diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs-fvp-base.inc b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs-fvp-base.inc new file mode 100644 index 0000000000..376f623a8d --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs-fvp-base.inc @@ -0,0 +1,2 @@ +FILESEXTRAPATHS:append := "${THISDIR}/files/${MACHINE}:" +SRC_URI:append = " file://report.txt" diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs.bbappend b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs.bbappend new file mode 100644 index 0000000000..397342f439 --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-ir-acs.bbappend @@ -0,0 +1 @@ +include arm-systemready-ir-acs-${MACHINE}.inc diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native-fvp-base.inc b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native-fvp-base.inc new file mode 100644 index 0000000000..dc01d0a2fc --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native-fvp-base.inc @@ -0,0 +1,5 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/files/fvp-base:" + +SRC_URI:append = " \ + file://0001-check-sr-results-Change-the-expected-SR-result-confi.patch \ +" diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native.bbappend b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native.bbappend new file mode 100644 index 0000000000..49c01ee96e --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/arm-systemready-scripts-native.bbappend @@ -0,0 +1 @@ +include arm-systemready-scripts-native-${MACHINE}.inc diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/0001-check-sr-results-Change-the-expected-SR-result-confi.patch b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/0001-check-sr-results-Change-the-expected-SR-result-confi.patch new file mode 100644 index 0000000000..d2226cb133 --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/0001-check-sr-results-Change-the-expected-SR-result-confi.patch @@ -0,0 +1,227 @@ +From e3e0465a25f9b1607b2e5ed42afb7b556aa8b9bc Mon Sep 17 00:00:00 2001 +From: Debbie Martin <Debbie.Martin@arm.com> +Date: Wed, 4 Oct 2023 18:40:18 +0100 +Subject: [PATCH] [PATCH] check-sr-results: Change the expected SR result + config + +Update the check-sr-results.yaml and format-sr-results.yaml files for the +Systemready IR suite. These changes are required because of the +following known differences of fvp-base outputs to those expected by the +SystemReady scripts. + +Changes to check-sr-results.yaml: + 1. acs-console.log: + a. must-have-esp: EFI partition/variable persistence not supported due to + FVP reset. + b. warn-once-if-contains "-dirty": BL1, BL2, and BL31 have dirty versions. + c. must-contain "efi: ESRT=0x" and "'esrt: Reserving ESRT space from 0x'": + Capsule updates are not supported. + d. error-if-contains: "No EFI system partition" and "Failed to persist + EFI variables": EFI partition/variable persistence not supported due to + FVP reset. + 2. acs_results/result.md: + a. must-contain "Failure: |0|": Capsule and EFI partition failures make + the total 20. + 3. acs_results/CapsuleApp_ESRT_table_info.log: + a. capsuleapp-esrt: Capsule updates are not supported. + b. must-contain "'EFI_SYSTEM_RESOURCE_TABLE:'" and + "EFI_SYSTEM_RESOURCE_ENTRY": EFI partition/variable persistence not + supported due to FVP reset. + c. must-contain "FwClass": Capsule updates are not supported. + d. error-if-contains "ESRT - Not Found": Capsule updates are not + supported. + 4. acs_results/CapsuleApp_FMP_protocol_info.log: + a. warn-if-contains "Aborted test": Capsule updates are not supported. + This patch also adds must-contain for the specific totals of the test + categories due to allowing the "Aborted test" string. + 5. acs_results/linux_dump/firmware/efi/esrt: + a. Remove whole directory because capsule updates are not supported. + 6. acs_results/uefi/temp: + a. Set min-entries to 0: this defaults to 1 despite the directory being + optional, so errors if a directory is empty. + 7. acs_results/uefi_dump: + a. min-entries is 13: change this to 11 due to smbiosview.log being + optional and the change to make map.log optional. + 8. acs_results/uefi_dump/dh.log: + a. must-contain "EFISystemPartition": EFI partition/variable persistence + not supported due to FVP reset. + b. must-contain "FirmwareManagement": Capsule updates are not supported. + 9. acs_results/uefi_dump/map.log: + a. Make optional because it isn't populated for IR. + 10. fw: + a. Make optional because capsule updates are not supported. + 11. os-logs: + a. Make optional because distro installation isn't done as part of ACS. + +Changes to format-sr-results.yaml: + 1. Remove the SIE section (not supported on fvp-base and, if present, causes + format-sr-results.py to error). + +Upstream-Status: Inappropriate +Signed-off-by: Debbie Martin <Debbie.Martin@arm.com> +--- + check-sr-results.yaml | 34 ++++++++++++++-------------------- + format-sr-results.yaml | 15 --------------- + 2 files changed, 14 insertions(+), 35 deletions(-) + +diff --git a/check-sr-results.yaml b/check-sr-results.yaml +index a4235de..555fb71 100644 +--- a/check-sr-results.yaml ++++ b/check-sr-results.yaml +@@ -10,7 +10,6 @@ check-sr-results-configuration: + # The following tree applies to all ACS-IR 2.0 versions. + tree: + - file: acs-console.log +- must-have-esp: + must-contain: + - Booting `bbr/bsa' + - Press any key to stop the EFI SCT running +@@ -24,8 +23,6 @@ tree: + - 'EFI stub: Booting Linux Kernel...' + - 'EFI stub: Using DTB from configuration table' + - Linux version +- - 'efi: ESRT=0x' +- - 'esrt: Reserving ESRT space from 0x' + - systemd + - Executing FWTS for EBBR + - 'Test: UEFI' +@@ -36,13 +33,9 @@ tree: + - ACS run is completed + - Please press <Enter> to continue ... + warn-once-if-contains: +- - -dirty + - 'EFI stub: ERROR:' + - 'FIRMWARE BUG:' + - OVERLAP DETECTED +- error-if-contains: +- - No EFI system partition +- - Failed to persist EFI variables + - dir: acs_results + min-entries: 8 # Allow missing result.md + max-entries: 9 +@@ -53,7 +46,7 @@ tree: + must-contain: + - SCT Summary + - Dropped:|0| +- - Failure:|0| ++ - Failure:|20| + - Warning:|0| + - Dropped by group + - Failure by group +@@ -64,16 +57,11 @@ tree: + max-entries: 2 + tree: + - file: CapsuleApp_ESRT_table_info.log +- capsuleapp-esrt: + must-contain: + - ESRT TABLE +- - 'EFI_SYSTEM_RESOURCE_TABLE:' +- - EFI_SYSTEM_RESOURCE_ENTRY +- - FwClass + error-if-contains: + - FwResourceCount - 0x0 + - FwResourceCountMax - 0x0 +- - ESRT - Not Found + - file: CapsuleApp_FMP_protocol_info.log + must-contain: + - FMP DATA +@@ -95,9 +83,14 @@ tree: + - 'Medium failures: NONE' + - 'Low failures: NONE' + - 'Other failures: NONE' ++ - 'dt_base | 3| | | | | |' ++ - 'esrt | | | 2| | | |' ++ - 'uefibootpath | | | | | | |' ++ - 'uefirtmisc | 1| | | | 8| |' ++ - 'uefirttime | 4| | | | 35| |' ++ - 'uefirtvariable | 2| | | | 10| |' ++ - 'uefivarinfo | | | | | 1| |' + - 'Total:' +- warn-if-contains: +- - Aborted test + error-if-contains: + - FAILED + - This is an invalid entry. +@@ -180,6 +173,7 @@ tree: + tree: + - file: OsIndicationsSupported-* + - dir: esrt ++ optional: + tree: + - dir: entries + tree: +@@ -314,8 +308,9 @@ tree: + - BSA tests complete. Reset the system. + - dir: temp # This sometimes remains; ignore it + optional: ++ min-entries: 0 + - dir: uefi_dump +- min-entries: 13 ++ min-entries: 11 + max-entries: 13 + tree: + - file: bcfg.log +@@ -331,8 +326,6 @@ tree: + must-contain: + - Handle dump + - DevicePath +- - EFISystemPartition +- - FirmwareManagement + - SimpleTextOut + - file: dmem.log + must-contain: +@@ -355,6 +348,7 @@ tree: + - DRIVER NAME + - file: ifconfig.log + - file: map.log ++ optional: + must-contain: + - Mapping table + - /HD(1,GPT, +@@ -392,7 +386,7 @@ tree: + - dir: docs + optional: + - dir: fw +- min-entries: 3 ++ optional: + tree: + - file: u-boot-sniff.log + must-contain: +@@ -500,7 +494,7 @@ tree: + - dir: manual-results + optional: + - dir: os-logs +- min-entries: 2 ++ optional: + tree: + - file: 'OS-image-download-links.txt' + optional: +diff --git a/format-sr-results.yaml b/format-sr-results.yaml +index dd34cd6..20b69de 100644 +--- a/format-sr-results.yaml ++++ b/format-sr-results.yaml +@@ -47,21 +47,6 @@ subs: + extract: + filename: "acs_results/linux_dump/firmware/devicetree/base/psci/\ + compatible" +- - heading: BBSR Compliance +- paragraph: TBD +- subs: +- - heading: SIE SCT +- extract: +- filename: acs_results/SIE/result.md +- find: '# SCT Summary' +- first-line: 4 +- last-line: +- paragraph: TBD +- - heading: SIE FWTS +- extract: +- filename: acs_results/SIE/fwts/FWTSResults.log +- find: Test Failure Summary +- paragraph: TBD + - heading: BSA Compliance (informative) + paragraph: TBD + subs: +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/report.txt b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/report.txt new file mode 100644 index 0000000000..f4363b7092 --- /dev/null +++ b/meta-arm/meta-arm-bsp/dynamic-layers/meta-arm-systemready/recipes-test/arm-systemready-acs/files/fvp-base/report.txt @@ -0,0 +1,34 @@ +General information +------------------- +- Arm SystemReady Band: IR +- System name: FVP Base A AEM +- Prepared by: +- E-mail: +- Date: + +System information +------------------ +- Company: Arm +- System: FVP Base A AEM +- SoC: +- FW version: +- Memory: +- Storage devices / disks: +- Network controllers: +- Other Hardware information: + +Test Logs and Results +--------------------- +- ACS version used: 2.0 +- ACS URL (if pre-built binary): https://github.com/ARM-software/arm-systemready/blob/v23.03_IR_2.0.0/IR/prebuilt_images/v23.03_2.0.0/ir-acs-live-image-generic-arm64.wic.xz +- Changes to ACS (if built from source): + +- Test Logs collected +[X] ACS - SCT +[X] ACS - BSA - UEFI +[X] ACS - BSA - Linux +[X] ACS - FWTS +[X] ACS - Linux boot log +[X] ACS - Linux dumps +[X] ACS - UEFI Shell dumps +[ ] ACS - Capsule Update diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch deleted file mode 100644 index 9ae4b39f85..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch +++ /dev/null @@ -1,249 +0,0 @@ -From 3bc797e097ef2b29acf36560e4d2bfeec31f8d81 Mon Sep 17 00:00:00 2001 -From: Ben Horgan <ben.horgan@arm.com> -Date: Fri, 4 Mar 2022 16:48:14 +0000 -Subject: [PATCH] feat: emulate cntp timer register accesses using cnthps - -Upstream-Status: Inappropriate [Experimental feature] -Signed-off-by: Ben Horgan <ben.horgan@arm.com> -Change-Id: I67508203273baf3bd8e6be2d99717028db945715 ---- - Makefile | 3 +- - src/arch/aarch64/hypervisor/BUILD.gn | 1 + - src/arch/aarch64/hypervisor/cpu.c | 11 ++- - src/arch/aarch64/hypervisor/handler.c | 6 ++ - src/arch/aarch64/hypervisor/timer_el1.c | 104 ++++++++++++++++++++++++ - src/arch/aarch64/hypervisor/timer_el1.h | 20 +++++ - src/arch/aarch64/msr.h | 8 ++ - 7 files changed, 150 insertions(+), 3 deletions(-) - create mode 100644 src/arch/aarch64/hypervisor/timer_el1.c - create mode 100644 src/arch/aarch64/hypervisor/timer_el1.h - -diff --git a/Makefile b/Makefile -index 95cab9a56bfd..21cca938531d 100644 ---- a/Makefile -+++ b/Makefile -@@ -60,7 +60,8 @@ CHECKPATCH := $(CURDIR)/third_party/linux/scripts/checkpatch.pl \ - # debug_el1.c : uses XMACROS, which checkpatch doesn't understand. - # perfmon.c : uses XMACROS, which checkpatch doesn't understand. - # feature_id.c : uses XMACROS, which checkpatch doesn't understand. --CHECKPATCH_IGNORE := "src/arch/aarch64/hypervisor/debug_el1.c\|src/arch/aarch64/hypervisor/perfmon.c\|src/arch/aarch64/hypervisor/feature_id.c" -+# timer_el1.c : uses XMACROS, which checkpatch doesn't understand. -+CHECKPATCH_IGNORE := "src/arch/aarch64/hypervisor/debug_el1.c\|src/arch/aarch64/hypervisor/perfmon.c\|src/arch/aarch64/hypervisor/feature_id.c\|src/arch/aarch64/hypervisor/timer_el1.c" - - OUT ?= out/$(PROJECT) - OUT_DIR = out/$(PROJECT) -diff --git a/src/arch/aarch64/hypervisor/BUILD.gn b/src/arch/aarch64/hypervisor/BUILD.gn -index 6068d1e8f075..de1a414dac68 100644 ---- a/src/arch/aarch64/hypervisor/BUILD.gn -+++ b/src/arch/aarch64/hypervisor/BUILD.gn -@@ -45,6 +45,7 @@ source_set("hypervisor") { - "handler.c", - "perfmon.c", - "psci_handler.c", -+ "timer_el1.c", - "vm.c", - ] - -diff --git a/src/arch/aarch64/hypervisor/cpu.c b/src/arch/aarch64/hypervisor/cpu.c -index 5e025b596674..edd5df134cfc 100644 ---- a/src/arch/aarch64/hypervisor/cpu.c -+++ b/src/arch/aarch64/hypervisor/cpu.c -@@ -98,13 +98,20 @@ void arch_regs_reset(struct vcpu *vcpu) - if (is_primary) { - /* - * cnthctl_el2 is redefined when VHE is enabled. -- * EL1PCTEN, don't trap phys cnt access. -- * EL1PCEN, don't trap phys timer access. -+ * EL1PCTEN, don't trap phys cnt access. Except when in -+ * secure world without vhe. -+ * EL1PCEN, don't trap phys timer access. Except when in -+ * secure world without vhe. - */ - if (has_vhe_support()) { - cnthctl |= (1U << 10) | (1U << 11); - } else { -+#if SECURE_WORLD == 1 -+ cnthctl &= ~(1U << 0); -+ cnthctl &= ~(1U << 1); -+#else - cnthctl |= (1U << 0) | (1U << 1); -+#endif - } - } - -diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c -index 3422ff7b8265..c495df40f3f5 100644 ---- a/src/arch/aarch64/hypervisor/handler.c -+++ b/src/arch/aarch64/hypervisor/handler.c -@@ -34,6 +34,7 @@ - #include "psci_handler.h" - #include "smc.h" - #include "sysregs.h" -+#include "timer_el1.h" - - /** - * Hypervisor Fault Address Register Non-Secure. -@@ -1295,6 +1296,11 @@ void handle_system_register_access(uintreg_t esr_el2) - inject_el1_sysreg_trap_exception(vcpu, esr_el2); - return; - } -+ } else if (timer_el1_is_register_access(esr_el2)) { -+ if (!timer_el1_process_access(vcpu, vm_id, esr_el2)) { -+ inject_el1_unknown_exception(vcpu, esr_el2); -+ return; -+ } - } else { - inject_el1_sysreg_trap_exception(vcpu, esr_el2); - return; -diff --git a/src/arch/aarch64/hypervisor/timer_el1.c b/src/arch/aarch64/hypervisor/timer_el1.c -new file mode 100644 -index 000000000000..c30e5543f436 ---- /dev/null -+++ b/src/arch/aarch64/hypervisor/timer_el1.c -@@ -0,0 +1,104 @@ -+/* -+ * Copyright 2022 The Hafnium Authors. -+ * -+ * Use of this source code is governed by a BSD-style -+ * license that can be found in the LICENSE file or at -+ * https://opensource.org/licenses/BSD-3-Clause. -+ */ -+ -+#include "timer_el1.h" -+ -+#include "hf/dlog.h" -+ -+#include "msr.h" -+#include "sysregs.h" -+ -+/* -+ * Physical timer (CNTP) register encodings as defined in -+ * table D13-8 of the ARMv8 ARM (DDI0487F). -+ * TYPE, op0, op1, crn, crm, op2 -+ * The register names are the concatenation of -+ * "CNTP_", TYPE and "_EL2". -+ */ -+#define CNTP_REGISTERS \ -+ X(CTL, 3, 3, 14, 2, 1) \ -+ X(CVAL, 3, 3, 14, 2, 2) \ -+ X(TVAL, 3, 3, 14, 2, 0) \ -+ -+bool timer_el1_is_register_access(uintreg_t esr) -+{ -+ uintreg_t sys_register = GET_ISS_SYSREG(esr); -+ bool is_timer_access; -+ switch (sys_register) { -+#define X(type, op0, op1, crn, crm, op2) \ -+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \ -+ is_timer_access = true; \ -+ break; -+ CNTP_REGISTERS -+#undef X -+ case (GET_ISS_ENCODING(3, 3, 14, 0, 1)): -+ is_timer_access = true; -+ break; -+ default: -+ is_timer_access = false; -+ } -+ -+ return is_timer_access; -+} -+ -+/* Accesses to CNTP timer emulated with CNTHPS */ -+bool timer_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id, -+ uintreg_t esr) -+{ -+ uintreg_t sys_register = GET_ISS_SYSREG(esr); -+ uintreg_t rt_register = GET_ISS_RT(esr); -+ uintreg_t value; -+ -+ if (ISS_IS_READ(esr)) { -+ switch (sys_register) { -+#define X(type, op0, op1, crn, crm, op2) \ -+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \ -+ value = read_msr(MSR_CNTHPS_##type##_EL2); \ -+ vcpu->regs.r[rt_register] = value; \ -+ break; -+ CNTP_REGISTERS -+#undef X -+ case (GET_ISS_ENCODING(3, 3, 14, 0, 1)): -+ value = read_msr(cntpct_el0); -+ vcpu->regs.r[rt_register] = value; -+ break; -+ default: -+ dlog_notice( -+ "Unsupported timer register " -+ "read: " -+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, " -+ "rt=%d.\n", -+ GET_ISS_OP0(esr), GET_ISS_OP1(esr), -+ GET_ISS_CRN(esr), GET_ISS_CRM(esr), -+ GET_ISS_OP2(esr), GET_ISS_RT(esr)); -+ break; -+ } -+ } else { -+ value = vcpu->regs.r[rt_register]; -+ switch (sys_register) { -+#define X(type, op0, op1, crn, crm, op2) \ -+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \ -+ write_msr(MSR_CNTHPS_##type##_EL2, value); \ -+ break; -+ CNTP_REGISTERS -+#undef X -+ default: -+ dlog_notice( -+ "Unsupported timer register " -+ "write: " -+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, " -+ "rt=%d, value=%d.\n", -+ GET_ISS_OP0(esr), GET_ISS_OP1(esr), -+ GET_ISS_CRN(esr), GET_ISS_CRM(esr), -+ GET_ISS_OP2(esr), GET_ISS_RT(esr), value); -+ break; -+ } -+ } -+ -+ return true; -+} -diff --git a/src/arch/aarch64/hypervisor/timer_el1.h b/src/arch/aarch64/hypervisor/timer_el1.h -new file mode 100644 -index 000000000000..04a43b6ca335 ---- /dev/null -+++ b/src/arch/aarch64/hypervisor/timer_el1.h -@@ -0,0 +1,20 @@ -+/* -+ * Copyright 2022 The Hafnium Authors. -+ * -+ * Use of this source code is governed by a BSD-style -+ * license that can be found in the LICENSE file or at -+ * https://opensource.org/licenses/BSD-3-Clause. -+ */ -+ -+#pragma once -+ -+#include "hf/arch/types.h" -+ -+#include "hf/cpu.h" -+ -+#include "vmapi/hf/ffa.h" -+ -+bool timer_el1_is_register_access(uintreg_t esr); -+ -+bool timer_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id, -+ uintreg_t esr); -diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h -index 6edc39f2af48..bf1a66d1d4c5 100644 ---- a/src/arch/aarch64/msr.h -+++ b/src/arch/aarch64/msr.h -@@ -131,3 +131,11 @@ - #define MSR_ELR_EL12 S3_5_C4_C0_1 - - #endif -+ -+/* -+ * Secure EL2 Physical timer (CNTHPS) register encodings as defined in -+ * table D13-8 of the ARMv8 ARM (DDI0487F). -+ */ -+#define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1 -+#define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2 -+#define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch deleted file mode 100644 index 9627a765f1..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 1fef5bd2504ce3a203c56a3b66dba773cd4893c6 Mon Sep 17 00:00:00 2001 -From: Davidson K <davidson.kumaresan@arm.com> -Date: Thu, 8 Sep 2022 10:47:10 +0530 -Subject: [PATCH] feat(vhe): enable vhe and disable branch protection for TC - -Signed-off-by: Davidson K <davidson.kumaresan@arm.com> -Change-Id: I60cd607d9f2bf0114b482980e7ca68e24aaf4d1f -Upstream-Status: Pending [Not submitted to upstream yet] ---- - BUILD.gn | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/BUILD.gn b/BUILD.gn -index cc6a78f4fdb8..acd1f9d1634b 100644 ---- a/BUILD.gn -+++ b/BUILD.gn -@@ -245,7 +245,6 @@ aarch64_toolchains("secure_tc") { - heap_pages = 180 - max_cpus = 8 - max_vms = 16 -- branch_protection = "standard" - toolchain_args = { - plat_ffa = "//src/arch/aarch64/plat/ffa:spmc" - plat_psci = "//src/arch/aarch64/plat/psci:spmc" -@@ -254,6 +253,7 @@ aarch64_toolchains("secure_tc") { - secure_world = "1" - pl011_base_address = "0x7ff80000" - enable_mte = "1" -+ enable_vhe = "1" - plat_log_level = "LOG_LEVEL_INFO" - } - } diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch deleted file mode 100644 index 3e6761519a..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch +++ /dev/null @@ -1,156 +0,0 @@ -From 9f5b07e30c82713b9598ea60d9f802bd419b560f Mon Sep 17 00:00:00 2001 -From: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> -Date: Tue, 26 Apr 2022 14:43:58 +0100 -Subject: [PATCH] feat: emulate interrupt controller register access - -This emulates ICC_SGI1R_EL1 and ICC_IGRPEN1_EL1 register - -Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> -Change-Id: I0c11f034f3676067597461a183a341c809adcaa4 -Upstream-Status: Inappropriate [Experimental feature] ---- - src/arch/aarch64/hypervisor/handler.c | 5 ++ - src/arch/aarch64/hypervisor/perfmon.c | 84 +++++++++++++++++++++++++++ - src/arch/aarch64/hypervisor/perfmon.h | 5 ++ - src/arch/aarch64/msr.h | 3 + - 4 files changed, 97 insertions(+) - -diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c -index c495df40f3f5..13578fc99670 100644 ---- a/src/arch/aarch64/hypervisor/handler.c -+++ b/src/arch/aarch64/hypervisor/handler.c -@@ -1301,6 +1301,11 @@ void handle_system_register_access(uintreg_t esr_el2) - inject_el1_unknown_exception(vcpu, esr_el2); - return; - } -+ } else if (intr_ctrl_is_register_access(esr_el2)) { -+ if (!intr_ctrl_el1_process_access(vcpu, vm_id, esr_el2)) { -+ inject_el1_unknown_exception(vcpu, esr_el2); -+ return; -+ } - } else { - inject_el1_sysreg_trap_exception(vcpu, esr_el2); - return; -diff --git a/src/arch/aarch64/hypervisor/perfmon.c b/src/arch/aarch64/hypervisor/perfmon.c -index f13b035480d8..05e216c84c2e 100644 ---- a/src/arch/aarch64/hypervisor/perfmon.c -+++ b/src/arch/aarch64/hypervisor/perfmon.c -@@ -116,6 +116,10 @@ - X(PMEVTYPER30_EL0 , 3, 3, 14, 15, 6) \ - X(PMCCFILTR_EL0 , 3, 3, 14, 15, 7) - -+#define INTR_CTRL_REGISTERS \ -+ X(ICC_IGRPEN1_EL1 , 3, 0, 12, 12, 7) \ -+ X(ICC_SGI1R_EL1 , 3, 0, 12, 11, 5) \ -+ - /* clang-format on */ - - /** -@@ -232,3 +236,83 @@ uintreg_t perfmon_get_pmccfiltr_el0_init_value(ffa_vm_id_t vm_id) - - return 0; - } -+ -+bool intr_ctrl_is_register_access(uintreg_t esr) -+{ -+ uintreg_t op0 = GET_ISS_OP0(esr); -+ uintreg_t op1 = GET_ISS_OP1(esr); -+ uintreg_t crn = GET_ISS_CRN(esr); -+ uintreg_t crm = GET_ISS_CRM(esr); -+ -+ if (op0 == 3 && op1 == 0 && crn == 12 && crm == 12) { -+ return true; -+ } -+ -+ if (op0 == 3 && op1 == 0 && crn == 12 && crm == 11) { -+ return true; -+ } -+ -+ return false; -+} -+ -+bool intr_ctrl_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id, -+ uintreg_t esr) -+{ -+ uintreg_t sys_register = GET_ISS_SYSREG(esr); -+ uintreg_t rt_register = GET_ISS_RT(esr); -+ uintreg_t value; -+ -+ /* +1 because Rt can access register XZR */ -+ CHECK(rt_register < NUM_GP_REGS + 1); -+ -+ if (ISS_IS_READ(esr)) { -+ switch (sys_register) { -+#define X(reg_name, op0, op1, crn, crm, op2) \ -+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \ -+ value = read_msr(reg_name); \ -+ break; -+ INTR_CTRL_REGISTERS -+#undef X -+ default: -+ value = vcpu->regs.r[rt_register]; -+ dlog_notice( -+ "Unsupported interrupt control register " -+ "read: " -+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, " -+ "rt=%d.\n", -+ GET_ISS_OP0(esr), GET_ISS_OP1(esr), -+ GET_ISS_CRN(esr), GET_ISS_CRM(esr), -+ GET_ISS_OP2(esr), GET_ISS_RT(esr)); -+ break; -+ } -+ if (rt_register != RT_REG_XZR) { -+ vcpu->regs.r[rt_register] = value; -+ } -+ } else { -+ if (rt_register != RT_REG_XZR) { -+ value = vcpu->regs.r[rt_register]; -+ } else { -+ value = 0; -+ } -+ switch (sys_register) { -+#define X(reg_name, op0, op1, crn, crm, op2) \ -+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \ -+ write_msr(reg_name, value); \ -+ break; -+ INTR_CTRL_REGISTERS -+#undef X -+ default: -+ dlog_notice( -+ "Unsupported interrupt control register " -+ "write: " -+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, " -+ "rt=%d.\n", -+ GET_ISS_OP0(esr), GET_ISS_OP1(esr), -+ GET_ISS_CRN(esr), GET_ISS_CRM(esr), -+ GET_ISS_OP2(esr), GET_ISS_RT(esr)); -+ break; -+ } -+ } -+ -+ return true; -+} -diff --git a/src/arch/aarch64/hypervisor/perfmon.h b/src/arch/aarch64/hypervisor/perfmon.h -index 81669ba1c401..c90d45bfc239 100644 ---- a/src/arch/aarch64/hypervisor/perfmon.h -+++ b/src/arch/aarch64/hypervisor/perfmon.h -@@ -70,3 +70,8 @@ bool perfmon_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id, - uintreg_t esr_el2); - - uintreg_t perfmon_get_pmccfiltr_el0_init_value(ffa_vm_id_t vm_id); -+ -+bool intr_ctrl_is_register_access(uintreg_t esr); -+ -+bool intr_ctrl_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id, -+ uintreg_t esr); -diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h -index bf1a66d1d4c5..b88a14b52f68 100644 ---- a/src/arch/aarch64/msr.h -+++ b/src/arch/aarch64/msr.h -@@ -139,3 +139,6 @@ - #define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1 - #define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2 - #define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0 -+ -+#define ICC_IGRPEN1_EL1 S3_0_C12_C12_7 -+#define ICC_SGI1R_EL1 S3_0_C12_C11_5 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch deleted file mode 100644 index cd19f632c5..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 41f3ff2f011da69ff81234769353955e51c7e588 Mon Sep 17 00:00:00 2001 -From: Davidson K <davidson.kumaresan@arm.com> -Date: Thu, 7 Oct 2021 12:20:08 +0530 -Subject: [PATCH] feat(vhe): set STAGE1_NS while mapping memory from NWd to SWd - -If the memory is shared by a VM executing in non secure world, attribute -MM_MODE_NS had to be set while mapping that in a S-EL0 SP executing in -secure world. It will not be needed for a S-EL1 SP since the NS bit is -available only for the stage 1 translations and the stage 1 translations -for a S-EL1 SP will be handled by a trusted OS running in S-EL1. - -Signed-off-by: Davidson K <davidson.kumaresan@arm.com> -Change-Id: I074e2d5a50a659bd3c097d797c4901f08d210b1b -Upstream-Status: Pending [Not submitted to upstream yet] ---- - src/ffa_memory.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/src/ffa_memory.c b/src/ffa_memory.c -index 5826cb2fdd4b..bae677633dea 100644 ---- a/src/ffa_memory.c -+++ b/src/ffa_memory.c -@@ -2618,6 +2618,18 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked, - - memory_to_attributes = ffa_memory_permissions_to_mode( - permissions, share_state->sender_orig_mode); -+ -+ if (to_locked.vm->el0_partition) { -+ /* -+ * Get extra mapping attributes for the given VM ID. -+ * If the memory is shared by a VM executing in non secure -+ * world, attribute MM_MODE_NS had to be set while mapping -+ * that in a SP executing in secure world. -+ */ -+ memory_to_attributes |= arch_mm_extra_attributes_from_vm( -+ retrieve_request->sender); -+ } -+ - ret = ffa_retrieve_check_update( - to_locked, memory_region->sender, share_state->fragments, - share_state->fragment_constituent_counts, diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc index 09de6f1e5a..4e5368eb7b 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc @@ -3,15 +3,6 @@ COMPATIBLE_MACHINE = "(tc?)" HAFNIUM_PLATFORM = "secure_tc" -FILESEXTRAPATHS:prepend:tc := "${THISDIR}/files/tc:" - -SRC_URI:append = " \ - file://0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch \ - file://0002-feat-emulate-interrupt-controller-register-access.patch \ - file://0003-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch \ - file://0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch;patchdir=project/reference \ - " - do_compile() { PATH="${S}/prebuilts/linux-x64/clang/bin:$PATH" oe_runmake -C ${S} } diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-initramfs-image.bb b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-initramfs-image.bb index 884d4b3b8d..cac3b73ca4 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-initramfs-image.bb +++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-initramfs-image.bb @@ -21,8 +21,5 @@ IMAGE_FEATURES:remove = "package-management" # all optee packages IMAGE_INSTALL += "optee-client" -# external system linux userspace test application -IMAGE_INSTALL += "corstone1000-external-sys-tests" - # TS PSA API tests commands for crypto, its, ps and iat IMAGE_INSTALL += "packagegroup-ts-tests-psa" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/fvp-base/0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/fvp-base/0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch new file mode 100644 index 0000000000..4d0019a501 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/fvp-base/0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch @@ -0,0 +1,64 @@ +From b79d3cf319cc5698311ef83247110c93d3c2de2c Mon Sep 17 00:00:00 2001 +Message-Id: <b79d3cf319cc5698311ef83247110c93d3c2de2c.1695834344.git.diego.sueiro@arm.com> +From: Diego Sueiro <diego.sueiro@arm.com> +Date: Wed, 27 Sep 2023 18:05:26 +0100 +Subject: [PATCH] fdts/fvp-base: Add stdout-path and virtio net and rng nodes + +Upstream-Status: Pending +Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> +--- + fdts/fvp-base-psci-common.dtsi | 8 ++++++-- + fdts/rtsm_ve-motherboard.dtsi | 12 ++++++++++++ + 2 files changed, 18 insertions(+), 2 deletions(-) + +diff --git a/fdts/fvp-base-psci-common.dtsi b/fdts/fvp-base-psci-common.dtsi +index 79cf37d3b0..b1ba5ce703 100644 +--- a/fdts/fvp-base-psci-common.dtsi ++++ b/fdts/fvp-base-psci-common.dtsi +@@ -30,7 +30,9 @@ + #if (ENABLE_RME == 1) + chosen { bootargs = "console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda ip=on";}; + #else +- chosen {}; ++ chosen { ++ stdout-path = &v2m_serial0; ++ }; + #endif + + aliases { +@@ -243,6 +245,8 @@ + <0 0 39 &gic 0 GIC_SPI 39 IRQ_TYPE_LEVEL_HIGH>, + <0 0 40 &gic 0 GIC_SPI 40 IRQ_TYPE_LEVEL_HIGH>, + <0 0 41 &gic 0 GIC_SPI 41 IRQ_TYPE_LEVEL_HIGH>, +- <0 0 42 &gic 0 GIC_SPI 42 IRQ_TYPE_LEVEL_HIGH>; ++ <0 0 42 &gic 0 GIC_SPI 42 IRQ_TYPE_LEVEL_HIGH>, ++ <0 0 44 &gic 0 GIC_SPI 44 IRQ_TYPE_LEVEL_HIGH>, ++ <0 0 46 &gic 0 GIC_SPI 46 IRQ_TYPE_LEVEL_HIGH>; + }; + }; +diff --git a/fdts/rtsm_ve-motherboard.dtsi b/fdts/rtsm_ve-motherboard.dtsi +index 0a824b349a..21a083a51a 100644 +--- a/fdts/rtsm_ve-motherboard.dtsi ++++ b/fdts/rtsm_ve-motherboard.dtsi +@@ -230,6 +230,18 @@ + interrupts = <42>; + }; + ++ virtio@150000 { ++ compatible = "virtio,mmio"; ++ reg = <0x150000 0x200>; ++ interrupts = <44>; ++ }; ++ ++ virtio@200000 { ++ compatible = "virtio,mmio"; ++ reg = <0x200000 0x200>; ++ interrupts = <46>; ++ }; ++ + rtc@170000 { + compatible = "arm,pl031", "arm,primecell"; + reg = <0x170000 0x1000>; +-- +2.39.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch index 2c634e350f..ce2d059589 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0001-Reserve-OP-TEE-memory-from-nwd.patch @@ -11,8 +11,9 @@ As a precaution, explicitly reserve this memory via NT_FW_CONFIG to prevent the normal world from using it. This is not required on most platforms as the Trusted OS is run from secure RAM. -Upstream-Status: Pending (not yet submited to upstream) +Upstream-Status: Pending (not yet submitted to upstream) Signed-off-by: Adam Johnston <adam.johnston@arm.com> +Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com> --- plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts | 12 ++++++++++++ 1 file changed, 12 insertions(+) @@ -31,9 +32,9 @@ index da5e04ddb6..b7e2d4e86f 100644 + #size-cells = <2>; + ranges; + -+ optee@0x08000000 { ++ optee@0xDE000000 { + compatible = "removed-dma-pool"; -+ reg = <0x0 0x08000000 0x0 0x02000000>; ++ reg = <0x0 0xDE000000 0x0 0x02000000>; + no-map; + }; + }; diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0002-Modify-BL32-Location-to-DDR4.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0002-Modify-BL32-Location-to-DDR4.patch new file mode 100644 index 0000000000..8b2be194d9 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0002-Modify-BL32-Location-to-DDR4.patch @@ -0,0 +1,30 @@ +From 15dab90c3cb8e7677c4f953c2269e8ee1afa01b0 Mon Oct 2 13:45:43 2023 +From: Mariam Elshakfy <mariam.elshakfy@arm.com> +Date: Mon, 2 Oct 2023 13:45:43 +0000 +Subject: [PATCH] Modify BL32 Location to DDR4 + +Since OP-TEE start address is changed to run +from DDR4, this patch changes BL32 entrypoint +to the correct one. + +Upstream-Status: Pending (not yet submitted to upstream) +Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com> +--- + plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts b/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts +index ed870803c..797dfe3a4 100644 +--- a/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts ++++ b/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts +@@ -22,8 +22,8 @@ + maj_ver = <0x1>; + min_ver = <0x0>; + exec_state = <0x0>; +- load_address = <0x0 0x08000000>; +- entrypoint = <0x0 0x08000000>; ++ load_address = <0x0 0xDE000000>; ++ entrypoint = <0x0 0xDE000000>; + binary_size = <0x2000000>; + }; + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0003-Modify-SPMC-Base-to-DDR4.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0003-Modify-SPMC-Base-to-DDR4.patch new file mode 100644 index 0000000000..9e3271708a --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/n1sdp/0003-Modify-SPMC-Base-to-DDR4.patch @@ -0,0 +1,28 @@ +From 9a1d11b9fbadf740c73aee6dca4fd0370b38e4a8 Tue Oct 3 13:49:13 2023 +From: Mariam Elshakfy <mariam.elshakfy@arm.com> +Date: Tue, 3 Oct 2023 13:49:13 +0000 +Subject: [PATCH] Modify SPMC Base to DDR4 + +Since OP-TEE start address is changed to run +from DDR4, this patch changes SPMC base to +the correct one. + +Upstream-Status: Pending (not yet submitted to upstream) +Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com> +--- + plat/arm/board/n1sdp/include/platform_def.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plat/arm/board/n1sdp/include/platform_def.h b/plat/arm/board/n1sdp/include/platform_def.h +index b3799a7b2..b12c61b61 100644 +--- a/plat/arm/board/n1sdp/include/platform_def.h ++++ b/plat/arm/board/n1sdp/include/platform_def.h +@@ -118,7 +118,7 @@ + + #define PLAT_ARM_MAX_BL31_SIZE UL(0x40000) + +-#define PLAT_ARM_SPMC_BASE U(0x08000000) ++#define PLAT_ARM_SPMC_BASE U(0xDE000000) + #define PLAT_ARM_SPMC_SIZE UL(0x02000000) /* 32 MB */ + + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend index 392c6090e1..074bc683f1 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_%.bbappend @@ -2,3 +2,5 @@ COMPATIBLE_MACHINE:corstone1000 = "corstone1000" SRCREV:corstone1000 = "5f591f67738a1bbe6b262c53d9dad46ed8bbcd67" + +COMPATIBLE_MACHINE:n1sdp = "n1sdp" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc index ee0713718f..8673199d69 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc @@ -24,6 +24,16 @@ TFA_SPMD_SPM_AT_SEL2 = "0" # BL2 loads BL32 (optee). So, optee needs to be built first: DEPENDS += "optee-os" +# Note: Regarding the build option: LOG_LEVEL. +# There seems to be an issue when setting it +# to 50 (LOG_LEVEL_VERBOSE), where the kernel +# tee driver sends yielding requests to OP-TEE +# at a faster pace than OP-TEE processes them, +# as the processing time is consumed by logging +# in TF-A. When this issue occurs, booting halts +# as soon as optee driver starts initialization. +# Therefore, it's not currently recommended to +# set LOG_LEVEL to 50 at all. EXTRA_OEMAKE:append = " \ ARCH=aarch64 \ TARGET_PLATFORM=${TFA_TARGET_PLATFORM} \ @@ -41,5 +51,4 @@ EXTRA_OEMAKE:append = " \ ERRATA_A35_855472=1 \ ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \ BL32=${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin \ - LOG_LEVEL=50 \ " diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp-base.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp-base.inc new file mode 100644 index 0000000000..5fafe292d8 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp-base.inc @@ -0,0 +1,20 @@ +# FVP specific TFA parameters + +# +# Armv8-A Base Platform FVP +# + +FILESEXTRAPATHS:prepend := "${THISDIR}/files/:" +SRC_URI:append = " file://0001-fdts-fvp-base-Add-stdout-path-and-virtio-net-and-rng.patch" + +COMPATIBLE_MACHINE = "fvp-base" +TFA_PLATFORM = "fvp" +TFA_DEBUG = "1" +TFA_MBEDTLS = "1" +TFA_UBOOT ?= "1" +TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip" + +EXTRA_OEMAKE += "FVP_DT_PREFIX=fvp-base-gicv3-psci-1t" + +# Our fvp-base machine explicitly has v8.4 cores +EXTRA_OEMAKE += "ARM_ARCH_MAJOR=8 ARM_ARCH_MINOR=4" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp.inc deleted file mode 100644 index ca96b4484f..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp.inc +++ /dev/null @@ -1,12 +0,0 @@ -# FVP specific TFA parameters - -# -# Armv8-A Base Platform FVP -# - -COMPATIBLE_MACHINE = "fvp-base" -TFA_PLATFORM = "fvp" -TFA_DEBUG = "1" -TFA_MBEDTLS = "1" -TFA_UBOOT ?= "1" -TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc index 900decc2b9..79dc9b2bb8 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc @@ -5,18 +5,19 @@ SRCREV_tfa = "31f60a968347497562b0129134928d7ac4767710" PV .= "+git" COMPATIBLE_MACHINE = "n1sdp" -TFA_PLATFORM = "n1sdp" TFA_BUILD_TARGET = "all fip" TFA_INSTALL_TARGET = "bl1 bl2 bl31 n1sdp-multi-chip n1sdp-single-chip n1sdp_fw_config n1sdp_tb_fw_config fip" TFA_DEBUG = "1" TFA_MBEDTLS = "1" TFA_UBOOT = "0" -TFA_UEFI = "1" +TFA_UEFI ?= "1" FILESEXTRAPATHS:prepend := "${THISDIR}/files/n1sdp:" -SRC_URI:append = " \ +SRC_URI:append = " \ file://0001-Reserve-OP-TEE-memory-from-nwd.patch \ + file://0002-Modify-BL32-Location-to-DDR4.patch \ + file://0003-Modify-SPMC-Base-to-DDR4.patch \ " TFA_ROT_KEY= "plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem" @@ -37,5 +38,4 @@ EXTRA_OEMAKE:append = "\ ARM_ROTPK_LOCATION="devel_rsa" \ ROT_KEY="${TFA_ROT_KEY}" \ BL32=${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/tee-pager_v2.bin \ - BL33=${RECIPE_SYSROOT}/firmware/uefi.bin \ " diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend index 7fbcd3aba0..cb482a6f4d 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend @@ -4,7 +4,7 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files/:" MACHINE_TFA_REQUIRE ?= "" MACHINE_TFA_REQUIRE:corstone1000 = "trusted-firmware-a-corstone1000.inc" -MACHINE_TFA_REQUIRE:fvp-base = "trusted-firmware-a-fvp.inc" +MACHINE_TFA_REQUIRE:fvp-base = "trusted-firmware-a-fvp-base.inc" MACHINE_TFA_REQUIRE:juno = "trusted-firmware-a-juno.inc" MACHINE_TFA_REQUIRE:n1sdp = "trusted-firmware-a-n1sdp.inc" MACHINE_TFA_REQUIRE:sgi575 = "trusted-firmware-a-sgi575.inc" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch index 98dabbe96c..4f00ea2881 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch @@ -6,7 +6,7 @@ Subject: [PATCH] Platform: corstone1000: Increase BL2 size in flash layout Increases BL2 size to align with the flash page size in corstone1000. Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103] --- platform/ext/target/arm/corstone1000/partition/flash_layout.h | 2 +- diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch index d348d02dbc..6bbd66fdc4 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch @@ -7,7 +7,7 @@ Increases BL2_DATA_SIZE to accommodate the changes in metadata_write/read. Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24103] --- platform/ext/target/arm/corstone1000/partition/region_defs.h | 3 ++- diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch index bf7aba8de8..7a07c0c1ac 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch @@ -12,7 +12,7 @@ update since the tfm bl1 does not sync metadata and nv counters in OTP during the boot anymore. Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24104/7] --- .../arm/corstone1000/fw_update_agent/fwu_agent.c | 10 +++++++--- diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch index 2f5ba04b42..e4eba624ad 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-add-unique-firmware-GUID.patch @@ -5,8 +5,8 @@ Subject: [PATCH] Platform corstone1000 add unique firmware GUID Add unique Corstone-1000 firmware GUID -Upstream-Status: Pending [Not submitted to upstream yet] Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com> +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24132/3] --- .../target/arm/corstone1000/fw_update_agent/fwu_agent.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch index 49c336de64..f805a44d52 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch @@ -7,7 +7,7 @@ Enables signed capsule update and adjusts the necessary structs (fmp_payload_hea , image_auth, etc.) to comply with the new capsule generation tool (mkeficapsule). Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] +Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/24131/3] --- .../fw_update_agent/uefi_capsule_parser.c | 25 +++++++++++-------- .../fw_update_agent/uefi_capsule_parser.h | 2 ++ diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch new file mode 100644 index 0000000000..97cd14dabb --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-increase-ITS-max-asset-size.patch @@ -0,0 +1,29 @@ +From ef97f7083279565dab45a550139935d741f159a9 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Fri, 29 Sep 2023 09:57:19 +0100 +Subject: [PATCH] platform: corstone1000: Increase ITS max asset size +​ +Increases the max asset size for ITS to enable parsec services & tests +​ +Upstream-Status: Pending +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Signed-off-by: Vikas Katariya <vikas.katariya@arm.com> +--- + platform/ext/target/arm/corstone1000/config_tfm_target.h | 5 +++++ + 1 files changed, 5 insertions(+) +​ +diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h +index e968366639..3f6e8477e5 100644 +--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h ++++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h +@@ -24,4 +24,9 @@ + #undef PS_NUM_ASSETS + #define PS_NUM_ASSETS 20 + ++/* The maximum size of asset to be stored in the Internal Trusted Storage area. */ ++#undef ITS_MAX_ASSET_SIZE ++#define ITS_MAX_ASSET_SIZE 2048 ++ ++ + #endif /* __CONFIG_TFM_TARGET_H__ */ +--
\ No newline at end of file diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-platform-corstone1000-align-capsule-update-structs.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-platform-corstone1000-align-capsule-update-structs.patch new file mode 100644 index 0000000000..7aeecfa31b --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-platform-corstone1000-align-capsule-update-structs.patch @@ -0,0 +1,78 @@ +From 6807d4b30f7d4ed32d3c54dfcaf3ace63eaa4f02 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Thu, 26 Oct 2023 11:46:04 +0100 +Subject: [PATCH] platform: corstone1000: align capsule update structs + +U-boot mkefitool creates capsule image without packed and byte-aligned +structs. This patch aligns the capsule-update structures and avoids +crashes in case of unaligned pointer access. + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Pending +--- + .../fw_update_agent/uefi_capsule_parser.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c +index c706c040ac..9f8d12ad4e 100644 +--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c ++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c +@@ -34,14 +34,14 @@ typedef struct { + uint32_t header_size; + uint32_t flags; + uint32_t capsule_image_size; +-} efi_capsule_header_t; ++} efi_capsule_header_t __attribute__((packed, aligned(1))); + + typedef struct { + uint32_t version; + uint16_t embedded_driver_count; + uint16_t payload_item_count; + uint64_t item_offset_list[]; +-} efi_firmware_management_capsule_header_t; ++} efi_firmware_management_capsule_header_t __attribute__((packed, aligned(1))); + + typedef struct { + uint32_t version; +@@ -52,14 +52,14 @@ typedef struct { + uint32_t update_vendorcode_size; + uint64_t update_hardware_instance; //introduced in v2 + uint64_t image_capsule_support; //introduced in v3 +-} efi_firmware_management_capsule_image_header_t; ++} efi_firmware_management_capsule_image_header_t __attribute__((packed, aligned(1))); + + typedef struct { + uint32_t signature; + uint32_t header_size; + uint32_t fw_version; + uint32_t lowest_supported_version; +-} fmp_payload_header_t; ++} fmp_payload_header_t __attribute__((packed, aligned(1))); + + #define ANYSIZE_ARRAY 0 + +@@ -68,18 +68,18 @@ typedef struct { + uint16_t wRevision; + uint16_t wCertificateType; + uint8_t bCertificate[ANYSIZE_ARRAY]; +-} WIN_CERTIFICATE; ++} WIN_CERTIFICATE __attribute__((packed, aligned(1))); + + typedef struct { + WIN_CERTIFICATE hdr; + struct efi_guid cert_type; + uint8_t cert_data[ANYSIZE_ARRAY]; +-} win_certificate_uefi_guid_t; ++} win_certificate_uefi_guid_t __attribute__((packed, aligned(1))); + + typedef struct { + uint64_t monotonic_count; + win_certificate_uefi_guid_t auth_info; +-} efi_firmware_image_authentication_t; ++} efi_firmware_image_authentication_t __attribute__((packed, aligned(1))); + + + enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr, +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-fix-synchronization-issue-on-o.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-fix-synchronization-issue-on-o.patch new file mode 100644 index 0000000000..be6bde6f8a --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-fix-synchronization-issue-on-o.patch @@ -0,0 +1,50 @@ +From b70dd14eed59d7c5833ded8469cf99e631951e14 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Wed, 15 Nov 2023 09:52:19 +0000 +Subject: [PATCH] platform: corstone1000: fix synchronization issue on openamp + notification + +This fixes a race that is observed rarely in the FVP. It occurs in FVP +when tfm sends the notication ack in openamp, and then reset the access +request which resets the mhu registers before received by the host +processor. This solution introduces polling on the status register of +mhu until the notificaiton is read by the host processor. (Inspired by +signal_and_wait_for_signal function in mhu_wrapper_v2_x.c in trusted-firmware-m +https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/ext/target/arm/rss/common/native_drivers/mhu_wrapper_v2_x.c#n61) + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Pending [Not submitted to upstream yet] +--- + .../corstone1000/openamp/platform_spe_dual_core_hal.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c b/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c +index 7613345ffc..b58088032f 100644 +--- a/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c ++++ b/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c +@@ -83,7 +83,7 @@ enum tfm_plat_err_t tfm_dual_core_hal_init(void) + + enum tfm_plat_err_t tfm_hal_notify_peer(void) + { +- uint32_t access_ready; ++ uint32_t access_ready,val; + enum mhu_v2_x_error_t status; + struct mhu_v2_x_dev_t* dev = &MHU1_SE_TO_HOST_DEV; + +@@ -108,6 +108,13 @@ enum tfm_plat_err_t tfm_hal_notify_peer(void) + return TFM_PLAT_ERR_SYSTEM_ERR; + } + ++ do { ++ status = mhu_v2_x_channel_poll(dev, MHU1_SEH_NOTIFY_CH, &val); ++ if (status != MHU_V_2_X_ERR_NONE) { ++ break; ++ } ++ } while(val != 0); ++ + status = mhu_v2_x_reset_access_request(dev); + if (status != MHU_V_2_X_ERR_NONE) { + SPMLOG_ERRMSGVAL("mhu_v2_x_reset_access_request : ", status); +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index 601d165236..7cf3b944bf 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -34,6 +34,9 @@ SRC_URI:append:corstone1000 = " \ file://0004-arm-trusted-firmware-m-disable-fatal-warnings.patch \ file://0005-Platform-corstone1000-add-unique-firmware-GUID.patch \ file://0006-Platform-Corstone1000-Enable-Signed-Capsule.patch \ + file://0007-platform-corstone1000-increase-ITS-max-asset-size.patch \ + file://0008-platform-corstone1000-align-capsule-update-structs.patch \ + file://0009-platform-corstone1000-fix-synchronization-issue-on-o.patch \ " # TF-M ships patches for external dependencies that needs to be applied diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc new file mode 100644 index 0000000000..b6b7a04fce --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc @@ -0,0 +1,63 @@ +# Corstone1000 specific U-boot support + +DEPENDS:append = " gnutls-native openssl-native efitools-native" +CORSTONE1000_DEVICE_TREE:corstone1000-mps3 = "corstone1000-mps3" +CORSTONE1000_DEVICE_TREE:corstone1000-fvp = "corstone1000-fvp" +EXTRA_OEMAKE:append = ' DEVICE_TREE=${CORSTONE1000_DEVICE_TREE}' + +SYSROOT_DIRS:append = " /boot" + +SRC_URI:append = " \ + file://0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch \ + file://0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch \ + file://0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch \ + file://0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch \ + file://0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch \ + file://0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch \ + file://0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch \ + file://0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch \ + file://0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch \ + file://0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch \ + file://0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch \ + file://0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch \ + file://0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch \ + file://0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch \ + file://0015-efi_firmware-add-get_image_info-for-corstone1000.patch \ + file://0016-efi_loader-fix-null-pointer-exception-with-get_image.patch \ + file://0017-arm-corstone1000-add-mmc-for-fvp.patch \ + file://0018-corstone1000-add-compressed-kernel-support.patch \ + file://0019-arm-corstone1000-esrt-support.patch \ + file://0020-corstone1000-enable-distro-booting-command.patch \ + file://0021-corstone1000-add-fwu-metadata-store-info.patch \ + file://0022-fwu_metadata-make-sure-structures-are-packed.patch \ + file://0023-corstone1000-add-boot-index.patch \ + file://0024-corstone1000-adjust-boot-bank-and-kernel-location.patch \ + file://0025-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch \ + file://0026-nvmxip-move-header-to-include.patch \ + file://0027-corstone1000-set-kernel_addr-based-on-boot_idx.patch \ + file://0028-corstone1000-boot-index-from-active.patch \ + file://0029-corstone1000-enable-PSCI-reset.patch \ + file://0030-Enable-EFI-set-get-time-services.patch \ + file://0031-corstone1000-detect-inflated-kernel-size.patch \ + file://0032-corstone1000-ESRT-add-unique-firmware-GUID.patch \ + file://0033-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch \ + file://0034-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch \ + file://0035-corstone1000-purge-U-Boot-specific-DT-nodes.patch \ + file://0036-corstone1000-add-signature-device-tree-overlay.patch \ + file://0037-corstone1000-enable-authenticated-capsule-config.patch \ + file://0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch \ + file://0039-enables-ondisk-capsule-update-feature.patch \ + file://0040-fix-runtime-capsule-update-flags-checks.patch \ + file://0041-scatter-gather-flag-workaround.patch \ + file://0042-corstone1000-enable-virtio-net-support.patch \ + " + +do_configure:append(){ + openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=CRT/ -keyout ${B}/CRT.key -out ${B}/CRT.crt -nodes -days 365 + cert-to-efi-sig-list ${B}/CRT.crt ${B}/corstone1000_defconfig/CRT.esl +} + +do_install:append() { + install -D -p -m 0644 ${B}/CRT.crt ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_cert.crt + install -D -p -m 0644 ${B}/CRT.key ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_key.key +} diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc new file mode 100644 index 0000000000..b766181bed --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc @@ -0,0 +1,8 @@ +# FVP base specific U-boot support + +SRC_URI:append = " \ + file://0001-virtio-rng-Workaround-for-FVP-returning-zero-size-bu.patch \ + file://0002-vexpress64-Set-the-DM_RNG-property.patch \ + file://0003-vexpress64-Select-PSCI-RESET-by-default.patch \ + file://0004-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch \ + " diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-juno.inc b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-juno.inc new file mode 100644 index 0000000000..e49d87c2e2 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-juno.inc @@ -0,0 +1,3 @@ +# Juno specific U-boot support + +SRC_URI:append = " file://0001-configs-vexpress-modify-to-boot-compressed-initramfs.patch" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc new file mode 100644 index 0000000000..ca182c557c --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc @@ -0,0 +1,5 @@ +# TC0 and TC1 specific U-boot support + +SRC_URI:append = " \ + file://bootargs.cfg \ + " diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch index df633e2faf..485ed4ba5d 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch @@ -1,7 +1,7 @@ -From b79722ade56bd49cf9e7d9b47b6256599c8cdb36 Mon Sep 17 00:00:00 2001 +From 6b7a5bff8d68b191569557b6444e2c5061af8074 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Fri, 29 Jul 2022 13:06:19 +0100 -Subject: [PATCH 01/33] FF-A v15: arm64: smccc: add support for SMCCCv1.2 +Subject: [PATCH 01/38] FF-A v15: arm64: smccc: add support for SMCCCv1.2 x0-x17 registers add support for x0-x17 registers used by the SMC calls diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch index 550be6be1f..ebb2b55663 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch @@ -1,7 +1,7 @@ -From 43137871fcc46513eea1480cd78ad091763578f0 Mon Sep 17 00:00:00 2001 +From faa2a74ce8cc9497c551b1bee6beed5c2c2f2dee Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Thu, 4 Aug 2022 16:46:47 +0100 -Subject: [PATCH 02/33] FF-A v15: lib: uuid: introduce uuid_str_to_le_bin +Subject: [PATCH 02/38] FF-A v15: lib: uuid: introduce uuid_str_to_le_bin function convert UUID string to little endian binary data diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch index bbd4e04824..dbdf296240 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch @@ -1,7 +1,7 @@ -From 80fd758cb55f8b44078b4535284ea132b0d5a944 Mon Sep 17 00:00:00 2001 +From fa4a5b45d0254e347ba15992d997529f5056fe8f Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 27 Mar 2023 16:24:29 +0100 -Subject: [PATCH 03/33] FF-A v15: lib: uuid: introduce testcase for +Subject: [PATCH 03/38] FF-A v15: lib: uuid: introduce testcase for uuid_str_to_le_bin provide a test case diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch index f0d67639fc..e2c9d86e81 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch @@ -1,7 +1,7 @@ -From e8b71ec24884a0c973ac663e6802ff529a8be349 Mon Sep 17 00:00:00 2001 +From 6a50d03467b70220b615dbe87b4b49d7f86fcb2f Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 17 Jul 2023 15:11:43 +0100 -Subject: [PATCH 04/33] FF-A v15: arm_ffa: introduce Arm FF-A support +Subject: [PATCH 04/38] FF-A v15: arm_ffa: introduce Arm FF-A support Add Arm FF-A support implementing Arm Firmware Framework for Armv8-A v1.0 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch index aeb4bb908a..0a4f4c9dbd 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch @@ -1,7 +1,7 @@ -From 3eb4fb19777383f5f05b7ce74da141f53ffc4374 Mon Sep 17 00:00:00 2001 +From 2d225908fde28c9759fae7a9fdce6bb8c39ec579 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Wed, 10 May 2023 17:27:01 +0100 -Subject: [PATCH 05/33] FF-A v15: arm_ffa: introduce armffa command +Subject: [PATCH 05/38] FF-A v15: arm_ffa: introduce armffa command Provide armffa command showcasing the use of the U-Boot FF-A support diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch index 4f94b72228..13ea227544 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch @@ -1,7 +1,7 @@ -From 4f104ef6804ffd6483d166840d113630be85edb0 Mon Sep 17 00:00:00 2001 +From 8b24115d3b41af53602bfc80bea7e134dc0edefb Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 17 Jul 2023 15:18:58 +0100 -Subject: [PATCH 06/33] FF-A v15: arm_ffa: introduce sandbox FF-A support +Subject: [PATCH 06/38] FF-A v15: arm_ffa: introduce sandbox FF-A support Emulate Secure World's FF-A ABIs and allow testing U-Boot FF-A support diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch index 966c32bdec..7233079397 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch @@ -1,7 +1,7 @@ -From 00d0d8edf47430e3069e7c1dfa7a5bb7bb36bd49 Mon Sep 17 00:00:00 2001 +From 9c789dbc70d58f55c84cc02ac35783af0aae85d5 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Wed, 10 May 2023 17:34:55 +0100 -Subject: [PATCH 07/33] FF-A v15: arm_ffa: introduce sandbox test cases for +Subject: [PATCH 07/38] FF-A v15: arm_ffa: introduce sandbox test cases for UCLASS_FFA Add functional test cases for the FF-A support diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch index 05b5e4d1ab..5d70db68cb 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch @@ -1,7 +1,7 @@ -From 78547a9f322b981a93bbeeb48b3eda1d2ab35cd0 Mon Sep 17 00:00:00 2001 +From 95589fd6c92d41aa22d30a34193006216c6ee827 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Fri, 23 Jun 2023 13:44:10 +0100 -Subject: [PATCH 08/33] FF-A v15: arm_ffa: introduce armffa command Sandbox +Subject: [PATCH 08/38] FF-A v15: arm_ffa: introduce armffa command Sandbox test Add Sandbox test for the armffa command diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch index bd75bc1d37..6f663fab12 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch @@ -1,7 +1,7 @@ -From 342844c2a5ad6beb127e1e8e52b311df77cff472 Mon Sep 17 00:00:00 2001 +From 02e38e24676d48d8a792ab6631a903ae1faa6271 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 15 Aug 2022 15:12:49 +0100 -Subject: [PATCH 09/33] FF-A v15: arm_ffa: efi: introduce FF-A MM communication +Subject: [PATCH 09/38] FF-A v15: arm_ffa: efi: introduce FF-A MM communication Add MM communication support using FF-A transport diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch index 4dcec1dc39..bc71b9462e 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch @@ -1,7 +1,7 @@ -From 79e941be83a7394d03b09c618c8e2924ef962d64 Mon Sep 17 00:00:00 2001 +From c726c9ff098e4b271d60856b462f3dc532763a03 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 17 Jul 2023 15:23:33 +0100 -Subject: [PATCH 10/33] FF-A v15: arm_ffa: efi: corstone1000: enable MM +Subject: [PATCH 10/38] FF-A v15: arm_ffa: efi: corstone1000: enable MM communication turn on EFI MM communication diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch index d2c440c828..00d6ea7276 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch @@ -1,7 +1,7 @@ -From 90b2741149a538c93aed61522c0d3363351bd578 Mon Sep 17 00:00:00 2001 +From 4483f276e70afdd961449ac45d4d8121c2a9080c Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 17 Jul 2023 15:56:18 +0100 -Subject: [PATCH 11/33] efi: corstone1000: fwu: introduce EFI capsule update +Subject: [PATCH 11/38] efi: corstone1000: fwu: introduce EFI capsule update This commit provides capsule update feature for Corstone1000. diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch index f9fb70b50d..023d53c2fa 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch @@ -1,7 +1,7 @@ -From 445dfd4a5d8f31a7efb3f2f15aa677de8b3eb602 Mon Sep 17 00:00:00 2001 +From 7844378788f308f3540c5eb10956c84113005fcc Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Fri, 4 Mar 2022 15:56:09 +0000 -Subject: [PATCH 12/33] arm: corstone1000: fix unrecognized filesystem type +Subject: [PATCH 12/38] arm: corstone1000: fix unrecognized filesystem type Some usb sticks are not recognized by usb, just add a delay before checking status. diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch index 4ddb35ea54..71cdf6ac95 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch @@ -1,7 +1,7 @@ -From 68248cd3cc95e0480ee2cbc3ebaba51967889199 Mon Sep 17 00:00:00 2001 +From 94e6c1dee044b3573991e48449de9144cfe3c0f3 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Sat, 11 Dec 2021 13:23:55 +0000 -Subject: [PATCH 13/33] efi_loader: corstone1000: remove guid check from +Subject: [PATCH 13/38] efi_loader: corstone1000: remove guid check from corstone1000 config option Use generic fmp guid and no separte check is required for diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch index c0b3fa82a4..9d3cb666a3 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch @@ -1,7 +1,7 @@ -From bb0eb602d3697384318cac90605259aa7fb21c9b Mon Sep 17 00:00:00 2001 +From 9be08ccf3f7b30b2c57ff2eb593c5b17c967fc4a Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 17 Dec 2021 19:49:02 +0000 -Subject: [PATCH 14/33] efi_loader: populate ESRT table if EFI_ESRT config +Subject: [PATCH 14/38] efi_loader: populate ESRT table if EFI_ESRT config option is set This change is to call efi_esrt_populate function if CONFIG_EFI_ESRT diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_firmware-add-get_image_info-for-corstone1000.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_firmware-add-get_image_info-for-corstone1000.patch index 2186330ebe..c74c7c03e8 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_firmware-add-get_image_info-for-corstone1000.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_firmware-add-get_image_info-for-corstone1000.patch @@ -1,7 +1,7 @@ -From 5e12999d179e84ac52e242d56c57a4d429651124 Mon Sep 17 00:00:00 2001 +From 03fe979677509f974b8d56097fbbd6c7e4cbe20b Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 17 Dec 2021 19:50:25 +0000 -Subject: [PATCH 15/33] efi_firmware: add get_image_info for corstone1000 +Subject: [PATCH 15/38] efi_firmware: add get_image_info for corstone1000 This change is to populate get_image_info which eventually will be populated in ESRT table diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-fix-null-pointer-exception-with-get_image.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-fix-null-pointer-exception-with-get_image.patch index b58c1d7911..655e014224 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-fix-null-pointer-exception-with-get_image.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-fix-null-pointer-exception-with-get_image.patch @@ -1,7 +1,7 @@ -From 957e88fc52d77e6a3024f06bebfaa713c9e99e59 Mon Sep 17 00:00:00 2001 +From 13bf700129e902ba7ae556babcfb9c7956f32571 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 14 Jan 2022 15:24:18 +0000 -Subject: [PATCH 16/33] efi_loader: fix null pointer exception with +Subject: [PATCH 16/38] efi_loader: fix null pointer exception with get_image_info get_img_info API implemented for corstone1000 target does not diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-add-mmc-for-fvp.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-add-mmc-for-fvp.patch index 75fe64c2c3..dd746d9116 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-add-mmc-for-fvp.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-add-mmc-for-fvp.patch @@ -1,7 +1,7 @@ -From 61b5f50718431b5fff57fcaa924238135b11ed3c Mon Sep 17 00:00:00 2001 +From e07a03678e72afa7a5d2ab66ce2e1a21e0a73cfc Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Mon, 17 Jul 2023 16:50:53 +0100 -Subject: [PATCH 17/33] arm:corstone1000: add mmc for fvp +Subject: [PATCH 17/38] arm:corstone1000: add mmc for fvp Enable support mmc/sdcard for the corstone1000 FVP. diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-corstone1000-add-compressed-kernel-support.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-corstone1000-add-compressed-kernel-support.patch index 0f28cdf316..97cf4d0e35 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-corstone1000-add-compressed-kernel-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-corstone1000-add-compressed-kernel-support.patch @@ -1,7 +1,7 @@ -From a5879f1e7d91fc31058ba75b499d77cab080d611 Mon Sep 17 00:00:00 2001 +From b5cfd8ab77e7f305b170a8cd25575e8cc08babc5 Mon Sep 17 00:00:00 2001 From: Jon Mason <jon.mason@arm.com> Date: Wed, 30 Nov 2022 18:59:59 +0000 -Subject: [PATCH 18/33] corstone1000: add compressed kernel support +Subject: [PATCH 18/38] corstone1000: add compressed kernel support The corstone1000 kernel has become too large to fit in the available storage. Swtiching to a compressed kernel avoids the problem, but diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-Introduce-external-sys-driver-to-device-tree.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-Introduce-external-sys-driver-to-device-tree.patch deleted file mode 100644 index a4c6625455..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-Introduce-external-sys-driver-to-device-tree.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 0748658414dd02cec0219841a86c4e7b99bfc171 Mon Sep 17 00:00:00 2001 -From: Emekcan <emekcan.aras@arm.com> -Date: Wed, 30 Nov 2022 19:02:26 +0000 -Subject: [PATCH 19/33] Introduce external sys driver to device-tree - -It adds external sys driver binding to u-boot -device tree. - -Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - arch/arm/dts/corstone1000.dtsi | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi -index 533dfdf8e1..a834d38454 100644 ---- a/arch/arm/dts/corstone1000.dtsi -+++ b/arch/arm/dts/corstone1000.dtsi -@@ -167,5 +167,12 @@ - secure-status = "okay"; /* secure-world-only */ - status = "disabled"; - }; -+ -+ extsys0: extsys@1A010310 { -+ compatible = "arm,extsys_ctrl"; -+ reg = <0x1A010310 0x4>, -+ <0x1A010314 0X4>; -+ reg-names = "rstreg", "streg"; -+ }; - }; - }; --- -2.25.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-arm-corstone1000-esrt-support.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-arm-corstone1000-esrt-support.patch index 369613eb90..11e5124a30 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-arm-corstone1000-esrt-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-arm-corstone1000-esrt-support.patch @@ -1,7 +1,7 @@ -From 0380dee4df6ef11bb08a9c44119b41c58afc562d Mon Sep 17 00:00:00 2001 +From d7682e9f7c45fffe5be0bc67ee9e31fdca1b94c5 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Wed, 30 Nov 2022 19:11:43 +0000 -Subject: [PATCH 21/33] arm/corstone1000: esrt support +Subject: [PATCH 19/38] arm/corstone1000: esrt support The implementation is platform specific and would require change in future. diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-Add-mhu-and-rpmsg-client-to-u-boot-device-tree.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-Add-mhu-and-rpmsg-client-to-u-boot-device-tree.patch deleted file mode 100644 index f3b1503cf3..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-Add-mhu-and-rpmsg-client-to-u-boot-device-tree.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 396229d3d29d9cfd5e2567be5427a9066072e32f Mon Sep 17 00:00:00 2001 -From: Emekcan <emekcan.aras@arm.com> -Date: Mon, 12 Sep 2022 15:47:06 +0100 -Subject: [PATCH 20/33] Add mhu and rpmsg client to u-boot device tree - -Adds external system controller and mhu driver to u-boot -device tree. This enables communication between host and -the external system. - -Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - arch/arm/dts/corstone1000.dtsi | 50 ++++++++++++++++++++++++++++++++++ - 1 file changed, 50 insertions(+) - -diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi -index a834d38454..18c4d1e19a 100644 ---- a/arch/arm/dts/corstone1000.dtsi -+++ b/arch/arm/dts/corstone1000.dtsi -@@ -168,6 +168,56 @@ - status = "disabled"; - }; - -+ mbox_es0mhu0_tx: mhu@1b000000 { -+ compatible = "arm,mhuv2-tx","arm,primecell"; -+ reg = <0x1b000000 0x1000>; -+ clocks = <&refclk100mhz>; -+ clock-names = "apb_pclk"; -+ interrupts = <GIC_SPI 11 IRQ_TYPE_LEVEL_HIGH>; -+ #mbox-cells = <2>; -+ arm,mhuv2-protocols = <1 1>; -+ mbox-name = "arm-es0-mhu0_tx"; -+ }; -+ -+ mbox_es0mhu0_rx: mhu@1b010000 { -+ compatible = "arm,mhuv2-rx","arm,primecell"; -+ reg = <0x1b010000 0x1000>; -+ clocks = <&refclk100mhz>; -+ clock-names = "apb_pclk"; -+ interrupts = <GIC_SPI 12 IRQ_TYPE_LEVEL_HIGH>; -+ #mbox-cells = <2>; -+ arm,mhuv2-protocols = <1 1>; -+ mbox-name = "arm-es0-mhu0_rx"; -+ }; -+ -+ mbox_es0mhu1_tx: mhu@1b020000 { -+ compatible = "arm,mhuv2-tx","arm,primecell"; -+ reg = <0x1b020000 0x1000>; -+ clocks = <&refclk100mhz>; -+ clock-names = "apb_pclk"; -+ interrupts = <GIC_SPI 46 IRQ_TYPE_LEVEL_HIGH>; -+ #mbox-cells = <2>; -+ arm,mhuv2-protocols = <1 1>; -+ mbox-name = "arm-es0-mhu1_tx"; -+ }; -+ -+ mbox_es0mhu1_rx: mhu@1b030000 { -+ compatible = "arm,mhuv2-rx","arm,primecell"; -+ reg = <0x1b030000 0x1000>; -+ clocks = <&refclk100mhz>; -+ clock-names = "apb_pclk"; -+ interrupts = <GIC_SPI 47 IRQ_TYPE_LEVEL_HIGH>; -+ #mbox-cells = <2>; -+ arm,mhuv2-protocols = <1 1>; -+ mbox-name = "arm-es0-mhu1_rx"; -+ }; -+ -+ client { -+ compatible = "arm,client"; -+ mboxes = <&mbox_es0mhu0_tx 0 0>, <&mbox_es0mhu1_tx 0 0>, <&mbox_es0mhu0_rx 0 0>, <&mbox_es0mhu1_rx 0 0>; -+ mbox-names = "es0mhu0_tx", "es0mhu1_tx", "es0mhu0_rx", "es0mhu1_rx"; -+ }; -+ - extsys0: extsys@1A010310 { - compatible = "arm,extsys_ctrl"; - reg = <0x1A010310 0x4>, --- -2.25.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0022-corstone1000-enable-distro-booting-command.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-corstone1000-enable-distro-booting-command.patch index 6f04081cb5..ba9aeeb7ba 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0022-corstone1000-enable-distro-booting-command.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-corstone1000-enable-distro-booting-command.patch @@ -1,7 +1,7 @@ -From b3c9b57d862060b7d112725a567c0ff24184c6e1 Mon Sep 17 00:00:00 2001 +From 0094eb1e6ca78988f105fefb69dd5cc9046c89fe Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Mon, 5 Dec 2022 17:02:32 +0000 -Subject: [PATCH 22/33] corstone1000: enable distro booting command +Subject: [PATCH 20/38] corstone1000: enable distro booting command enable distro_bootcmd diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0023-corstone1000-add-fwu-metadata-store-info.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-corstone1000-add-fwu-metadata-store-info.patch index 6b347962b3..e524d832fa 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0023-corstone1000-add-fwu-metadata-store-info.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-corstone1000-add-fwu-metadata-store-info.patch @@ -1,7 +1,7 @@ -From 10265c2006291f961cc4fdbbffdec6c5f52bf73b Mon Sep 17 00:00:00 2001 +From 7f0ab0707b476d141bcf16de78d09c793b3b7387 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Wed, 1 Feb 2023 15:58:07 +0000 -Subject: [PATCH 23/33] corstone1000: add fwu-metadata store info +Subject: [PATCH 21/38] corstone1000: add fwu-metadata store info Add fwu-mdata node and handle for the reference nvmxip-qspi. @@ -13,7 +13,7 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi -index 18c4d1e19a..25a032b6b3 100644 +index 533dfdf8e1..1e0ec075e4 100644 --- a/arch/arm/dts/corstone1000.dtsi +++ b/arch/arm/dts/corstone1000.dtsi @@ -38,7 +38,7 @@ diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0024-fwu_metadata-make-sure-structures-are-packed.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0022-fwu_metadata-make-sure-structures-are-packed.patch index 88566a6fbf..addd1df2a8 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0024-fwu_metadata-make-sure-structures-are-packed.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0022-fwu_metadata-make-sure-structures-are-packed.patch @@ -1,7 +1,7 @@ -From 046e54d0152987163355e33fe260419dfcf3b8bb Mon Sep 17 00:00:00 2001 +From b2e413049dcf3dcbe3891a8a70bdd36f30b2e6c8 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Wed, 1 Feb 2023 16:13:24 +0000 -Subject: [PATCH 24/33] fwu_metadata: make sure structures are packed +Subject: [PATCH 22/38] fwu_metadata: make sure structures are packed The fwu metadata in the metadata partitions should/are packed to guarantee that the info is diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0025-corstone1000-add-boot-index.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0023-corstone1000-add-boot-index.patch index 45ec44fb57..b4be24f4f1 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0025-corstone1000-add-boot-index.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0023-corstone1000-add-boot-index.patch @@ -1,7 +1,7 @@ -From 92f471d3195e3893f463b11d49f0db62793ca585 Mon Sep 17 00:00:00 2001 +From 62eaf5720bfe49feedf486c57ce9b9968360460c Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Mon, 17 Jul 2023 17:04:10 +0100 -Subject: [PATCH 25/33] corstone1000: add boot index +Subject: [PATCH 23/38] corstone1000: add boot index it is expected that the firmware that runs before u-boot somehow provide the information of the bank diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0026-corstone1000-adjust-boot-bank-and-kernel-location.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0024-corstone1000-adjust-boot-bank-and-kernel-location.patch index 9a889eaffb..ddf80f3e73 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0026-corstone1000-adjust-boot-bank-and-kernel-location.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0024-corstone1000-adjust-boot-bank-and-kernel-location.patch @@ -1,7 +1,7 @@ -From 6ea58b2450c72036551e59186888474bcb54a194 Mon Sep 17 00:00:00 2001 +From 147f98fbefc7e13d1b9a3ae4b5fd3adc30dbed6b Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Wed, 1 Feb 2023 16:17:21 +0000 -Subject: [PATCH 26/33] corstone1000: adjust boot bank and kernel location +Subject: [PATCH 24/38] corstone1000: adjust boot bank and kernel location Adjust in the env boot script the address of the bootbank with the new gpt layout, and also the diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0027-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0025-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch index 621b9d17d5..78334059e3 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0027-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0025-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch @@ -1,7 +1,7 @@ -From af1bb3af4ff7bb9486dc9489d27605b8eded45b9 Mon Sep 17 00:00:00 2001 +From ff2e0fe577c5a564a10bcc730392dd5397f6cb34 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Mon, 17 Jul 2023 17:33:52 +0100 -Subject: [PATCH 27/33] corstone1000: add nvmxip, fwu-mdata and gpt options +Subject: [PATCH 25/38] corstone1000: add nvmxip, fwu-mdata and gpt options Enable the newest features: nvmxip, fwu-metadata and gpt. Commands to print the partition info, gpt info diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0028-nvmxip-move-header-to-include.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0026-nvmxip-move-header-to-include.patch index aac5a1d25d..ec38a519f8 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0028-nvmxip-move-header-to-include.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0026-nvmxip-move-header-to-include.patch @@ -1,7 +1,7 @@ -From 050c2d8577fd98f20c8b96dab3e4c42c8508b6bc Mon Sep 17 00:00:00 2001 +From 2214be0f540121767d7b6ec4910a7389a1edd13c Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Fri, 9 Jun 2023 13:31:53 +0100 -Subject: [PATCH 28/33] nvmxip: move header to include +Subject: [PATCH 26/38] nvmxip: move header to include Move header to include to allow external code to get the internal bdev structures to access diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0029-corstone1000-set-kernel_addr-based-on-boot_idx.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0027-corstone1000-set-kernel_addr-based-on-boot_idx.patch index 6ad4648566..a95a8c6729 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0029-corstone1000-set-kernel_addr-based-on-boot_idx.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0027-corstone1000-set-kernel_addr-based-on-boot_idx.patch @@ -1,7 +1,7 @@ -From c547f3335ddff71a7f4915dc0c99ccbcdbf24b54 Mon Sep 17 00:00:00 2001 +From c615b2e0fe9440b27b83f32c62fdc7f996237b56 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Tue, 18 Jul 2023 12:14:47 +0100 -Subject: [PATCH 29/33] corstone1000: set kernel_addr based on boot_idx +Subject: [PATCH 27/38] corstone1000: set kernel_addr based on boot_idx We need to distinguish between boot banks and from which partition to load the kernel+initramfs to memory. diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0030-corstone1000-boot-index-from-active.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0028-corstone1000-boot-index-from-active.patch index e59a434bb9..5b68e12a64 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0030-corstone1000-boot-index-from-active.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0028-corstone1000-boot-index-from-active.patch @@ -1,7 +1,7 @@ -From faeeeecba2a7c8c507280ce369e3779f7c63d1e4 Mon Sep 17 00:00:00 2001 +From 747da6c0d1f2558ebeaf01ba9f762efa58a08a72 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Mon, 27 Feb 2023 14:40:13 +0000 -Subject: [PATCH 30/33] corstone1000: boot index from active +Subject: [PATCH 28/38] corstone1000: boot index from active In our platform, the Secure Enclave is the one who control all the boot tries and status, so, every time we get here diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0031-corstone1000-enable-PSCI-reset.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0029-corstone1000-enable-PSCI-reset.patch index 9ba0205c70..828661cd90 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0031-corstone1000-enable-PSCI-reset.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0029-corstone1000-enable-PSCI-reset.patch @@ -1,7 +1,7 @@ -From 0524aa417c4989bf03366f13a2456b3bcb72fb87 Mon Sep 17 00:00:00 2001 +From af7054ffdb1f84875a652c6b968dacf9a29cdc9c Mon Sep 17 00:00:00 2001 From: Emekcan Aras <emekcan.aras@arm.com> Date: Tue, 18 Jul 2023 12:19:17 +0100 -Subject: [PATCH 31/33] corstone1000: enable PSCI reset +Subject: [PATCH 29/38] corstone1000: enable PSCI reset Even though corstone1000 does not implement entire PSCI APIs,it relies on PSCI reset interface for the system reset. U-boot change the config name, so we diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0032-Enable-EFI-set-get-time-services.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0030-Enable-EFI-set-get-time-services.patch index acc35f176c..437ee88505 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0032-Enable-EFI-set-get-time-services.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0030-Enable-EFI-set-get-time-services.patch @@ -1,7 +1,7 @@ -From 0ba2b25a9c1dd9c63615bf6830cfb470f33a31b5 Mon Sep 17 00:00:00 2001 +From 8ee7a9c05eb1abe10be139f439f2adf638614290 Mon Sep 17 00:00:00 2001 From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com> Date: Tue, 18 Jul 2023 12:21:39 +0100 -Subject: [PATCH 32/33] Enable EFI set/get time services +Subject: [PATCH 30/38] Enable EFI set/get time services SetTime_Conf and SetTime_Func tests in UEFI SCT test suite of ACS fails with unsupported return value. CONFIG_EFI_SET_TIME and diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-corstone1000-detect-inflated-kernel-size.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0031-corstone1000-detect-inflated-kernel-size.patch index 9fd5b33b70..0a61fd4be1 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-corstone1000-detect-inflated-kernel-size.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0031-corstone1000-detect-inflated-kernel-size.patch @@ -1,7 +1,7 @@ -From b57e05e95735b9b58e81b7a67f483b645c56811e Mon Sep 17 00:00:00 2001 +From b65511da443c07b45151b30ea2dc280219f4252b Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Fri, 11 Aug 2023 10:41:19 +0100 -Subject: [PATCH] corstone1000: detect inflated kernel size +Subject: [PATCH 31/38] corstone1000: detect inflated kernel size use filesize variable set by unzip command @@ -12,10 +12,10 @@ Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig -index b6b1ccdd78..8a10bca069 100644 +index a0af413de8..5b0b2ac3bf 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig -@@ -17,7 +17,7 @@ CONFIG_FIT=y +@@ -15,7 +15,7 @@ CONFIG_DISTRO_DEFAULTS=y CONFIG_BOOTDELAY=3 CONFIG_USE_BOOTARGS=y CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-corstone1000-ESRT-add-unique-firmware-GUID.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0032-corstone1000-ESRT-add-unique-firmware-GUID.patch index 197a06950a..34e45450a6 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-corstone1000-ESRT-add-unique-firmware-GUID.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0032-corstone1000-ESRT-add-unique-firmware-GUID.patch @@ -1,7 +1,7 @@ -From 98b33cc6b3a56f56224e0a6fe6c3564de7b1341a Mon Sep 17 00:00:00 2001 +From 7e63d4982fd4436d9d0d9abebd9e0ed1473f5237 Mon Sep 17 00:00:00 2001 From: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com> Date: Tue, 8 Aug 2023 10:24:39 +0000 -Subject: [PATCH] corstone1000: ESRT: add unique firmware GUID +Subject: [PATCH 32/38] corstone1000: ESRT: add unique firmware GUID Add unique Corstone-1000 firmware GUID @@ -12,7 +12,7 @@ Signed-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@arm.com> 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c -index 6135f8ed1c..c9117ae2b2 100644 +index c6ab6e2182..7792a6aa83 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -20,12 +20,12 @@ @@ -43,5 +43,5 @@ index 6135f8ed1c..c9117ae2b2 100644 ret = efi_fill_image_desc_array(image_info_size, image_info, descriptor_version, descriptor_count, -- -2.38.1 +2.25.1 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0035-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch index 25a7aa3069..ea5e0ef8c0 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0035-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0033-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch @@ -1,7 +1,7 @@ -From a37ab0c2578a4627111022d2d1f27f9efa1c2b76 Mon Sep 17 00:00:00 2001 +From a8ecc3ce0fcabb2414a000b7c8bfe3ce46d4392c Mon Sep 17 00:00:00 2001 From: Sughosh Ganu <sughosh.ganu@linaro.org> Date: Thu, 21 Sep 2023 14:13:42 +0100 -Subject: [PATCH 35/37] dt: Provide a way to remove non-compliant nodes and +Subject: [PATCH 33/38] dt: Provide a way to remove non-compliant nodes and properties Add a function which is registered to spy for a EVT_FT_FIXUP event, diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0036-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch index 2eb273afc6..c44b6e33c4 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0036-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0034-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch @@ -1,7 +1,7 @@ -From 729c0163ae6aed76b3267b95d2989e70ded66716 Mon Sep 17 00:00:00 2001 +From 829e5d3a505452fbdb420432dc885903332a8cdc Mon Sep 17 00:00:00 2001 From: Sughosh Ganu <sughosh.ganu@linaro.org> Date: Thu, 21 Sep 2023 14:15:13 +0100 -Subject: [PATCH 36/37] bootefi: Call the EVT_FT_FIXUP event handler +Subject: [PATCH 34/38] bootefi: Call the EVT_FT_FIXUP event handler The bootefi command passes the devicetree to the kernel through the EFI config table. Call the event handlers for fixing the devicetree diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0037-corstone1000-purge-U-Boot-specific-DT-nodes.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0035-corstone1000-purge-U-Boot-specific-DT-nodes.patch index 2aafadd21f..230ebe6ebc 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0037-corstone1000-purge-U-Boot-specific-DT-nodes.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0035-corstone1000-purge-U-Boot-specific-DT-nodes.patch @@ -1,7 +1,7 @@ -From 1527eef4dd54a425a5a178f09fa9d3d65aa3e30a Mon Sep 17 00:00:00 2001 +From 3654cebe9449584aa94563b2252c267b926219c9 Mon Sep 17 00:00:00 2001 From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Date: Thu, 21 Sep 2023 15:24:34 +0100 -Subject: [PATCH 37/37] corstone1000: purge U-Boot specific DT nodes +Subject: [PATCH 35/38] corstone1000: purge U-Boot specific DT nodes Remove U-Boot specific DT nodes before passing the DT to Linux diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0036-corstone1000-add-signature-device-tree-overlay.patch index 9d8c6a9e5c..04193a8f0c 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0036-corstone1000-add-signature-device-tree-overlay.patch @@ -1,7 +1,7 @@ -From 88cb6f5a91178903d4e306d8653b941f9727987b Mon Sep 17 00:00:00 2001 +From b6e69bd68c1e0171aa2acb78bec54da02defe129 Mon Sep 17 00:00:00 2001 From: Emekcan Aras <emekcan.aras@arm.com> Date: Wed, 13 Sep 2023 13:20:15 +0100 -Subject: [PATCH] corstone1000: add signature device tree overlay +Subject: [PATCH 36/38] corstone1000: add signature device tree overlay Adds signature device tree overlay. @@ -12,7 +12,7 @@ Upstream-Status: Pending [Not submitted to upstream yet] 1 file changed, 4 insertions(+) diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi -index 25a032b6b3..1c3ab2c315 100644 +index 1e0ec075e4..077673dd44 100644 --- a/arch/arm/dts/corstone1000.dtsi +++ b/arch/arm/dts/corstone1000.dtsi @@ -111,6 +111,10 @@ @@ -27,5 +27,5 @@ index 25a032b6b3..1c3ab2c315 100644 compatible = "simple-bus"; #address-cells = <1>; -- -2.17.1 +2.25.1 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0037-corstone1000-enable-authenticated-capsule-config.patch index 761234e6d5..fe48ab16da 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0037-corstone1000-enable-authenticated-capsule-config.patch @@ -1,7 +1,7 @@ -From 9b884d4f483474b99fcb4850197a1c8dde34147d Mon Sep 17 00:00:00 2001 +From 6a4d38a82755a8946ff8b79440550cae8032abed Mon Sep 17 00:00:00 2001 From: Emekcan Aras <emekcan.aras@arm.com> Date: Wed, 13 Sep 2023 13:52:02 +0100 -Subject: [PATCH] corstone1000: enable authenticated capsule config +Subject: [PATCH 37/38] corstone1000: enable authenticated capsule config Enables authenticated capsule update config for corstone1000. @@ -24,5 +24,5 @@ index 5b0b2ac3bf..2de3f5d7b3 100644 CONFIG_FWU_MULTI_BANK_UPDATE=y # CONFIG_TOOLS_MKEFICAPSULE is not set -- -2.17.1 +2.25.1 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch index f47dd8c196..6e268d436b 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch @@ -1,7 +1,8 @@ -From b99a39c662b9be5f940b895efa8016f5567e1c1f Mon Sep 17 00:00:00 2001 +From 0d1975369f3c483b540818cec8a088ed35116bbb Mon Sep 17 00:00:00 2001 From: Emekcan Aras <emekcan.aras@arm.com> Date: Wed, 13 Sep 2023 13:55:08 +0100 -Subject: [PATCH] corstone1000: introduce EFI authenticated capsule update +Subject: [PATCH 38/38] corstone1000: introduce EFI authenticated capsule + update Introduces EFI authenticated capsule update for corstone1000. Corstone1000 implements platform-specific capsule update mechanism in u-bootdue to the SoC @@ -15,7 +16,7 @@ Upstream-Status: Inappropriate [Redesign of Capsule update interface is required 1 file changed, 39 insertions(+) diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c -index 6a06605ad9..30fb7d1dd5 100644 +index 6a06605ad9..e1c78d8c1c 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -820,6 +820,12 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule( @@ -72,5 +73,5 @@ index 6a06605ad9..30fb7d1dd5 100644 efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size); -- -2.17.1 +2.25.1 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-enables-ondisk-capsule-update-feature.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-enables-ondisk-capsule-update-feature.patch new file mode 100644 index 0000000000..cd002acaab --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-enables-ondisk-capsule-update-feature.patch @@ -0,0 +1,33 @@ +From e5057a10641a7c84186bcbbcd12ee904300ebc53 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Fri, 13 Oct 2023 15:19:32 +0100 +Subject: [PATCH] Enables on-disk capsule update feature + +Enables on-disk capsule update feature for corstone1000. + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Inappropriate [Redesign of Capsule update interface is required] +--- + lib/efi_loader/efi_capsule.c | 5 ++++ + 1 file changed, 5 insertions(+) + +diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c +index e1c78d8c1c..63e4c06e58 100644 +--- a/lib/efi_loader/efi_capsule.c ++++ b/lib/efi_loader/efi_capsule.c +@@ -1499,7 +1499,12 @@ efi_status_t efi_launch_capsules(void) + index = 0; + ret = efi_capsule_read_file(files[i], &capsule); + if (ret == EFI_SUCCESS) { ++ #if IS_ENABLED(CONFIG_TARGET_CORSTONE1000) ++ /* capsule update only supports 1 image and no scatter gather list for corstone1000 */ ++ efi_update_capsule(&capsule, 1, 0); ++ #elif + ret = efi_capsule_update_firmware(capsule); ++ #endif + if (ret != EFI_SUCCESS) { + log_err("Applying capsule %ls failed.\n", + files[i]); +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch new file mode 100644 index 0000000000..b1d400d715 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch @@ -0,0 +1,56 @@ +From a83aa9e1b8f6e312da82e54614fbca498493c34d Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Thu, 19 Oct 2023 14:56:55 +0100 +Subject: [PATCH] fix runtime capsule update flags checks for corstone1000 + +Fixes capsule update flags checks in capsule update as these checks are missing +in the platform-specific capsule-update implementation in corstone1000. + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Inappropriate [Redesign of Capsule update interface is required] +--- + lib/efi_loader/efi_capsule.c | 28 ++++++++++++++++++++++++++++ + 1 file changed, 28 insertions(+) + +diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c +index 307bcfd73c..34507482b7 100644 +--- a/lib/efi_loader/efi_capsule.c ++++ b/lib/efi_loader/efi_capsule.c +@@ -854,6 +854,34 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule( + continue; + } + ++ /* According to UEFI specs when the flag is CAPSULE_FLAGS_PERSIST_ACROSS_RESET, ++ ScatterGatherList can't be NULL.*/ ++ if ((capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) && ++ scatter_gather_list == 0){ ++ ret = EFI_INVALID_PARAMETER; ++ goto out; ++ } ++ ++ /*According to UEFI specs a capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE ++ * flag must have CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its ++ * header as well.*/ ++ if (capsule->flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE){ ++ if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){ ++ ret = EFI_INVALID_PARAMETER; ++ goto out; ++ } ++ } ++ ++ /* According to UEFI specs, a capsule which has the CAPSULE_FLAGS_INITIATE_RESET ++ * Flag must have CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its ++ * header as well.*/ ++ if (capsule->flags & CAPSULE_FLAGS_INITIATE_RESET){ ++ if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){ ++ ret = EFI_INVALID_PARAMETER; ++ goto out; ++ } ++ } ++ + log_debug("Capsule[%d] (guid:%pUs)\n", + i, &capsule->capsule_guid); + +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0041-scatter-gather-flag-workaround.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0041-scatter-gather-flag-workaround.patch new file mode 100644 index 0000000000..8ce82a752b --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0041-scatter-gather-flag-workaround.patch @@ -0,0 +1,39 @@ +From abc3b43996198012498abe5777cfeedde4538a90 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Mon, 6 Nov 2023 14:52:05 +0000 +Subject: [PATCH] workaround for scatter gather flag check for corstone1000 + +This workaround passes 1 as scatter_gather_list value to pass the NULL checks +for scatter_gather_list while CAPSULE_FLAGS_PERSIST_ACROSS_RESET flag is set +(which is introduced lately to align with UEFI specs). Since these flag checks +are not implemented in u-boot properly and corstone1000 does not support +scatter_gather_list during capsule update, this patch will skip the check only +for on-disk capsule update. + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Inappropriate [Redesign of Capsule update interface is required] +--- + lib/efi_loader/efi_capsule.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c +index a7d70acf2a..efbedce460 100644 +--- a/lib/efi_loader/efi_capsule.c ++++ b/lib/efi_loader/efi_capsule.c +@@ -1530,8 +1530,11 @@ efi_status_t efi_launch_capsules(void) + ret = efi_capsule_read_file(files[i], &capsule); + if (ret == EFI_SUCCESS) { + #if IS_ENABLED(CONFIG_TARGET_CORSTONE1000) +- /* capsule update only supports 1 image and no scatter gather list for corstone1000 */ +- efi_update_capsule(&capsule, 1, 0); ++ /* capsule update only supports 1 image and use of scatter_gather_list ++ * is not implemented for corstone1000 passing 1 to pass ++ * the NULL flag checks. This should will be fixed with ++ * new capsule update design*/ ++ ret = efi_update_capsule(&capsule, 1, 1); + #elif + ret = efi_capsule_update_firmware(capsule); + #endif +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0042-corstone1000-enable-virtio-net-support.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0042-corstone1000-enable-virtio-net-support.patch new file mode 100644 index 0000000000..d94e26a57e --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0042-corstone1000-enable-virtio-net-support.patch @@ -0,0 +1,97 @@ +From 2ddd34b6838e836cf94a9da2f65cd01a21252846 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Wed, 15 Nov 2023 16:04:06 +0000 +Subject: [PATCH] corstone1000: enable virtio-net support + +Adds virtio-net support in corstone1000-fvp. + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Pending [Not submitted to upstream yet] +--- + arch/arm/dts/corstone1000-fvp.dts | 6 ++++++ + board/armltd/corstone1000/corstone1000.c | 24 +++++++++++++++++++++++- + configs/corstone1000_defconfig | 2 ++ + 3 files changed, 31 insertions(+), 1 deletion(-) + +diff --git a/arch/arm/dts/corstone1000-fvp.dts b/arch/arm/dts/corstone1000-fvp.dts +index 26b0f1b3ce..8e54a40113 100644 +--- a/arch/arm/dts/corstone1000-fvp.dts ++++ b/arch/arm/dts/corstone1000-fvp.dts +@@ -21,6 +21,12 @@ + reg-io-width = <2>; + }; + ++ virtio: virtio-net@40400000 { ++ compatible = "virtio,mmio"; ++ reg = <0x40400000 0x10000>; ++ interrupts = <145>; ++ }; ++ + vmmc_v3_3d: fixed_v3_3d { + compatible = "regulator-fixed"; + regulator-name = "vmmc_supply"; +diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c +index e3c0e5bf50..ef74dc9032 100644 +--- a/board/armltd/corstone1000/corstone1000.c ++++ b/board/armltd/corstone1000/corstone1000.c +@@ -18,6 +18,7 @@ + #include <dm/platform_data/serial_pl01x.h> + #include <asm/armv8/mmu.h> + #include <asm/global_data.h> ++#include <generated/dt.h> + + /* remove the DT nodes not needed in Linux */ + DT_NON_COMPLIANT_PURGE_LIST(foo) = { +@@ -101,6 +102,14 @@ static struct mm_region corstone1000_mem_map[] = { + .size = 0x80000000UL, + .attrs = PTE_BLOCK_MEMTYPE(MT_NORMAL) | + PTE_BLOCK_INNER_SHARE ++ }, { ++ /* ethernet */ ++ .virt = 0x40400000UL, ++ .phys = 0x40400000UL, ++ .size = 0x00100000UL, ++ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) | ++ PTE_BLOCK_NON_SHARE | ++ PTE_BLOCK_PXN | PTE_BLOCK_UXN + }, { + /* List terminator */ + 0, +@@ -150,10 +159,23 @@ void fwu_plat_get_bootidx(uint *boot_idx) + int board_late_init(void) + { + struct disk_partition part_info; +- struct udevice *dev, *bdev; ++ struct udevice *dev, *bdev,*virtio_bus, *virtio_child;; + struct nvmxip_plat *plat; + struct blk_desc *desc; + int ret; ++ const char *cmp_dtb = DEVICE_TREE; ++ ++ if (!strcmp(cmp_dtb, "corstone1000-fvp")) { ++ ret = uclass_first_device_err(UCLASS_VIRTIO, &virtio_bus); ++ if (!virtio_bus){ ++ log_err("Cannot find virtio device\n"); ++ return ret; ++ } ++ while (virtio_bus) { ++ device_foreach_child_probe(virtio_child, virtio_bus); ++ uclass_next_device(&virtio_bus); ++ } ++ } + + ret = uclass_first_device_err(UCLASS_NVMXIP, &dev); + if (ret < 0) { +diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig +index 2de3f5d7b3..8770b474e2 100644 +--- a/configs/corstone1000_defconfig ++++ b/configs/corstone1000_defconfig +@@ -78,3 +78,5 @@ CONFIG_DM_GPIO=y + CONFIG_SYSRESET_PSCI=y + CONFIG_EFI_SET_TIME=y + CONFIG_EFI_GET_TIME=y ++CONFIG_VIRTIO_NET=y ++CONFIG_VIRTIO_MMIO=y +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-Revert-vexpress64-pick-DRAM-size-from-DT.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-Revert-vexpress64-pick-DRAM-size-from-DT.patch deleted file mode 100644 index d551622460..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-Revert-vexpress64-pick-DRAM-size-from-DT.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 4f649e0a3e0f9ed1f0d6efdff5b14cdc40d84201 Mon Sep 17 00:00:00 2001 -From: Jon Mason <jon.mason@arm.com -Date: Thu, 2 Mar 2023 15:22:08 +0000 -Subject: [PATCH] Revert "vexpress64: pick DRAM size from DT" - -This reverts commit 1a1143a45457161e90ea4cd5f3b0561d924ed8fe. - -DRAM is determined via dtb in recent versions. Since fvp isn't -reading and specifying a dtb, this fails and hangs u-boot. Remove this -and go back to the way things were. - -Signed-off-by: Jon Mason <jon.mason@arm.com> -Upstream-Status: Inappropriate ---- - board/armltd/vexpress64/vexpress64.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/board/armltd/vexpress64/vexpress64.c b/board/armltd/vexpress64/vexpress64.c -index af326dc6f453..e8ce88b22c5a 100644 ---- a/board/armltd/vexpress64/vexpress64.c -+++ b/board/armltd/vexpress64/vexpress64.c -@@ -88,12 +88,20 @@ int board_init(void) - - int dram_init(void) - { -- return fdtdec_setup_mem_size_base(); -+ gd->ram_size = PHYS_SDRAM_1_SIZE; -+ return 0; - } - - int dram_init_banksize(void) - { -- return fdtdec_setup_memory_banksize(); -+ gd->bd->bi_dram[0].start = PHYS_SDRAM_1; -+ gd->bd->bi_dram[0].size = PHYS_SDRAM_1_SIZE; -+#ifdef PHYS_SDRAM_2 -+ gd->bd->bi_dram[1].start = PHYS_SDRAM_2; -+ gd->bd->bi_dram[1].size = PHYS_SDRAM_2_SIZE; -+#endif -+ -+ return 0; - } - - /* Assigned in lowlevel_init.S diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-virtio-rng-Workaround-for-FVP-returning-zero-size-bu.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-virtio-rng-Workaround-for-FVP-returning-zero-size-bu.patch new file mode 100644 index 0000000000..689361d1d3 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0001-virtio-rng-Workaround-for-FVP-returning-zero-size-bu.patch @@ -0,0 +1,49 @@ +From 3ab73b453016d91b9f942a7c12173854135530a4 Mon Sep 17 00:00:00 2001 +From: Peter Hoyes <Peter.Hoyes@arm.com> +Date: Wed, 23 Aug 2023 21:17:17 +0100 +Subject: [PATCH] virtio: rng: Workaround for FVP returning zero-size buffer + +The FVP virtio-rng device is observed to always 8 fewer bytes of random +data than requested. When 8 of fewer bytes are requested, the FVP +returns 0 bytes. This causes U-Boot to hang upon attempting to fill the +last 8 bytes of the input buffer. + +The virtio spec states than entropy devices must always return at least +1 byte of random data. + +To workaround this, always request exactly 16 bytes from the virtio +device, discarding any unused data. + +Upstream-Status: Inappropriate [Temporary workaround] +Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com> +--- + drivers/virtio/virtio_rng.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/virtio/virtio_rng.c b/drivers/virtio/virtio_rng.c +index b85545c2ee5..1e4fc342406 100644 +--- a/drivers/virtio/virtio_rng.c ++++ b/drivers/virtio/virtio_rng.c +@@ -29,7 +29,7 @@ static int virtio_rng_read(struct udevice *dev, void *data, size_t len) + + while (len) { + sg.addr = buf; +- sg.length = min(len, sizeof(buf)); ++ sg.length = sizeof(buf); + sgs[0] = &sg; + + ret = virtqueue_add(priv->rng_vq, sgs, 0, 1); +@@ -44,8 +44,8 @@ static int virtio_rng_read(struct udevice *dev, void *data, size_t len) + if (rsize > sg.length) + return -EIO; + +- memcpy(ptr, buf, rsize); +- len -= rsize; ++ memcpy(ptr, buf, min(len, (size_t)rsize)); ++ len -= min(len, (size_t)rsize); + ptr += rsize; + } + +-- +2.34.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0002-vexpress64-Set-the-DM_RNG-property.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0002-vexpress64-Set-the-DM_RNG-property.patch new file mode 100644 index 0000000000..2f99eaf87c --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0002-vexpress64-Set-the-DM_RNG-property.patch @@ -0,0 +1,31 @@ +From 9a28caf05b8345cd19276cf7a840599bd9e37749 Mon Sep 17 00:00:00 2001 +From: Debbie Martin <Debbie.Martin@arm.com> +Date: Fri, 25 Aug 2023 15:09:33 +0100 +Subject: [PATCH] vexpress64: Set the DM_RNG property + +Enable the DM_RNG virtio random number generator driver in +in order to consume entropy within u-boot. This is necessary +in the case that the kernel is not configured to enable the +virtio rng driver itself. + +Upstream-Status: Pending +Signed-off-by: Debbie Martin <Debbie.Martin@arm.com> +--- + board/armltd/vexpress64/Kconfig | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/board/armltd/vexpress64/Kconfig b/board/armltd/vexpress64/Kconfig +index cf998096e4..7ae5055f59 100644 +--- a/board/armltd/vexpress64/Kconfig ++++ b/board/armltd/vexpress64/Kconfig +@@ -21,6 +21,7 @@ config VEXPRESS64_BASE_MODEL + imply EFI_SET_TIME if DM_RTC + select LINUX_KERNEL_IMAGE_HEADER + select POSITION_INDEPENDENT ++ imply DM_RNG + + choice + prompt "VExpress64 board variant" +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0003-vexpress64-Select-PSCI-RESET-by-default.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0003-vexpress64-Select-PSCI-RESET-by-default.patch new file mode 100644 index 0000000000..9d9a5bdfd1 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0003-vexpress64-Select-PSCI-RESET-by-default.patch @@ -0,0 +1,52 @@ +From 43881e2e9dd165a65791927b1455f4b6c8727f4c Mon Sep 17 00:00:00 2001 +Message-Id: <43881e2e9dd165a65791927b1455f4b6c8727f4c.1696397516.git.diego.sueiro@arm.com> +In-Reply-To: <98035c418c3df58817ab678037599303842ee931.1696397516.git.diego.sueiro@arm.com> +References: <98035c418c3df58817ab678037599303842ee931.1696397516.git.diego.sueiro@arm.com> +From: Diego Sueiro <diego.sueiro@arm.com> +Date: Wed, 4 Oct 2023 06:31:50 +0100 +Subject: [PATCH 2/2] vexpress64: Select PSCI RESET by default + +Set SYSRESET and SYSRESET_PSCI config for vexpress64 by +by default. This means that the reset_cpu function in +vexpress64.c is no longer needed because it is called in +sysreset-uclass.c instead. + +Upstream-Status: Pending +Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> +--- + board/armltd/vexpress64/Kconfig | 2 ++ + board/armltd/vexpress64/vexpress64.c | 5 ----- + 2 files changed, 2 insertions(+), 5 deletions(-) + +diff --git a/board/armltd/vexpress64/Kconfig b/board/armltd/vexpress64/Kconfig +index 0d161740fb..0c2e5f8759 100644 +--- a/board/armltd/vexpress64/Kconfig ++++ b/board/armltd/vexpress64/Kconfig +@@ -31,6 +31,8 @@ config TARGET_VEXPRESS64_BASE_FVP + bool "Support Versatile Express ARMv8a FVP BASE model" + select VEXPRESS64_BASE_MODEL + imply OF_HAS_PRIOR_STAGE ++ select SYSRESET ++ select SYSRESET_PSCI + + config TARGET_VEXPRESS64_BASER_FVP + bool "Support Versatile Express ARMv8r64 FVP BASE model" +diff --git a/board/armltd/vexpress64/vexpress64.c b/board/armltd/vexpress64/vexpress64.c +index ee65a59683..f73de56464 100644 +--- a/board/armltd/vexpress64/vexpress64.c ++++ b/board/armltd/vexpress64/vexpress64.c +@@ -207,11 +207,6 @@ void *board_fdt_blob_setup(int *err) + } + #endif + +-/* Actual reset is done via PSCI. */ +-void reset_cpu(void) +-{ +-} +- + /* + * Board specific ethernet initialization routine. + */ +-- +2.39.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0004-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0004-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch new file mode 100644 index 0000000000..3d10994b60 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/0004-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch @@ -0,0 +1,31 @@ +From 98035c418c3df58817ab678037599303842ee931 Mon Sep 17 00:00:00 2001 +Message-Id: <98035c418c3df58817ab678037599303842ee931.1696397516.git.diego.sueiro@arm.com> +From: Diego Sueiro <diego.sueiro@arm.com> +Date: Wed, 4 Oct 2023 06:29:12 +0100 +Subject: [PATCH 1/2] vexpress64: Imply CONFIG_ARM64_CRC32 by default + +Enable the Arm64 CRC-32 instruction by default for +vexpress64. The CRC-32 instruction is a required +feature of ARMv8.1 and newer. + +Upstream-Status: Pending +Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> +--- + board/armltd/vexpress64/Kconfig | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/board/armltd/vexpress64/Kconfig b/board/armltd/vexpress64/Kconfig +index 7ae5055f59..0d161740fb 100644 +--- a/board/armltd/vexpress64/Kconfig ++++ b/board/armltd/vexpress64/Kconfig +@@ -22,6 +22,7 @@ config VEXPRESS64_BASE_MODEL + select LINUX_KERNEL_IMAGE_HEADER + select POSITION_INDEPENDENT + imply DM_RNG ++ imply ARM64_CRC32 + + choice + prompt "VExpress64 board variant" +-- +2.39.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/bootargs.cfg b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/bootargs.cfg deleted file mode 100644 index 13f4cb4713..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/fvp-base/bootargs.cfg +++ /dev/null @@ -1,4 +0,0 @@ -CONFIG_BOOTARGS="console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda1 rw rootwait" -CONFIG_BOOTCOMMAND="booti $kernel_addr_r - $fdt_addr_r" -# Our FVP support CRC instructions -CONFIG_ARM64_CRC32=y diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend index c2916a5559..11f332ad39 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend @@ -1,83 +1,10 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" -# -# Corstone1000 64-bit machines -# -DEPENDS:append:corstone1000 = " gnutls-native openssl-native efitools-native" -CORSTONE1000_DEVICE_TREE:corstone1000-mps3 = "corstone1000-mps3" -CORSTONE1000_DEVICE_TREE:corstone1000-fvp = "corstone1000-fvp" -EXTRA_OEMAKE:append:corstone1000 = ' DEVICE_TREE=${CORSTONE1000_DEVICE_TREE}' +MACHINE_U-BOOT_REQUIRE ?= "" +MACHINE_U-BOOT_REQUIRE:corstone1000 = "u-boot-corstone1000.inc" +MACHINE_U-BOOT_REQUIRE:fvp-base = "u-boot-fvp-base.inc" +MACHINE_U-BOOT_REQUIRE:juno = "u-boot-juno.inc" +MACHINE_U-BOOT_REQUIRE:tc = "u-boot-tc.inc" -SYSROOT_DIRS:append:corstone1000 = " /boot" +require ${MACHINE_U-BOOT_REQUIRE} -SRC_URI:append:corstone1000 = " \ - file://0001-FF-A-v15-arm64-smccc-add-support-for-SMCCCv1.2-x0-x1.patch \ - file://0002-FF-A-v15-lib-uuid-introduce-uuid_str_to_le_bin-funct.patch \ - file://0003-FF-A-v15-lib-uuid-introduce-testcase-for-uuid_str_to.patch \ - file://0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch \ - file://0005-FF-A-v15-arm_ffa-introduce-armffa-command.patch \ - file://0006-FF-A-v15-arm_ffa-introduce-sandbox-FF-A-support.patch \ - file://0007-FF-A-v15-arm_ffa-introduce-sandbox-test-cases-for-UC.patch \ - file://0008-FF-A-v15-arm_ffa-introduce-armffa-command-Sandbox-te.patch \ - file://0009-FF-A-v15-arm_ffa-efi-introduce-FF-A-MM-communication.patch \ - file://0010-FF-A-v15-arm_ffa-efi-corstone1000-enable-MM-communic.patch \ - file://0011-efi-corstone1000-fwu-introduce-EFI-capsule-update.patch \ - file://0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch \ - file://0013-efi_loader-corstone1000-remove-guid-check-from-corst.patch \ - file://0014-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch \ - file://0015-efi_firmware-add-get_image_info-for-corstone1000.patch \ - file://0016-efi_loader-fix-null-pointer-exception-with-get_image.patch \ - file://0017-arm-corstone1000-add-mmc-for-fvp.patch \ - file://0018-corstone1000-add-compressed-kernel-support.patch \ - file://0019-Introduce-external-sys-driver-to-device-tree.patch \ - file://0020-Add-mhu-and-rpmsg-client-to-u-boot-device-tree.patch \ - file://0021-arm-corstone1000-esrt-support.patch \ - file://0022-corstone1000-enable-distro-booting-command.patch \ - file://0023-corstone1000-add-fwu-metadata-store-info.patch \ - file://0024-fwu_metadata-make-sure-structures-are-packed.patch \ - file://0025-corstone1000-add-boot-index.patch \ - file://0026-corstone1000-adjust-boot-bank-and-kernel-location.patch \ - file://0027-corstone1000-add-nvmxip-fwu-mdata-and-gpt-options.patch \ - file://0028-nvmxip-move-header-to-include.patch \ - file://0029-corstone1000-set-kernel_addr-based-on-boot_idx.patch \ - file://0030-corstone1000-boot-index-from-active.patch \ - file://0031-corstone1000-enable-PSCI-reset.patch \ - file://0032-Enable-EFI-set-get-time-services.patch \ - file://0033-corstone1000-detect-inflated-kernel-size.patch \ - file://0034-corstone1000-ESRT-add-unique-firmware-GUID.patch \ - file://0035-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch \ - file://0036-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch \ - file://0037-corstone1000-purge-U-Boot-specific-DT-nodes.patch \ - file://0038-corstone1000-add-signature-device-tree-overlay.patch \ - file://0039-corstone1000-enable-authenticated-capsule-config.patch \ - file://0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch \ - " - -do_configure:append:corstone1000(){ - openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=CRT/ -keyout ${B}/CRT.key -out ${B}/CRT.crt -nodes -days 365 - cert-to-efi-sig-list ${B}/CRT.crt ${B}/corstone1000_defconfig/CRT.esl -} - -do_install:append:corstone1000() { - install -D -p -m 0644 ${B}/CRT.crt ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_cert.crt - install -D -p -m 0644 ${B}/CRT.key ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_key.key -} - -# -# FVP BASE -# -SRC_URI:append:fvp-base = " file://bootargs.cfg \ - file://0001-Revert-vexpress64-pick-DRAM-size-from-DT.patch \ - " -# -# Juno Machines -# -SRC_URI:append:juno = " file://0001-configs-vexpress-modify-to-boot-compressed-initramfs.patch" - - -# -# TC0 and TC1 MACHINES -# -SRC_URI:append:tc = " \ - file://bootargs.cfg \ - " diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2023.01.bb b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2023.01.bb deleted file mode 100644 index 2dd5e04ae1..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_2023.01.bb +++ /dev/null @@ -1,4 +0,0 @@ -require recipes-bsp/u-boot/u-boot-common.inc -require recipes-bsp/u-boot/u-boot.inc - -SRCREV = "62e2ad1ceafbfdf2c44d3dc1b6efc81e768a96b9" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc index fcdedf8004..f03e4e5fa5 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware-n1sdp.inc @@ -21,6 +21,7 @@ SRC_URI:append = "\ file://0006-Platform-ARM-N1Sdp-Persistent-storage-for-N1Sdp.patch;patchdir=edk2-platforms \ file://0007-Platform-ARM-N1Sdp-Enable-FaultTolerantWrite-Dxe-dri.patch;patchdir=edk2-platforms \ file://0008-Platform-ARM-N1Sdp-manually-poll-QSPI-status-bit-aft.patch;patchdir=edk2-platforms \ + file://0009-Platform-ARM-N1Sdp-Reserve-OP-TEE-Region-from-UEFI.patch;patchdir=edk2-platforms \ " do_deploy:append() { diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb deleted file mode 100644 index 378f58547e..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb +++ /dev/null @@ -1,4 +0,0 @@ -SRCREV_edk2 ?= "fff6d81270b57ee786ea18ad74f43149b9f03494" -SRCREV_edk2-platforms ?= "982212662c71b6c734b7578526071d6b78da3bcc" - -require recipes-bsp/uefi/edk2-firmware.inc diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0009-Platform-ARM-N1Sdp-Reserve-OP-TEE-Region-from-UEFI.patch b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0009-Platform-ARM-N1Sdp-Reserve-OP-TEE-Region-from-UEFI.patch new file mode 100644 index 0000000000..00c85ebc06 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/uefi/files/n1sdp/0009-Platform-ARM-N1Sdp-Reserve-OP-TEE-Region-from-UEFI.patch @@ -0,0 +1,65 @@ +From 235fabb2269a86e016bab2886b9129c77f0fea71 Wed Oct 11 16:18:22 2023 +From: Mariam Elshakfy <mariam.elshakfy@arm.com> +Date: Wed Oct 11 16:18:22 2023 +0000 + +Subject: [PATCH] Platform/ARM/N1Sdp: Reserve OP-TEE Region from UEFI + +To enable cache on N1SDP, OP-TEE has to be moved +to run from DDR4 memory. Since this memory is +known to application side, it must be reserved + +Upstream-Status: Pending (not yet submitted to upstream) +Signed-off-by: Mariam Elshakfy <mariam.elshakfy@arm.com> + +diff --git a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLib.inf b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLib.inf +index 78f309c3aa..dc82d5bd87 100644 +--- a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLib.inf ++++ b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLib.inf +@@ -62,6 +62,9 @@ +
+ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
+
++ gArmNeoverseN1SocTokenSpaceGuid.PcdOpteeMemoryBase
++ gArmNeoverseN1SocTokenSpaceGuid.PcdOpteeMemorySize
++
+ [Guids]
+ gArmNeoverseN1SocPlatformInfoDescriptorGuid
+ gEfiHobListGuid ## CONSUMES ## SystemTable
+diff --git a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c +index 8bb9407490..d8ad0f975c 100644 +--- a/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c ++++ b/Silicon/ARM/NeoverseN1Soc/Library/PlatformLib/PlatformLibMem.c +@@ -150,6 +150,19 @@ ArmPlatformGetVirtualMemoryMap ( + EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE |
+ EFI_RESOURCE_ATTRIBUTE_TESTED;
+
++ // Reserved OP-TEE region
++ BuildResourceDescriptorHob (
++ EFI_RESOURCE_SYSTEM_MEMORY,
++ ResourceAttributes,
++ PcdGet64 (PcdOpteeMemoryBase),
++ PcdGet64 (PcdOpteeMemorySize)
++ );
++ BuildMemoryAllocationHob (
++ PcdGet64 (PcdOpteeMemoryBase),
++ PcdGet64 (PcdOpteeMemorySize),
++ EfiReservedMemoryType
++ );
++
+ BuildResourceDescriptorHob (
+ EFI_RESOURCE_SYSTEM_MEMORY,
+ ResourceAttributes,
+diff --git a/Silicon/ARM/NeoverseN1Soc/NeoverseN1Soc.dec b/Silicon/ARM/NeoverseN1Soc/NeoverseN1Soc.dec +index 9e257ebde0..b400b94fd5 100644 +--- a/Silicon/ARM/NeoverseN1Soc/NeoverseN1Soc.dec ++++ b/Silicon/ARM/NeoverseN1Soc/NeoverseN1Soc.dec +@@ -86,5 +86,9 @@ + gArmNeoverseN1SocTokenSpaceGuid.PcdRemotePcieMmio64Translation|0x40000000000|UINT64|0x00000050
+ gArmNeoverseN1SocTokenSpaceGuid.PcdRemotePcieSegmentNumber|2|UINT32|0x00000051
+
++ # Base Address of OP-TEE
++ gArmNeoverseN1SocTokenSpaceGuid.PcdOpteeMemoryBase|0xDE000000|UINT64|0x00000052
++ gArmNeoverseN1SocTokenSpaceGuid.PcdOpteeMemorySize|0x02000000|UINT64|0x00000053
++
+ [Ppis]
+ gNtFwConfigDtInfoPpiGuid = { 0xb50dee0e, 0x577f, 0x47fb, { 0x83, 0xd0, 0x41, 0x78, 0x61, 0x8b, 0x33, 0x8a } }
diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/aarch64/0001-arm64-defconfig-remove-CONFIG_COMMON_CLK_NPCM8XX-y.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/aarch64/0001-arm64-defconfig-remove-CONFIG_COMMON_CLK_NPCM8XX-y.patch new file mode 100644 index 0000000000..bff81dfcc6 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/aarch64/0001-arm64-defconfig-remove-CONFIG_COMMON_CLK_NPCM8XX-y.patch @@ -0,0 +1,50 @@ +From 94a5e7ffe5855272708a94190820534c4f51bdd8 Mon Sep 17 00:00:00 2001 +From: Mikko Rapeli <mikko.rapeli@linaro.org> +Date: Tue, 15 Aug 2023 10:36:56 +0300 +Subject: [PATCH] arm64: defconfig: remove CONFIG_COMMON_CLK_NPCM8XX=y + +There is no code for this config option and enabling it in defconfig +causes warnings from tools which are detecting unused and obsolete +kernel config flags since the flag will be completely missing from +effective build config after "make olddefconfig". + +Fixes yocto kernel recipe build time warning: + +WARNING: [kernel config]: This BSP contains fragments with warnings: +... +[INFO]: the following symbols were not found in the active +configuration: + - CONFIG_COMMON_CLK_NPCM8XX + +The flag was added with commit 45472f1e5348c7b755b4912f2f529ec81cea044b +v5.19-rc4-15-g45472f1e5348 so 6.1 and 6.4 stable kernel trees are +affected. + +Fixes: 45472f1e5348c7b755b4912f2f529ec81cea044b ("arm64: defconfig: Add Nuvoton NPCM family support") +Cc: stable@kernel.org +Cc: Bruce Ashfield <bruce.ashfield@gmail.com> +Cc: Jon Mason <jon.mason@arm.com> +Cc: Jon Mason <jdmason@kudzu.us> +Cc: Ross Burton <ross@burtonini.com> +Cc: Arnd Bergmann <arnd@arndb.de> +Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Submitted [https://lists.infradead.org/pipermail/linux-arm-kernel/2023-August/859760.html] + +--- + arch/arm64/configs/defconfig | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig +index 0777bcae9104..1cf24537fda2 100644 +--- a/arch/arm64/configs/defconfig ++++ b/arch/arm64/configs/defconfig +@@ -1146,7 +1146,6 @@ CONFIG_COMMON_CLK_S2MPS11=y + CONFIG_COMMON_CLK_PWM=y + CONFIG_COMMON_CLK_RS9_PCIE=y + CONFIG_COMMON_CLK_VC5=y +-CONFIG_COMMON_CLK_NPCM8XX=y + CONFIG_COMMON_CLK_BD718XX=m + CONFIG_CLK_RASPBERRYPI=m + CONFIG_CLK_IMX8MM=y diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0002-Add-external-system-driver.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0002-Add-external-system-driver.patch deleted file mode 100644 index d8d9488bcb..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0002-Add-external-system-driver.patch +++ /dev/null @@ -1,220 +0,0 @@ -From 9eac502eacd36a4975ec34a3f076594fa4364032 Mon Sep 17 00:00:00 2001 -From: Emekcan <emekcan.aras@arm.com> -Date: Fri, 19 Aug 2022 14:51:08 +0100 -Subject: [PATCH] Add external system driver - -Adds external system driver to control it -from user-space. It provides run and reset -functionality at the moment. - -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - drivers/misc/Kconfig | 1 + - drivers/misc/Makefile | 1 + - drivers/misc/arm/Kconfig | 5 ++ - drivers/misc/arm/Makefile | 1 + - drivers/misc/arm/extsys_ctrl.c | 151 +++++++++++++++++++++++++++++++++ - 5 files changed, 159 insertions(+) - create mode 100644 drivers/misc/arm/Kconfig - create mode 100644 drivers/misc/arm/Makefile - create mode 100644 drivers/misc/arm/extsys_ctrl.c - -diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig -index 433aa4197785..912986abc46c 100644 ---- a/drivers/misc/Kconfig -+++ b/drivers/misc/Kconfig -@@ -555,4 +555,5 @@ source "drivers/misc/cardreader/Kconfig" - source "drivers/misc/uacce/Kconfig" - source "drivers/misc/pvpanic/Kconfig" - source "drivers/misc/mchp_pci1xxxx/Kconfig" -+source "drivers/misc/arm/Kconfig" - endmenu -diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile -index 56de43943cd5..22e6561b8192 100644 ---- a/drivers/misc/Makefile -+++ b/drivers/misc/Makefile -@@ -63,5 +63,6 @@ obj-$(CONFIG_HI6421V600_IRQ) += hi6421v600-irq.o - obj-$(CONFIG_OPEN_DICE) += open-dice.o - obj-$(CONFIG_GP_PCI1XXXX) += mchp_pci1xxxx/ - obj-$(CONFIG_VCPU_STALL_DETECTOR) += vcpu_stall_detector.o -+obj-y += arm/ - obj-$(CONFIG_TMR_MANAGER) += xilinx_tmr_manager.o - obj-$(CONFIG_TMR_INJECT) += xilinx_tmr_inject.o -diff --git a/drivers/misc/arm/Kconfig b/drivers/misc/arm/Kconfig -new file mode 100644 -index 000000000000..9f1eb284e530 ---- /dev/null -+++ b/drivers/misc/arm/Kconfig -@@ -0,0 +1,5 @@ -+config EXTSYS_CTRL -+ tristate "Arm External System control driver" -+ help -+ Say y here to enable support for external system control -+ driver for the Arm Corstone-700 and Corstone1000 platform -\ No newline at end of file -diff --git a/drivers/misc/arm/Makefile b/drivers/misc/arm/Makefile -new file mode 100644 -index 000000000000..1ca3084cf8a0 ---- /dev/null -+++ b/drivers/misc/arm/Makefile -@@ -0,0 +1 @@ -+obj-$(CONFIG_EXTSYS_CTRL) += extsys_ctrl.o -diff --git a/drivers/misc/arm/extsys_ctrl.c b/drivers/misc/arm/extsys_ctrl.c -new file mode 100644 -index 000000000000..7929070ff43d ---- /dev/null -+++ b/drivers/misc/arm/extsys_ctrl.c -@@ -0,0 +1,151 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * Arm Corstone700 and Corstone1000 external system reset control driver -+ * -+ * Copyright (C) 2019 Arm Ltd. -+ * -+ */ -+ -+#include <linux/fs.h> -+#include <linux/clk.h> -+#include <linux/err.h> -+#include <linux/interrupt.h> -+#include <linux/io.h> -+#include <linux/kernel.h> -+#include <linux/mod_devicetable.h> -+#include <linux/module.h> -+#include <linux/platform_device.h> -+#include <linux/miscdevice.h> -+#include <linux/init.h> -+ -+#define EXTSYS_DRV_NAME "extsys_ctrl" -+#define EXTSYS_MAX_DEVS 4 -+ -+#define EXTSYS_RST_SIZE U(0x8) -+#define EXTSYS_RST_CTRL_OFF U(0x0) -+#define EXTSYS_RST_ST_OFF U(0x4) -+ -+/* External system reset control indexes */ -+#define EXTSYS_CPU_WAIT (0x0) -+#define EXTSYS_RST_REQ (0x1) -+ -+/* External system reset status masks */ -+#define EXTSYS_RST_ST_ACK_OFF U(0x1) -+ -+/* No Reset Requested */ -+#define EXTSYS_RST_ST_ACK_NRR (0x0 << EXTSYS_RST_ST_ACK_OFF) -+ -+/* Reset Request Complete */ -+#define EXTSYS_RST_ST_ACK_RRC (0x2 << EXTSYS_RST_ST_ACK_OFF) -+ -+/* Reset Request Unable to Complete */ -+#define EXTSYS_RST_ST_ACK_RRUC (0x3 << EXTSYS_RST_ST_ACK_OFF) -+ -+/* IOCTL commands */ -+#define EXTSYS_CPU_WAIT_DISABLE 0x0 -+#define EXTSYS_RESET_REQ_ENABLE 0x1 -+ -+struct extsys_ctrl { -+ struct miscdevice miscdev; -+ void __iomem *reset_reg; -+ void __iomem *set_reg; -+}; -+ -+#define CLEAR_BIT(addr, index) writel(readl(addr) & ~(1UL << index), addr) -+#define SET_BIT(addr, index) writel(readl(addr) | (1UL << index), addr) -+ -+static long extsys_ctrl_ioctl(struct file *f, unsigned int cmd, -+ unsigned long arg) -+{ -+ struct extsys_ctrl *extsys; -+ -+ extsys = container_of(f->private_data, struct extsys_ctrl, miscdev); -+ -+ switch (cmd) { -+ case EXTSYS_CPU_WAIT_DISABLE: -+ CLEAR_BIT(extsys->reset_reg, EXTSYS_CPU_WAIT); -+ break; -+ case EXTSYS_RESET_REQ_ENABLE: -+ SET_BIT(extsys->reset_reg, EXTSYS_RST_REQ); -+ break; -+ default: -+ break; -+ } -+ -+ return 0; -+} -+ -+static const struct file_operations extsys_ctrl_fops = { -+ .owner = THIS_MODULE, -+ .unlocked_ioctl = extsys_ctrl_ioctl, -+}; -+ -+static int extsys_ctrl_probe(struct platform_device *pdev) -+{ -+ struct device *dev = &pdev->dev; -+ struct extsys_ctrl *extsys; -+ struct resource *res; -+ void __iomem *reset_reg; -+ void __iomem *set_reg; -+ int ret; -+ -+ res = platform_get_resource_byname(pdev, IORESOURCE_MEM, "rstreg"); -+ reset_reg = devm_ioremap_resource(dev, res); -+ if (IS_ERR(reset_reg)) -+ return PTR_ERR(reset_reg); -+ -+ res = platform_get_resource_byname(pdev, IORESOURCE_MEM, "streg"); -+ set_reg = devm_ioremap_resource(dev, res); -+ if (IS_ERR(set_reg)) -+ return PTR_ERR(set_reg); -+ -+ extsys = devm_kzalloc(dev, sizeof(*extsys), GFP_KERNEL); -+ if (!extsys) -+ return -ENOMEM; -+ -+ extsys->reset_reg = reset_reg; -+ extsys->set_reg = set_reg; -+ -+ extsys->miscdev.minor = MISC_DYNAMIC_MINOR; -+ extsys->miscdev.name = EXTSYS_DRV_NAME; -+ extsys->miscdev.fops = &extsys_ctrl_fops; -+ extsys->miscdev.parent = dev; -+ -+ ret = misc_register(&extsys->miscdev); -+ if (ret) -+ return ret; -+ -+ dev_info(dev, "external system controller ready\n"); -+ -+ return 0; -+} -+ -+static int extsys_ctrl_remove(struct platform_device *pdev) -+{ -+ struct extsys_ctrl *extsys = dev_get_drvdata(&pdev->dev); -+ -+ misc_deregister(&extsys->miscdev); -+ -+ return 0; -+} -+ -+static const struct of_device_id extsys_ctrl_match[] = { -+ { .compatible = "arm,extsys_ctrl" }, -+ { }, -+}; -+MODULE_DEVICE_TABLE(of, extsys_ctrl_match); -+ -+static struct platform_driver extsys_ctrl_driver = { -+ .driver = { -+ .name = EXTSYS_DRV_NAME, -+ .of_match_table = extsys_ctrl_match, -+ }, -+ .probe = extsys_ctrl_probe, -+ .remove = extsys_ctrl_remove, -+}; -+module_platform_driver(extsys_ctrl_driver); -+ -+MODULE_LICENSE("GPL v2"); -+MODULE_DESCRIPTION("Arm External System Control Driver"); -+MODULE_AUTHOR("Morten Borup Petersen"); -+MODULE_AUTHOR("Rui Miguel Silva <rui.silva@arm.com>"); diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0003-Add-rpmsg-driver-for-corstone1000.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0003-Add-rpmsg-driver-for-corstone1000.patch deleted file mode 100644 index cd9cec2700..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0003-Add-rpmsg-driver-for-corstone1000.patch +++ /dev/null @@ -1,218 +0,0 @@ -From a834f4e143ff647e7677dc60ab57ee5883f3ac8f Mon Sep 17 00:00:00 2001 -From: Emekcan <emekcan.aras@arm.com> -Date: Wed, 17 Aug 2022 14:21:42 +0100 -Subject: [PATCH] Add rpmsg driver for corstone1000 - -Adds rpmsg driver to communicate with external -system in corstone1000 platform. - -Upstream-Status: Pending -Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - drivers/rpmsg/Kconfig | 10 ++ - drivers/rpmsg/Makefile | 1 + - drivers/rpmsg/rpmsg_arm_mailbox.c | 164 ++++++++++++++++++++++++++++++ - 3 files changed, 175 insertions(+) - create mode 100644 drivers/rpmsg/rpmsg_arm_mailbox.c - -diff --git a/drivers/rpmsg/Kconfig b/drivers/rpmsg/Kconfig -index d3795860f5c0..fc6916d7b523 100644 ---- a/drivers/rpmsg/Kconfig -+++ b/drivers/rpmsg/Kconfig -@@ -81,4 +81,14 @@ config RPMSG_VIRTIO - select RPMSG_NS - select VIRTIO - -+config RPMSG_ARM -+ tristate "ARM RPMSG driver" -+ select RPMSG -+ depends on HAS_IOMEM -+ depends on MAILBOX -+ help -+ Say y here to enable support for rpmsg lient driver which is built -+ around mailbox client using Arm MHUv2.1 as physical medium.This -+ driver enables communication which remote processor using MHU. -+ - endmenu -diff --git a/drivers/rpmsg/Makefile b/drivers/rpmsg/Makefile -index 58e3b382e316..6bdcc69688b2 100644 ---- a/drivers/rpmsg/Makefile -+++ b/drivers/rpmsg/Makefile -@@ -1,5 +1,6 @@ - # SPDX-License-Identifier: GPL-2.0 - obj-$(CONFIG_RPMSG) += rpmsg_core.o -+obj-$(CONFIG_RPMSG_ARM) += rpmsg_arm_mailbox.o - obj-$(CONFIG_RPMSG_CHAR) += rpmsg_char.o - obj-$(CONFIG_RPMSG_CTRL) += rpmsg_ctrl.o - obj-$(CONFIG_RPMSG_NS) += rpmsg_ns.o -diff --git a/drivers/rpmsg/rpmsg_arm_mailbox.c b/drivers/rpmsg/rpmsg_arm_mailbox.c -new file mode 100644 -index 000000000000..4a80102669f6 ---- /dev/null -+++ b/drivers/rpmsg/rpmsg_arm_mailbox.c -@@ -0,0 +1,164 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * rpmsg client driver using mailbox client interface -+ * -+ * Copyright (C) 2019 ARM Ltd. -+ * -+ */ -+ -+#include <linux/bitmap.h> -+#include <linux/export.h> -+#include <linux/io.h> -+#include <linux/kernel.h> -+#include <linux/ktime.h> -+#include <linux/mailbox_client.h> -+#include <linux/module.h> -+#include <linux/of_address.h> -+#include <linux/of_device.h> -+#include <linux/processor.h> -+#include <linux/semaphore.h> -+#include <linux/slab.h> -+#include <linux/rpmsg.h> -+#include "rpmsg_internal.h" -+#include <linux/mailbox/arm_mhuv2_message.h> -+ -+#define RPMSG_NAME "arm_rpmsg" -+#define RPMSG_ADDR_ANY 0xFFFFFFFF -+ -+struct arm_channel { -+ struct rpmsg_endpoint ept; -+ struct mbox_client cl; -+ struct mbox_chan *mbox; -+}; -+ -+#define arm_channel_from_rpmsg(_ept) container_of(_ept, struct arm_channel, ept) -+#define arm_channel_from_mbox(_ept) container_of(_ept, struct arm_channel, cl) -+ -+ -+static void arm_msg_rx_handler(struct mbox_client *cl, void *mssg) -+{ -+ struct arm_mhuv2_mbox_msg *msg = mssg; -+ struct arm_channel* channel = arm_channel_from_mbox(cl); -+ int err = channel->ept.cb(channel->ept.rpdev, msg->data, 4, channel->ept.priv, RPMSG_ADDR_ANY); -+ if(err) { -+ printk("ARM Mailbox: Endpoint callback failed with error: %d", err); -+ } -+} -+ -+ -+static void arm_destroy_ept(struct rpmsg_endpoint *ept) -+{ -+ struct arm_channel *channel = arm_channel_from_rpmsg(ept); -+ mbox_free_channel(channel->mbox); -+ kfree(channel); -+} -+ -+static int arm_send(struct rpmsg_endpoint *ept, void *data, int len) -+{ -+ struct arm_channel *channel = arm_channel_from_rpmsg(ept); -+ -+ mbox_send_message(channel->mbox, data); -+ return 0; -+} -+ -+static int arm_sendto(struct rpmsg_endpoint *ept, void *data, int len, u32 dest) -+{ -+ struct arm_mhuv2_mbox_msg msg; -+ struct arm_channel *channel = arm_channel_from_rpmsg(ept); -+ msg.data = data; -+ msg.len = len; -+ mbox_send_message(channel->mbox, &msg); -+ return 0; -+} -+ -+ -+static const struct rpmsg_endpoint_ops arm_endpoint_ops = { -+ .destroy_ept = arm_destroy_ept, -+ .send = arm_send, -+ .sendto = arm_sendto, -+}; -+ -+ -+static struct rpmsg_endpoint *arm_create_ept(struct rpmsg_device *rpdev, -+ rpmsg_rx_cb_t cb, void *priv, struct rpmsg_channel_info chinfo) -+{ -+ struct arm_channel *channel; -+ -+ channel = kzalloc(sizeof(*channel), GFP_KERNEL); -+ -+ // Initialize rpmsg endpoint -+ kref_init(&channel->ept.refcount); -+ channel->ept.rpdev = rpdev; -+ channel->ept.cb = cb; -+ channel->ept.priv = priv; -+ channel->ept.ops = &arm_endpoint_ops; -+ -+ // Initialize mailbox client -+ channel->cl.dev = rpdev->dev.parent; -+ channel->cl.rx_callback = arm_msg_rx_handler; -+ channel->cl.tx_done = NULL; /* operate in blocking mode */ -+ channel->cl.tx_block = true; -+ channel->cl.tx_tout = 500; /* by half a second */ -+ channel->cl.knows_txdone = false; /* depending upon protocol */ -+ -+ channel->mbox = mbox_request_channel_byname(&channel->cl, chinfo.name); -+ if (IS_ERR_OR_NULL(channel->mbox)) { -+ printk("RPMsg ARM: Cannot get channel by name: '%s'\n", chinfo.name); -+ return -1; -+ } -+ -+ return &channel->ept; -+} -+ -+static const struct rpmsg_device_ops arm_device_ops = { -+ .create_ept = arm_create_ept, -+}; -+ -+ -+static void arm_release_device(struct device *dev) -+{ -+ struct rpmsg_device *rpdev = to_rpmsg_device(dev); -+ -+ kfree(rpdev); -+} -+ -+ -+static int client_probe(struct platform_device *pdev) -+{ -+ struct device *dev = &pdev->dev; -+ struct rpmsg_device *rpdev; -+ -+ rpdev = kzalloc(sizeof(*rpdev), GFP_KERNEL); -+ if (!rpdev) -+ return -ENOMEM; -+ -+ /* Assign callbacks for rpmsg_device */ -+ rpdev->ops = &arm_device_ops; -+ -+ /* Assign public information to the rpmsg_device */ -+ memcpy(rpdev->id.name, RPMSG_NAME, strlen(RPMSG_NAME)); -+ -+ rpdev->dev.parent = dev; -+ rpdev->dev.release = arm_release_device; -+ -+ return rpmsg_chrdev_register_device(rpdev); -+} -+ -+static const struct of_device_id client_of_match[] = { -+ { .compatible = "arm,client", .data = NULL }, -+ { /* Sentinel */ }, -+}; -+ -+static struct platform_driver client_driver = { -+ .driver = { -+ .name = "arm-mhu-client", -+ .of_match_table = client_of_match, -+ }, -+ .probe = client_probe, -+}; -+ -+module_platform_driver(client_driver); -+ -+MODULE_LICENSE("GPL v2"); -+MODULE_DESCRIPTION("ARM RPMSG Driver"); -+MODULE_AUTHOR("Tushar Khandelwal <tushar.khandelwal@arm.com>"); diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0004-rpmsg-arm-fix-return-value.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0004-rpmsg-arm-fix-return-value.patch deleted file mode 100644 index 516dbd7052..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0004-rpmsg-arm-fix-return-value.patch +++ /dev/null @@ -1,30 +0,0 @@ -From c1ffd793062a13afdcc07d4bc1a8007188bfca5f Mon Sep 17 00:00:00 2001 -From: Rui Miguel Silva <rui.silva@linaro.org> -Date: Tue, 27 Sep 2022 10:05:27 +0100 -Subject: [PATCH] rpmsg: arm: fix return value - -The creation of and endpoint returns a pointer, fix the return -value to the right type. - -Upstream-Status: Pending -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - drivers/rpmsg/rpmsg_arm_mailbox.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/drivers/rpmsg/rpmsg_arm_mailbox.c b/drivers/rpmsg/rpmsg_arm_mailbox.c -index 4a80102669f6..5c0dcc8e353d 100644 ---- a/drivers/rpmsg/rpmsg_arm_mailbox.c -+++ b/drivers/rpmsg/rpmsg_arm_mailbox.c -@@ -103,8 +103,9 @@ static struct rpmsg_endpoint *arm_create_ept(struct rpmsg_device *rpdev, - - channel->mbox = mbox_request_channel_byname(&channel->cl, chinfo.name); - if (IS_ERR_OR_NULL(channel->mbox)) { -- printk("RPMsg ARM: Cannot get channel by name: '%s'\n", chinfo.name); -- return -1; -+ printk("RPMsg ARM: Cannot get channel by name: %s\n", -+ chinfo.name); -+ return ERR_PTR(-ENOENT); - } - - return &channel->ept; diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0005-rpmsg-arm-update-chrdev-to-ctrldev-registration.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0005-rpmsg-arm-update-chrdev-to-ctrldev-registration.patch deleted file mode 100644 index ef2eb7c130..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0005-rpmsg-arm-update-chrdev-to-ctrldev-registration.patch +++ /dev/null @@ -1,28 +0,0 @@ -From a8c295e1ff1d2b1032cc7495f212c56ba9f3e874 Mon Sep 17 00:00:00 2001 -From: Rui Miguel Silva <rui.silva@linaro.org> -Date: Tue, 27 Sep 2022 10:07:21 +0100 -Subject: [PATCH] rpmsg: arm: update chrdev to ctrldev registration - -Since "rpmsg: Update rpmsg_chrdev_register_device function", -there was a replacement of the chrdev driver to ctrldev -driver. Fix the registration. - -Upstream-Status: Pending -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - drivers/rpmsg/rpmsg_arm_mailbox.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/rpmsg/rpmsg_arm_mailbox.c b/drivers/rpmsg/rpmsg_arm_mailbox.c -index 5c0dcc8e353d..90bc8df90885 100644 ---- a/drivers/rpmsg/rpmsg_arm_mailbox.c -+++ b/drivers/rpmsg/rpmsg_arm_mailbox.c -@@ -142,7 +142,7 @@ static int client_probe(struct platform_device *pdev) - rpdev->dev.parent = dev; - rpdev->dev.release = arm_release_device; - -- return rpmsg_chrdev_register_device(rpdev); -+ return rpmsg_ctrldev_register_device(rpdev); - } - - static const struct of_device_id client_of_match[] = { diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0006-Adds-workaround-for-cs1k-specific-bug.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0006-Adds-workaround-for-cs1k-specific-bug.patch deleted file mode 100644 index 4fbeb23e5d..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/0006-Adds-workaround-for-cs1k-specific-bug.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 555ac46f6f5157741a6fd8f21f74beb1340ed941 Mon Sep 17 00:00:00 2001 -From: Emekcan <emekcan.aras@arm.com> -Date: Thu, 13 Oct 2022 20:53:42 +0100 -Subject: [PATCH] Adds workaround for cs1k specific bug - -Adds a temporary workaround to solve a possible -race-conditioning issue in the tee driver -for corstone1000. - -Upstream-Status: Inappropriate -Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> ---- - drivers/firmware/arm_ffa/driver.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/drivers/firmware/arm_ffa/driver.c b/drivers/firmware/arm_ffa/driver.c -index 2109cd178ff7..c15b3a83c720 100644 ---- a/drivers/firmware/arm_ffa/driver.c -+++ b/drivers/firmware/arm_ffa/driver.c -@@ -32,6 +32,7 @@ - #include <linux/scatterlist.h> - #include <linux/slab.h> - #include <linux/uuid.h> -+#include <linux/delay.h> - - #include "common.h" - -@@ -282,7 +283,7 @@ static int ffa_msg_send_direct_req(u16 src_id, u16 dst_id, bool mode_32bit, - { - u32 req_id, resp_id, src_dst_ids = PACK_TARGET_INFO(src_id, dst_id); - ffa_value_t ret; -- -+ msleep(1); - if (mode_32bit) { - req_id = FFA_MSG_SEND_DIRECT_REQ; - resp_id = FFA_MSG_SEND_DIRECT_RESP; diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig index f6e6409cea..8abcaed41a 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig @@ -8,15 +8,9 @@ CONFIG_RELAY=y CONFIG_BOOT_CONFIG=y CONFIG_ARCH_VEXPRESS=y CONFIG_CMDLINE="console=ttyAMA0 loglevel=9" -CONFIG_EFI=y # CONFIG_SUSPEND is not set -CONFIG_EFI_BOOTLOADER_CONTROL=y -CONFIG_EFI_CAPSULE_LOADER=y -CONFIG_EFI_TEST=y -CONFIG_RESET_ATTACK_MITIGATION=y # CONFIG_STACKPROTECTOR is not set CONFIG_MODULES=y -# CONFIG_BLK_DEV_BSG is not set # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_NET=y CONFIG_PACKET=y @@ -28,8 +22,13 @@ CONFIG_IP_PNP_BOOTP=y CONFIG_SYN_COOKIES=y CONFIG_NET_SCHED=y CONFIG_DEVTMPFS=y +CONFIG_EFI_BOOTLOADER_CONTROL=y +CONFIG_EFI_CAPSULE_LOADER=y +CONFIG_EFI_TEST=y +CONFIG_RESET_ATTACK_MITIGATION=y CONFIG_SCSI=y CONFIG_BLK_DEV_SD=y +# CONFIG_BLK_DEV_BSG is not set CONFIG_NETDEVICES=y # CONFIG_NET_VENDOR_ALACRITECH is not set # CONFIG_NET_VENDOR_AMAZON is not set @@ -49,9 +48,9 @@ CONFIG_NETDEVICES=y # CONFIG_NET_VENDOR_MICREL is not set # CONFIG_NET_VENDOR_MICROCHIP is not set # CONFIG_NET_VENDOR_MICROSEMI is not set +# CONFIG_NET_VENDOR_NI is not set # CONFIG_NET_VENDOR_NATSEMI is not set # CONFIG_NET_VENDOR_NETRONOME is not set -# CONFIG_NET_VENDOR_NI is not set # CONFIG_NET_VENDOR_PENSANDO is not set # CONFIG_NET_VENDOR_QUALCOMM is not set # CONFIG_NET_VENDOR_RENESAS is not set @@ -90,11 +89,3 @@ CONFIG_LIBCRC32C=y # CONFIG_SECTION_MISMATCH_WARN_ONLY is not set CONFIG_DEBUG_FS=y CONFIG_PANIC_TIMEOUT=5 -CONFIG_STACKTRACE=y -CONFIG_EXTSYS_CTRL=y -CONFIG_MAILBOX=y -CONFIG_ARM_MHU_V2=y -CONFIG_RPMSG=y -CONFIG_RPMSG_CHAR=y -CONFIG_RPMSG_ARM=y -CONFIG_RPMSG_CTRL=y diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc index 4028cf31d1..6c132c9796 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc @@ -30,11 +30,6 @@ LINUX_KERNEL_TYPE:corstone1000 = "standard" KERNEL_EXTRA_ARGS:corstone1000 += "CONFIG_INITRAMFS_COMPRESSION_NONE=y" SRC_URI:append:corstone1000 = " \ file://defconfig \ - file://0002-Add-external-system-driver.patch \ - file://0003-Add-rpmsg-driver-for-corstone1000.patch \ - file://0004-rpmsg-arm-fix-return-value.patch \ - file://0005-rpmsg-arm-update-chrdev-to-ctrldev-registration.patch \ - file://0006-Adds-workaround-for-cs1k-specific-bug.patch \ " SRC_URI:append:corstone1000 = " ${@bb.utils.contains('MACHINE_FEATURES', \ @@ -72,7 +67,7 @@ COMPATIBLE_MACHINE:musca-s1 = "(^$)" # # N1SDP KMACHINE # -FILESEXTRAPATHS:prepend:n1sdp := "${THISDIR}/linux-yocto-6.4/n1sdp:" +FILESEXTRAPATHS:prepend:n1sdp := "${THISDIR}/linux-yocto-6.5/n1sdp:" COMPATIBLE_MACHINE:n1sdp = "n1sdp" KBUILD_DEFCONFIG:n1sdp = "defconfig" KCONFIG_MODE:n1sdp = "--alldefconfig" diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0001-iommu-arm-smmu-v3-workaround-for-ATC_INV_SIZE_ALL-in.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0001-iommu-arm-smmu-v3-workaround-for-ATC_INV_SIZE_ALL-in.patch index 869ca6f798..df7586cf0f 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0001-iommu-arm-smmu-v3-workaround-for-ATC_INV_SIZE_ALL-in.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0001-iommu-arm-smmu-v3-workaround-for-ATC_INV_SIZE_ALL-in.patch @@ -1,4 +1,4 @@ -From ec84afa8e74bc5df8b5794eef8f29b097adc7cb3 Mon Sep 17 00:00:00 2001 +From 63da10da7a57776196a3c323e93ef66f1d553c0c Mon Sep 17 00:00:00 2001 From: Manoj Kumar <manoj.kumar3@arm.com> Date: Mon, 1 Feb 2021 21:36:43 +0530 Subject: [PATCH] iommu/arm-smmu-v3: workaround for ATC_INV_SIZE_ALL in N1SDP @@ -9,11 +9,9 @@ N1SDP platform. This workaround manually sets the ATS address field to proper value for ATC_INV_SIZE_ALL command. Change-Id: If89465be94720a62be85e1e6612f17e93fa9b8a5 -Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com> -Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com> - Upstream-Status: Inappropriate [Workaround] Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com> +Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com> Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> Signed-off-by: Adam Johnston <adam.johnston@arm.com> --- @@ -22,10 +20,10 @@ Signed-off-by: Adam Johnston <adam.johnston@arm.com> 2 files changed, 2 insertions(+) diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c -index 3fd83fb75722..852ed05b14a3 100644 +index 6ccbae9b93a1..5387f152fb07 100644 --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c -@@ -1747,6 +1747,7 @@ arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size, +@@ -1753,6 +1753,7 @@ arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size, }; if (!size) { @@ -34,10 +32,10 @@ index 3fd83fb75722..852ed05b14a3 100644 return; } diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h -index b574c58a3487..018086b65381 100644 +index dcab85698a4e..12e12d03eebf 100644 --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h -@@ -472,6 +472,7 @@ struct arm_smmu_cmdq_ent { +@@ -478,6 +478,7 @@ struct arm_smmu_cmdq_ent { #define CMDQ_OP_ATC_INV 0x40 #define ATC_INV_SIZE_ALL 52 diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0002-n1sdp-pci_quirk-add-acs-override-for-PCI-devices.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0002-n1sdp-pci_quirk-add-acs-override-for-PCI-devices.patch index 9bf8112bf0..73e7a583f0 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0002-n1sdp-pci_quirk-add-acs-override-for-PCI-devices.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0002-n1sdp-pci_quirk-add-acs-override-for-PCI-devices.patch @@ -1,4 +1,4 @@ -From 9761e48b2d6904a58996fcaadcf25684482a72c8 Mon Sep 17 00:00:00 2001 +From 7d24cc041cbcff07b21a9a380426b38e09149648 Mon Sep 17 00:00:00 2001 From: Manoj Kumar <manoj.kumar3@arm.com> Date: Tue, 31 Aug 2021 16:15:38 +0000 Subject: [PATCH] n1sdp: pci_quirk: add acs override for PCI devices @@ -7,9 +7,8 @@ Patch taken from: https://gitlab.com/Queuecumber/linux-acs-override/raw/master/workspaces/5.4/acso.patch Change-Id: Ib926bf50524ce9990fbaa2f2f8670fe84bd571f9 -Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com> - Upstream-Status: Inappropriate [will not be submitted as its a workaround to address hardware issue] +Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com> Signed-off-by: Khasim Syed Mohammed <khasim.mohammed@arm.com> Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> Signed-off-by: Adam Johnston <adam.johnston@arm.com> @@ -19,10 +18,10 @@ Signed-off-by: Adam Johnston <adam.johnston@arm.com> 2 files changed, 110 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt -index 9e5bab29685f..7ee740a37e5d 100644 +index 23ebe34ff901..054b6e6d22f3 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt -@@ -4235,6 +4235,14 @@ +@@ -4271,6 +4271,14 @@ nomsi [MSI] If the PCI_MSI kernel config parameter is enabled, this kernel boot option can be used to disable the use of MSI interrupts system-wide. @@ -38,10 +37,10 @@ index 9e5bab29685f..7ee740a37e5d 100644 Safety option to keep boot IRQs enabled. This should never be necessary. diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c -index b7c65193e786..16b81d1ccafa 100644 +index 321156ca273d..1144c3a8a3bb 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c -@@ -3625,6 +3625,107 @@ static void quirk_no_bus_reset(struct pci_dev *dev) +@@ -3718,6 +3718,107 @@ static void quirk_no_bus_reset(struct pci_dev *dev) dev->dev_flags |= PCI_DEV_FLAGS_NO_BUS_RESET; } @@ -149,7 +148,7 @@ index b7c65193e786..16b81d1ccafa 100644 /* * Some NVIDIA GPU devices do not work with bus reset, SBR needs to be * prevented for those affected devices. -@@ -5017,6 +5118,7 @@ static const struct pci_dev_acs_enabled { +@@ -5112,6 +5213,7 @@ static const struct pci_dev_acs_enabled { { PCI_VENDOR_ID_ZHAOXIN, PCI_ANY_ID, pci_quirk_zhaoxin_pcie_ports_acs }, /* Wangxun nics */ { PCI_VENDOR_ID_WANGXUN, PCI_ANY_ID, pci_quirk_wangxun_nic_acs }, diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0003-pcie-Add-quirk-for-the-Arm-Neoverse-N1SDP-platform.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0003-pcie-Add-quirk-for-the-Arm-Neoverse-N1SDP-platform.patch index 96d55ad8ff..e91147a1b2 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0003-pcie-Add-quirk-for-the-Arm-Neoverse-N1SDP-platform.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0003-pcie-Add-quirk-for-the-Arm-Neoverse-N1SDP-platform.patch @@ -1,4 +1,4 @@ -From 268bfbcd8f16660bf5fc8e31b18b4090743c6dbe Mon Sep 17 00:00:00 2001 +From 51879bfe6b0850b3746df9f9471120a6709807cb Mon Sep 17 00:00:00 2001 From: Deepak Pandey <Deepak.Pandey@arm.com> Date: Fri, 31 May 2019 16:42:43 +0100 Subject: [PATCH] pcie: Add quirk for the Arm Neoverse N1SDP platform @@ -24,7 +24,6 @@ Signed-off-by: Deepak Pandey <Deepak.Pandey@arm.com> Signed-off-by: Sudipto Paul <sudipto.paul@arm.com> [Andre: fix coding style issues, rewrite some parts, add DT support] Signed-off-by: Andre Przywara <andre.przywara@arm.com> - Change-Id: I1d3a4b9bf6b3b883d262e3c4ff1f88a0eb81c1fe Upstream-Status: Inappropriate [will not be submitted as its a workaround to address hardware issue] Signed-off-by: Deepak Pandey <Deepak.Pandey@arm.com> @@ -41,10 +40,10 @@ Signed-off-by: Adam Johnston <adam.johnston@arm.com> create mode 100644 drivers/pci/controller/pcie-n1sdp.c diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig -index a24609e14d50..cd73d1704dd2 100644 +index 02adc6ceb831..398a5429a8e2 100644 --- a/arch/arm64/configs/defconfig +++ b/arch/arm64/configs/defconfig -@@ -203,6 +203,7 @@ CONFIG_NFC_S3FWRN5_I2C=m +@@ -207,6 +207,7 @@ CONFIG_NFC_S3FWRN5_I2C=m CONFIG_PCI=y CONFIG_PCIEPORTBUS=y CONFIG_PCIEAER=y @@ -71,7 +70,7 @@ index 860014b89b8e..2d4c1c699ffe 100644 #ifdef CONFIG_LOONGARCH diff --git a/drivers/pci/controller/Kconfig b/drivers/pci/controller/Kconfig -index 8d49bad7f847..7bb49afbcd5b 100644 +index 0859be86e718..c51b89781472 100644 --- a/drivers/pci/controller/Kconfig +++ b/drivers/pci/controller/Kconfig @@ -21,6 +21,17 @@ config PCIE_ALTERA diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0004-n1sdp-pcie-add-quirk-support-enabling-remote-chip-PC.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0004-n1sdp-pcie-add-quirk-support-enabling-remote-chip-PC.patch index ce28499e1f..f85abd9eeb 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0004-n1sdp-pcie-add-quirk-support-enabling-remote-chip-PC.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0004-n1sdp-pcie-add-quirk-support-enabling-remote-chip-PC.patch @@ -1,4 +1,4 @@ -From 553801193c173711e9f7f6c56a44b5fac2385c1e Mon Sep 17 00:00:00 2001 +From aa7c785aff4276aa8579a54f39347cd47eb48ebb Mon Sep 17 00:00:00 2001 From: Sayanta Pattanayak <sayanta.pattanayak@arm.com> Date: Wed, 9 Feb 2022 20:37:43 +0530 Subject: [PATCH] n1sdp: pcie: add quirk support enabling remote chip PCIe diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0005-arm64-kpti-Whitelist-early-Arm-Neoverse-N1-revisions.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0005-arm64-kpti-Whitelist-early-Arm-Neoverse-N1-revisions.patch index e4f15bbcbe..42ef0ee38a 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0005-arm64-kpti-Whitelist-early-Arm-Neoverse-N1-revisions.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0005-arm64-kpti-Whitelist-early-Arm-Neoverse-N1-revisions.patch @@ -1,4 +1,4 @@ -From d2e55d92eefd99ede330270b00c01b734a6b61c0 Mon Sep 17 00:00:00 2001 +From a9df434f077e7f1d8895e76381ba7179f3ebb1ba Mon Sep 17 00:00:00 2001 From: Andre Przywara <andre.przywara@arm.com> Date: Fri, 17 May 2019 17:39:27 +0100 Subject: [PATCH] arm64: kpti: Whitelist early Arm Neoverse N1 revisions @@ -20,10 +20,10 @@ Signed-off-by: Adam Johnston <adam.johnston@arm.com> 1 file changed, 1 insertion(+) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c -index 7d7128c65161..77e109ddd981 100644 +index 2c0b8444fea6..5c0ff40c6c8b 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c -@@ -1674,6 +1674,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, +@@ -1690,6 +1690,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_2XX_SILVER), MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_3XX_SILVER), MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_4XX_SILVER), diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0006-arm64-defconfig-disable-config-options-that-does-not.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0006-arm64-defconfig-disable-config-options-that-does-not.patch index dae3243fb8..dae3243fb8 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/0006-arm64-defconfig-disable-config-options-that-does-not.patch +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/0006-arm64-defconfig-disable-config-options-that-does-not.patch diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-nvme.cfg b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-nvme.cfg index 268103555e..268103555e 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-nvme.cfg +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-nvme.cfg diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-realtek-R8169.cfg b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-realtek-R8169.cfg index 7a5747407c..7a5747407c 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-realtek-R8169.cfg +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-realtek-R8169.cfg diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-usb_conn_gpio.cfg b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-usb_conn_gpio.cfg index 128c902710..128c902710 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/enable-usb_conn_gpio.cfg +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/enable-usb_conn_gpio.cfg diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/usb_xhci_pci_renesas.cfg b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/usb_xhci_pci_renesas.cfg index c06507c060..c06507c060 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.4/n1sdp/usb_xhci_pci_renesas.cfg +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto-6.5/n1sdp/usb_xhci_pci_renesas.cfg diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.4.bb b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.4.bb new file mode 100644 index 0000000000..f4c0654354 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_6.4.bb @@ -0,0 +1,39 @@ +KBRANCH ?= "v6.4/standard/base" + +require recipes-kernel/linux/linux-yocto.inc + +# CVE exclusions +include recipes-kernel/linux/cve-exclusion.inc +include recipes-kernel/linux/cve-exclusion_6.4.inc + +SRCREV_machine ?= "ef91ff6a4be36037808af1ca786fdd557f265a1d" +SRCREV_meta ?= "13efe44fe9dd2626eaf6552288ea31770ec71cf1" + +# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll +# get the <version>/base branch, which is pure upstream -stable, and the same +# meta SRCREV as the linux-yocto-standard builds. Select your version using the +# normal PREFERRED_VERSION settings. +BBCLASSEXTEND = "devupstream:target" +SRCREV_machine:class-devupstream ?= "ae4e4fc35b4258626644c162a702e2bce2b79190" +PN:class-devupstream = "linux-yocto-upstream" +KBRANCH:class-devupstream = "v6.4/base" + +SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH};protocol=https \ + git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.4;destsuffix=${KMETA};protocol=https" + +LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" +LINUX_VERSION ?= "6.4.16" + +PV = "${LINUX_VERSION}+git" + +KMETA = "kernel-meta" +KCONF_BSP_AUDIT_LEVEL = "1" + +# Functionality flags +KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc" +KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}" + +SRC_URI:append:aarch64 = " file://0001-arm64-defconfig-remove-CONFIG_COMMON_CLK_NPCM8XX-y.patch" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/corstone1000/0001-Handle-logging-syscall.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/corstone1000/0001-Handle-logging-syscall.patch index 9c1d78164b..58ba2afdd4 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/corstone1000/0001-Handle-logging-syscall.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/corstone1000/0001-Handle-logging-syscall.patch @@ -4,7 +4,7 @@ Date: Thu, 31 Aug 2023 10:51:54 +0100 Subject: [PATCH] Handle logging syscall Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Inappropriate [Other] +Upstream-Status: Pending [upstreamed differently in 280b6a3] --- core/arch/arm/kernel/spmc_sp_handler.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0002-plat-n1sdp-add-N1SDP-platform-support.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0002-plat-n1sdp-add-N1SDP-platform-support.patch index 50283db022..29623b0b50 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0002-plat-n1sdp-add-N1SDP-platform-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0002-plat-n1sdp-add-N1SDP-platform-support.patch @@ -50,8 +50,8 @@ index 00000000..06b4975a +CFG_CORE_HEAP_SIZE = 0x32000 # 200kb + +CFG_TEE_CORE_NB_CORE = 4 -+CFG_TZDRAM_START ?= 0x08000000 -+CFG_TZDRAM_SIZE ?= 0x02008000 ++CFG_TZDRAM_START ?= 0xDE000000 ++CFG_TZDRAM_SIZE ?= 0x02000000 + +CFG_SHMEM_START ?= 0x83000000 +CFG_SHMEM_SIZE ?= 0x00210000 diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0003-HACK-disable-instruction-cache-and-data-cache.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0003-HACK-disable-instruction-cache-and-data-cache.patch deleted file mode 100644 index ebe4d72661..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0003-HACK-disable-instruction-cache-and-data-cache.patch +++ /dev/null @@ -1,45 +0,0 @@ -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> - -From 0c3ce4c09cd7d2ff4cd2e62acab899dd88dc9514 Mon Sep 17 00:00:00 2001 -From: Vishnu Banavath <vishnu.banavath@arm.com> -Date: Wed, 20 Jul 2022 16:45:59 +0100 -Subject: [PATCH] HACK: disable instruction cache and data cache. - -For some reason, n1sdp fails to boot with instruction cache and -data cache enabled. This is a temporary change to disable I cache -and D cache until a proper fix is found. - -Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> - - -diff --git a/core/arch/arm/kernel/entry_a64.S b/core/arch/arm/kernel/entry_a64.S -index 875b6e69..594d6928 100644 ---- a/core/arch/arm/kernel/entry_a64.S -+++ b/core/arch/arm/kernel/entry_a64.S -@@ -52,7 +52,7 @@ - - .macro set_sctlr_el1 - mrs x0, sctlr_el1 -- orr x0, x0, #SCTLR_I -+ bic x0, x0, #SCTLR_I - orr x0, x0, #SCTLR_SA - orr x0, x0, #SCTLR_SPAN - #if defined(CFG_CORE_RWDATA_NOEXEC) -@@ -490,11 +490,11 @@ LOCAL_FUNC enable_mmu , : , .identity_map - isb - - /* Enable I and D cache */ -- mrs x1, sctlr_el1 -+ /* mrs x1, sctlr_el1 - orr x1, x1, #SCTLR_I - orr x1, x1, #SCTLR_C - msr sctlr_el1, x1 -- isb -+ isb */ - - /* Adjust stack pointers and return address */ - msr spsel, #1 --- -2.17.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0004-Handle-logging-syscall.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0003-Handle-logging-syscall.patch index 9d305adc5c..0955d99f37 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0004-Handle-logging-syscall.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0003-Handle-logging-syscall.patch @@ -1,4 +1,4 @@ -Upstream-Status: Pending [Not submitted to upstream yet] +Upstream-Status: Pending [upstreamed differently in 280b6a3] Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> From b3fde6c2e1a950214f760ab9f194f3a6572292a8 Mon Sep 17 00:00:00 2001 diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-register-DRAM1-to-optee-os.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0004-plat-n1sdp-register-DRAM1-to-optee-os.patch index d9e20f8c76..d9e20f8c76 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-register-DRAM1-to-optee-os.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0004-plat-n1sdp-register-DRAM1-to-optee-os.patch diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0006-plat-n1sdp-add-external-device-tree-base-and-size.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-add-external-device-tree-base-and-size.patch index 74c94e0afe..74c94e0afe 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0006-plat-n1sdp-add-external-device-tree-base-and-size.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-add-external-device-tree-base-and-size.patch diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb deleted file mode 100644 index ea7b65cebb..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb +++ /dev/null @@ -1,3 +0,0 @@ -require recipes-security/optee/optee-client.inc - -SRCREV = "e7cba71cc6e2ecd02f412c7e9ee104f0a5dffc6f" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.22.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.22.0.bb new file mode 100644 index 0000000000..904c256509 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client_3.22.0.bb @@ -0,0 +1,7 @@ +require recipes-security/optee/optee-client.inc + +SRCREV = "8533e0e6329840ee96cf81b6453f257204227e6c" + +inherit pkgconfig +DEPENDS += "util-linux" +EXTRA_OEMAKE += "PKG_CONFIG=pkg-config" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-examples_3.22.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-examples_3.22.0.bb new file mode 100644 index 0000000000..f082a25d05 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-examples_3.22.0.bb @@ -0,0 +1,3 @@ +require recipes-security/optee/optee-examples.inc + +SRCREV = "378dc0db2d5dd279f58a3b6cb3f78ffd6b165035" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch deleted file mode 100644 index 862a76b427..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 63445958678b58c5adc7eca476b216e5dc0f4195 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier <jerome.forissier@linaro.org> -Date: Tue, 23 Aug 2022 11:41:00 +0000 -Subject: [PATCH] core, ldelf: link: add -z execstack - -When building for arm32 with GNU binutils 2.39, the linker outputs -warnings when generating some TEE core binaries (all_obj.o, init.o, -unpaged.o and tee.elf) as well as ldelf.elf: - - arm-poky-linux-gnueabi-ld.bfd: warning: atomic_a32.o: missing .note.GNU-stack section implies executable stack - arm-poky-linux-gnueabi-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker - -The permissions used when mapping the TEE core stacks do not depend on -any metadata found in the ELF file. Similarly when the TEE core loads -ldelf it already creates a non-executable stack regardless of ELF -information. Therefore we can safely ignore the warnings. This is done -by adding the '-z execstack' option. - -Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> - -Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5499] ---- - core/arch/arm/kernel/link.mk | 13 +++++++++---- - ldelf/link.mk | 3 +++ - 2 files changed, 12 insertions(+), 4 deletions(-) - -diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk -index c39d43cbfc5b..0e96e606cd9d 100644 ---- a/core/arch/arm/kernel/link.mk -+++ b/core/arch/arm/kernel/link.mk -@@ -9,6 +9,11 @@ link-script-dep = $(link-out-dir)/.kern.ld.d - - AWK = awk - -+link-ldflags-common += $(call ld-option,--no-warn-rwx-segments) -+ifeq ($(CFG_ARM32_core),y) -+link-ldflags-common += $(call ld-option,--no-warn-execstack) -+endif -+ - link-ldflags = $(LDFLAGS) - ifeq ($(CFG_CORE_ASLR),y) - link-ldflags += -pie -Bsymbolic -z norelro $(ldflag-apply-dynamic-relocs) -@@ -31,7 +36,7 @@ link-ldflags += -T $(link-script-pp) -Map=$(link-out-dir)/tee.map - link-ldflags += --sort-section=alignment - link-ldflags += --fatal-warnings - link-ldflags += --gc-sections --link-ldflags += $(call ld-option,--no-warn-rwx-segments) -+link-ldflags += $(link-ldflags-common) - - link-ldadd = $(LDADD) - link-ldadd += $(ldflags-external) -@@ -56,7 +61,7 @@ link-script-cppflags := \ - $(cppflagscore)) - - ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \ -- $(call ld-option,--no-warn-rwx-segments) \ -+ $(link-ldflags-common) \ - $(link-objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/all_objs.o - $(link-out-dir)/all_objs.o: $(objs) $(libdeps) $(MAKEFILE_LIST) -@@ -70,7 +75,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@ - - unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(call ld-option,--no-warn-rwx-segments) -+ $(link-ldflags-common) - unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/unpaged.o - $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt -@@ -99,7 +104,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@ - - init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(call ld-option,--no-warn-rwx-segments) -+ $(link-ldflags-common) - init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \ - $(libgcccore) - cleanfiles += $(link-out-dir)/init.o -diff --git a/ldelf/link.mk b/ldelf/link.mk -index 64c8212a06fa..bd49551e7065 100644 ---- a/ldelf/link.mk -+++ b/ldelf/link.mk -@@ -20,6 +20,9 @@ link-ldflags += -z max-page-size=4096 # OP-TEE always uses 4K alignment - ifeq ($(CFG_CORE_BTI),y) - link-ldflags += $(call ld-option,-z force-bti) --fatal-warnings - endif -+ifeq ($(CFG_ARM32_$(sm)), y) -+link-ldflags += $(call ld-option,--no-warn-execstack) -+endif - link-ldflags += $(link-ldflags$(sm)) - - link-ldadd = $(addprefix -L,$(libdirs)) diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch deleted file mode 100644 index e82fdc7147..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 1a991cbedf8647d5a1e7c312614f7867c3940968 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier <jerome.forissier@linaro.org> -Date: Tue, 23 Aug 2022 12:31:46 +0000 -Subject: [PATCH] arm32: libutils, libutee, ta: add .note.GNU-stack section to - - .S files - -When building for arm32 with GNU binutils 2.39, the linker outputs -warnings when linking Trusted Applications: - - arm-unknown-linux-uclibcgnueabihf-ld.bfd: warning: utee_syscalls_a32.o: missing .note.GNU-stack section implies executable stack - arm-unknown-linux-uclibcgnueabihf-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker - -We could silence the warning by adding the '-z execstack' option to the -TA link flags, like we did in the parent commit for the TEE core and -ldelf. Indeed, ldelf always allocates a non-executable piece of memory -for the TA to use as a stack. - -However it seems preferable to comply with the common ELF practices in -this case. A better fix is therefore to add the missing .note.GNU-stack -sections in the assembler files. - -Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> - -Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5499] ---- - lib/libutee/arch/arm/utee_syscalls_a32.S | 2 ++ - lib/libutils/ext/arch/arm/atomic_a32.S | 2 ++ - lib/libutils/ext/arch/arm/mcount_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/setjmp_a32.S | 2 ++ - ta/arch/arm/ta_entry_a32.S | 2 ++ - 7 files changed, 14 insertions(+) - -diff --git a/lib/libutee/arch/arm/utee_syscalls_a32.S b/lib/libutee/arch/arm/utee_syscalls_a32.S -index 6e621ca6e06d..af405f62723c 100644 ---- a/lib/libutee/arch/arm/utee_syscalls_a32.S -+++ b/lib/libutee/arch/arm/utee_syscalls_a32.S -@@ -7,6 +7,8 @@ - #include <tee_syscall_numbers.h> - #include <asm.S> - -+ .section .note.GNU-stack,"",%progbits -+ - .section .text - .balign 4 - .code 32 -diff --git a/lib/libutils/ext/arch/arm/atomic_a32.S b/lib/libutils/ext/arch/arm/atomic_a32.S -index eaef6914734e..2be73ffadcc9 100644 ---- a/lib/libutils/ext/arch/arm/atomic_a32.S -+++ b/lib/libutils/ext/arch/arm/atomic_a32.S -@@ -5,6 +5,8 @@ - - #include <asm.S> - -+ .section .note.GNU-stack,"",%progbits -+ - /* uint32_t atomic_inc32(uint32_t *v); */ - FUNC atomic_inc32 , : - ldrex r1, [r0] -diff --git a/lib/libutils/ext/arch/arm/mcount_a32.S b/lib/libutils/ext/arch/arm/mcount_a32.S -index 51439a23014e..54dc3c02da66 100644 ---- a/lib/libutils/ext/arch/arm/mcount_a32.S -+++ b/lib/libutils/ext/arch/arm/mcount_a32.S -@@ -7,6 +7,8 @@ - - #if defined(CFG_TA_GPROF_SUPPORT) || defined(CFG_FTRACE_SUPPORT) - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * Convert return address to call site address by subtracting the size of the - * mcount call instruction (blx __gnu_mcount_nc). -diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -index a600c879668c..37ae9ec6f9f1 100644 ---- a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -+++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -@@ -5,6 +5,8 @@ - - #include <asm.S> - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * signed ret_idivmod_values(signed quot, signed rem); - * return quotient and remaining the EABI way (regs r0,r1) -diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -index 2dc50bc98bbf..5c3353e2c1ba 100644 ---- a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -+++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -@@ -5,6 +5,8 @@ - - #include <asm.S> - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * __value_in_regs lldiv_t __aeabi_ldivmod( long long n, long long d) - */ -diff --git a/lib/libutils/isoc/arch/arm/setjmp_a32.S b/lib/libutils/isoc/arch/arm/setjmp_a32.S -index 43ea593758c9..f8a0b70df705 100644 ---- a/lib/libutils/isoc/arch/arm/setjmp_a32.S -+++ b/lib/libutils/isoc/arch/arm/setjmp_a32.S -@@ -51,6 +51,8 @@ - #define SIZE(x) - #endif - -+ .section .note.GNU-stack,"",%progbits -+ - /* Arm/Thumb interworking support: - - The interworking scheme expects functions to use a BX instruction -diff --git a/ta/arch/arm/ta_entry_a32.S b/ta/arch/arm/ta_entry_a32.S -index d2f8a69daa7f..cd9a12f9dbf9 100644 ---- a/ta/arch/arm/ta_entry_a32.S -+++ b/ta/arch/arm/ta_entry_a32.S -@@ -5,6 +5,8 @@ - - #include <asm.S> - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * This function is the bottom of the user call stack. Mark it as such so that - * the unwinding code won't try to go further down. diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch index 381cad9a43..e6fe716812 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch @@ -20,10 +20,11 @@ change in TF-A ("feat(qemu): update abi between spmd and spmc") [2]. file. Used by Trusted OS (BL32), that is, OP-TEE in this case Link: [2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=25ae7ad1878244f78206cc7c91f7bdbd267331a1 -Upstream-Status: Accepted - Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> + +Upstream-Status: Backport [f1f431c7a92671b4fa397976d381cc5ad8adacc4] +Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> --- core/arch/arm/kernel/boot.c | 8 +++++++- core/arch/arm/kernel/entry_a64.S | 17 ++++++++--------- diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch index 5421b10e76..da0422b97a 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch @@ -9,10 +9,11 @@ This commit adds functionality to save the TOS_FW_CONFIG too, so we can retrieve it later. This is necessary for the CFG_CORE_SEL1_SPMC use case, because the SPMC manifest is passed in this DT. -Upstream-Status: Accepted - Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Balint Dobszay <balint.dobszay@arm.com> + +Upstream-Status: Backport [809fa817ae6331d98b55f7afaa3c20f8407822e4] +Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> --- core/arch/arm/kernel/boot.c | 60 ++++++++++++++++++++++- core/arch/arm/kernel/entry_a32.S | 3 +- diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/CVE-2023-41325.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/CVE-2023-41325.patch new file mode 100644 index 0000000000..08acce07f9 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/CVE-2023-41325.patch @@ -0,0 +1,634 @@ +From 800627f054959aac0dd3527495ee3fad0137600a Mon Sep 17 00:00:00 2001 +From: Jihwan Park <jihwp@amazon.com> +Date: Mon, 3 Jul 2023 08:51:47 +0200 +Subject: [PATCH] core: crypto_bignum_free(): add indirection and set pointer + to NULL + +To prevent human mistake, crypto_bignum_free() sets the location of the +bignum pointer to NULL after freeing it. + +Signed-off-by: Jihwan Park <jihwp@amazon.com> +Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +Reviewed-by: Joakim Bech <joakim.bech@linaro.org> +Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> + +CVE: CVE-2023-41325 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + core/crypto/crypto.c | 4 +-- + core/drivers/crypto/caam/acipher/caam_dh.c | 8 ++--- + core/drivers/crypto/caam/acipher/caam_dsa.c | 14 ++++---- + core/drivers/crypto/caam/acipher/caam_ecc.c | 10 +++--- + core/drivers/crypto/caam/acipher/caam_rsa.c | 24 ++++++------- + core/drivers/crypto/se050/core/ecc.c | 14 ++++---- + core/drivers/crypto/se050/core/rsa.c | 38 ++++++++++----------- + core/drivers/crypto/versal/ecc.c | 6 ++-- + core/include/crypto/crypto.h | 2 +- + core/lib/libtomcrypt/dh.c | 8 ++--- + core/lib/libtomcrypt/dsa.c | 14 ++++---- + core/lib/libtomcrypt/ecc.c | 10 +++--- + core/lib/libtomcrypt/mpi_desc.c | 9 +++-- + core/lib/libtomcrypt/rsa.c | 22 ++++++------ + core/tee/tee_svc_cryp.c | 7 ++-- + lib/libmbedtls/core/bignum.c | 9 +++-- + lib/libmbedtls/core/dh.c | 8 ++--- + lib/libmbedtls/core/ecc.c | 10 +++--- + lib/libmbedtls/core/rsa.c | 22 ++++++------ + 19 files changed, 122 insertions(+), 117 deletions(-) + +diff --git a/core/crypto/crypto.c b/core/crypto/crypto.c +index 9f7d35097..60cb89a31 100644 +--- a/core/crypto/crypto.c ++++ b/core/crypto/crypto.c +@@ -498,9 +498,9 @@ void crypto_bignum_copy(struct bignum *to __unused, + bignum_cant_happen(); + } + +-void crypto_bignum_free(struct bignum *a) ++void crypto_bignum_free(struct bignum **a) + { +- if (a) ++ if (a && *a) + panic(); + } + +diff --git a/core/drivers/crypto/caam/acipher/caam_dh.c b/core/drivers/crypto/caam/acipher/caam_dh.c +index 6131ff0ef..35fc44541 100644 +--- a/core/drivers/crypto/caam/acipher/caam_dh.c ++++ b/core/drivers/crypto/caam/acipher/caam_dh.c +@@ -195,10 +195,10 @@ static TEE_Result do_allocate_keypair(struct dh_keypair *key, size_t size_bits) + err: + DH_TRACE("Allocation error"); + +- crypto_bignum_free(key->g); +- crypto_bignum_free(key->p); +- crypto_bignum_free(key->x); +- crypto_bignum_free(key->y); ++ crypto_bignum_free(&key->g); ++ crypto_bignum_free(&key->p); ++ crypto_bignum_free(&key->x); ++ crypto_bignum_free(&key->y); + + return TEE_ERROR_OUT_OF_MEMORY; + } +diff --git a/core/drivers/crypto/caam/acipher/caam_dsa.c b/core/drivers/crypto/caam/acipher/caam_dsa.c +index 2696f0b3c..d60bb8e89 100644 +--- a/core/drivers/crypto/caam/acipher/caam_dsa.c ++++ b/core/drivers/crypto/caam/acipher/caam_dsa.c +@@ -309,10 +309,10 @@ static TEE_Result do_allocate_keypair(struct dsa_keypair *key, size_t l_bits, + err: + DSA_TRACE("Allocation error"); + +- crypto_bignum_free(key->g); +- crypto_bignum_free(key->p); +- crypto_bignum_free(key->q); +- crypto_bignum_free(key->x); ++ crypto_bignum_free(&key->g); ++ crypto_bignum_free(&key->p); ++ crypto_bignum_free(&key->q); ++ crypto_bignum_free(&key->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -358,9 +358,9 @@ static TEE_Result do_allocate_publickey(struct dsa_public_key *key, + err: + DSA_TRACE("Allocation error"); + +- crypto_bignum_free(key->g); +- crypto_bignum_free(key->p); +- crypto_bignum_free(key->q); ++ crypto_bignum_free(&key->g); ++ crypto_bignum_free(&key->p); ++ crypto_bignum_free(&key->q); + + return TEE_ERROR_OUT_OF_MEMORY; + } +diff --git a/core/drivers/crypto/caam/acipher/caam_ecc.c b/core/drivers/crypto/caam/acipher/caam_ecc.c +index 90e87c20a..6b12b6cbe 100644 +--- a/core/drivers/crypto/caam/acipher/caam_ecc.c ++++ b/core/drivers/crypto/caam/acipher/caam_ecc.c +@@ -169,8 +169,8 @@ static TEE_Result do_allocate_keypair(struct ecc_keypair *key, size_t size_bits) + err: + ECC_TRACE("Allocation error"); + +- crypto_bignum_free(key->d); +- crypto_bignum_free(key->x); ++ crypto_bignum_free(&key->d); ++ crypto_bignum_free(&key->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -204,7 +204,7 @@ static TEE_Result do_allocate_publickey(struct ecc_public_key *key, + err: + ECC_TRACE("Allocation error"); + +- crypto_bignum_free(key->x); ++ crypto_bignum_free(&key->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -216,8 +216,8 @@ err: + */ + static void do_free_publickey(struct ecc_public_key *key) + { +- crypto_bignum_free(key->x); +- crypto_bignum_free(key->y); ++ crypto_bignum_free(&key->x); ++ crypto_bignum_free(&key->y); + } + + /* +diff --git a/core/drivers/crypto/caam/acipher/caam_rsa.c b/core/drivers/crypto/caam/acipher/caam_rsa.c +index e860c641c..b59ab0b6e 100644 +--- a/core/drivers/crypto/caam/acipher/caam_rsa.c ++++ b/core/drivers/crypto/caam/acipher/caam_rsa.c +@@ -86,14 +86,14 @@ static uint8_t caam_era; + */ + static void do_free_keypair(struct rsa_keypair *key) + { +- crypto_bignum_free(key->e); +- crypto_bignum_free(key->d); +- crypto_bignum_free(key->n); +- crypto_bignum_free(key->p); +- crypto_bignum_free(key->q); +- crypto_bignum_free(key->qp); +- crypto_bignum_free(key->dp); +- crypto_bignum_free(key->dq); ++ crypto_bignum_free(&key->e); ++ crypto_bignum_free(&key->d); ++ crypto_bignum_free(&key->n); ++ crypto_bignum_free(&key->p); ++ crypto_bignum_free(&key->q); ++ crypto_bignum_free(&key->qp); ++ crypto_bignum_free(&key->dp); ++ crypto_bignum_free(&key->dq); + } + + /* +@@ -435,8 +435,8 @@ static TEE_Result do_allocate_publickey(struct rsa_public_key *key, + err_alloc_publickey: + RSA_TRACE("Allocation error"); + +- crypto_bignum_free(key->e); +- crypto_bignum_free(key->n); ++ crypto_bignum_free(&key->e); ++ crypto_bignum_free(&key->n); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -448,8 +448,8 @@ err_alloc_publickey: + */ + static void do_free_publickey(struct rsa_public_key *key) + { +- crypto_bignum_free(key->e); +- crypto_bignum_free(key->n); ++ crypto_bignum_free(&key->e); ++ crypto_bignum_free(&key->n); + } + + /* +diff --git a/core/drivers/crypto/se050/core/ecc.c b/core/drivers/crypto/se050/core/ecc.c +index d74334760..52f82c69d 100644 +--- a/core/drivers/crypto/se050/core/ecc.c ++++ b/core/drivers/crypto/se050/core/ecc.c +@@ -752,9 +752,9 @@ static TEE_Result do_alloc_keypair(struct ecc_keypair *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->x); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->x); ++ crypto_bignum_free(&s->y); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -768,8 +768,8 @@ static TEE_Result do_alloc_publickey(struct ecc_public_key *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->x); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->x); ++ crypto_bignum_free(&s->y); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -778,8 +778,8 @@ static void do_free_publickey(struct ecc_public_key *s) + if (!s) + return; + +- crypto_bignum_free(s->x); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->x); ++ crypto_bignum_free(&s->y); + } + + static struct drvcrypt_ecc driver_ecc = { +diff --git a/core/drivers/crypto/se050/core/rsa.c b/core/drivers/crypto/se050/core/rsa.c +index 815abb3cd..475d2b99a 100644 +--- a/core/drivers/crypto/se050/core/rsa.c ++++ b/core/drivers/crypto/se050/core/rsa.c +@@ -537,14 +537,14 @@ static TEE_Result do_alloc_keypair(struct rsa_keypair *s, + + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->e); +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); +- crypto_bignum_free(s->qp); +- crypto_bignum_free(s->dp); +- crypto_bignum_free(s->dq); ++ crypto_bignum_free(&s->e); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); ++ crypto_bignum_free(&s->qp); ++ crypto_bignum_free(&s->dp); ++ crypto_bignum_free(&s->dq); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -556,7 +556,7 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s, + if (!bn_alloc_max(&s->e)) + return TEE_ERROR_OUT_OF_MEMORY; + if (!bn_alloc_max(&s->n)) { +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->e); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -566,8 +566,8 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s, + static void do_free_publickey(struct rsa_public_key *s) + { + if (s) { +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->e); + } + } + +@@ -587,14 +587,14 @@ static void do_free_keypair(struct rsa_keypair *s) + sss_se05x_key_store_erase_key(se050_kstore, &k_object); + } + +- crypto_bignum_free(s->e); +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); +- crypto_bignum_free(s->qp); +- crypto_bignum_free(s->dp); +- crypto_bignum_free(s->dq); ++ crypto_bignum_free(&s->e); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); ++ crypto_bignum_free(&s->qp); ++ crypto_bignum_free(&s->dp); ++ crypto_bignum_free(&s->dq); + } + + static TEE_Result do_gen_keypair(struct rsa_keypair *key, size_t kb) +diff --git a/core/drivers/crypto/versal/ecc.c b/core/drivers/crypto/versal/ecc.c +index 3d5454509..18ec4f78d 100644 +--- a/core/drivers/crypto/versal/ecc.c ++++ b/core/drivers/crypto/versal/ecc.c +@@ -284,9 +284,9 @@ static TEE_Result sign(uint32_t algo, struct ecc_keypair *key, + + versal_mbox_alloc(bytes, NULL, &k); + crypto_bignum_bn2bin_eswap(key->curve, ephemeral.d, k.buf); +- crypto_bignum_free(ephemeral.d); +- crypto_bignum_free(ephemeral.x); +- crypto_bignum_free(ephemeral.y); ++ crypto_bignum_free(&ephemeral.d); ++ crypto_bignum_free(&ephemeral.x); ++ crypto_bignum_free(&ephemeral.y); + + /* Private key*/ + versal_mbox_alloc(bytes, NULL, &d); +diff --git a/core/include/crypto/crypto.h b/core/include/crypto/crypto.h +index 71a287ec6..0e6c139ce 100644 +--- a/core/include/crypto/crypto.h ++++ b/core/include/crypto/crypto.h +@@ -98,7 +98,7 @@ size_t crypto_bignum_num_bytes(struct bignum *a); + size_t crypto_bignum_num_bits(struct bignum *a); + void crypto_bignum_bn2bin(const struct bignum *from, uint8_t *to); + void crypto_bignum_copy(struct bignum *to, const struct bignum *from); +-void crypto_bignum_free(struct bignum *a); ++void crypto_bignum_free(struct bignum **a); + void crypto_bignum_clear(struct bignum *a); + + /* return -1 if a<b, 0 if a==b, +1 if a>b */ +diff --git a/core/lib/libtomcrypt/dh.c b/core/lib/libtomcrypt/dh.c +index 4eb9916f2..b1d0a4d00 100644 +--- a/core/lib/libtomcrypt/dh.c ++++ b/core/lib/libtomcrypt/dh.c +@@ -28,10 +28,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->g); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->y); +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->g); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->y); ++ crypto_bignum_free(&s->x); + return TEE_ERROR_OUT_OF_MEMORY; + } + +diff --git a/core/lib/libtomcrypt/dsa.c b/core/lib/libtomcrypt/dsa.c +index a2dc720ed..d6243c469 100644 +--- a/core/lib/libtomcrypt/dsa.c ++++ b/core/lib/libtomcrypt/dsa.c +@@ -30,10 +30,10 @@ TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->g); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->g); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); ++ crypto_bignum_free(&s->y); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -52,9 +52,9 @@ TEE_Result crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->g); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); ++ crypto_bignum_free(&s->g); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); + return TEE_ERROR_OUT_OF_MEMORY; + } + +diff --git a/core/lib/libtomcrypt/ecc.c b/core/lib/libtomcrypt/ecc.c +index 938378247..fa645e17a 100644 +--- a/core/lib/libtomcrypt/ecc.c ++++ b/core/lib/libtomcrypt/ecc.c +@@ -18,8 +18,8 @@ static void _ltc_ecc_free_public_key(struct ecc_public_key *s) + if (!s) + return; + +- crypto_bignum_free(s->x); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->x); ++ crypto_bignum_free(&s->y); + } + + /* +@@ -465,8 +465,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s, + err: + s->ops = NULL; + +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -541,7 +541,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s, + err: + s->ops = NULL; + +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +diff --git a/core/lib/libtomcrypt/mpi_desc.c b/core/lib/libtomcrypt/mpi_desc.c +index 235fbe630..ff8dd13c7 100644 +--- a/core/lib/libtomcrypt/mpi_desc.c ++++ b/core/lib/libtomcrypt/mpi_desc.c +@@ -763,10 +763,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits) + return (struct bignum *)bn; + } + +-void crypto_bignum_free(struct bignum *s) ++void crypto_bignum_free(struct bignum **s) + { +- mbedtls_mpi_free((mbedtls_mpi *)s); +- free(s); ++ assert(s); ++ ++ mbedtls_mpi_free((mbedtls_mpi *)*s); ++ free(*s); ++ *s = NULL; + } + + void crypto_bignum_clear(struct bignum *s) +diff --git a/core/lib/libtomcrypt/rsa.c b/core/lib/libtomcrypt/rsa.c +index 8d0443f36..13ed23934 100644 +--- a/core/lib/libtomcrypt/rsa.c ++++ b/core/lib/libtomcrypt/rsa.c +@@ -131,7 +131,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->e); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -143,8 +143,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s) + { + if (!s) + return; +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->e); + } + + +@@ -155,14 +155,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) + { + if (!s) + return; +- crypto_bignum_free(s->e); +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); +- crypto_bignum_free(s->qp); +- crypto_bignum_free(s->dp); +- crypto_bignum_free(s->dq); ++ crypto_bignum_free(&s->e); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); ++ crypto_bignum_free(&s->qp); ++ crypto_bignum_free(&s->dp); ++ crypto_bignum_free(&s->dq); + } + + TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key, +diff --git a/core/tee/tee_svc_cryp.c b/core/tee/tee_svc_cryp.c +index 534e5ac39..880809753 100644 +--- a/core/tee/tee_svc_cryp.c ++++ b/core/tee/tee_svc_cryp.c +@@ -869,8 +869,7 @@ static void op_attr_bignum_free(void *attr) + { + struct bignum **bn = attr; + +- crypto_bignum_free(*bn); +- *bn = NULL; ++ crypto_bignum_free(bn); + } + + static TEE_Result op_attr_value_from_user(void *attr, const void *buffer, +@@ -3445,8 +3444,8 @@ TEE_Result syscall_cryp_derive_key(unsigned long state, + } else { + res = TEE_ERROR_OUT_OF_MEMORY; + } +- crypto_bignum_free(pub); +- crypto_bignum_free(ss); ++ crypto_bignum_free(&pub); ++ crypto_bignum_free(&ss); + } else if (TEE_ALG_GET_MAIN_ALG(cs->algo) == TEE_MAIN_ALGO_ECDH) { + struct ecc_public_key key_public; + uint8_t *pt_secret; +diff --git a/lib/libmbedtls/core/bignum.c b/lib/libmbedtls/core/bignum.c +index 61f6c5c60..dea30f61a 100644 +--- a/lib/libmbedtls/core/bignum.c ++++ b/lib/libmbedtls/core/bignum.c +@@ -87,10 +87,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits) + return (struct bignum *)bn; + } + +-void crypto_bignum_free(struct bignum *s) ++void crypto_bignum_free(struct bignum **s) + { +- mbedtls_mpi_free((mbedtls_mpi *)s); +- free(s); ++ assert(s); ++ ++ mbedtls_mpi_free((mbedtls_mpi *)*s); ++ free(*s); ++ *s = NULL; + } + + void crypto_bignum_clear(struct bignum *s) +diff --git a/lib/libmbedtls/core/dh.c b/lib/libmbedtls/core/dh.c +index b3415aaa7..e95aa1495 100644 +--- a/lib/libmbedtls/core/dh.c ++++ b/lib/libmbedtls/core/dh.c +@@ -35,10 +35,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->g); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->y); +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->g); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->y); ++ crypto_bignum_free(&s->x); + return TEE_ERROR_OUT_OF_MEMORY; + } + +diff --git a/lib/libmbedtls/core/ecc.c b/lib/libmbedtls/core/ecc.c +index fd4a51b9d..46cd9fd1c 100644 +--- a/lib/libmbedtls/core/ecc.c ++++ b/lib/libmbedtls/core/ecc.c +@@ -40,8 +40,8 @@ static void ecc_free_public_key(struct ecc_public_key *s) + if (!s) + return; + +- crypto_bignum_free(s->x); +- crypto_bignum_free(s->y); ++ crypto_bignum_free(&s->x); ++ crypto_bignum_free(&s->y); + } + + /* +@@ -484,8 +484,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s, + return TEE_SUCCESS; + + err: +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +@@ -581,7 +581,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s, + return TEE_SUCCESS; + + err: +- crypto_bignum_free(s->x); ++ crypto_bignum_free(&s->x); + + return TEE_ERROR_OUT_OF_MEMORY; + } +diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c +index c3b5be509..a8aeb2c04 100644 +--- a/lib/libmbedtls/core/rsa.c ++++ b/lib/libmbedtls/core/rsa.c +@@ -183,7 +183,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s, + goto err; + return TEE_SUCCESS; + err: +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->e); + return TEE_ERROR_OUT_OF_MEMORY; + } + +@@ -194,8 +194,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s) + { + if (!s) + return; +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->e); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->e); + } + + void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) +@@ -205,14 +205,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) + { + if (!s) + return; +- crypto_bignum_free(s->e); +- crypto_bignum_free(s->d); +- crypto_bignum_free(s->n); +- crypto_bignum_free(s->p); +- crypto_bignum_free(s->q); +- crypto_bignum_free(s->qp); +- crypto_bignum_free(s->dp); +- crypto_bignum_free(s->dq); ++ crypto_bignum_free(&s->e); ++ crypto_bignum_free(&s->d); ++ crypto_bignum_free(&s->n); ++ crypto_bignum_free(&s->p); ++ crypto_bignum_free(&s->q); ++ crypto_bignum_free(&s->qp); ++ crypto_bignum_free(&s->dp); ++ crypto_bignum_free(&s->dq); + } + + TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key, +-- +2.34.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch new file mode 100644 index 0000000000..392e8d82bd --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch @@ -0,0 +1,34 @@ +From 02ea8e616ac615efe3507d627dfba9820d3357f6 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Tue, 26 May 2020 14:38:02 -0500 +Subject: [PATCH] allow setting sysroot for libgcc lookup + +Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching +for the compiler libraries as there's no easy way to reliably pass --sysroot +otherwise. + +Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + mk/gcc.mk | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/mk/gcc.mk b/mk/gcc.mk +index adc77a24f25e..81bfa78ad8d7 100644 +--- a/mk/gcc.mk ++++ b/mk/gcc.mk +@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \ + -print-file-name=include 2> /dev/null) + + # Get location of libgcc from gcc +-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ ++libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \ + -print-libgcc-file-name 2> /dev/null) +-libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ ++libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ + -print-file-name=libstdc++.a 2> /dev/null) +-libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ ++libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ + -print-file-name=libgcc_eh.a 2> /dev/null) + + # Define these to something to discover accidental use diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0002-core-Define-section-attributes-for-clang.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0002-core-Define-section-attributes-for-clang.patch new file mode 100644 index 0000000000..15bdf07df2 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0002-core-Define-section-attributes-for-clang.patch @@ -0,0 +1,240 @@ +From 6f588813a170a671ebf1d6b51cebc7bc761295dc Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Wed, 21 Dec 2022 10:55:58 +0000 +Subject: [PATCH] core: Define section attributes for clang + +Clang's attribute section is not same as gcc, here we need to add flags +to sections so they can be eventually collected by linker into final +output segments. Only way to do so with clang is to use + +pragma clang section ... + +The behavious is described here [1], this allows us to define names bss +sections. This was not an issue until clang-15 where LLD linker starts +to detect the section flags before merging them and throws the following +errors + +| ld.lld: error: section type mismatch for .nozi.kdata_page +| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS +| >>> output section .nozi: SHT_NOBITS +| +| ld.lld: error: section type mismatch for .nozi.mmu.l2 +| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS +| >>> output section .nozi: SHT_NOBITS + +These sections should be carrying SHT_NOBITS but so far it was not +possible to do so, this patch tries to use clangs pragma to get this +going and match the functionality with gcc. + +[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + core/arch/arm/kernel/thread.c | 19 +++++++++++++++-- + core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++---- + core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++--- + core/arch/arm/mm/pgt_cache.c | 12 ++++++++++- + core/kernel/thread.c | 13 +++++++++++- + 5 files changed, 104 insertions(+), 11 deletions(-) + +diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c +index 4487ef026df9..f3624389611b 100644 +--- a/core/arch/arm/kernel/thread.c ++++ b/core/arch/arm/kernel/thread.c +@@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss; + #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \ + defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64) + long thread_user_kdata_sp_offset __nex_bss; ++#ifdef __clang__ ++#ifndef CFG_VIRTUALIZATION ++#pragma clang section bss=".nozi.kdata_page" ++#else ++#pragma clang section bss=".nex_nozi.kdata_page" ++#endif ++#endif + static uint8_t thread_user_kdata_page[ + ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE, + SMALL_PAGE_SIZE)] + __aligned(SMALL_PAGE_SIZE) ++#ifndef __clang__ + #ifndef CFG_NS_VIRTUALIZATION +- __section(".nozi.kdata_page"); ++ __section(".nozi.kdata_page") + #else +- __section(".nex_nozi.kdata_page"); ++ __section(".nex_nozi.kdata_page") + #endif ++#endif ++ ; ++#endif ++ ++/* reset BSS section to default ( .bss ) */ ++#ifdef __clang__ ++#pragma clang section bss="" + #endif + + #ifdef ARM32 +diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c +index 7e79f780ad28..ec4db9dc98c5 100644 +--- a/core/arch/arm/mm/core_mmu_lpae.c ++++ b/core/arch/arm/mm/core_mmu_lpae.c +@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t; + typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES]; + typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES]; + ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.base_table" ++#endif + static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES] + __aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE) +- __section(".nozi.mmu.base_table"); ++#ifndef __clang__ ++ __section(".nozi.mmu.base_table") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.l2" ++#endif + static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES] +- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); ++ __aligned(XLAT_TABLE_SIZE) ++#ifndef __clang__ ++ __section(".nozi.mmu.l2") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + + #define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES) + ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.l2" ++#endif + /* MMU L2 table for TAs, one for each thread */ + static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS] +- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); +- ++#ifndef __clang__ ++ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + /* + * TAs page table entry inside a level 1 page table. + * +diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c +index 61e703da89c8..1960c08ca688 100644 +--- a/core/arch/arm/mm/core_mmu_v7.c ++++ b/core/arch/arm/mm/core_mmu_v7.c +@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES]; + typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES]; + typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES]; + ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.l1" ++#endif + static l1_xlat_tbl_t main_mmu_l1_ttb +- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1"); ++ __aligned(L1_ALIGNMENT) ++#ifndef __clang__ ++ __section(".nozi.mmu.l1") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + + /* L2 MMU tables */ ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.l2" ++#endif + static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES] +- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2"); ++ __aligned(L2_ALIGNMENT) ++#ifndef __clang__ ++ __section(".nozi.mmu.l2") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + + /* MMU L1 table for TAs, one for each thread */ ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.ul1" ++#endif + static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS] +- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1"); ++ __aligned(UL1_ALIGNMENT) ++#ifndef __clang__ ++ __section(".nozi.mmu.ul1") ++#endif ++; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + + struct mmu_partition { + l1_xlat_tbl_t *l1_table; +diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c +index 79553c6d2183..b9efdf42780b 100644 +--- a/core/arch/arm/mm/pgt_cache.c ++++ b/core/arch/arm/mm/pgt_cache.c +@@ -410,8 +410,18 @@ void pgt_init(void) + * has a large alignment, while .bss has a small alignment. The current + * link script is optimized for small alignment in .bss + */ ++#ifdef __clang__ ++#pragma clang section bss=".nozi.mmu.l2" ++#endif + static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE] +- __aligned(PGT_SIZE) __section(".nozi.pgt_cache"); ++ __aligned(PGT_SIZE) ++#ifndef __clang__ ++ __section(".nozi.pgt_cache") ++#endif ++ ; ++#ifdef __clang__ ++#pragma clang section bss="" ++#endif + size_t n; + + for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) { +diff --git a/core/kernel/thread.c b/core/kernel/thread.c +index 2a1f22dce635..5516b677141a 100644 +--- a/core/kernel/thread.c ++++ b/core/kernel/thread.c +@@ -39,13 +39,24 @@ static uint32_t end_canary_value = 0xababab00; + name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] + #endif + ++#define DO_PRAGMA(x) _Pragma (#x) ++ ++#ifdef __clang__ ++#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ ++DO_PRAGMA (clang section bss=".nozi_stack." #name) \ ++linkage uint32_t name[num_stacks] \ ++ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ ++ STACK_ALIGNMENT) / sizeof(uint32_t)] \ ++ __attribute__((aligned(STACK_ALIGNMENT))); \ ++DO_PRAGMA(clang section bss="") ++#else + #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ + linkage uint32_t name[num_stacks] \ + [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ + STACK_ALIGNMENT) / sizeof(uint32_t)] \ + __attribute__((section(".nozi_stack." # name), \ + aligned(STACK_ALIGNMENT))) +- ++#endif + #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) + + DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE, diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0003-optee-enable-clang-support.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0003-optee-enable-clang-support.patch new file mode 100644 index 0000000000..b4ea8ed356 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0003-optee-enable-clang-support.patch @@ -0,0 +1,29 @@ +From 9c55b7a4e39617c2abbf4e0e39fd8041c7b2b9b6 Mon Sep 17 00:00:00 2001 +From: Brett Warren <brett.warren@arm.com> +Date: Wed, 23 Sep 2020 09:27:34 +0100 +Subject: [PATCH] optee: enable clang support + +When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used +to provide a sysroot wasn't included, which results in not locating +compiler-rt. This is mitigated by including the variable as ammended. + +Upstream-Status: Pending +ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701 +Signed-off-by: Brett Warren <brett.warren@arm.com> +--- + mk/clang.mk | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/mk/clang.mk b/mk/clang.mk +index a045beee8482..1ebe2f702dcd 100644 +--- a/mk/clang.mk ++++ b/mk/clang.mk +@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \ + + # Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of + # libgcc for clang +-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ ++libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \ + -rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null) + + # Core ASLR relies on the executable being ready to run from its preferred load diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0004-core-link-add-no-warn-rwx-segments.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0004-core-link-add-no-warn-rwx-segments.patch new file mode 100644 index 0000000000..d418d4612f --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.22.0/0004-core-link-add-no-warn-rwx-segments.patch @@ -0,0 +1,62 @@ +From 3e191f732b3eba699b91ffd7ffa2ae0787f08947 Mon Sep 17 00:00:00 2001 +From: Jerome Forissier <jerome.forissier@linaro.org> +Date: Fri, 5 Aug 2022 09:48:03 +0200 +Subject: [PATCH] core: link: add --no-warn-rwx-segments + +Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> +Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474] + +binutils ld.bfd generates one RWX LOAD segment by merging several sections +with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it +also warns by default when that happens [1], which breaks the build due to +--fatal-warnings. The RWX segment is not a problem for the TEE core, since +that information is not used to set memory permissions. Therefore, silence +the warning. + +Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107 +Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448 +Reported-by: Dominique Martinet <dominique.martinet@atmark-techno.com> +Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +--- + core/arch/arm/kernel/link.mk | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk +index 49e9f4fa18a5..9e1cc172fb8a 100644 +--- a/core/arch/arm/kernel/link.mk ++++ b/core/arch/arm/kernel/link.mk +@@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment + link-ldflags += --fatal-warnings + link-ldflags += --gc-sections + link-ldflags += $(link-ldflags-common) ++link-ldflags += $(call ld-option,--no-warn-rwx-segments) + + link-ldadd = $(LDADD) + link-ldadd += $(ldflags-external) +@@ -61,6 +62,7 @@ link-script-cppflags := \ + $(cppflagscore)) + + ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \ ++ $(call ld-option,--no-warn-rwx-segments) \ + $(link-ldflags-common) \ + $(link-objs) $(link-ldadd) $(libgcccore) + cleanfiles += $(link-out-dir)/all_objs.o +@@ -75,7 +77,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o + $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@ + + unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ +- $(link-ldflags-common) ++ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments) + unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore) + cleanfiles += $(link-out-dir)/unpaged.o + $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt +@@ -104,7 +106,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o + $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@ + + init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ +- $(link-ldflags-common) ++ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments) + init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \ + $(libgcccore) + cleanfiles += $(link-out-dir)/init.o diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc index 80a11b5330..1b66cd5de4 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc @@ -8,10 +8,9 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/n1sdp:" SRC_URI:append = " \ file://0001-core-arm-add-MPIDR-affinity-shift-and-mask-for-32-bi.patch \ file://0002-plat-n1sdp-add-N1SDP-platform-support.patch \ - file://0003-HACK-disable-instruction-cache-and-data-cache.patch \ - file://0004-Handle-logging-syscall.patch \ - file://0005-plat-n1sdp-register-DRAM1-to-optee-os.patch \ - file://0006-plat-n1sdp-add-external-device-tree-base-and-size.patch \ + file://0003-Handle-logging-syscall.patch \ + file://0004-plat-n1sdp-register-DRAM1-to-optee-os.patch \ + file://0005-plat-n1sdp-add-external-device-tree-base-and-size.patch \ " EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=4" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend deleted file mode 100644 index 0cb9b05e0b..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# Machine specific configurations - -MACHINE_OPTEE_OS_TADEVKIT_REQUIRE ?= "" -MACHINE_OPTEE_OS_TADEVKIT_REQUIRE:tc = "optee-os-tc.inc" - -require ${MACHINE_OPTEE_OS_TADEVKIT_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.22.0.bb index ff0baf8cba..44496164b6 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.22.0.bb @@ -1,4 +1,4 @@ -require optee-os_3.18.0.bb +require optee-os_3.22.0.bb SUMMARY = "OP-TEE Trusted OS TA devkit" DESCRIPTION = "OP-TEE TA devkit for build TAs" @@ -22,3 +22,8 @@ FILES:${PN} = "${includedir}/optee/" # Build paths are currently embedded INSANE_SKIP:${PN}-dev += "buildpaths" + +# Include extra headers needed by SPMC tests to TA DEVKIT. +# Supported after op-tee v3.20 +EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \ + ' CFG_SPMC_TESTS=y', '' , d)}" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb deleted file mode 100644 index 6e1e6ad4b4..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb +++ /dev/null @@ -1,15 +0,0 @@ -require recipes-security/optee/optee-os.inc - -DEPENDS += "dtc-native" - -FILESEXTRAPATHS:prepend := "${THISDIR}/${P}:" - -SRCREV = "1ee647035939e073a2e8dddb727c0f019cc035f1" -SRC_URI += " \ - file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ - file://0002-optee-enable-clang-support.patch \ - file://0003-core-link-add-no-warn-rwx-segments.patch \ - file://0004-core-Define-section-attributes-for-clang.patch \ - file://0005-core-ldelf-link-add-z-execstack.patch \ - file://0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch \ - " diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend deleted file mode 100644 index e276fb8629..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# Machine specific configurations - -MACHINE_OPTEE_OS_REQUIRE ?= "" -MACHINE_OPTEE_OS_REQUIRE:tc = "optee-os-tc.inc" - -require ${MACHINE_OPTEE_OS_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb index 0f3e58ded9..0638cf7fac 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb @@ -14,4 +14,5 @@ SRC_URI += " \ file://0006-core-ffa-add-TOS_FW_CONFIG-handling.patch \ file://0007-core-spmc-handle-non-secure-interrupts.patch \ file://0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch \ + file://CVE-2023-41325.patch \ " diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bb new file mode 100644 index 0000000000..e12201920e --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bb @@ -0,0 +1,13 @@ +require recipes-security/optee/optee-os.inc + +DEPENDS += "dtc-native" + +FILESEXTRAPATHS:prepend := "${THISDIR}/${P}:" + +SRCREV = "001ace6655dd6bb9cbe31aa31b4ba69746e1a1d9" +SRC_URI += " \ + file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ + file://0002-core-Define-section-attributes-for-clang.patch \ + file://0003-optee-enable-clang-support.patch \ + file://0004-core-link-add-no-warn-rwx-segments.patch \ + " diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend index b5493e5e2a..ee4ca17f53 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend @@ -1,5 +1,7 @@ -# Machine specific configurations +# Include Trusted Services Secure Partitions +require recipes-security/optee/optee-os-ts.inc +# Machine specific configurations MACHINE_OPTEE_OS_REQUIRE ?= "" MACHINE_OPTEE_OS_REQUIRE:corstone1000 = "optee-os-corstone1000-common.inc" MACHINE_OPTEE_OS_REQUIRE:n1sdp = "optee-os-n1sdp.inc" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb deleted file mode 100644 index cf8ea01baa..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb +++ /dev/null @@ -1,10 +0,0 @@ -require recipes-security/optee/optee-test.inc - -SRC_URI += " \ - file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \ - " -SRCREV = "da5282a011b40621a2cf7a296c11a35c833ed91b" - -EXTRA_OEMAKE:append:libc-musl = " OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}" -DEPENDS:append:libc-musl = " openssl" -CFLAGS:append:libc-musl = " -Wno-error=deprecated-declarations" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb index 5f73d41405..4409ad5f16 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb @@ -6,7 +6,3 @@ SRC_URI += " \ file://0003-Update-arm_ffa_user-driver-dependency.patch \ " SRCREV = "5db8ab4c733d5b2f4afac3e9aef0a26634c4b444" - -EXTRA_OEMAKE:append = " OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}" -DEPENDS:append = " openssl" -CFLAGS:append = " -Wno-error=deprecated-declarations" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.22.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.22.0.bb new file mode 100644 index 0000000000..eddf04d86c --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.22.0.bb @@ -0,0 +1,14 @@ +require recipes-security/optee/optee-test.inc + +SRC_URI += " \ + file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \ + " +SRCREV = "a286b57f1721af215ace318d5807e63f40186df6" + +# Include ffa_spmc test group if the SPMC test is enabled. +# Supported after op-tee v3.20 +EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \ + ' CFG_SPMC_TESTS=y CFG_SECURE_PARTITION=y', '' , d)}" + +RDEPENDS:${PN} += "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \ + ' arm-ffa-user', '' , d)}" diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-plat-corstone1000-change-ns-interrupt-action.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-plat-corstone1000-change-ns-interrupt-action.patch deleted file mode 100644 index c50f2866bb..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-plat-corstone1000-change-ns-interrupt-action.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 7f51fa5f848b77b5aadfc553e1aeca52f4bcc5a1 Mon Sep 17 00:00:00 2001 -From: Emekcan Aras <emekcan.aras@arm.com> -Date: Tue, 22 Aug 2023 17:18:26 +0100 -Subject: [PATCH] platform: corstone1000: change ns-interrupt-action - -Changes ns-interrupt-action for corstone1000. The interrupts are queued as -in the previous optee release. Currently, enabling preemption (settig this field -to 2) will halt psa-test from linux-userspace in corstone1000. - -Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> -Upstream-Status: Pending [Not submitted to upstream yet] ---- - .../config/corstone1000-opteesp/default_se-proxy.dts.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/deployments/se-proxy/config/corstone1000-opteesp/default_se-proxy.dts.in b/deployments/se-proxy/config/corstone1000-opteesp/default_se-proxy.dts.in -index cc42929d..839f7464 100644 ---- a/deployments/se-proxy/config/corstone1000-opteesp/default_se-proxy.dts.in -+++ b/deployments/se-proxy/config/corstone1000-opteesp/default_se-proxy.dts.in -@@ -16,7 +16,7 @@ - execution-state = <0>; /* AArch64 */ - xlat-granule = <0>; /* 4KiB */ - messaging-method = <3>; /* Direct messaging only */ -- ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ -+ ns-interrupts-action = <0>; /* Non-secure interrupts are signaled */ - elf-format = <1>; - - device-regions { --- -2.17.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-platform-corstone1000-fix-synchronization-issue.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-platform-corstone1000-fix-synchronization-issue.patch new file mode 100644 index 0000000000..5d8f731854 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-platform-corstone1000-fix-synchronization-issue.patch @@ -0,0 +1,105 @@ +From 06c3e612cb0927d783f115077d83ed97841c5668 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras <emekcan.aras@arm.com> +Date: Tue, 14 Nov 2023 14:43:44 +0000 +Subject: [PATCH] plat: corstone1000: fix synchronization issue on openamp notification + +This fixes a race that is observed rarely in the FVP. It occurs in FVP +when Secure Enclave sends the notication ack in openamp, and then reset the access +request which resets the mhu registers before received by the SE-proxy-sp in the +host processort. This solution introduces polling on the status register of +mhu until the notificaiton is read by the host processor. (Inspired by +signal_and_wait_for_signal function in mhu_wrapper_v2_x.c in trusted-firmware-m +https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/ext/target/arm/rss/common/native_drivers/mhu_wrapper_v2_x.c#n61) + +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +Upstream-Status: Pending [Not submitted to upstream yet] +--- + components/messaging/openamp/sp/openamp_mhu.c | 9 ++++++++- + platform/drivers/arm/mhu_driver/mhu_v2.h | 18 ++++++++++++++++++ + platform/drivers/arm/mhu_driver/mhu_v2_x.c | 17 +++++++++++++++++ + 3 files changed, 43 insertions(+), 1 deletion(-) + +diff --git a/components/messaging/openamp/sp/openamp_mhu.c b/components/messaging/openamp/sp/openamp_mhu.c +index bafba3e3..0700b8b9 100644 +--- a/components/messaging/openamp/sp/openamp_mhu.c ++++ b/components/messaging/openamp/sp/openamp_mhu.c +@@ -85,7 +85,7 @@ int openamp_mhu_notify_peer(struct openamp_messenger *openamp) + struct mhu_v2_x_dev_t *tx_dev; + enum mhu_v2_x_error_t ret; + struct openamp_mhu *mhu; +- uint32_t access_ready; ++ uint32_t access_ready,val; + + if (!openamp->transport) { + EMSG("openamp: mhu: notify transport not initialized"); +@@ -116,6 +116,13 @@ int openamp_mhu_notify_peer(struct openamp_messenger *openamp) + return -EPROTO; + } + ++ do { ++ ret = mhu_v2_x_channel_poll(tx_dev, MHU_V_2_NOTIFY_CHANNEL, &val); ++ if (ret != MHU_V_2_X_ERR_NONE) { ++ break; ++ } ++ } while (val != 0); ++ + ret = mhu_v2_x_reset_access_request(tx_dev); + if (ret != MHU_V_2_X_ERR_NONE) { + EMSG("openamp: mhu: failed reset access request"); +diff --git a/platform/drivers/arm/mhu_driver/mhu_v2.h b/platform/drivers/arm/mhu_driver/mhu_v2.h +index 26b3a5d6..2b4d6fcb 100644 +--- a/platform/drivers/arm/mhu_driver/mhu_v2.h ++++ b/platform/drivers/arm/mhu_driver/mhu_v2.h +@@ -384,6 +384,24 @@ enum mhu_v2_x_error_t mhu_v2_x_interrupt_clear( + enum mhu_v2_x_error_t mhu_v2_1_get_ch_interrupt_num( + const struct mhu_v2_x_dev_t *dev, uint32_t *channel); + ++ ++/** ++ * \brief Polls sender channel status. ++ * ++ * \param[in] dev MHU device struct \ref mhu_v2_x_dev_t ++ * \param[in] channel Channel to poll the status of. ++ * \param[out] value Pointer to variable that will store the value. ++ * ++ * Polls sender channel status. ++ * ++ * \return Returns mhu_v2_x_error_t error code ++ * ++ * \note This function doesn't check if dev is NULL. ++ * \note This function doesn't check if channel is implemented. ++ */ ++enum mhu_v2_x_error_t mhu_v2_x_channel_poll(const struct mhu_v2_x_dev_t *dev, ++ uint32_t channel, uint32_t *value); ++ + #ifdef __cplusplus + } + #endif +diff --git a/platform/drivers/arm/mhu_driver/mhu_v2_x.c b/platform/drivers/arm/mhu_driver/mhu_v2_x.c +index d7e70efa..022e287a 100644 +--- a/platform/drivers/arm/mhu_driver/mhu_v2_x.c ++++ b/platform/drivers/arm/mhu_driver/mhu_v2_x.c +@@ -600,3 +600,20 @@ enum mhu_v2_x_error_t mhu_v2_1_get_ch_interrupt_num( + + return MHU_V_2_X_ERR_GENERAL; + } ++ ++enum mhu_v2_x_error_t mhu_v2_x_channel_poll(const struct mhu_v2_x_dev_t *dev, ++ uint32_t channel, uint32_t *value) ++{ ++ union _mhu_v2_x_frame_t *p_mhu = (union _mhu_v2_x_frame_t *)dev->base; ++ ++ if ( !(dev->is_initialized) ) { ++ return MHU_V_2_X_ERR_NOT_INIT; ++ } ++ ++ if (dev->frame == MHU_V2_X_SENDER_FRAME) { ++ *value = (SEND_FRAME(p_mhu))->send_ch_window[channel].ch_st; ++ return MHU_V_2_X_ERR_NONE; ++ } else { ++ return MHU_V_2_X_ERR_INVALID_ARG; ++ } ++} +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc index 551a67dcd1..3c7e94e6ea 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc @@ -9,7 +9,7 @@ SRC_URI:append:corstone1000 = " \ file://0005-plat-corstone1000-add-compile-definitions-for-ECP_DP.patch \ file://0006-plat-corstone1000-Use-the-stateless-platform-service.patch \ file://0007-plat-corstone1000-Initialize-capsule-update-provider.patch \ - file://0008-plat-corstone1000-change-ns-interrupt-action.patch \ + file://0008-platform-corstone1000-fix-synchronization-issue.patch \ " diff --git a/meta-arm/meta-arm-bsp/wic/fvp-base.wks b/meta-arm/meta-arm-bsp/wic/fvp-base.wks deleted file mode 100644 index 8399d042d4..0000000000 --- a/meta-arm/meta-arm-bsp/wic/fvp-base.wks +++ /dev/null @@ -1,3 +0,0 @@ -# For fvp-base* machines we just need to populate the rootfs partition - -part / --source rootfs --ondisk sda --fstype=ext4 --label root --align 1024 --extra-space 100 |