diff options
Diffstat (limited to 'meta-arm')
107 files changed, 2207 insertions, 623 deletions
diff --git a/meta-arm/.gitlab-ci.yml b/meta-arm/.gitlab-ci.yml index 7d050a551b..0ba2280249 100644 --- a/meta-arm/.gitlab-ci.yml +++ b/meta-arm/.gitlab-ci.yml @@ -1,4 +1,12 @@ -image: ghcr.io/siemens/kas/kas:latest-release +image: ghcr.io/siemens/kas/kas:3.2 + +variables: + CPU_REQUEST: "" + DEFAULT_TAG: "" + # These are needed as the k8s executor doesn't respect the container entrypoint + # by default + FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0 + FF_KUBERNETES_HONOR_ENTRYPOINT: 1 stages: - prep @@ -6,6 +14,8 @@ stages: # Common job fragment to get a worker ready .setup: + tags: + - $DEFAULT_TAG stage: build interruptible: true variables: @@ -25,11 +35,29 @@ stages: - mkdir --verbose --parents $KAS_WORK_DIR $KAS_REPO_REF_DIR $SSTATE_DIR $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR # Must do this here, as it's the only way to make sure the toolchain is installed on the same builder - ./ci/get-binary-toolchains $DL_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR - - sudo apt-get update && sudo apt-get install --yes telnet python3-subunit + # This can be removed with Kas 3.2 + - sudo apt-get update && sudo apt-get install --yes python3-subunit # Generalised fragment to do a Kas build .build: extends: .setup + variables: + KUBERNETES_CPU_REQUEST: $CPU_REQUEST + rules: + # Don't run MR pipelines + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + when: never + # Don't run pipelines for tags + - if: $CI_COMMIT_TAG + when: never + # Don't run if BUILD_ENABLE_REGEX is set, but the job doesn't match the regex + - if: '$BUILD_ENABLE_REGEX != null && $CI_JOB_NAME !~ $BUILD_ENABLE_REGEX' + when: never + # Allow the dev kernels to fail and not fail the overall build + - if: '$KERNEL == "linux-yocto-dev"' + allow_failure: true + # Catch all for everything else + - if: '$KERNEL != "linux-yocto-dev"' script: - KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME") - kas shell --update --force-checkout $KASFILES -c 'cat conf/*.conf' @@ -210,7 +238,7 @@ check-layers: "yocto-check-layer-wrapper $CI_PROJECT_DIR/$LAYER --dependency $CI_PROJECT_DIR/meta-* $KAS_WORK_DIR/meta-openembedded/meta-oe --no-auto-dependency" parallel: matrix: - - LAYER: [meta-arm, meta-arm-bsp, meta-arm-toolchain, meta-gem5] + - LAYER: [meta-arm, meta-arm-bsp, meta-arm-toolchain, meta-gem5, meta-atp] pending-updates: extends: .setup @@ -228,8 +256,7 @@ pending-updates: # What percentage of machines in the layer do we build machine-coverage: - stage: build - interruptible: true + extends: .setup script: - ./ci/check-machine-coverage coverage: '/Coverage: \d+/' diff --git a/meta-arm/README.md b/meta-arm/README.md index 221633e05d..e82f55322d 100644 --- a/meta-arm/README.md +++ b/meta-arm/README.md @@ -20,7 +20,7 @@ This repository contains the Arm layers for OpenEmbedded. * meta-atp - This layer contains recipes for the Adaptive Traffic Generation integration into meta-gem5. + This layer contains recipes for the [AMBA Adaptive Traffic Profiles (ATP)](https://developer.arm.com/documentation/ihi0082/latest) generation integration into meta-gem5. * meta-gem5 diff --git a/meta-arm/ci/0001-Revert-pixman-Do-not-use-clang-assembler-for-now.patch b/meta-arm/ci/0001-Revert-pixman-Do-not-use-clang-assembler-for-now.patch new file mode 100644 index 0000000000..4ad6607842 --- /dev/null +++ b/meta-arm/ci/0001-Revert-pixman-Do-not-use-clang-assembler-for-now.patch @@ -0,0 +1,26 @@ +This causes illegal instruction faults in pixman, so xserver crashes. +https://github.com/kraj/meta-clang/issues/696 + +From 8659c5c5bec39dd43a1988b19d4cf30507a44679 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Mon, 28 Nov 2022 16:52:50 +0000 +Subject: [PATCH] Revert "pixman: Do not use clang assembler for now" + +This reverts commit 84dbafa42d8141b00da75d6664aef07c252a52ee. +--- + conf/nonclangable.conf | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/conf/nonclangable.conf b/conf/nonclangable.conf +index 04112f4..b5db848 100644 +--- a/conf/nonclangable.conf ++++ b/conf/nonclangable.conf +@@ -347,5 +347,4 @@ DEPENDS:append:pn-pixman:mips:toolchain-clang = " openmp" + #| .endfunc + #| ^ + CFLAGS:append:pn-pixman:arm:toolchain-clang = " -no-integrated-as" +-CFLAGS:append:pn-pixman:aarch64:toolchain-clang = " -no-integrated-as" + +-- +2.34.1 + diff --git a/meta-arm/ci/clang.yml b/meta-arm/ci/clang.yml index e5e7dd5f3f..6c909023c7 100644 --- a/meta-arm/ci/clang.yml +++ b/meta-arm/ci/clang.yml @@ -4,8 +4,16 @@ header: repos: meta-clang: url: https://github.com/kraj/meta-clang - refspec: master + patches: + pixman: + repo: meta-arm + path: ci/0001-Revert-pixman-Do-not-use-clang-assembler-for-now.patch local_conf_header: clang: | TOOLCHAIN = "clang" + # Backport d89e06ad94a46f6810d0a8787004b71b8ecaf87d to langdale + OBJCOPY:pn-linux-yocto:toolchain-clang = "${HOST_PREFIX}objcopy" + # Perf needs fixes backported, use GCC for now + # https://lore.kernel.org/linux-perf-users/Y5d4k7fDxfRP7hcN@kernel.org/T/#t + TOOLCHAIN:pn-perf = "gcc" diff --git a/meta-arm/ci/n1sdp.yml b/meta-arm/ci/n1sdp.yml index 797a52255c..f6883079c9 100644 --- a/meta-arm/ci/n1sdp.yml +++ b/meta-arm/ci/n1sdp.yml @@ -4,3 +4,7 @@ header: - ci/base.yml machine: n1sdp + +local_conf_header: + unsupported_trusted_services: | + MACHINE_FEATURES:remove = "ts-smm-gateway" diff --git a/meta-arm/documentation/oeqa-fvp.md b/meta-arm/documentation/oeqa-fvp.md index 582dd38bd6..e146885197 100644 --- a/meta-arm/documentation/oeqa-fvp.md +++ b/meta-arm/documentation/oeqa-fvp.md @@ -4,7 +4,7 @@ OE-Core's [oeqa][OEQA] framework provides a method of performing runtime tests o Tests can be configured to run automatically post-build by setting the variable `TESTIMAGE_AUTO="1"`, e.g. in your Kas file or local.conf. -There are two main methods of testing, using different test "targets". +There are two main methods of testing, using different test "targets". Both test targets generate an additional log file with the prefix 'fvp_log' in the image recipe's `${WORKDIR}/testimage` containing the FVP's stdout. ## OEFVPTarget diff --git a/meta-arm/kas/corstone1000-base.yml b/meta-arm/kas/corstone1000-base.yml index 5fe7f4da58..19aeaa071e 100644 --- a/meta-arm/kas/corstone1000-base.yml +++ b/meta-arm/kas/corstone1000-base.yml @@ -16,6 +16,7 @@ repos: poky: url: https://git.yoctoproject.org/git/poky + refspec: 79434a17eb4835e85fcd477baec08c8ce49a4c14 layers: meta: meta-poky: @@ -23,6 +24,7 @@ repos: meta-openembedded: url: https://git.openembedded.org/meta-openembedded + refspec: c5668905a6d8a78fb72c2cbf8b20e91e686ceb86 layers: meta-oe: meta-python: diff --git a/meta-arm/kas/corstone500.yml b/meta-arm/kas/corstone500.yml index a454a469b7..5e1b9e64f6 100644 --- a/meta-arm/kas/corstone500.yml +++ b/meta-arm/kas/corstone500.yml @@ -5,7 +5,7 @@ distro: poky-tiny defaults: repos: - refspec: master + refspec: langdale repos: meta-arm: @@ -16,7 +16,6 @@ repos: poky: url: https://git.yoctoproject.org/git/poky - refspec: master layers: meta: meta-poky: @@ -24,7 +23,6 @@ repos: meta-openembedded: url: https://git.openembedded.org/meta-openembedded - refspec: master layers: meta-oe: meta-python: diff --git a/meta-arm/kas/fvp-baser-aemv8r64-bsp.yml b/meta-arm/kas/fvp-baser-aemv8r64-bsp.yml index dd175d03da..70a58beded 100644 --- a/meta-arm/kas/fvp-baser-aemv8r64-bsp.yml +++ b/meta-arm/kas/fvp-baser-aemv8r64-bsp.yml @@ -6,7 +6,7 @@ machine: fvp-baser-aemv8r64 defaults: repos: - refspec: master + refspec: langdale repos: meta-arm: diff --git a/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf b/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf index 320e22ce89..1ba070824e 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/fvp-base.conf @@ -10,10 +10,10 @@ require conf/machine/include/arm/arch-armv8a.inc TUNE_FEATURES = "aarch64" PREFERRED_VERSION_u-boot ?= "2022.04" -PREFERRED_VERSION_linux-yocto ?= "5.15%" -PREFERRED_VERSION_linux-yocto-rt ?= "5.15%" # FVP u-boot configuration UBOOT_MACHINE = "vexpress_aemv8a_semi_defconfig" KERNEL_IMAGETYPE = "Image" + +FVP_CONFIG[bp.virtio_rng.enabled] ?= "1" diff --git a/meta-arm/meta-arm-bsp/conf/machine/fvp-baser-aemv8r64.conf b/meta-arm/meta-arm-bsp/conf/machine/fvp-baser-aemv8r64.conf index 8119cb6818..06bef291f3 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/fvp-baser-aemv8r64.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/fvp-baser-aemv8r64.conf @@ -9,8 +9,6 @@ require conf/machine/include/arm/armv8r/arch-armv8r64.inc EXTRA_IMAGEDEPENDS += "boot-wrapper-aarch64" PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto" -PREFERRED_VERSION_linux-yocto ?= "5.15%" -PREFERRED_VERSION_linux-yocto-rt ?= "5.15%" PREFERRED_VERSION_u-boot ?= "2022.07" KERNEL_IMAGETYPE = "Image" diff --git a/meta-arm/meta-arm-bsp/conf/machine/juno.conf b/meta-arm/meta-arm-bsp/conf/machine/juno.conf index c002ed638f..4a86d4e267 100644 --- a/meta-arm/meta-arm-bsp/conf/machine/juno.conf +++ b/meta-arm/meta-arm-bsp/conf/machine/juno.conf @@ -10,10 +10,10 @@ require conf/machine/include/arm/arch-armv8a.inc MACHINE_FEATURES = "usbhost usbgadget alsa screen wifi bluetooth optee pci" -KERNEL_IMAGETYPE = "Image" +KERNEL_IMAGETYPE = "Image.gz" KERNEL_DEVICETREE = "arm/juno.dtb arm/juno-r1.dtb arm/juno-r2.dtb" -IMAGE_FSTYPES += "tar.bz2 ext4" +IMAGE_FSTYPES += "tar.bz2 ext4 cpio.gz" SERIAL_CONSOLES = "115200;ttyAMA0" @@ -25,3 +25,6 @@ EXTRA_IMAGEDEPENDS += "trusted-firmware-a virtual/bootloader firmware-image-juno # Juno u-boot configuration UBOOT_MACHINE = "vexpress_aemv8a_juno_defconfig" + +INITRAMFS_IMAGE_BUNDLE ?= "1" +INITRAMFS_IMAGE = "core-image-minimal" diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst index 5d6493a490..64e82aac98 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/change-log.rst @@ -8,7 +8,73 @@ Change Log ########## This document contains a summary of the new features, changes and -fixes in each release of corstone1000 software stack. +fixes in each release of Corstone-1000 software stack. + +****************** +Version 2022.11.23 +****************** + +Changes +======= + +- Booting the External System (Cortex-M3) with RTX RTOS +- Adding MHU communication between the HOST (Cortex-A35) and the External System +- Adding a Linux application to test the External System +- Adding ESRT (EFI System Resource Table) support +- Upgrading the SW stack recipes +- Upgrades for the U-Boot FF-A driver and MM communication + +Corstone-1000 components versions +======================================= + ++-------------------------------------------+------------+ +| arm-ffa-tee | 1.1.1 | ++-------------------------------------------+------------+ +| arm-ffa-user | 5.0.0 | ++-------------------------------------------+------------+ +| corstone1000-external-sys-tests | 1.0 | ++-------------------------------------------+------------+ +| external-system | 0.1.0 | ++-------------------------------------------+------------+ +| linux-yocto | 5.19 | ++-------------------------------------------+------------+ +| u-boot | 2022.07 | ++-------------------------------------------+------------+ +| optee-client | 3.18.0 | ++-------------------------------------------+------------+ +| optee-os | 3.18.0 | ++-------------------------------------------+------------+ +| trusted-firmware-a | 2.7.0 | ++-------------------------------------------+------------+ +| trusted-firmware-m | 1.6.0 | ++-------------------------------------------+------------+ +| ts-newlib | 4.1.0 | ++-------------------------------------------+------------+ +| ts-psa-{crypto, iat, its. ps}-api-test | 451aa087a4 | ++-------------------------------------------+------------+ +| ts-sp-{se-proxy, smm-gateway} | 3d4956770f | ++-------------------------------------------+------------+ + +Yocto distribution components versions +======================================= + ++-------------------------------------------+---------------------+ +| meta-arm | langdale | ++-------------------------------------------+---------------------+ +| poky | langdale | ++-------------------------------------------+---------------------+ +| meta-openembedded | langdale | ++-------------------------------------------+---------------------+ +| busybox | 1.35.0 | ++-------------------------------------------+---------------------+ +| musl | 1.2.3+git37e18b7bf3 | ++-------------------------------------------+---------------------+ +| gcc-arm-none-eabi-native | 11.2-2022.02 | ++-------------------------------------------+---------------------+ +| gcc-cross-aarch64 | 12.2 | ++-------------------------------------------+---------------------+ +| openssl | 3.0.5 | ++-------------------------------------------+---------------------+ ****************** Version 2022.04.04 @@ -26,10 +92,10 @@ Version 2022.02.25 Changes ======= -- Building and running psa-arch-tests on corstone1000 FVP -- Enabled smm-gateway partition in Trusted Service on corstone1000 FVP -- Enabled MHU driver in Trusted Service on corstone1000 FVP -- Enabled OpenAMP support in SE proxy SP on corstone1000 FVP +- Building and running psa-arch-tests on Corstone-1000 FVP +- Enabled smm-gateway partition in Trusted Service on Corstone-1000 FVP +- Enabled MHU driver in Trusted Service on Corstone-1000 FVP +- Enabled OpenAMP support in SE proxy SP on Corstone-1000 FVP ****************** Version 2022.02.21 @@ -48,7 +114,7 @@ Changes ======= - psa-arch-tests: change master to main for psa-arch-tests - U-Boot: fix null pointer exception for get_image_info -- TF-M: fix capsule instability issue for corstone1000 +- TF-M: fix capsule instability issue for Corstone-1000 ****************** Version 2022.01.07 @@ -56,9 +122,9 @@ Version 2022.01.07 Changes ======= -- corstone1000: fix SystemReady-IR ACS test (SCT, FWTS) failures. +- Corstone-1000: fix SystemReady-IR ACS test (SCT, FWTS) failures. - U-Boot: send bootcomplete event to secure enclave. -- U-Boot: support populating corstone1000 image_info to ESRT table. +- U-Boot: support populating Corstone-1000 image_info to ESRT table. - U-Boot: add ethernet device and enable configs to support bootfromnetwork SCT. ****************** @@ -67,7 +133,7 @@ Version 2021.12.15 Changes ======= -- Enabling corstone1000 FPGA support on: +- Enabling Corstone-1000 FPGA support on: - Linux 5.10 - OP-TEE 3.14 - Trusted Firmware-A 2.5 @@ -83,7 +149,7 @@ Version 2021.10.29 Changes ======= -- Enabling corstone1000 FVP support on: +- Enabling Corstone-1000 FVP support on: - Linux 5.10 - OP-TEE 3.14 - Trusted Firmware-A 2.5 @@ -95,4 +161,4 @@ Changes -------------- -*Copyright (c) 2021, Arm Limited. All rights reserved.* +*Copyright (c) 2022, Arm Limited. All rights reserved.* diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst index 385331bd23..89a4fa9ab2 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/release-notes.rst @@ -7,23 +7,61 @@ Release notes ############# + +************************* +Disclaimer +************************* + +You expressly assume all liabilities and risks relating to your use or operation +of Your Software and Your Hardware designed or modified using the Arm Tools, +including without limitation, Your software or Your Hardware designed or +intended for safety-critical applications. Should Your Software or Your Hardware +prove defective, you assume the entire cost of all necessary servicing, repair +or correction. + + +************************** +Release notes - 2022.11.23 +************************** + +Known Issues or Limitations +--------------------------- + - The external-system can not be reset individually on (or using) AN550_v1 FPGA release. However, the system-wide reset still applies to the external-system. + - FPGA supports Linux distro install and boot through installer. However, FVP only supports openSUSE raw image installation and boot. + - Due to the performance uplimit of MPS3 FPGA and FVP, some Linux distros like Fedora Rawhide can not boot on Corstone-1000 (i.e. user may experience timeouts or boot hang). + - Below SCT FAILURE is a known issues in the FVP: + UEFI Compliant - Boot from network protocols must be implemented -- FAILURE + - Below SCT FAILURE is a known issue when a terminal emulator (in the system where the user connects to serial ports) does not support 80x25 or 80x50 mode: + EFI_SIMPLE_TEXT_OUT_PROTOCOL.SetMode - SetMode() with valid mode -- FAILURE + - Known limitations regarding ACS tests: The behavior after running ACS tests on FVP is not consistent. Both behaviors are expected and are valid; + The system might boot till the Linux prompt. Or, the system might wait after finishing the ACS tests. + In both cases, the system executes the entire test suite and writes the results as stated in the user guide. + + +Platform Support +----------------- + - This software release is tested on Corstone-1000 FPGA version AN550_v1 + https://developer.arm.com/downloads/-/download-fpga-images + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.19_21 + https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps + ************************** Release notes - 2022.04.04 ************************** Known Issues or Limitations --------------------------- - - FGPA support Linux distro install and boot through installer. However, + - FPGA support Linux distro install and boot through installer. However, FVP only support openSUSE raw image installation and boot. - Due to the performance uplimit of MPS3 FPGA and FVP, some Linux distros like Fedora Rawhide - cannot boot on corstone1000 (i.e. user may experience timeouts or boot hang). + cannot boot on Corstone-1000 (i.e. user may experience timeouts or boot hang). - Below SCT FAILURE is a known issues in the FVP: UEFI Compliant - Boot from network protocols must be implemented -- FAILURE Platform Support ----------------- - - This software release is tested on corstone1000 FPGA version AN550_v1 - - This software release is tested on corstone1000 Fast Model platform (FVP) version 11.17_23 + - This software release is tested on Corstone-1000 FPGA version AN550_v1 + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.17_23 https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps ************************** @@ -32,13 +70,13 @@ Release notes - 2022.02.25 Known Issues or Limitations --------------------------- - - The following tests only work on corstone1000 FPGA: ACS tests (SCT, FWTS, + - The following tests only work on Corstone-1000 FPGA: ACS tests (SCT, FWTS, BSA), manual capsule update test, Linux distro install and boot. Platform Support ---------------- - - This software release is tested on corstone1000 FPGA version AN550_v1 - - This software release is tested on corstone1000 Fast Model platform (FVP) version 11.17_23 + - This software release is tested on Corstone-1000 FPGA version AN550_v1 + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.17_23 https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps Release notes - 2022.02.21 @@ -46,13 +84,13 @@ Release notes - 2022.02.21 Known Issues or Limitations --------------------------- - - The following tests only work on corstone1000 FPGA: ACS tests (SCT, FWTS, + - The following tests only work on Corstone-1000 FPGA: ACS tests (SCT, FWTS, BSA), manual capsule update test, Linux distro install and boot, psa-arch-test. Platform Support ---------------- - - This software release is tested on corstone1000 FPGA version AN550_v1 - - This software release is tested on corstone1000 Fast Model platform (FVP) version 11.16.21 + - This software release is tested on Corstone-1000 FPGA version AN550_v1 + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.16.21 https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps Release notes - 2022.01.18 @@ -85,13 +123,13 @@ The following components are present in the release: Platform Support ---------------- - - This software release is tested on corstone1000 FPGA version AN550_v1 - - This software release is tested on corstone1000 Fast Model platform (FVP) version 11.16.21 + - This software release is tested on Corstone-1000 FPGA version AN550_v1 + - This software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.16.21 https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps Known Issues or Limitations --------------------------- - - The following tests only work on corstone1000 FPGA: ACS tests (SCT, FWTS, + - The following tests only work on Corstone-1000 FPGA: ACS tests (SCT, FWTS, BSA), manual capsule update test, Linux distro install and boot, and psa-arch-tests. - Only the manual capsule update from UEFI shell is supported on FPGA. @@ -107,7 +145,7 @@ Release notes - 2021.10.29 Software Features ----------------- -This initial release of corstone1000 supports booting Linux on the Cortex-A35 +This initial release of Corstone-1000 supports booting Linux on the Cortex-A35 and TF-M/MCUBOOT in the Secure Enclave. The following components are present in the release: @@ -119,7 +157,7 @@ the release: Platform Support ---------------- - - This Software release is tested on corstone1000 Fast Model platform (FVP) version 11.16.21 + - This Software release is tested on Corstone-1000 Fast Model platform (FVP) version 11.16.21 https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps Known Issues or Limitations @@ -130,8 +168,10 @@ Known Issues or Limitations Support ------- -For support email: support-subsystem-iot@arm.com +For technical support email: support-subsystem-iot@arm.com + +For all security issues, contact Arm by email at arm-security@arm.com. -------------- -*Copyright (c) 2021, Arm Limited. All rights reserved.* +*Copyright (c) 2022, Arm Limited. All rights reserved.* diff --git a/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst index d5930fc8e5..e173f244b4 100644 --- a/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst +++ b/meta-arm/meta-arm-bsp/documentation/corstone1000/user-guide.rst @@ -9,18 +9,16 @@ User Guide Notice ------ -The corstone1000 software stack uses the `Yocto Project <https://www.yoctoproject.org/>`__ to build -a tiny Linux distribution suitable for the corstone1000 platform. The Yocto Project relies on the -`Bitbake <https://docs.yoctoproject.org/bitbake.html#bitbake-documentation>`__ +The Corstone-1000 software stack uses the `Yocto Project <https://www.yoctoproject.org/>`__ to build +a tiny Linux distribution suitable for the Corstone-1000 platform (kernel and initramfs filesystem less than 5 MB on the flash). +The Yocto Project relies on the `Bitbake <https://docs.yoctoproject.org/bitbake.html#bitbake-documentation>`__ tool as its build tool. Please see `Yocto Project documentation <https://docs.yoctoproject.org/>`__ for more information. Prerequisites ------------- -These instructions assume your host PC is running Ubuntu Linux 18.04 or 20.04 LTS, with -at least 32GB of free disk space and 16GB of RAM as minimum requirement. The -following instructions expect that you are using a bash shell. +These instructions assume your host PC is running Ubuntu Linux 18.04 or 20.04 LTS, with at least 32GB of free disk space and 16GB of RAM as minimum requirement. The following instructions expect that you are using a bash shell. All the paths stated in this document are absolute paths. The following prerequisites must be available on the host system. To resolve these dependencies, run: @@ -35,12 +33,12 @@ The following prerequisites must be available on the host system. To resolve the Provided components ------------------- -Within the Yocto Project, each component included in the corstone1000 software stack is specified as -a `bitbake recipe <https://www.yoctoproject.org/docs/1.6/bitbake-user-manual/bitbake-user-manual.html#recipes>`__. -The recipes specific to the corstone1000 BSP are located at: +Within the Yocto Project, each component included in the Corstone-1000 software stack is specified as +a `bitbake recipe <https://docs.yoctoproject.org/bitbake/2.2/bitbake-user-manual/bitbake-user-manual-intro.html#recipes>`__. +The recipes specific to the Corstone-1000 BSP are located at: ``<_workspace>/meta-arm/meta-arm-bsp/``. -The Yocto machine config files for the corstone1000 FVP and FPGA are: +The Yocto machine config files for the Corstone-1000 FVP and FPGA targets are: - ``<_workspace>/meta-arm/meta-arm-bsp/conf/machine/include/corstone1000.inc`` - ``<_workspace>/meta-arm/meta-arm-bsp/conf/machine/corstone1000-fvp.conf`` @@ -86,7 +84,7 @@ The distro is based on the `poky-tiny <https://wiki.yoctoproject.org/wiki/Poky-T distribution which is a Linux distribution stripped down to a minimal configuration. The provided distribution is based on busybox and built using muslibc. The -recipe responsible for building a tiny version of linux is listed below. +recipe responsible for building a tiny version of Linux is listed below. +-----------+----------------------------------------------------------------------------------------------+ | bbappend | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_%.bbappend | @@ -96,6 +94,16 @@ recipe responsible for building a tiny version of linux is listed below. | defconfig | <_workspace>/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/corstone1000/defconfig | +-----------+----------------------------------------------------------------------------------------------+ +External System Tests +======================= +Based on `Corstone-1000/applications <https://git.gitlab.arm.com/arm-reference-solutions/corstone1000/applications>`__ + ++------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm-bsp/recipes-test/corstone1000-external-sys-tests/corstone1000-external-sys-tests_1.0.bb | ++------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + +The recipe provides the systems-comms-tests command run in Linux and used for testing the External System. + ************************************************** Software for Boot Processor (a.k.a Secure Enclave) ************************************************** @@ -107,6 +115,18 @@ Based on `Trusted Firmware-M <https://git.trustedfirmware.org/TF-M/trusted-firmw | Recipe | <_workspace>/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb | +----------+-------------------------------------------------------------------------------------------------+ +************************************************** +Software for the External System +************************************************** + +RTX +==== +Based on `RTX RTOS <https://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx>`__ + ++----------+-------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Recipe | <_workspace>/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb | ++----------+-------------------------------------------------------------------------------------------------------------------------------------------------------+ + Building the software stack --------------------------- Create a new folder that will be your workspace and will henceforth be referred @@ -117,26 +137,28 @@ to as ``<_workspace>`` in these instructions. To create the folder, run: mkdir <_workspace> cd <_workspace> -corstone1000 is a Bitbake based Yocto Project which uses kas and bitbake +Corstone-1000 software is based on the Yocto Project which uses kas and bitbake commands to build the stack. To install kas tool, run: :: pip3 install kas +If 'kas' command is not found in command-line, please make sure the user installation directories are visible on $PATH. If you have sudo rights, try 'sudo pip3 install kas'. + In the top directory of the workspace ``<_workspace>``, run: :: - git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.04.07 + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.11.23 -To build corstone1000 image for MPS3 FPGA, run: +To build a Corstone-1000 image for MPS3 FPGA, run: :: kas build meta-arm/kas/corstone1000-mps3.yml -Alternatively, to build corstone1000 image for FVP, run: +Alternatively, to build a Corstone-1000 image for FVP, run: :: @@ -150,22 +172,19 @@ Once the build is successful, all output binaries will be placed in the followin - ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/`` folder for FVP build; - ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/`` folder for FPGA build. -Everything apart from the ROM firmware is bundled into a single binary, the -``corstone1000-image-corstone1000-{mps3,fvp}.wic.nopt`` file. The ROM firmware is the -``bl1.bin`` file. - -The output binaries used by FVP are the following: - - The ROM firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/bl1.bin`` - - The flash image: ``<_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic.nopt`` +Everything apart from the Secure Enclave ROM firmware and External System firmware, is bundled into a single binary, the +``corstone1000-image-corstone1000-{mps3,fvp}.wic.nopt`` file. -The output binaries used by FPGA are the following: - - The ROM firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/bl1.bin`` - - The flash image: ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt`` +The output binaries run in the Corstone-1000 platform are the following: + - The Secure Enclave ROM firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-{mps3,fvp}/bl1.bin`` + - The External System firmware: ``<_workspace>/build/tmp/deploy/images/corstone1000-{mps3,fvp}/es_flashfw.bin`` + - The flash image: ``<_workspace>/build/tmp/deploy/images/corstone1000-{mps3,fvp}/corstone1000-image-corstone1000-{mps3,fvp}.wic.nopt`` Flash the firmware image on FPGA -------------------------------- -The user should download the FPGA bit file image from `this link <https://developer.arm.com/tools-and-software/development-boards/fpga-prototyping-boards/download-fpga-images>`__ +The user should download the FPGA bit file image ``AN550: Arm® Corstone™-1000 for MPS3 Version 1`` +from `this link <https://developer.arm.com/tools-and-software/development-boards/fpga-prototyping-boards/download-fpga-images>`__ and under the section ``Arm® Corstone™-1000 for MPS3``. The directory structure of the FPGA bundle is shown below. @@ -196,9 +215,10 @@ The directory structure of the FPGA bundle is shown below. └── config.txt Depending upon the MPS3 board version (printed on the MPS3 board) you should update the images.txt file -(in corresponding HBI0309x folder) so that the file points to the images under SOFTWARE directory. +(in corresponding HBI0309x folder. Boardfiles/MB/HBI0309<board_revision>/AN550/images.txt) so that the file points to the images under SOFTWARE directory. -Here is an example +The images.txt file that is compatible with the latest version of the software +stack can be seen below; :: @@ -214,24 +234,32 @@ Here is an example ;************************************************ [IMAGES] - TOTALIMAGES: 2 ;Number of Images (Max: 32) - + TOTALIMAGES: 3 ;Number of Images (Max: 32) + IMAGE0PORT: 1 IMAGE0ADDRESS: 0x00_0000_0000 IMAGE0UPDATE: RAM IMAGE0FILE: \SOFTWARE\bl1.bin - + IMAGE1PORT: 0 - IMAGE1ADDRESS: 0x00_00010_0000 + IMAGE1ADDRESS: 0x00_0010_0000 IMAGE1UPDATE: AUTOQSPI IMAGE1FILE: \SOFTWARE\cs1000.bin + + IMAGE2PORT: 2 + IMAGE2ADDRESS: 0x00_0000_0000 + IMAGE2UPDATE: RAM + IMAGE2FILE: \SOFTWARE\es0.bin OUTPUT_DIR = ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3`` 1. Copy ``bl1.bin`` from OUTPUT_DIR directory to SOFTWARE directory of the FPGA bundle. -2. Copy ``corstone1000-image-corstone1000-mps3.wic.nopt`` from OUTPUT_DIR directory to SOFTWARE - directory of the FPGA bundle and rename the wic image to ``cs1000.bin``. +2. Copy ``es_flashfw.bin`` from OUTPUT_DIR directory to SOFTWARE directory of the FPGA bundle + and rename the binary to ``es0.bin``. +3. Copy ``corstone1000-image-corstone1000-mps3.wic.nopt`` from OUTPUT_DIR directory to SOFTWARE + directory of the FPGA bundle and rename the wic.nopt image to ``cs1000.bin``. + **NOTE:** Renaming of the images are required because MCC firmware has limitation of 8 characters before .(dot) and 3 characters after .(dot). @@ -240,41 +268,60 @@ Now, copy the entire folder to board's SDCard and reboot the board. Running the software on FPGA ---------------------------- -On the host machine, open 3 minicom sessions. In case of Linux machine it will -be ttyUSB0, ttyUSB1, ttyUSB2 and it might be different on Window machine. +On the host machine, open 4 serial port terminals. In case of Linux machine it will +be ttyUSB0, ttyUSB1, ttyUSB2, ttyUSB3 and it might be different on Windows machines. - ttyUSB0 for MCC, OP-TEE and Secure Partition - ttyUSB1 for Boot Processor (Cortex-M0+) - ttyUSB2 for Host Processor (Cortex-A35) + - ttyUSB3 for External System Processor (Cortex-M3) -Run following commands to open minicom sessions on Linux: +Run following commands to open serial port terminals on Linux: :: sudo picocom -b 115200 /dev/ttyUSB0 # in one terminal sudo picocom -b 115200 /dev/ttyUSB1 # in another terminal sudo picocom -b 115200 /dev/ttyUSB2 # in another terminal. + sudo picocom -b 115200 /dev/ttyUSB3 # in another terminal. Once the system boot is completed, you should see console -logs on the minicom sessions. Once the HOST(Cortex-A35) is +logs on the serial port terminals. Once the HOST(Cortex-A35) is booted completely, user can login to the shell using **"root"** login. +If system does not boot and only the ttyUSB1 logs are visible, please follow the steps in `Clean Secure Flash Before Testing (applicable to FPGA only)`_ under `SystemReady-IR tests`_ section. The previous image used in FPGA (MPS3) might have filled the Secure Flash completely. The best practice is to clean the secure flash in this case. + + Running the software on FVP --------------------------- -An FVP (Fixed Virtual Platform) of the corstone1000 platform must be available to execute the -included run script. -The Fixed Virtual Platform (FVP) version 11.17_23 can be downloaded from the -`Arm Ecosystem FVPs`_ page. On this page, navigate to "Corstone IoT FVPs" -section to download the Corstone1000 platform FVP installer. Follow the +An FVP (Fixed Virtual Platform) model of the Corstone-1000 platform must be available to run the +Corstone-1000 FVP software image. + +A Yocto recipe is provided and allows to download the latest supported FVP version. + +The recipe is located at <_workspace>/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb + +The latest supported Fixed Virtual Platform (FVP) version is 11.19_21 and is automatically downloaded and installed when using the runfvp command as detailed below. The FVP version can be checked by running the following command: + +:: + +<_workspace>/meta-arm/scripts/runfvp <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- --version + +The FVP can also be manually downloaded from the `Arm Ecosystem FVPs`_ page. On this page, navigate +to "Corstone IoT FVPs" section to download the Corstone-1000 platform FVP installer. Follow the instructions of the installer and setup the FVP. +To run the FVP using the runfvp command, please run the following command: + +:: + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf When the script is executed, three terminal instances will be launched, one for the boot processor (aka Secure Enclave) processing element and two for the Host processing element. Once the FVP is -executing, the Boot Processor will start to boot, wherein the relevant memory contents of the .wic +executing, the Boot Processor will start to boot, wherein the relevant memory contents of the .wic.nopt file are copied to their respective memory locations within the model, enforce firewall policies on memories and peripherals and then, bring the host out of reset. @@ -282,13 +329,20 @@ The host will boot trusted-firmware-a, OP-TEE, U-Boot and then Linux, and presen (FVP host_terminal_0): :: + corstone1000-fvp login: Login using the username root. -Running test applications +The External System can be released out of reset on demand using the systems-comms-tests command. + +SystemReady-IR tests ------------------------- +********************* +Testing steps +********************* + **NOTE**: Running the SystemReady-IR tests described below requires the user to work with USB sticks. In our testing, not all USB stick models work well with MPS3 FPGA. Here are the USB sticks models that are stable in our test @@ -305,7 +359,8 @@ erase the SecureEnclave flash cleanly and prepare a clean board environment for the testing. Clean Secure Flash Before Testing (applicable to FPGA only) ------------------------------------------------------------ +================================================================== + To prepare a clean board environment with clean secure flash for the testing, the user should prepare an image that erases the secure flash cleanly during boot. Run following commands to build such image. @@ -313,8 +368,8 @@ boot. Run following commands to build such image. :: cd <_workspace> - git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.02.18 - git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git + git clone https://git.yoctoproject.org/git/meta-arm -b CORSTONE1000-2022.11.23 + git clone https://git.gitlab.arm.com/arm-reference-solutions/systemready-patch.git -b CORSTONE1000-2022.11.23 cp -f systemready-patch/embedded-a/corstone1000/erase_flash/0001-arm-bsp-trusted-firmware-m-corstone1000-Clean-Secure.patch meta-arm cd meta-arm git apply 0001-arm-bsp-trusted-firmware-m-corstone1000-Clean-Secure.patch @@ -325,8 +380,9 @@ Replace the bl1.bin and cs1000.bin files on the SD card with following files: - The ROM firmware: <_workspace>/build/tmp/deploy/images/corstone1000-mps3/bl1.bin - The flash image: <_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt -Now reboot the board. This step erases the Corstone1000 SecureEnclave flash -completely, the user should expect following message from TF-M log: +Now reboot the board. This step erases the Corstone-1000 SecureEnclave flash +completely, the user should expect following message from TF-M log (can be seen +in ttyUSB1): :: @@ -338,9 +394,9 @@ Then the user should follow "Building the software stack" to build a clean software stack and flash the FPGA as normal. And continue the testing. Run SystemReady-IR ACS tests ------------------------------ +============================= -ACS image contains two partitions. BOOT partition and RESULTS partition. +ACS image contains two partitions. BOOT partition and RESULT partition. Following packages are under BOOT partition * SCT @@ -350,15 +406,15 @@ Following packages are under BOOT partition * grub * uefi manual capsule application -RESULTS partition is used to store the test results. -PLEASE MAKE SURE THAT THE RESULTS PARTITION IS EMPTY BEFORE YOU START THE TESTING. OTHERWISE THE TEST RESULTS +RESULT partition is used to store the test results. +PLEASE MAKE SURE THAT THE RESULT PARTITION IS EMPTY BEFORE YOU START THE TESTING. OTHERWISE THE TEST RESULTS WILL NOT BE CONSISTENT FPGA instructions for ACS image -------------------------------- +================================ This section describes how the user can build and run Architecture Compliance -Suite (ACS) tests on Corstone1000. +Suite (ACS) tests on Corstone-1000. First, the user should download the `Arm SystemReady ACS repository <https://github.com/ARM-software/arm-systemready/>`__. This repository contains the infrastructure to build the Architecture @@ -374,8 +430,8 @@ Once the repository is successfully downloaded, the prebuilt ACS live image can - ``<_workspace>/arm-systemready/IR/prebuilt_images/v21.07_0.9_BETA/ir_acs_live_image.img.xz`` **NOTE**: This prebuilt ACS image includes v5.13 kernel, which doesn't provide -USB driver support for Corstone1000. The ACS image with newer kernel version -and with full USB support for Corstone1000 will be available in the next +USB driver support for Corstone-1000. The ACS image with newer kernel version +and with full USB support for Corstone-1000 will be available in the next SystemReady release in this repository. Then, the user should prepare a USB stick with ACS image. In the given example here, @@ -385,7 +441,7 @@ USB drive. Run the following commands to prepare the ACS image in USB stick: :: - cd <_workspace>/arm-systemready/IR/scripts/output/ + cd <_workspace>/arm-systemready/IR/prebuilt_images/v21.07_0.9_BETA unxz ir_acs_live_image.img.xz sudo dd if=ir_acs_live_image.img of=/dev/sdb iflag=direct oflag=direct bs=1M status=progress; sync @@ -393,20 +449,24 @@ Once the USB stick with ACS image is prepared, the user should make sure that ensure that only the USB stick with the ACS image is connected to the board, and then boot the board. +The FPGA will reset multiple times during the test, and it might take approx. 24-36 hours to finish the test. At the end of test, the FPGA host terminal will halt showing a shell prompt. Once test is finished the result can be copied following above instructions. + FVP instructions for ACS image and run ---------------------------------------- +============================================ -Download acs image from: +Download ACS image from: - ``https://gitlab.arm.com/systemready/acs/arm-systemready/-/tree/linux-5.17-rc7/IR/prebuilt_images/v22.04_1.0-Linux-v5.17-rc7`` -Use the below command to run the FVP with acs image support in the +Use the below command to run the FVP with ACS image support in the SD card. :: unxz ${<path-to-img>/ir_acs_live_image.img.xz} -<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${<path-to-img>/ir_acs_live_image.img}" + tmux + + <_workspace>/meta-arm/scripts/runfvp <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${<path-to-img>/ir_acs_live_image.img}" The test results can be fetched using following commands: @@ -416,8 +476,8 @@ The test results can be fetched using following commands: sudo mount -o rw,offset=<offset_2nd_partition> <path-to-img>/ir_acs_live_image.img /mnt/test/ fdisk -lu <path-to-img>/ir_acs_live_image.img -> Device Start End Sectors Size Type - /home/emeara01/Downloads/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data - /home/emeara01/Downloads/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + <path-to-img>/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data + <path-to-img>/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data -> <offset_2nd_partition> = 1050624 * 512 (sector size) = 537919488 @@ -427,7 +487,7 @@ Once test is finished, the FVP can be stoped, and result can be copied following instructions. Common to FVP and FPGA ------------------------ +=========================== U-Boot should be able to boot the grub bootloader from the 1st partition and if grub is not interrupted, tests are executed @@ -438,83 +498,228 @@ automatically in the following sequence: - FWTS - BSA Linux -The results can be fetched from the ``acs_results`` partition of the USB stick (FPGA) / SD Card (FVP). +The results can be fetched from the ``acs_results`` folder in the RESULT partition of the USB stick (FPGA) / SD Card (FVP). + +##################################################### + +Manual capsule update and ESRT checks +--------------------------------------------------------------------- -Manual capsule update test --------------------------- +The following section describes running manual capsule update with the ``direct`` method. -The following steps describe running manual capsule update with the ``direct`` -method. +The steps described in this section perform manual capsule update and show how to use the ESRT feature +to retrieve the installed capsule details. -Check the "Run SystemReady-IR ACS tests" section above to download and unpack the acs image file +For the following tests two capsules are needed to perform 2 capsule updates. A positive update and a negative update. + +A positive test case capsule which boots the platform correctly until the Linux prompt, and a negative test case with an +incorrect capsule (corrupted or outdated) which fails to boot to the host software. + +Check the "Run SystemReady-IR ACS tests" section above to download and unpack the ACS image file - ``ir_acs_live_image.img.xz`` -Download edk2 and generate capsule file: +Download edk2 under <_workspace> : :: git clone https://github.com/tianocore/edk2.git - edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ - cs1k_cap --fw-version 1 --lsv 0 --guid \ - e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ - 0 --verbose <binary_file> -The <binary_file> here should be a corstone1000-image-corstone1000-fvp.wic.nopt image for FVP and -corstone1000-image-corstone1000-mps3.wic.nopt for FPGA. And this input binary file -(capsule) should be less than 15 MB. +********************* +Generating Capsules +********************* + +The capsule binary size (wic.nopt file) should be less than 15 MB. Based on the user's requirement, the user can change the firmware version number given to ``--fw-version`` option (the version number needs to be >= 1). -Capsule Copy instructions for FPGA ------------------------------------ +Generating FPGA Capsules +======================== + +:: + + <_workspace>/edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + cs1k_cap_mps3_v5 --fw-version 5 --lsv 0 --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ + 0 --verbose <_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt + +:: + + <_workspace>/edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + cs1k_cap_mps3_v6 --fw-version 6 --lsv 0 --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ + 0 --verbose <_workspace>/build/tmp/deploy/images/corstone1000-mps3/corstone1000-image-corstone1000-mps3.wic.nopt + +Generating FVP Capsules +======================== + +:: + + <_workspace>/edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + cs1k_cap_fvp_v6 --fw-version 6 --lsv 0 --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ + 0 --verbose <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic.nopt + +:: + + <_workspace>/edk2/BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + cs1k_cap_fvp_v5 --fw-version 5 --lsv 0 --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose --update-image-index \ + 0 --verbose <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.wic.nopt + +********************* +Copying Capsules +********************* + +Copying the FPGA capsules +========================= The user should prepare a USB stick as explained in ACS image section (see above). -Place the generated ``cs1k_cap`` file in the root directory of the boot partition +Place the generated ``cs1k_cap`` files in the root directory of the boot partition in the USB stick. Note: As we are running the direct method, the ``cs1k_cap`` file should not be under the EFI/UpdateCapsule directory as this may or may not trigger the on disk method. -Capsule Copy instructions for FVP ---------------------------------- +:: + + sudo cp cs1k_cap_mps3_v6 <mounting path>/BOOT/ + sudo cp cs1k_cap_mps3_v5 <mounting path>/BOOT/ + sync + +Copying the FVP capsules +======================== -Run below commands to copy capsule into the -image file and run FVP software. +First, mount the IR image: :: - sudo mkdir /mnt/test - sudo mount -o rw,offset=<offset_1st_partition> <path-to-img>/ir_acs_live_image.img /mnt/test/ - sudo cp cs1k_cap /mnt/test/ - sudo umount /mnt/test - exit + sudo mkdir /mnt/test + sudo mount -o rw,offset=1048576 <path-to-img>/ir_acs_live_image.img /mnt/test + +Then, copy the capsules: + +:: + + sudo cp cs1k_cap_fvp_v6 /mnt/test/ + sudo cp cs1k_cap_fvp_v5 /mnt/test/ + sync + +Then, unmount the IR image: + +:: + + sudo umount /mnt/test -<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C "board.msd_mmc.p_mmc_file ${<path-to-img>/ir_acs_live_image.img}" +**NOTE:** Size of first partition in the image file is calculated in the following way. The data is just an example and might vary with different ir_acs_live_image.img files. :: - fdisk -lu <path-to-img>/ir_acs_live_image.img - -> Device Start End Sectors Size Type - /home/emeara01/Downloads/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data - /home/emeara01/Downloads/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data + fdisk -lu <path-to-img>/ir_acs_live_image.img + -> Device Start End Sectors Size Type + <path-to-img>/ir_acs_live_image_modified.img1 2048 1050622 1048575 512M Microsoft basic data + <path-to-img>/ir_acs_live_image_modified.img2 1050624 1153022 102399 50M Microsoft basic data - -> <offset_1st_partition> = 2048 * 512 (sector size) = 1048576 + -> <offset_1st_partition> = 2048 * 512 (sector size) = 1048576 -Common to FVP and FPGA ------------------------ -Reach u-boot then interrupt shell to reach EFI shell. Use below command at EFI shell. +****************************** +Performing the capsule update +****************************** + +During this section we will be using the capsule with the higher version (cs1k_cap_<fvp/mps3>_v6) for the positive scenario +and the capsule with the lower version (cs1k_cap_<fvp/mps3>_v5) for the negative scenario. + +Running the FVP with the IR prebuilt image +============================================== + +Run the FVP with the IR prebuilt image: + +:: + + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C "board.msd_mmc.p_mmc_file ${<path-to-img>/ir_acs_live_image.img}" + +Running the FPGA with the IR prebuilt image +============================================== + +Insert the prepared USB stick then Power cycle the MPS3 board. + +Executing capsule update for FVP and FPGA +============================================== + +Reach u-boot then interrupt the boot to reach the EFI shell. + +:: + + Press ESC in 4 seconds to skip startup.nsh or any other key to continue. + +Then, type FS0: as shown below: :: FS0: - EFI/BOOT/app/CapsuleApp.efi cs1k_cap -For this test, the user can provide two capsules for testing: a positive test -case capsule which boots the board correctly, and a negative test case with an -incorrect capsule which fails to boot the host software. +In case of the positive scenario run the update with the higher version capsule as shown below: + +:: + + EFI/BOOT/app/CapsuleApp.efi cs1k_cap_<fvp/mps3>_v6 + +After successfully updating the capsule the system will reset. + +In case of the negative scenario run the update with the lower version capsule as shown below: + +:: + + EFI/BOOT/app/CapsuleApp.efi cs1k_cap_<fvp/mps3>_v5 + +The command above should fail and in the TF-M logs the following message should appear: + +:: + + ERROR: flash_full_capsule: version error + +Then, reboot manually: + +:: + + Shell> reset + +FPGA: Select Corstone-1000 Linux kernel boot +============================================== + +Remove the USB stick before u-boot is reached so the Corstone-1000 kernel will be detected and used for booting. + +**NOTE:** Otherwise, the execution ends up in the ACS live image. + +FVP: Select Corstone-1000 Linux kernel boot +============================================== + +Interrupt the u-boot shell. + +:: + + Hit any key to stop autoboot: + +Run the following commands in order to run the Corstone-1000 Linux kernel and being able to check the ESRT table. + +**NOTE:** Otherwise, the execution ends up in the ACS live image. + +:: + + $ run retrieve_kernel_load_addr + $ unzip $kernel_addr 0x90000000 + $ loadm 0x90000000 $kernel_addr_r 0xf00000 + $ bootefi $kernel_addr_r $fdtcontroladdr + + +*********************** +Capsule update status +*********************** + +Positive scenario +================= In the positive case scenario, the user should see following log in TF-M log, indicating the new capsule image is successfully applied, and the board boots @@ -532,11 +737,59 @@ correctly. ... -In the negative case scenario, the user should see appropriate logs in -the secure enclave terminal. If capsule pass initial verification, but fails -verifications performed during boot time, secure enclave will try new images -predetermined number of times (defined in the code), before reverting back to -the previous good bank. +It's possible to check the content of the ESRT table after the system fully boots. + +In the Linux command-line run the following: + +:: + + # cd /sys/firmware/efi/esrt/entries/entry0 + # cat * + + 0x0 + e2bb9c06-70e9-4b14-97a3-5a7913176e3f + 0 + 6 + 0 + 6 + 0 + +.. line-block:: + capsule_flags: 0x0 + fw_class: e2bb9c06-70e9-4b14-97a3-5a7913176e3f + fw_type: 0 + fw_version: 6 + last_attempt_status: 0 + last_attempt_version: 6 + lowest_supported_fw_ver: 0 + + +Negative scenario +================= + +In the negative case scenario (rollback the capsule version), the user should +see appropriate logs in the secure enclave terminal. + +:: + + ... + uefi_capsule_retrieve_images: image 0 at 0xa0000070, size=15654928 + uefi_capsule_retrieve_images: exit + flash_full_capsule: enter: image = 0x0xa0000070, size = 15654928, version = 10 + ERROR: flash_full_capsule: version error + private_metadata_write: enter: boot_index = 1 + private_metadata_write: success + fmp_set_image_info:133 Enter + FMP image update: image id = 0 + FMP image update: status = 1version=11 last_attempt_version=10. + fmp_set_image_info:157 Exit. + corstone1000_fwu_flash_image: exit: ret = -1 + ... + + +If capsule pass initial verification, but fails verifications performed during +boot time, secure enclave will try new images predetermined number of times +(defined in the code), before reverting back to the previous good bank. :: @@ -545,16 +798,45 @@ the previous good bank. fwu_select_previous: in regular state by choosing previous active bank ... -******************************************************* -Linux distro install and boot (applicable to FPGA only) -******************************************************* +It's possible to check the content of the ESRT table after the system fully boots. + +In the Linux command-line run the following: + +:: -To test Linux distro install and boot, the user should prepare two empty USB sticks. + # cd /sys/firmware/efi/esrt/entries/entry0 + # cat * + + 0x0 + e2bb9c06-70e9-4b14-97a3-5a7913176e3f + 0 + 6 + 1 + 5 + 0 + +.. line-block:: + capsule_flags: 0x0 + fw_class: e2bb9c06-70e9-4b14-97a3-5a7913176e3f + fw_type: 0 + fw_version: 6 + last_attempt_status: 1 + last_attempt_version: 5 + lowest_supported_fw_ver: 0 + +Linux distros tests +---------------------------------- + +*************************************************************************************** +Debian/OpenSUSE install and boot (applicable to FPGA only) +*************************************************************************************** + +To test Linux distro install and boot, the user should prepare two empty USB sticks (minimum size should be 4GB and formatted with FAT32). Download one of following Linux distro images: - Debian installer image: https://cdimage.debian.org/cdimage/weekly-builds/arm64/iso-dvd/ - OpenSUSE Tumbleweed installer image: http://download.opensuse.org/ports/aarch64/tumbleweed/iso/ - - The user should look for a DVD Snapshot like openSUSE-Tumbleweed-DVD-aarch64-Snapshot20211125-Media.iso + - The user should look for a DVD Snapshot like openSUSE-Tumbleweed-DVD-aarch64-Snapshot<date>-Media.iso Once the .iso file is downloaded, the .iso file needs to be flashed to your USB drive. @@ -565,7 +847,7 @@ file into the first USB stick, run: :: - sudo dd if=</path/to/iso_file> of=/dev/sdb iflag=direct oflag=direct status=progress bs=1M; sync; + sudo dd if=<path-to-iso_file> of=/dev/sdb iflag=direct oflag=direct status=progress bs=1M; sync; Boot the MSP3 board with the first USB stick connected. Open following minicom sessions: @@ -574,11 +856,9 @@ Boot the MSP3 board with the first USB stick connected. Open following minicom s sudo picocom -b 115200 /dev/ttyUSB0 # in one terminal sudo picocom -b 115200 /dev/ttyUSB2 # in another terminal. -Press <Ctrl+x>. - -Now plug in the second USB stick, the distro installation process will start. +Now plug in the second USB stick (once installation screen is visible), the distro installation process will start. The installation prompt can be seen in ttyUSB2. If installer does not start, please try to reboot the board with both USB sticks connected and repeat the process. -**NOTE:** Due to the performance limitation of Corstone1000 MPS3 FPGA, the +**NOTE:** Due to the performance limitation of Corstone-1000 MPS3 FPGA, the distro installation process can take up to 24 hours to complete. Once installation is complete, unplug the first USB stick and reboot the board. @@ -591,46 +871,98 @@ a login prompt: Login with the username root. -Run psa-arch-test (applicable to both FPGA and FVP) ---------------------------------------------------- +**NOTE:** The Debian installer has a known issue "Install the GRUB bootloader - unable to install " and these are the steps to +follow on the subsequent popups to solve the issue during the installation: -When running psa-arch-test on MPS3 FPGA, the user should make sure there is no -USB stick connected to the board. Power on the board and boot the board to -Linux. Then, the user should follow the steps below to run the psa_arch_tests. +1. Select "Continue", then "Continue" again on the next popup +2. Scroll down and select "Execute a shell" +3. Select "Continue" +4. Enter the following command: -When running psa-arch-test on Corstone1000 FVP, the user should follow the -instructions in `Running the software on FVP`_ section to boot Linux in FVP -host_terminal_0, and login using the username ``root``. +:: -As a reference for the user's test results, the psa-arch-test report for `Corstone1000 software (CORSTONE1000-2022.02.18) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2022.02.18>`__ -can be found in `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000>`__. + in-target grub-install --no-nvram --force-extra-removable -First, create a file containing SE_PROXY_SP UUID. Run: +5. Enter the following command: :: - echo 46bb39d1-b4d9-45b5-88ff-040027dab249 > sp_uuid_list.txt + in-target update-grub -Then, load FFA driver module into Linux kernel. Run: +6. Enter the following command: :: - load_ffa_debugfs.sh . + exit -Then, check whether the FFA driver loaded correctly by using the following command: +7. Select "Continue without boot loader", then select "Continue" on the next popup +8. At this stage, the installation should proceed as normal. + +*************************************************************************************** +OpenSUSE Raw image install and boot (applicable to FVP only) +*************************************************************************************** + +Steps to download openSUSE Tumbleweed raw image: + - Go to: http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/ + - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-<date>-Snapshot<date>.raw.xz`` + +Once the .raw.xz file is downloaded, the raw image file needs to be extracted: :: - cat /proc/modules | grep arm_ffa_user + unxz <file-name.raw.xz> + + +The above command will generate a file ending with extension .raw image. Now, use the following command +to run FVP with raw image installation process. + +:: + +<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${openSUSE raw image file path}" + +After successfully installing and booting the Linux distro, the user should see +a openSUSE login prompt. + +:: + + localhost login: + +Login with the username 'root' and password 'linux'. + +PSA API tests +---------------------- + +*************************************************************************************** +Run PSA API test commands (applicable to both FPGA and FVP) +*************************************************************************************** + +When running PSA API test commands (aka PSA Arch Tests) on MPS3 FPGA, the user should make sure there is no +USB stick connected to the board. Power on the board and boot the board to +Linux. Then, the user should follow the steps below to run the tests. + +When running the tests on the Corstone-1000 FVP, the user should follow the +instructions in `Running the software on FVP`_ section to boot Linux in FVP +host_terminal_0, and login using the username ``root``. + +First, load FF-A TEE kernel module: + +:: + + insmod /lib/modules/5.19.14-yocto-standard/extra/arm-ffa-tee.ko + +Then, check whether the FF-A TEE driver is loaded correctly by using the following command: + +:: + + cat /proc/modules | grep arm_ffa_tee The output should be: :: - arm_ffa_user 16384 - - Live 0xffffffc0084b0000 (O) + arm_ffa_tee 16384 - - Live 0xffffffc0004f0000 (O) -Now, run the PSA arch tests with following commands. The user should run the -tests in following order: +Now, run the PSA API tests in the following order: :: @@ -639,47 +971,108 @@ tests in following order: psa-its-api-test psa-ps-api-test -******************************************************** -Linux distro: OpenSUSE Raw image installation (FVP Only) -******************************************************** +External System tests +----------------------------------- + +*************************************************************************************** +Running the External System test command (systems-comms-tests) +*************************************************************************************** -Steps to download openSUSE Tumbleweed raw image: - - Go to: http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/ - - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64-2022.03.18-Snapshot20220331.raw.xz`` +Test 1: Releasing the External System out of reset +=================================================== -Once the .raw.xz file is downloaded, the raw image file needs to be extracted: +Run this command in the Linux command-line: :: - unxz <file-name.raw.xz> + systems-comms-tests 1 +The output on the External System terminal should be: -The above command will generate a file ending with extension .raw image. Now, use the following command -to run FVP with raw image installation process. +:: + + ___ ___ + | / __| + |=== \___ + |___ |___/ + External System Cortex-M3 Processor + Running RTX RTOS + v0.1.0_2022-10-19_16-41-32-8c9dca7 + MHUv2 module 'MHU0_H' started + MHUv2 module 'MHU1_H' started + MHUv2 module 'MHU0_SE' started + MHUv2 module 'MHU1_SE' started + +Test 2: Communication +============================================= + +Test 2 releases the External System out of reset if not already done. Then, it performs communication between host and External System. + +After running Test 1, run this command in the Linux command-line: :: -<_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${openSUSE raw image file path}" + systems-comms-tests 2 -After successfully installing and booting the Linux distro, the user should see -a openSUSE login prompt. +Additional output on the External System terminal will be printed: :: - localhost login: + MHUv2: Message from 'MHU0_H': 0xabcdef1 + Received 'abcdef1' From Host MHU0 + CMD: Increment and return to sender... + MHUv2: Message from 'MHU1_H': 0xabcdef1 + Received 'abcdef1' From Host MHU1 + CMD: Increment and return to sender... -Login with the username 'root' and password 'linux'. +When running Test 2 the first, Test 1 will be run in the background. + +The output on the External System terminal should be: + +:: + + ___ ___ + | / __| + |=== \___ + |___ |___/ + External System Cortex-M3 Processor + Running RTX RTOS + v0.1.0_2022-10-19_16-41-32-8c9dca7 + MHUv2 module 'MHU0_H' started + MHUv2 module 'MHU1_H' started + MHUv2 module 'MHU0_SE' started + MHUv2 module 'MHU1_SE' started + MHUv2: Message from 'MHU0_H': 0xabcdef1 + Received 'abcdef1' From Host MHU0 + CMD: Increment and return to sender... + MHUv2: Message from 'MHU1_H': 0xabcdef1 + Received 'abcdef1' From Host MHU1 + CMD: Increment and return to sender... + +The output on the Host terminal should be: + +:: + + Received abcdf00 from es0mhu0 + Received abcdf00 from es0mhu1 + + +Tests results +----------------------------------- + +As a reference for the end user, reports for various tests for `Corstone-1000 software (CORSTONE1000-2022.11.23) <https://git.yoctoproject.org/meta-arm/tag/?h=CORSTONE1000-2022.11.23>`__ +can be found in `here <https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000>`__. -************************************** Running the software on FVP on Windows -************************************** -If the user needs to run the Corstone1000 software on FVP on Windows. The user +--------------------------------------------------------------- + +If the user needs to run the Corstone-1000 software on FVP on Windows. The user should follow the build instructions in this document to build on Linux host PC, and copy the output binaries to the Windows PC where the FVP is located, and launch the FVP binary. -------------- -*Copyright (c) 2021, Arm Limited. All rights reserved.* +*Copyright (c) 2022, Arm Limited. All rights reserved.* .. _Arm Ecosystem FVPs: https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps diff --git a/meta-arm/meta-arm-bsp/documentation/fvp-baser-aemv8r64.md b/meta-arm/meta-arm-bsp/documentation/fvp-baser-aemv8r64.md index 9127a6ce72..e29aad34d6 100644 --- a/meta-arm/meta-arm-bsp/documentation/fvp-baser-aemv8r64.md +++ b/meta-arm/meta-arm-bsp/documentation/fvp-baser-aemv8r64.md @@ -27,9 +27,9 @@ The fvp-baser-aemv8r64 Yocto MACHINE supports the following BSP components, where either a standard or Real-Time Linux kernel (PREEMPT\_RT) can be built and run: - - FVP_Base_AEMv8R: v11.19.14 + - FVP_Base_AEMv8R: v11.20.15 - boot-wrapper-aarch64: provides PSCI support - - U-Boot: v2022.04 - provides UEFI services + - U-Boot: v2022.07 - provides UEFI services - Linux kernel: linux-yocto-5.15 - Linux kernel with PREEMPT\_RT support: linux-yocto-rt-5.15 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb index 5bb8c37c56..dce29a93cd 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb @@ -8,7 +8,8 @@ LICENSE = "BSD-3-Clause & Apache-2.0" LIC_FILES_CHKSUM = "file://license.md;md5=e44b2531cd6ffe9dece394dbe988d9a0 \ file://cmsis/LICENSE.txt;md5=e3fc50a88d0a364313df4b21ef20c29e" -SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master" +SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master \ + file://race.patch" SRCREV = "8c9dca74b104ff6c9722fb0738ba93dd3719c080" PV .= "+git${SRCPV}" diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch new file mode 100644 index 0000000000..c6bc4f2234 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch @@ -0,0 +1,66 @@ +Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 34e1c04534607f5605255f39fb46e26261fc9c4e Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@arm.com> +Date: Tue, 8 Sep 2020 11:49:08 +0100 +Subject: [PATCH] tools/gen_module_code: atomically rewrite the generated files + +The gen_module rule in rules.mk is marked as .PHONY, so make will +execute it whenever it is mentioned. This results in gen_module_code +being executed 64 times for a Juno build. + +However in heavily parallel builds there's a good chance that +gen_module_code is writing a file whilst the compiler is reading it +because make also doesn't know what files are generated by +gen_module_code. + +The correct fix is to adjust the Makefiles so that the dependencies are +correct but this isn't trivial, so band-aid the problem by atomically +writing the generated files. + +Change-Id: I82d44f9ea6537a91002e1f80de8861d208571630 +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + tools/gen_module_code.py | 19 ++++++++++++++----- + 1 file changed, 14 insertions(+), 5 deletions(-) + +diff --git a/tools/gen_module_code.py b/tools/gen_module_code.py +index 7b3953845..ee099b713 100755 +--- a/tools/gen_module_code.py ++++ b/tools/gen_module_code.py +@@ -17,6 +17,7 @@ + import argparse + import os + import sys ++import tempfile + + DEFAULT_PATH = 'build/' + +@@ -53,13 +54,21 @@ + + def generate_file(path, filename, content): + full_filename = os.path.join(path, filename) +- with open(full_filename, 'a+') as f: +- f.seek(0) +- if f.read() != content: ++ ++ try: ++ with open(full_filename) as f: ++ rewrite = f.read() != content ++ except FileNotFoundError: ++ rewrite = True ++ ++ if rewrite: ++ with tempfile.NamedTemporaryFile(prefix="gen-module-code", ++ dir=path, ++ delete=False, ++ mode="wt") as f: + print("[GEN] {}...".format(full_filename)) +- f.seek(0) +- f.truncate() + f.write(content) ++ os.replace(f.name, full_filename) + + + def generate_header(path, modules): diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb index 76a7126b29..932b161959 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb +++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb @@ -7,10 +7,15 @@ COMPATIBLE_MACHINE = "corstone1000" inherit image inherit wic_nopt tfm_sign_image +inherit uefi_capsule PACKAGE_INSTALL = "" -IMAGE_FSTYPES += "wic wic.nopt" +IMAGE_FSTYPES += "wic wic.nopt uefi_capsule" + +UEFI_FIRMWARE_BINARY = "${PN}-${MACHINE}.${CAPSULE_IMGTYPE}" +UEFI_CAPSULE_CONFIG = "${THISDIR}/files/${PN}-capsule-update-image.json" +CAPSULE_IMGTYPE = "wic.nopt" do_sign_images() { # Sign TF-A BL2 diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json b/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json new file mode 100644 index 0000000000..0f011ff740 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json @@ -0,0 +1,11 @@ +{ + "Payloads": [ + { + "FwVersion": "5", + "Guid": "e2bb9c06-70e9-4b14-97a3-5a7913176e3f", + "LowestSupportedVersion": "1", + "Payload": "$UEFI_FIRMWARE_BINARY", + "UpdateImageIndex": "0" + } + ] +} diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb b/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb index 80565af633..45f2ec726a 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb +++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb @@ -63,10 +63,10 @@ do_deploy() { done if [ "${INITRAMFS_IMAGE_BUNDLE}" -eq 1 ]; then - cp -L -f ${DEPLOY_DIR_IMAGE}/Image-initramfs-juno.bin \ + cp -L -f ${DEPLOY_DIR_IMAGE}/Image.gz-initramfs-juno.bin \ ${D}/${UNPACK_DIR}/SOFTWARE/Image else - cp -L -f ${DEPLOY_DIR_IMAGE}/Image ${D}/${UNPACK_DIR}/SOFTWARE/ + cp -L -f ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE} ${D}/${UNPACK_DIR}/SOFTWARE/ fi # Compress the files diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/corstone1000/0007-corstone1000-adjust-PS-asset-configuration.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/corstone1000/0007-corstone1000-adjust-PS-asset-configuration.patch new file mode 100644 index 0000000000..7fae7b69b0 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/corstone1000/0007-corstone1000-adjust-PS-asset-configuration.patch @@ -0,0 +1,27 @@ +From 5be42e1c05205209fc3988f0df30a02da95c2448 Mon Sep 17 00:00:00 2001 +From: Rui Miguel Silva <rui.silva@linaro.org> +Date: Wed, 2 Nov 2022 00:12:35 +0000 +Subject: [PATCH] corstone1000: adjust PS asset configuration + +Adjust protected storage asset configuration to be more inline +with the one in trusted service side, that would make thinks +work when testing and using more than the default variables. + +Upstream-Status: Pending +Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> +--- + platform/ext/target/arm/corstone1000/config.cmake | 1 ++ + 1 file changed, 1 insertions(+) + +diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake +index ab0fe17ba886..c2b4b646e6b0 100644 +--- a/platform/ext/target/arm/corstone1000/config.cmake ++++ b/platform/ext/target/arm/corstone1000/config.cmake +@@ -56,3 +56,4 @@ set(PS_ENCRYPTION OFF CACHE BOOL "Enable + set(PS_ROLLBACK_PROTECTION OFF CACHE BOOL "Enable rollback protection for Protected Storage partition") + + set(PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE 256 CACHE STRING "Size of output buffer in platform service.") ++set(PS_NUM_ASSETS "40" CACHE STRING "The maximum number of assets to be stored in the Protected Storage area") +-- +2.38.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index 341a5942e0..58ad103262 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -34,6 +34,7 @@ SRC_URI:append:corstone1000 = " \ file://0004-Platform-Partition-Allow-configuration-of-input-and-.patch \ file://0005-corstone1000-support-for-UEFI-FMP-image-Information.patch \ file://0006-corstone1000-remove-two-partition-configuration.patch \ + file://0007-corstone1000-adjust-PS-asset-configuration.patch \ " do_install() { diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/juno/0002-configs-vexpress-modify-to-boot-compressed-initramfs.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/juno/0002-configs-vexpress-modify-to-boot-compressed-initramfs.patch new file mode 100644 index 0000000000..2bf68fe6dc --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/juno/0002-configs-vexpress-modify-to-boot-compressed-initramfs.patch @@ -0,0 +1,41 @@ +From 097a43223da4fa42335944295903ede2755e2dfd Mon Sep 17 00:00:00 2001 +From: Jon Mason <jdmason@kudzu.us> +Date: Mon, 19 Dec 2022 11:36:04 -0500 +Subject: [PATCH] configs: vexpress: modify to boot compressed initramfs + +Signed-off-by: Jon Mason <jdmason@kudzu.us> +Upstream-Status: Inappropriate + +--- + configs/vexpress_aemv8a_juno_defconfig | 1 + + include/configs/vexpress_aemv8.h | 2 ++ + 2 files changed, 3 insertions(+) + +diff --git a/configs/vexpress_aemv8a_juno_defconfig b/configs/vexpress_aemv8a_juno_defconfig +index e02124cc7f54..6ffe8f5fe67e 100644 +--- a/configs/vexpress_aemv8a_juno_defconfig ++++ b/configs/vexpress_aemv8a_juno_defconfig +@@ -16,6 +16,7 @@ CONFIG_SYS_LOAD_ADDR=0x90000000 + CONFIG_BOOTDELAY=1 + CONFIG_USE_BOOTARGS=y + CONFIG_BOOTARGS="console=ttyAMA0,115200n8 root=/dev/sda2 rw rootwait earlycon=pl011,0x7ff80000 debug user_debug=31 androidboot.hardware=juno loglevel=9" ++CONFIG_BOOTCOMMAND="echo running default boot command; afs load ${kernel_name} ${kernel_addr_r} ; if test $? -eq 1; then echo Loading ${kernel_alt_name} instead of ${kernel_name}; afs load ${kernel_alt_name} ${kernel_addr_r};fi ; afs load ${fdtfile} ${fdt_addr_r} ; if test $? -eq 1; then echo Loading ${fdt_alt_name} instead of ${fdtfile}; afs load ${fdt_alt_name} ${fdt_addr_r}; fi ; fdt addr ${fdt_addr_r}; fdt resize; if afs load ${initrd_name} ${initrd_addr_r} ; then setenv initrd_param ${initrd_addr_r}; else setenv initrd_param -; fi ; booti ${kernel_addr_r} ${initrd_param} ${fdt_addr_r}" + # CONFIG_DISPLAY_CPUINFO is not set + # CONFIG_DISPLAY_BOARDINFO is not set + CONFIG_SYS_PROMPT="VExpress64# " +diff --git a/include/configs/vexpress_aemv8.h b/include/configs/vexpress_aemv8.h +index cd7f6c1b9ba0..c2f5eb302076 100644 +--- a/include/configs/vexpress_aemv8.h ++++ b/include/configs/vexpress_aemv8.h +@@ -164,6 +164,8 @@ + "kernel_name=norkern\0" \ + "kernel_alt_name=Image\0" \ + "kernel_addr_r=0x80080000\0" \ ++ "kernel_comp_addr_r=0x90000000\0" \ ++ "kernel_comp_size=0x3000000\0" \ + "initrd_name=ramdisk.img\0" \ + "initrd_addr_r=0x88000000\0" \ + "fdtfile=board.dtb\0" \ +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend index 6144e97ac6..e01c850199 100644 --- a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend @@ -82,7 +82,9 @@ SRC_URI:append:fvp-baser-aemv8r64 = " \ # # Juno Machines # -SRC_URI:append:juno = " file://0001-arm-juno-add-custom-bootcmd-to-autoboot-from-uEnv.tx.patch" +SRC_URI:append:juno = " file://0001-arm-juno-add-custom-bootcmd-to-autoboot-from-uEnv.tx.patch \ + file://0002-configs-vexpress-modify-to-boot-compressed-initramfs.patch \ + " # diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/fvp-base/0001-arm64-dts-fvp-Enable-virtio-rng-support.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/fvp-base/0001-arm64-dts-fvp-Enable-virtio-rng-support.patch new file mode 100644 index 0000000000..1cbdc9afe1 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/fvp-base/0001-arm64-dts-fvp-Enable-virtio-rng-support.patch @@ -0,0 +1,29 @@ +From b443c8efd563dc372c60e7ad9f52aeddf7c13706 Mon Sep 17 00:00:00 2001 +From: Anton Antonov <Anton.Antonov@arm.com> +Date: Mon, 7 Nov 2022 11:37:51 +0000 +Subject: [PATCH] arm64: dts: fvp: Enable virtio-rng support + +The virtio-rng is available from FVP_Base_RevC-2xAEMvA version 11.17. +Enable it since Yocto includes a recipe for a newer FVP version. + +Upstream-Status: Inappropriate [Yocto specific] +Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> +--- + arch/arm64/boot/dts/arm/rtsm_ve-motherboard-rs2.dtsi | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/arch/arm64/boot/dts/arm/rtsm_ve-motherboard-rs2.dtsi b/arch/arm64/boot/dts/arm/rtsm_ve-motherboard-rs2.dtsi +index ec2d5280a30b..acafdcbf1063 100644 +--- a/arch/arm64/boot/dts/arm/rtsm_ve-motherboard-rs2.dtsi ++++ b/arch/arm64/boot/dts/arm/rtsm_ve-motherboard-rs2.dtsi +@@ -26,7 +26,6 @@ virtio@200000 { + compatible = "virtio,mmio"; + reg = <0x200000 0x200>; + interrupts = <46>; +- status = "disabled"; + }; + }; + }; +-- +2.25.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0001-arm64-dts-juno-Add-thermal-critical-trip-points.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0001-arm64-dts-juno-Add-thermal-critical-trip-points.patch new file mode 100644 index 0000000000..1c0f25eba1 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0001-arm64-dts-juno-Add-thermal-critical-trip-points.patch @@ -0,0 +1,60 @@ +From c4a7b9b587ca1bb4678d48d8be7132492b23a81c Mon Sep 17 00:00:00 2001 +From: Cristian Marussi <cristian.marussi@arm.com> +Date: Fri, 28 Oct 2022 15:08:33 +0100 +Subject: [PATCH] arm64: dts: juno: Add thermal critical trip points + +When thermnal zones are defined, trip points definitions are mandatory. +Define a couple of critical trip points for monitoring of existing +PMIC and SOC thermal zones. + +This was lost between txt to yaml conversion and was re-enforced recently +via the commit 8c596324232d ("dt-bindings: thermal: Fix missing required property") + +Cc: Rob Herring <robh+dt@kernel.org> +Cc: Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org> +Cc: devicetree@vger.kernel.org +Signed-off-by: Cristian Marussi <cristian.marussi@arm.com> +Fixes: f7b636a8d83c ("arm64: dts: juno: add thermal zones for scpi sensors") +Link: https://lore.kernel.org/r/20221028140833.280091-8-cristian.marussi@arm.com +Signed-off-by: Sudeep Holla <sudeep.holla@arm.com> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Backport +--- + arch/arm64/boot/dts/arm/juno-base.dtsi | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/arch/arm64/boot/dts/arm/juno-base.dtsi b/arch/arm64/boot/dts/arm/juno-base.dtsi +index 2f27619d8abd..8b4d280b1e7e 100644 +--- a/arch/arm64/boot/dts/arm/juno-base.dtsi ++++ b/arch/arm64/boot/dts/arm/juno-base.dtsi +@@ -751,12 +751,26 @@ pmic { + polling-delay = <1000>; + polling-delay-passive = <100>; + thermal-sensors = <&scpi_sensors0 0>; ++ trips { ++ pmic_crit0: trip0 { ++ temperature = <90000>; ++ hysteresis = <2000>; ++ type = "critical"; ++ }; ++ }; + }; + + soc { + polling-delay = <1000>; + polling-delay-passive = <100>; + thermal-sensors = <&scpi_sensors0 3>; ++ trips { ++ soc_crit0: trip0 { ++ temperature = <80000>; ++ hysteresis = <2000>; ++ type = "critical"; ++ }; ++ }; + }; + + big_cluster_thermal_zone: big-cluster { +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0002-arm64-dts-Update-cache-properties-for-Arm-Ltd-platfo.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0002-arm64-dts-Update-cache-properties-for-Arm-Ltd-platfo.patch new file mode 100644 index 0000000000..f19fb8b9e2 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0002-arm64-dts-Update-cache-properties-for-Arm-Ltd-platfo.patch @@ -0,0 +1,141 @@ +From 59fb813f9742b349f48250bd7793279cafe2752c Mon Sep 17 00:00:00 2001 +From: Pierre Gondois <pierre.gondois@arm.com> +Date: Mon, 7 Nov 2022 16:56:58 +0100 +Subject: [PATCH] arm64: dts: Update cache properties for Arm Ltd platforms + +The DeviceTree Specification v0.3 specifies that the cache node +"compatible" and "cache-level" properties are required. + +Cf. s3.8 Multi-level and Shared Cache Nodes +The 'cache-unified' property should be present if one of the properties +for unified cache is present ('cache-size', ...). + +Update the relevant device trees nodes accordingly. + +Signed-off-by: Pierre Gondois <pierre.gondois@arm.com> +Link: https://lore.kernel.org/r/20221107155825.1644604-6-pierre.gondois@arm.com +Signed-off-by: Sudeep Holla <sudeep.holla@arm.com> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Backport +--- + arch/arm64/boot/dts/arm/corstone1000.dtsi | 1 + + arch/arm64/boot/dts/arm/foundation-v8.dtsi | 1 + + arch/arm64/boot/dts/arm/juno-r1.dts | 2 ++ + arch/arm64/boot/dts/arm/juno-r2.dts | 2 ++ + arch/arm64/boot/dts/arm/juno.dts | 2 ++ + arch/arm64/boot/dts/arm/rtsm_ve-aemv8a.dts | 1 + + arch/arm64/boot/dts/arm/vexpress-v2f-1xv7-ca53x2.dts | 1 + + 7 files changed, 10 insertions(+) + +diff --git a/arch/arm64/boot/dts/arm/corstone1000.dtsi b/arch/arm64/boot/dts/arm/corstone1000.dtsi +index 4e46826f883a..21f1f952e985 100644 +--- a/arch/arm64/boot/dts/arm/corstone1000.dtsi ++++ b/arch/arm64/boot/dts/arm/corstone1000.dtsi +@@ -53,6 +53,7 @@ gic: interrupt-controller@1c000000 { + + L2_0: l2-cache0 { + compatible = "cache"; ++ cache-unified; + cache-level = <2>; + cache-size = <0x80000>; + cache-line-size = <64>; +diff --git a/arch/arm64/boot/dts/arm/foundation-v8.dtsi b/arch/arm64/boot/dts/arm/foundation-v8.dtsi +index 83e3e7e3984f..c8bd23b1a7ba 100644 +--- a/arch/arm64/boot/dts/arm/foundation-v8.dtsi ++++ b/arch/arm64/boot/dts/arm/foundation-v8.dtsi +@@ -58,6 +58,7 @@ cpu3: cpu@3 { + + L2_0: l2-cache0 { + compatible = "cache"; ++ cache-level = <2>; + }; + }; + +diff --git a/arch/arm64/boot/dts/arm/juno-r1.dts b/arch/arm64/boot/dts/arm/juno-r1.dts +index 6451c62146fd..1d90eeebb37d 100644 +--- a/arch/arm64/boot/dts/arm/juno-r1.dts ++++ b/arch/arm64/boot/dts/arm/juno-r1.dts +@@ -189,6 +189,7 @@ A53_3: cpu@103 { + + A57_L2: l2-cache0 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x200000>; + cache-line-size = <64>; + cache-sets = <2048>; +@@ -197,6 +198,7 @@ A57_L2: l2-cache0 { + + A53_L2: l2-cache1 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x100000>; + cache-line-size = <64>; + cache-sets = <1024>; +diff --git a/arch/arm64/boot/dts/arm/juno-r2.dts b/arch/arm64/boot/dts/arm/juno-r2.dts +index 438cd1ff4bd0..d2ada69b0a43 100644 +--- a/arch/arm64/boot/dts/arm/juno-r2.dts ++++ b/arch/arm64/boot/dts/arm/juno-r2.dts +@@ -195,6 +195,7 @@ A53_3: cpu@103 { + + A72_L2: l2-cache0 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x200000>; + cache-line-size = <64>; + cache-sets = <2048>; +@@ -203,6 +204,7 @@ A72_L2: l2-cache0 { + + A53_L2: l2-cache1 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x100000>; + cache-line-size = <64>; + cache-sets = <1024>; +diff --git a/arch/arm64/boot/dts/arm/juno.dts b/arch/arm64/boot/dts/arm/juno.dts +index cf4a58211399..5e48a01a5b9f 100644 +--- a/arch/arm64/boot/dts/arm/juno.dts ++++ b/arch/arm64/boot/dts/arm/juno.dts +@@ -194,6 +194,7 @@ A53_3: cpu@103 { + + A57_L2: l2-cache0 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x200000>; + cache-line-size = <64>; + cache-sets = <2048>; +@@ -202,6 +203,7 @@ A57_L2: l2-cache0 { + + A53_L2: l2-cache1 { + compatible = "cache"; ++ cache-unified; + cache-size = <0x100000>; + cache-line-size = <64>; + cache-sets = <1024>; +diff --git a/arch/arm64/boot/dts/arm/rtsm_ve-aemv8a.dts b/arch/arm64/boot/dts/arm/rtsm_ve-aemv8a.dts +index 258991ad7cc0..ef68f5aae7dd 100644 +--- a/arch/arm64/boot/dts/arm/rtsm_ve-aemv8a.dts ++++ b/arch/arm64/boot/dts/arm/rtsm_ve-aemv8a.dts +@@ -71,6 +71,7 @@ cpu@3 { + + L2_0: l2-cache0 { + compatible = "cache"; ++ cache-level = <2>; + }; + }; + +diff --git a/arch/arm64/boot/dts/arm/vexpress-v2f-1xv7-ca53x2.dts b/arch/arm64/boot/dts/arm/vexpress-v2f-1xv7-ca53x2.dts +index 5b6d9d8e934d..796cd7d02eb5 100644 +--- a/arch/arm64/boot/dts/arm/vexpress-v2f-1xv7-ca53x2.dts ++++ b/arch/arm64/boot/dts/arm/vexpress-v2f-1xv7-ca53x2.dts +@@ -57,6 +57,7 @@ cpu@1 { + + L2_0: l2-cache0 { + compatible = "cache"; ++ cache-level = <2>; + }; + }; + +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0003-arm64-dts-fvp-Add-SPE-to-Foundation-FVP.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0003-arm64-dts-fvp-Add-SPE-to-Foundation-FVP.patch new file mode 100644 index 0000000000..34dd025189 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0003-arm64-dts-fvp-Add-SPE-to-Foundation-FVP.patch @@ -0,0 +1,38 @@ +From 3bd7a0219082c2c91570b81afc35f2aec57cade2 Mon Sep 17 00:00:00 2001 +From: James Clark <james.clark@arm.com> +Date: Thu, 17 Nov 2022 10:25:36 +0000 +Subject: [PATCH] arm64: dts: fvp: Add SPE to Foundation FVP + +Add SPE DT node to FVP model. If the model doesn't support SPE (e.g., +turned off via parameter), the driver will skip the initialisation +accordingly and thus is safe. + +Signed-off-by: James Clark <james.clark@arm.com> +Link: https://lore.kernel.org/r/20221117102536.237515-1-james.clark@arm.com +Signed-off-by: Sudeep Holla <sudeep.holla@arm.com> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Backport +--- + arch/arm64/boot/dts/arm/foundation-v8.dtsi | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/arch/arm64/boot/dts/arm/foundation-v8.dtsi b/arch/arm64/boot/dts/arm/foundation-v8.dtsi +index c8bd23b1a7ba..029578072d8f 100644 +--- a/arch/arm64/boot/dts/arm/foundation-v8.dtsi ++++ b/arch/arm64/boot/dts/arm/foundation-v8.dtsi +@@ -85,6 +85,11 @@ pmu { + <GIC_SPI 63 IRQ_TYPE_LEVEL_HIGH>; + }; + ++ spe-pmu { ++ compatible = "arm,statistical-profiling-extension-v1"; ++ interrupts = <GIC_PPI 5 IRQ_TYPE_LEVEL_HIGH>; ++ }; ++ + watchdog@2a440000 { + compatible = "arm,sbsa-gwdt"; + reg = <0x0 0x2a440000 0 0x1000>, +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0004-arm64-dts-fvp-Add-information-about-L1-and-L2-caches.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0004-arm64-dts-fvp-Add-information-about-L1-and-L2-caches.patch new file mode 100644 index 0000000000..72f7161fee --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0004-arm64-dts-fvp-Add-information-about-L1-and-L2-caches.patch @@ -0,0 +1,149 @@ +From b2d5025e129289d9b914c696646e64495a7453c0 Mon Sep 17 00:00:00 2001 +From: Sudeep Holla <sudeep.holla@arm.com> +Date: Fri, 18 Nov 2022 15:10:17 +0000 +Subject: [PATCH] arm64: dts: fvp: Add information about L1 and L2 caches + +Add the information about L1 and L2 caches on FVP RevC platform. +Though the cache size is configurable through the model parameters, +having default values in the device tree helps to exercise and debug +any code utilising the cache information without the need of real +hardware. + +Link: https://lore.kernel.org/r/20221118151017.704716-1-sudeep.holla@arm.com +Signed-off-by: Sudeep Holla <sudeep.holla@arm.com> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Backport +--- + arch/arm64/boot/dts/arm/fvp-base-revc.dts | 73 +++++++++++++++++++++++ + 1 file changed, 73 insertions(+) + +diff --git a/arch/arm64/boot/dts/arm/fvp-base-revc.dts b/arch/arm64/boot/dts/arm/fvp-base-revc.dts +index 5f6f30c801a7..60472d65a355 100644 +--- a/arch/arm64/boot/dts/arm/fvp-base-revc.dts ++++ b/arch/arm64/boot/dts/arm/fvp-base-revc.dts +@@ -47,48 +47,121 @@ cpu0: cpu@0 { + compatible = "arm,armv8"; + reg = <0x0 0x000>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C0_L2>; + }; + cpu1: cpu@100 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x100>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C0_L2>; + }; + cpu2: cpu@200 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x200>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C0_L2>; + }; + cpu3: cpu@300 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x300>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C0_L2>; + }; + cpu4: cpu@10000 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x10000>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C1_L2>; + }; + cpu5: cpu@10100 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x10100>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C1_L2>; + }; + cpu6: cpu@10200 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x10200>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C1_L2>; + }; + cpu7: cpu@10300 { + device_type = "cpu"; + compatible = "arm,armv8"; + reg = <0x0 0x10300>; + enable-method = "psci"; ++ i-cache-size = <0x8000>; ++ i-cache-line-size = <64>; ++ i-cache-sets = <256>; ++ d-cache-size = <0x8000>; ++ d-cache-line-size = <64>; ++ d-cache-sets = <256>; ++ next-level-cache = <&C1_L2>; ++ }; ++ C0_L2: l2-cache0 { ++ compatible = "cache"; ++ cache-size = <0x80000>; ++ cache-line-size = <64>; ++ cache-sets = <512>; ++ cache-level = <2>; ++ cache-unified; ++ }; ++ ++ C1_L2: l2-cache1 { ++ compatible = "cache"; ++ cache-size = <0x80000>; ++ cache-line-size = <64>; ++ cache-sets = <512>; ++ cache-level = <2>; ++ cache-unified; + }; + }; + +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0005-ARM-dts-vexpress-align-LED-node-names-with-dtschema.patch b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0005-ARM-dts-vexpress-align-LED-node-names-with-dtschema.patch new file mode 100644 index 0000000000..c551250869 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/files/juno/0005-ARM-dts-vexpress-align-LED-node-names-with-dtschema.patch @@ -0,0 +1,84 @@ +From e15031539490733279c41ba87f4ef2b440a685f5 Mon Sep 17 00:00:00 2001 +From: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> +Date: Fri, 25 Nov 2022 15:41:12 +0100 +Subject: [PATCH] ARM: dts: vexpress: align LED node names with dtschema + +The node names should be generic and DT schema expects certain pattern. + + vexpress-v2p-ca9.dtb: leds: 'user1', 'user2', 'user3', 'user4', 'user5', 'user6', 'user7', 'user8' do not match any of the regexes: '(^led-[0-9a-f]$|led)', 'pinctrl-[0-9]+' + +Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> +Link: https://lore.kernel.org/r/20221125144112.476817-1-krzysztof.kozlowski@linaro.org +Signed-off-by: Sudeep Holla <sudeep.holla@arm.com> + +Signed-off-by: Jon Mason <jon.mason@arm.com> +Upstream-Status: Backport +--- + arch/arm/boot/dts/vexpress-v2m.dtsi | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/arch/arm/boot/dts/vexpress-v2m.dtsi b/arch/arm/boot/dts/vexpress-v2m.dtsi +index f434fe5cf4a1..def538ce8769 100644 +--- a/arch/arm/boot/dts/vexpress-v2m.dtsi ++++ b/arch/arm/boot/dts/vexpress-v2m.dtsi +@@ -383,49 +383,49 @@ v2m_refclk32khz: refclk32khz { + leds { + compatible = "gpio-leds"; + +- user1 { ++ led-user1 { + label = "v2m:green:user1"; + gpios = <&v2m_led_gpios 0 0>; + linux,default-trigger = "heartbeat"; + }; + +- user2 { ++ led-user2 { + label = "v2m:green:user2"; + gpios = <&v2m_led_gpios 1 0>; + linux,default-trigger = "mmc0"; + }; + +- user3 { ++ led-user3 { + label = "v2m:green:user3"; + gpios = <&v2m_led_gpios 2 0>; + linux,default-trigger = "cpu0"; + }; + +- user4 { ++ led-user4 { + label = "v2m:green:user4"; + gpios = <&v2m_led_gpios 3 0>; + linux,default-trigger = "cpu1"; + }; + +- user5 { ++ led-user5 { + label = "v2m:green:user5"; + gpios = <&v2m_led_gpios 4 0>; + linux,default-trigger = "cpu2"; + }; + +- user6 { ++ led-user6 { + label = "v2m:green:user6"; + gpios = <&v2m_led_gpios 5 0>; + linux,default-trigger = "cpu3"; + }; + +- user7 { ++ led-user7 { + label = "v2m:green:user7"; + gpios = <&v2m_led_gpios 6 0>; + linux,default-trigger = "cpu4"; + }; + +- user8 { ++ led-user8 { + label = "v2m:green:user8"; + gpios = <&v2m_led_gpios 7 0>; + linux,default-trigger = "cpu5"; +-- +2.30.2 + diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc index 99a40e7777..4f9bcfdf57 100644 --- a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc +++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc @@ -36,7 +36,6 @@ SRC_URI:append:corstone500 = " \ # Corstone1000 KMACHINE # FILESEXTRAPATHS:prepend:corstone1000 := "${ARMBSPFILESPATHS}" -FILESEXTRAPATHS:prepend:corstone1000 := "${ARMFILESPATHS}" COMPATIBLE_MACHINE:corstone1000 = "${MACHINE}" KCONFIG_MODE:corstone1000 = "--alldefconfig" KMACHINE:corstone1000 = "corstone1000" @@ -70,6 +69,7 @@ KERNEL_FEATURES:corstone1000 = "" COMPATIBLE_MACHINE:fvp-base = "fvp-base" KMACHINE:fvp-base = "fvp" FILESEXTRAPATHS:prepend:fvp-base := "${ARMBSPFILESPATHS}" +SRC_URI:append:fvp-base = " file://0001-arm64-dts-fvp-Enable-virtio-rng-support.patch" # # FVP BASE ARM32 KMACHINE @@ -100,6 +100,13 @@ COMPATIBLE_MACHINE:juno = "juno" KBUILD_DEFCONFIG:juno = "defconfig" KCONFIG_MODE:juno = "--alldefconfig" FILESEXTRAPATHS:prepend:juno := "${ARMBSPFILESPATHS}" +SRC_URI:append:juno = " \ + file://0001-arm64-dts-juno-Add-thermal-critical-trip-points.patch \ + file://0002-arm64-dts-Update-cache-properties-for-Arm-Ltd-platfo.patch \ + file://0003-arm64-dts-fvp-Add-SPE-to-Foundation-FVP.patch \ + file://0004-arm64-dts-fvp-Add-information-about-L1-and-L2-caches.patch \ + file://0005-ARM-dts-vexpress-align-LED-node-names-with-dtschema.patch \ + " # # Musca B1/S2 can't run Linux @@ -115,7 +122,6 @@ COMPATIBLE_MACHINE:n1sdp = "n1sdp" KBUILD_DEFCONFIG:n1sdp = "defconfig" KCONFIG_MODE:n1sdp = "--alldefconfig" FILESEXTRAPATHS:prepend:n1sdp := "${ARMBSPFILESPATHS}" -FILESEXTRAPATHS:prepend:n1sdp := "${ARMFILESPATHS}" SRC_URI:append:n1sdp = " \ file://0001-iommu-arm-smmu-v3-workaround-for-ATC_INV_SIZE_ALL-in.patch \ file://0002-n1sdp-pci_quirk-add-acs-override-for-PCI-devices.patch \ diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-register-DRAM1-to-optee-os.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-register-DRAM1-to-optee-os.patch new file mode 100644 index 0000000000..d9e20f8c76 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/n1sdp/0005-plat-n1sdp-register-DRAM1-to-optee-os.patch @@ -0,0 +1,52 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> + +From 2eb1da30564428551ca687d456d848129105abac Mon Sep 17 00:00:00 2001 +From: Vishnu Banavath <vishnu.banavath@arm.com> +Date: Tue, 25 Oct 2022 19:08:49 +0100 +Subject: [PATCH] plat-n1sdp: register DRAM1 to optee-os + +N1SDP supports two DRAM's. This change is to add 2nd DRAM +starting at 0x8080000000 address. + +Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> + +diff --git a/core/arch/arm/plat-n1sdp/conf.mk b/core/arch/arm/plat-n1sdp/conf.mk +index 06b4975a..5374e406 100644 +--- a/core/arch/arm/plat-n1sdp/conf.mk ++++ b/core/arch/arm/plat-n1sdp/conf.mk +@@ -38,4 +38,4 @@ CFG_SHMEM_START ?= 0x83000000 + CFG_SHMEM_SIZE ?= 0x00210000 + # DRAM1 is defined above 4G + $(call force,CFG_CORE_LARGE_PHYS_ADDR,y) +-$(call force,CFG_CORE_ARM64_PA_BITS,36) ++$(call force,CFG_CORE_ARM64_PA_BITS,42) +diff --git a/core/arch/arm/plat-n1sdp/main.c b/core/arch/arm/plat-n1sdp/main.c +index cfb7f19b..bb951ce6 100644 +--- a/core/arch/arm/plat-n1sdp/main.c ++++ b/core/arch/arm/plat-n1sdp/main.c +@@ -33,6 +33,7 @@ static struct pl011_data console_data __nex_bss; + register_phys_mem_pgdir(MEM_AREA_IO_SEC, CONSOLE_UART_BASE, PL011_REG_SIZE); + + register_ddr(DRAM0_BASE, DRAM0_SIZE); ++register_ddr(DRAM1_BASE, DRAM1_SIZE); + + register_phys_mem_pgdir(MEM_AREA_IO_SEC, GICD_BASE, GIC_DIST_REG_SIZE); + register_phys_mem_pgdir(MEM_AREA_IO_SEC, GICC_BASE, GIC_DIST_REG_SIZE); +diff --git a/core/arch/arm/plat-n1sdp/platform_config.h b/core/arch/arm/plat-n1sdp/platform_config.h +index 81b99409..bf0a3c83 100644 +--- a/core/arch/arm/plat-n1sdp/platform_config.h ++++ b/core/arch/arm/plat-n1sdp/platform_config.h +@@ -35,6 +35,9 @@ + #define DRAM0_BASE 0x80000000 + #define DRAM0_SIZE 0x80000000 + ++#define DRAM1_BASE 0x8080000000ULL ++#define DRAM1_SIZE 0x80000000ULL ++ + #define GICD_BASE 0x30000000 + #define GICC_BASE 0x2C000000 + #define GICR_BASE 0x300C0000 +-- +2.17.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc index 219f08bfd7..5e6e150710 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc @@ -11,6 +11,7 @@ SRC_URI:append = " \ file://0002-plat-n1sdp-add-N1SDP-platform-support.patch \ file://0003-HACK-disable-instruction-cache-and-data-cache.patch \ file://0004-Handle-logging-syscall.patch \ + file://0005-plat-n1sdp-register-DRAM1-to-optee-os.patch \ " EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=4" diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch index 801905d97a..c44885cf04 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch @@ -1,7 +1,7 @@ -From 7c9589c4bb056db5e1696f2a777891ab235b1b63 Mon Sep 17 00:00:00 2001 +From 13de79cd4f0d25b812e5f4ad4a19bc075496be83 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 16:36:51 +0000 -Subject: [PATCH 01/19] Add openamp to SE proxy deployment +Subject: [PATCH 01/20] Add openamp to SE proxy deployment Openamp is required to communicate between secure partitions(running on Cortex-A) and trusted-firmware-m(running on Cortex-M). @@ -283,5 +283,5 @@ index 000000000000..449f35f4fda4 +set_property(TARGET openamp PROPERTY IMPORTED_LOCATION "${OPENAMP_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}open_amp${CMAKE_STATIC_LIBRARY_SUFFIX}") +set_property(TARGET openamp PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${OPENAMP_INSTALL_DIR}/include") -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch index 39edc9d1e3..0371a7a418 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch @@ -1,7 +1,7 @@ -From e4ccb92f8de94a82edd3548d62c853790ae36bd1 Mon Sep 17 00:00:00 2001 +From 28aedac78016e5063ebd675a43e6c3655f87b442 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 18:00:46 +0000 -Subject: [PATCH 02/19] Implement mhu driver and the OpenAmp conversion layer. +Subject: [PATCH 02/20] Implement mhu driver and the OpenAmp conversion layer. This commit adds an mhu driver (v2.1 and v2) to the secure partition se_proxy and a conversion layer to communicate with @@ -1087,5 +1087,5 @@ index 000000000000..bb778bb9719b +# include MHU driver +include(${TS_ROOT}/platform/drivers/arm/mhu_driver/component.cmake) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch index bf52a2382b..5686face15 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch @@ -1,7 +1,7 @@ -From e187510a814b48b7b2e477a9913ee35b68522d06 Mon Sep 17 00:00:00 2001 +From 55394c4c9681af71b1ed7f7ebc7c44b2e1737113 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:00:54 +0000 -Subject: [PATCH 03/19] Add openamp rpc caller +Subject: [PATCH 03/20] Add openamp rpc caller Upstream-Status: Pending Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> @@ -1192,5 +1192,5 @@ index d39873a0fe81..34fe5ff1b925 100644 # Stub service provider backends "components/rpc/dummy" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch index 3246224560..84d418c131 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch @@ -1,7 +1,7 @@ -From 8c1bc5a7ae525d64802e2a06746f698f54cf07ca Mon Sep 17 00:00:00 2001 +From fb6d2f33e26c7b6ef88d552feca1f835da3f0df6 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:05:18 +0000 -Subject: [PATCH 04/19] add psa client definitions for ff-m +Subject: [PATCH 04/20] add psa client definitions for ff-m Add PSA client definitions in common include to add future ff-m support. @@ -294,5 +294,5 @@ index 000000000000..aaa973c6e987 + +#endif /* __PSA_MANIFEST_SID_H__ */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch index e179fb035a..df3cb2f4c2 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch @@ -1,7 +1,7 @@ -From e9778f726ed582360152f150301995b10d268aae Mon Sep 17 00:00:00 2001 +From 0311fc8f131fe7a2b0f4dd9988c610fda47394aa Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:13:03 +0000 -Subject: [PATCH 05/19] Add common service component to ipc support +Subject: [PATCH 05/20] Add common service component to ipc support Add support for inter processor communication for PSA including, the openamp client side structures lib. @@ -291,5 +291,5 @@ index 34fe5ff1b925..dd0c5d00c21e 100644 "components/service/discovery/provider" "components/service/discovery/provider/serializer/packed-c" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch index cac43ec4bc..74a83777df 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch @@ -1,7 +1,7 @@ -From 0df82487a7a253c601ca20ca1bd64fbb9ed64230 Mon Sep 17 00:00:00 2001 +From ed4371d63cb52c121be9678bc225055944286c30 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:19:24 +0000 -Subject: [PATCH 06/19] Add secure storage ipc backend +Subject: [PATCH 06/20] Add secure storage ipc backend Add secure storage ipc ff-m implementation which may use openamp as rpc to communicate with other processor. @@ -519,5 +519,5 @@ index dd0c5d00c21e..cd51460406ca 100644 "components/service/attestation/provider" "components/service/attestation/provider/serializer/packed-c" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch index 192e9768bd..ad33295d41 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch @@ -1,7 +1,7 @@ -From 9c7f1e6a5eb9ab887e568cfa3c2003583d387bc9 Mon Sep 17 00:00:00 2001 +From d1377a5ed909e3a1d9caca56aeda262a80322a4b Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:25:34 +0000 -Subject: [PATCH 07/19] Use secure storage ipc and openamp for se_proxy +Subject: [PATCH 07/20] Use secure storage ipc and openamp for se_proxy Remove mock up backend for secure storage in se proxy deployment and use instead the secure storage ipc backend with @@ -59,5 +59,5 @@ index acfb6e8873fa..57290056d614 100644 return secure_storage_provider_init(&ps_provider, backend); } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch index ce7aacf3cd..ab57688276 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch @@ -1,7 +1,7 @@ -From d9169d380366afc63af5d4bf02791aeb41f47897 Mon Sep 17 00:00:00 2001 +From 1b50ab6b6ff1c6f27ab320e18fb0d4aeb1122f0d Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 12 Dec 2021 10:43:48 +0000 -Subject: [PATCH 08/19] Run psa-arch-test +Subject: [PATCH 08/20] Run psa-arch-test Fixes needed to run psa-arch-test @@ -68,5 +68,5 @@ index 4f6ba2a7d822..1fd6b40dc803 100644 }; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch index ca0c9d9575..3295fa9bd9 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch @@ -1,7 +1,7 @@ -From ee767c1ae857cfcc8b4bb520b2558091e253cf94 Mon Sep 17 00:00:00 2001 +From a6fba503ffddae004e23b32559212e749e8586f6 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 12 Dec 2021 10:57:17 +0000 -Subject: [PATCH 09/19] Use address instead of pointers +Subject: [PATCH 09/20] Use address instead of pointers Since secure enclave is 32bit and we 64bit there is an issue in the protocol communication design that force us to handle @@ -164,5 +164,5 @@ index a1f369db253e..bda442a61d5c 100644 (void)client_id; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch index d47b0decf5..2d0725cb24 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch @@ -1,7 +1,7 @@ -From afdeb8e098a1f2822adf2ea83ded8dd9e2d021ba Mon Sep 17 00:00:00 2001 +From b142f3c162fb1c28982d26b5ac2181ba79197a28 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Tue, 7 Dec 2021 11:50:00 +0000 -Subject: [PATCH 10/19] Add psa ipc attestation to se proxy +Subject: [PATCH 10/20] Add psa ipc attestation to se proxy Implement attestation client API as psa ipc and include it to se proxy deployment. @@ -16,12 +16,15 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> .../reporter/psa_ipc/psa_ipc_attest_report.c | 45 ++++++++++ components/service/common/include/psa/sid.h | 4 + .../se-proxy/common/service_proxy_factory.c | 6 ++ - deployments/se-proxy/se-proxy.cmake | 3 +- - 7 files changed, 169 insertions(+), 1 deletion(-) + deployments/se-proxy/se-proxy.cmake | 7 +- + ...ble-using-hard-coded-attestation-key.patch | 29 ------- + external/psa_arch_tests/psa_arch_tests.cmake | 4 - + 9 files changed, 171 insertions(+), 36 deletions(-) create mode 100644 components/service/attestation/client/psa_ipc/component.cmake create mode 100644 components/service/attestation/client/psa_ipc/iat_ipc_client.c create mode 100644 components/service/attestation/reporter/psa_ipc/component.cmake create mode 100644 components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c + delete mode 100644 external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch diff --git a/components/service/attestation/client/psa_ipc/component.cmake b/components/service/attestation/client/psa_ipc/component.cmake new file mode 100644 @@ -243,10 +246,10 @@ index 57290056d614..4b8cceccbe4d 100644 attest_provider_register_serializer(&attest_provider, TS_RPC_ENCODING_PACKED_C, packedc_attest_provider_serializer_instance()); diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index cd51460406ca..38d26821d44d 100644 +index cd51460406ca..3dbbc36c968d 100644 --- a/deployments/se-proxy/se-proxy.cmake +++ b/deployments/se-proxy/se-proxy.cmake -@@ -49,12 +49,13 @@ add_components(TARGET "se-proxy" +@@ -49,14 +49,15 @@ add_components(TARGET "se-proxy" "components/service/attestation/include" "components/service/attestation/provider" "components/service/attestation/provider/serializer/packed-c" @@ -258,9 +261,63 @@ index cd51460406ca..38d26821d44d 100644 "components/rpc/dummy" "components/rpc/common/caller" - "components/service/attestation/reporter/stub" - "components/service/attestation/key_mngr/stub" - "components/service/crypto/backend/stub" +- "components/service/attestation/key_mngr/stub" +- "components/service/crypto/backend/stub" ++ "components/service/attestation/key_mngr/local" ++ "components/service/crypto/backend/psa_ipc" "components/service/crypto/client/psa" + "components/service/secure_storage/backend/mock_store" + ) +diff --git a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch b/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch +deleted file mode 100644 +index 6664961ab662..000000000000 +--- a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch ++++ /dev/null +@@ -1,29 +0,0 @@ +-From dbd25f94eb62a9855bf342dd97503a49ea50f83e Mon Sep 17 00:00:00 2001 +-From: Gyorgy Szing <Gyorgy.Szing@arm.com> +-Date: Tue, 8 Feb 2022 17:06:37 +0000 +-Subject: [PATCH 1/1] Disable using hard-coded attestation key +- +-Modify platform config to disable using a hard-coded attestation +-key. +- +-Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> +---- +- api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h | 2 +- +- 1 file changed, 1 insertion(+), 1 deletion(-) +- +-diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-index 6112ba7..1cdf581 100755 +---- a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-@@ -60,7 +60,7 @@ typedef uint32_t cfg_id_t; +- #define CRYPTO_VERSION_BETA3 +- +- /* Use hardcoded public key */ +--#define PLATFORM_OVERRIDE_ATTEST_PK +-+//#define PLATFORM_OVERRIDE_ATTEST_PK +- +- /* +- * Include of PSA defined Header files +--- +-2.17.1 +- +diff --git a/external/psa_arch_tests/psa_arch_tests.cmake b/external/psa_arch_tests/psa_arch_tests.cmake +index a8b77a1fc05e..1995df3e0b49 100644 +--- a/external/psa_arch_tests/psa_arch_tests.cmake ++++ b/external/psa_arch_tests/psa_arch_tests.cmake +@@ -15,10 +15,6 @@ set(GIT_OPTIONS + GIT_REPOSITORY ${PSA_ARCH_TESTS_URL} + GIT_TAG ${PSA_ARCH_TESTS_REFSPEC} + GIT_SHALLOW FALSE +- PATCH_COMMAND git stash +- COMMAND git tag -f ts-before-am +- COMMAND git am ${CMAKE_CURRENT_LIST_DIR}/0001-Disable-using-hard-coded-attestation-key.patch +- COMMAND git reset ts-before-am + ) + + # Ensure list of defines is separated correctly -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch index 988fbbecdd..5803cc17dc 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch @@ -1,7 +1,7 @@ -From 94770f9660154bb1157e19c11fb706889a81ae73 Mon Sep 17 00:00:00 2001 +From 4240977f7c38950f5edb316bb08ae05cb7b99875 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Thu, 9 Dec 2021 14:11:06 +0000 -Subject: [PATCH 11/19] Setup its backend as openamp rpc using secure storage +Subject: [PATCH 11/20] Setup its backend as openamp rpc using secure storage ipc implementation. Upstream-Status: Pending @@ -159,5 +159,5 @@ index 4b8cceccbe4d..1110ac46bf8b 100644 + return secure_storage_provider_init(&its_provider, backend); } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch index fdc39b0d3c..67ea7b8c56 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch @@ -1,7 +1,7 @@ -From 896b5009bb07c4b53541290e1712856063411107 Mon Sep 17 00:00:00 2001 +From 0b5d96b1a9f927dc141047600edf2249af7022c5 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Thu, 9 Dec 2021 14:17:39 +0000 -Subject: [PATCH 12/19] add psa ipc crypto backend +Subject: [PATCH 12/20] add psa ipc crypto backend Add psa ipc crypto backend and attach it to se proxy deployment. @@ -36,9 +36,8 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> .../crypto/include/psa/crypto_client_struct.h | 8 +- .../service/crypto/include/psa/crypto_sizes.h | 2 +- .../se-proxy/common/service_proxy_factory.c | 15 +- - deployments/se-proxy/se-proxy.cmake | 2 +- .../providers/arm/corstone1000/platform.cmake | 2 + - 29 files changed, 2293 insertions(+), 11 deletions(-) + 28 files changed, 2292 insertions(+), 10 deletions(-) create mode 100644 components/service/crypto/backend/psa_ipc/component.cmake create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h @@ -2556,19 +2555,6 @@ index 1110ac46bf8b..7edeef8b434a 100644 return crypto_iface; } -diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index 38d26821d44d..f647190d9559 100644 ---- a/deployments/se-proxy/se-proxy.cmake -+++ b/deployments/se-proxy/se-proxy.cmake -@@ -57,7 +57,7 @@ add_components(TARGET "se-proxy" - "components/rpc/dummy" - "components/rpc/common/caller" - "components/service/attestation/key_mngr/stub" -- "components/service/crypto/backend/stub" -+ "components/service/crypto/backend/psa_ipc" - "components/service/crypto/client/psa" - "components/service/secure_storage/backend/mock_store" - ) diff --git a/platform/providers/arm/corstone1000/platform.cmake b/platform/providers/arm/corstone1000/platform.cmake index bb778bb9719b..51e5faa3e4d8 100644 --- a/platform/providers/arm/corstone1000/platform.cmake @@ -2580,5 +2566,5 @@ index bb778bb9719b..51e5faa3e4d8 100644 + +add_compile_definitions(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch index 1a6e8f50f1..0040e12727 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch @@ -1,7 +1,7 @@ -From 6b8ebdeb8caa6326ae2a4befaf4410a7a54d4e02 Mon Sep 17 00:00:00 2001 +From 050be6fdfee656b0556766cc1db30f4c0ea87c79 Mon Sep 17 00:00:00 2001 From: Julian Hall <julian.hall@arm.com> Date: Tue, 12 Oct 2021 15:45:41 +0100 -Subject: [PATCH 13/19] Add stub capsule update service components +Subject: [PATCH 13/20] Add stub capsule update service components To facilitate development of a capsule update service provider, stub components are added to provide a starting point for an @@ -338,7 +338,7 @@ index 298d407a2371..02aa7fe2550d 100644 #ifdef __cplusplus } diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index f647190d9559..e35b0d0f610d 100644 +index 3dbbc36c968d..f0db2d43f443 100644 --- a/deployments/se-proxy/se-proxy.cmake +++ b/deployments/se-proxy/se-proxy.cmake @@ -51,6 +51,7 @@ add_components(TARGET "se-proxy" @@ -432,5 +432,5 @@ index 000000000000..285d924186be + +#endif /* CAPSULE_UPDATE_PARAMETERS_H */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch index 52c793cc12..22b1da6906 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch @@ -1,7 +1,7 @@ -From a71b26f867f1b4a08285d6da82528de6a54321f2 Mon Sep 17 00:00:00 2001 +From 229ec29154a4404426ad3083af68ca111a214e13 Mon Sep 17 00:00:00 2001 From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com> Date: Thu, 16 Dec 2021 21:31:40 +0000 -Subject: [PATCH 14/19] Configure storage size +Subject: [PATCH 14/20] Configure storage size Upstream-Status: Pending Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> @@ -10,7 +10,7 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c -index 715ccc3cb546..aeb8a22062b7 100644 +index 611e2e225c6b..6c3b9ed81c25 100644 --- a/components/service/smm_variable/backend/uefi_variable_store.c +++ b/components/service/smm_variable/backend/uefi_variable_store.c @@ -88,6 +88,7 @@ static efi_status_t check_name_terminator( @@ -38,5 +38,5 @@ index 715ccc3cb546..aeb8a22062b7 100644 context->owner_id = owner_id; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch index a8f5559d10..426f2ca5c4 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch @@ -1,7 +1,7 @@ -From 3cc9c417f12f005244530d8d706a6b7f3be35627 Mon Sep 17 00:00:00 2001 +From cf83184500703f9b4f2ac04be59cc7d624d8fd66 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 13 Feb 2022 09:01:10 +0000 -Subject: [PATCH 15/19] Fix: Crypto interface structure aligned with tf-m +Subject: [PATCH 15/20] Fix: Crypto interface structure aligned with tf-m change. NO NEED TO RAISE PR: The PR for this FIX is raied by Emek. @@ -27,5 +27,5 @@ index c13c20e84131..ec25eaf868c7 100644 * AEAD until the API is * restructured -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch index a0911970e6..a59d140023 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch @@ -1,7 +1,7 @@ -From c54afe45c1be25c4819b0f762cf03a24e6343ce5 Mon Sep 17 00:00:00 2001 +From 551d8722769fa2f2d2ac74adcb289333a9b03598 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 13 Feb 2022 09:49:51 +0000 -Subject: [PATCH 16/19] Integrate remaining psa-ipc client APIs. +Subject: [PATCH 16/20] Integrate remaining psa-ipc client APIs. Upstream-Status: Pending Signed-off-by: Satish Kumar <satish.kumar01@arm.com> @@ -490,5 +490,5 @@ index e16f6e5450af..cc9279ee79f2 100644 } #endif -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch index e7c1dc33f8..4adcd90a5f 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch @@ -1,7 +1,7 @@ -From b1ff44c650ae82f364a2f74059eeb280996dc4f8 Mon Sep 17 00:00:00 2001 +From 5a5e162e17c9decb04b3b2905a0fb604e8f06e91 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Mon, 14 Feb 2022 17:52:00 +0000 -Subject: [PATCH 17/19] Fix : update psa_set_key_usage_flags definition to the +Subject: [PATCH 17/20] Fix : update psa_set_key_usage_flags definition to the latest from the tf-m Upstream-Status: Pending @@ -36,5 +36,5 @@ index 1bc55e375eea..b4a7ed4b39d3 100644 } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch index 9ab1157ead..c1598a9e11 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch @@ -1,11 +1,10 @@ -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> - -From a1da63a8c4d55d52321608a72129af49e0a498b2 Mon Sep 17 00:00:00 2001 +From 1a4d46fdc0b5745b9cfb0789e4b778111bd6dbbb Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Mon, 14 Feb 2022 08:22:25 +0000 -Subject: [PATCH 18/19] Fixes in AEAD for psa-arch test 54 and 58. +Subject: [PATCH 18/20] Fixes in AEAD for psa-arch test 54 and 58. +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> Signed-off-by: Satish Kumar <satish.kumar01@arm.com> Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> --- @@ -118,5 +117,5 @@ index 0be266b52403..435fd3b523ce 100644 /* Variable length input parameter tags */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch index 984e2977d2..02c89d895e 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch @@ -1,7 +1,7 @@ -From 07ad7e1f7ba06045bf331d5b73a6adf38a098fb7 Mon Sep 17 00:00:00 2001 +From c519bae79629bfe551d79cfeb4e7d8a059545145 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Tue, 11 Oct 2022 10:46:10 +0100 -Subject: [PATCH 19/19] plat: corstone1000: change default smm values +Subject: [PATCH 19/20] plat: corstone1000: change default smm values Smm gateway uses SE proxy to route the calls for any NV storage so set the NV_STORE_SN. @@ -33,5 +33,5 @@ index 51e5faa3e4d8..04b629a81906 100644 + SMM_GATEWAY_MAX_UEFI_VARIABLES=100 +) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch index 79429c7747..ce40df0fd8 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch @@ -1,7 +1,7 @@ -From 6430bf31a25a1ef67e9141f85dbd070feb0d1a1e Mon Sep 17 00:00:00 2001 +From 70cf374fb55f2d62ecbe28049253df33b42b6749 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Fri, 8 Jul 2022 09:48:06 +0100 -Subject: [PATCH] FMP Support in Corstone1000. +Subject: [PATCH 20/20] FMP Support in Corstone1000. The FMP support is used by u-boot to pupolate ESRT information for the kernel. @@ -11,6 +11,7 @@ The solution is platform specific and needs to be revisted. Signed-off-by: Satish Kumar <satish.kumar01@arm.com> Upstream-Status: Inappropriate [The solution is platform specific and needs to be revisted] +Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> --- .../provider/capsule_update_provider.c | 5 + .../capsule_update/provider/component.cmake | 1 + @@ -21,7 +22,7 @@ Upstream-Status: Inappropriate [The solution is platform specific and needs to b create mode 100644 components/service/capsule_update/provider/corstone1000_fmp_service.h diff --git a/components/service/capsule_update/provider/capsule_update_provider.c b/components/service/capsule_update/provider/capsule_update_provider.c -index 9bbd7abc..871d6bcf 100644 +index e133753f8560..991a2235cd73 100644 --- a/components/service/capsule_update/provider/capsule_update_provider.c +++ b/components/service/capsule_update/provider/capsule_update_provider.c @@ -11,6 +11,7 @@ @@ -58,7 +59,7 @@ index 9bbd7abc..871d6bcf 100644 default: EMSG("%s unsupported opcode", __func__); diff --git a/components/service/capsule_update/provider/component.cmake b/components/service/capsule_update/provider/component.cmake -index 1d412eb2..6b060149 100644 +index 1d412eb234d9..6b0601494938 100644 --- a/components/service/capsule_update/provider/component.cmake +++ b/components/service/capsule_update/provider/component.cmake @@ -10,4 +10,5 @@ endif() @@ -69,7 +70,7 @@ index 1d412eb2..6b060149 100644 ) diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.c b/components/service/capsule_update/provider/corstone1000_fmp_service.c new file mode 100644 -index 00000000..6a7a47a7 +index 000000000000..6a7a47a7ed99 --- /dev/null +++ b/components/service/capsule_update/provider/corstone1000_fmp_service.c @@ -0,0 +1,307 @@ @@ -382,7 +383,7 @@ index 00000000..6a7a47a7 +} diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.h b/components/service/capsule_update/provider/corstone1000_fmp_service.h new file mode 100644 -index 00000000..95fba2a0 +index 000000000000..95fba2a04d5c --- /dev/null +++ b/components/service/capsule_update/provider/corstone1000_fmp_service.h @@ -0,0 +1,26 @@ @@ -413,5 +414,5 @@ index 00000000..95fba2a0 + +#endif /* CORSTONE1000_FMP_SERVICE_H */ -- -2.17.1 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch new file mode 100644 index 0000000000..87c053fcc6 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch @@ -0,0 +1,35 @@ +From 6d3cac6f3a6e977e9330c9c06514a372ade170a2 Mon Sep 17 00:00:00 2001 +From: Emekcan <emekcan.aras@arm.com> +Date: Wed, 2 Nov 2022 09:58:27 +0000 +Subject: [PATCH] smm_gateway: add checks for null attributes + +As par EDK-2 and EDK-2 test code, setVariable() with 0 +attributes means a delete variable request. Currently, +smm gatway doesn't handle this scenario. This commit adds +that support. + +Upstream-Status: Pending +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +--- + components/service/smm_variable/backend/uefi_variable_store.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c +index 6c3b9ed8..a691dc5d 100644 +--- a/components/service/smm_variable/backend/uefi_variable_store.c ++++ b/components/service/smm_variable/backend/uefi_variable_store.c +@@ -202,9 +202,9 @@ efi_status_t uefi_variable_store_set_variable( + if (info->is_variable_set) { + + /* It's a request to update to an existing variable */ +- if (!(var->Attributes & ++ if (!(var->Attributes) || (!(var->Attributes & + (EFI_VARIABLE_APPEND_WRITE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS_MASK)) && +- !var->DataSize) { ++ !var->DataSize)) { + + /* It's a remove operation - for a remove, the variable + * data must be removed from the storage backend before +-- +2.17.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch new file mode 100644 index 0000000000..ed4e6e27a3 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch @@ -0,0 +1,33 @@ +From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001 +From: Emekcan <emekcan.aras@arm.com> +Date: Thu, 3 Nov 2022 17:43:40 +0000 +Subject: [PATCH] smm_gateway: GetNextVariableName Fix + +GetNextVariableName() should return EFI_BUFFER_TOO_SMALL +when NameSize is smaller than the actual NameSize. It +currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting +max_name_len incorrectly. This fixes max_name_len error by +replacing it with actual NameSize request by u-boot. + +Upstream-Status: Pending +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +--- + .../service/smm_variable/provider/smm_variable_provider.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c +index a9679b7e..6a4b6fa7 100644 +--- a/components/service/smm_variable/provider/smm_variable_provider.c ++++ b/components/service/smm_variable/provider/smm_variable_provider.c +@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re + efi_status = uefi_variable_store_get_next_variable_name( + &this_instance->variable_store, + (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data, +- max_name_len, ++ ((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize, + &resp_buf->data_len); + } + else { +-- +2.17.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/ts-psa-crypto-api-test/0001-corstone1000-port-crypto-config.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0001-corstone1000-port-crypto-config.patch index c7289562bd..c7289562bd 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/ts-psa-crypto-api-test/0001-corstone1000-port-crypto-config.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0001-corstone1000-port-crypto-config.patch diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend new file mode 100644 index 0000000000..a885d38797 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend @@ -0,0 +1,10 @@ +MACHINE_TS_REQUIRE ?= "" +MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" + +require ${MACHINE_TS_REQUIRE} + + +EXTRA_OECMAKE:append:corstone1000 = "-DMM_COMM_BUFFER_ADDRESS=0x02000000 \ + -DMM_COMM_BUFFER_PAGE_COUNT=1 \ + " + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc index 03f7dff2ef..e97fb5937a 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc @@ -1,29 +1,26 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000:" -SRC_URI:append = " \ - file://0001-Add-openamp-to-SE-proxy-deployment.patch \ - file://0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch \ - file://0003-Add-openamp-rpc-caller.patch \ - file://0004-add-psa-client-definitions-for-ff-m.patch \ - file://0005-Add-common-service-component-to-ipc-support.patch \ - file://0006-Add-secure-storage-ipc-backend.patch \ - file://0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch \ - file://0008-Run-psa-arch-test.patch \ - file://0009-Use-address-instead-of-pointers.patch \ - file://0010-Add-psa-ipc-attestation-to-se-proxy.patch \ - file://0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch \ - file://0012-add-psa-ipc-crypto-backend.patch \ - file://0013-Add-stub-capsule-update-service-components.patch \ - file://0014-Configure-storage-size.patch \ - file://0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch \ - file://0016-Integrate-remaining-psa-ipc-client-APIs.patch \ - file://0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch \ - file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch \ - file://0019-plat-corstone1000-change-default-smm-values.patch \ - file://0020-FMP-Support-in-Corstone1000.patch \ - " - - -EXTRA_OECMAKE:append = "-DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ - -DMM_COMM_BUFFER_PAGE_COUNT="1" \ +SRC_URI:append:corstone1000 = " \ + file://0001-Add-openamp-to-SE-proxy-deployment.patch;patchdir=../trusted-services \ + file://0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch;patchdir=../trusted-services \ + file://0003-Add-openamp-rpc-caller.patch;patchdir=../trusted-services \ + file://0004-add-psa-client-definitions-for-ff-m.patch;patchdir=../trusted-services \ + file://0005-Add-common-service-component-to-ipc-support.patch;patchdir=../trusted-services \ + file://0006-Add-secure-storage-ipc-backend.patch;patchdir=../trusted-services \ + file://0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch;patchdir=../trusted-services \ + file://0008-Run-psa-arch-test.patch;patchdir=../trusted-services \ + file://0009-Use-address-instead-of-pointers.patch;patchdir=../trusted-services \ + file://0010-Add-psa-ipc-attestation-to-se-proxy.patch;patchdir=../trusted-services \ + file://0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0012-add-psa-ipc-crypto-backend.patch;patchdir=../trusted-services \ + file://0013-Add-stub-capsule-update-service-components.patch;patchdir=../trusted-services \ + file://0014-Configure-storage-size.patch;patchdir=../trusted-services \ + file://0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0016-Integrate-remaining-psa-ipc-client-APIs.patch;patchdir=../trusted-services \ + file://0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \ + file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \ + file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \ + file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \ + file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \ " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc new file mode 100644 index 0000000000..50ff960df5 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc @@ -0,0 +1,7 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000/psa-apitest:" + +include ts-corstone1000.inc + +SRC_URI:append:corstone1000 = " \ + file://0001-corstone1000-port-crypto-config.patch;patchdir=../psatest \ + " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend index 6595c92a28..ea49213e89 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend @@ -1,7 +1 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000:" -FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000/${PN}:" - -SRC_URI:append:corstone1000 = " \ - file://0001-corstone1000-port-crypto-config.patch;patchdir=../psatest \ - file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \ - " +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend index 8a37a28175..f39d2395f5 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend @@ -2,3 +2,8 @@ MACHINE_TS_REQUIRE ?= "" MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" require ${MACHINE_TS_REQUIRE} + +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ + -DMM_COMM_BUFFER_PAGE_COUNT="1" \ + " + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend index 8a37a28175..f39d2395f5 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend @@ -2,3 +2,8 @@ MACHINE_TS_REQUIRE ?= "" MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" require ${MACHINE_TS_REQUIRE} + +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ + -DMM_COMM_BUFFER_PAGE_COUNT="1" \ + " + diff --git a/meta-arm/meta-arm/classes/apply_local_src_patches.bbclass b/meta-arm/meta-arm/classes/apply_local_src_patches.bbclass new file mode 100644 index 0000000000..e193935383 --- /dev/null +++ b/meta-arm/meta-arm/classes/apply_local_src_patches.bbclass @@ -0,0 +1,48 @@ +# This class is to be inherited by recipes where there are patches located inside +# the fetched source code which need to be applied. + +# The following variables need to be set: +# LOCAL_SRC_PATCHES_INPUT_DIR is the directory from where the patches are located +# LOCAL_SRC_PATCHES_DEST_DIR is the directory where the patches will be applied + +do_patch[depends] += "quilt-native:do_populate_sysroot" + +LOCAL_SRC_PATCHES_INPUT_DIR ??= "" +LOCAL_SRC_PATCHES_DEST_DIR ??= "${LOCAL_SRC_PATCHES_INPUT_DIR}" + +python() { + if not d.getVar('LOCAL_SRC_PATCHES_INPUT_DIR'): + bb.warn("LOCAL_SRC_PATCHES_INPUT_DIR variable needs to be set.") +} + +apply_local_src_patches() { + + input_dir="${LOCAL_SRC_PATCHES_INPUT_DIR}" + dest_dir="${LOCAL_SRC_PATCHES_DEST_DIR}" + + if [ ! -d "$input_dir" ] ; then + bbfatal "LOCAL_SRC_PATCHES_INPUT_DIR=$input_dir not found." + fi + + if [ ! -d "$dest_dir" ] ; then + bbfatal "LOCAL_SRC_PATCHES_DEST_DIR=$dest_dir not found." + fi + + cd $dest_dir + export QUILT_PATCHES=./patches-extra + mkdir -p patches-extra + + for patch in $(find $input_dir -type f -name *.patch -or -name *.diff | sort) + do + patch_basename=`basename $patch` + if ! quilt applied $patch_basename >/dev/null ; then + bbdebug 1 "Applying $patch_basename in $dest_dir." + echo $patch_basename >> patches-extra/series + cp $patch patches-extra + quilt push $patch_basename + else + bbdebug 1 "$patch_basename already applied." + fi + done +} +do_patch[postfuncs] += "apply_local_src_patches" diff --git a/meta-arm/meta-arm/classes/fvpboot.bbclass b/meta-arm/meta-arm/classes/fvpboot.bbclass index 78dabd7369..3159cd43db 100644 --- a/meta-arm/meta-arm/classes/fvpboot.bbclass +++ b/meta-arm/meta-arm/classes/fvpboot.bbclass @@ -24,7 +24,10 @@ FVP_CONSOLES[default] ?= "${FVP_CONSOLE}" # Arbitrary extra arguments FVP_EXTRA_ARGS ?= "" # Bitbake variables to pass to the FVP environment -FVP_ENV_PASSTHROUGH ?= "" +FVP_ENV_PASSTHROUGH ?= "FASTSIM_DISABLE_TA ARMLMD_LICENSE_FILE" +FVP_ENV_PASSTHROUGH[vardeps] = "${FVP_ENV_PASSTHROUGH}" +# Disable timing annotation by default +FASTSIM_DISABLE_TA ?= "1" EXTRA_IMAGEDEPENDS += "${FVP_PROVIDER}" @@ -70,7 +73,8 @@ python do_write_fvpboot_conf() { data["env"] = {} for var in d.getVar("FVP_ENV_PASSTHROUGH").split(): - data["env"][var] = d.getVar(var) + if d.getVar(var) is not None: + data["env"][var] = d.getVar(var) os.makedirs(os.path.dirname(conffile), exist_ok=True) with open(conffile, "wt") as f: diff --git a/meta-arm/meta-arm/classes/uefi_capsule.bbclass b/meta-arm/meta-arm/classes/uefi_capsule.bbclass new file mode 100644 index 0000000000..690e7af4c3 --- /dev/null +++ b/meta-arm/meta-arm/classes/uefi_capsule.bbclass @@ -0,0 +1,55 @@ +# This class generates UEFI capsules +# The current class supports generating a capsule with single firmware binary + +DEPENDS += "gettext-native" +inherit python3native + +IMAGE_TYPES += "uefi_capsule" + +# edk2 base tools should be installed in the native sysroot directory +do_image_uefi_capsule[depends] += "edk2-basetools-native:do_populate_sysroot" + +# By default the wic image is used to create a capsule +CAPSULE_IMGTYPE ?= "wic" + +# IMGDEPLOYDIR is used as the default location of firmware binary for which the capsule needs to be created +CAPSULE_IMGLOCATION ?= "${IMGDEPLOYDIR}" + +# The generated capsule by default has uefi.capsule extension +CAPSULE_EXTENSION ?= "uefi.capsule" + +# The following variables must be set to be able to generate a capsule update +UEFI_FIRMWARE_BINARY ?= "" +UEFI_CAPSULE_CONFIG ?= "" + +# Check if the required variables are set +python() { + for var in ["UEFI_FIRMWARE_BINARY", "UEFI_CAPSULE_CONFIG"]: + if not d.getVar(var): + raise bb.parse.SkipRecipe(f"{var} not set") +} + +IMAGE_CMD:uefi_capsule(){ + + # Force the GenerateCapsule script to use python3 + export PYTHON_COMMAND=${PYTHON} + + # Copy the firmware and the capsule config json to current directory + if [ -e ${CAPSULE_IMGLOCATION}/${UEFI_FIRMWARE_BINARY} ]; then + cp ${CAPSULE_IMGLOCATION}/${UEFI_FIRMWARE_BINARY} . ; + fi + + export UEFI_FIRMWARE_BINARY=${UEFI_FIRMWARE_BINARY} + envsubst < ${UEFI_CAPSULE_CONFIG} > ./${MACHINE}-capsule-update-image.json + + ${STAGING_DIR_NATIVE}/usr/bin/edk2-BaseTools/BinWrappers/PosixLike/GenerateCapsule \ + -e -o ${IMGDEPLOYDIR}/${UEFI_FIRMWARE_BINARY}.${CAPSULE_EXTENSION} -j \ + ${MACHINE}-capsule-update-image.json + + # Remove the firmware to avoid contamination of IMGDEPLOYDIR + rm ${UEFI_FIRMWARE_BINARY} + +} + +# The firmware binary should be created before generating the capsule +IMAGE_TYPEDEP:uefi_capsule:append = "${CAPSULE_IMGTYPE}" diff --git a/meta-arm/meta-arm/lib/fvp/runner.py b/meta-arm/meta-arm/lib/fvp/runner.py index 28351a39ed..c52cdc1c14 100644 --- a/meta-arm/meta-arm/lib/fvp/runner.py +++ b/meta-arm/meta-arm/lib/fvp/runner.py @@ -1,7 +1,7 @@ -import asyncio import re import subprocess import os +import shlex import shutil import sys @@ -44,50 +44,70 @@ def check_telnet(): if not bool(shutil.which("telnet")): raise RuntimeError("Cannot find telnet, this is needed to connect to the FVP.") + +class ConsolePortParser: + def __init__(self, lines): + self._lines = lines + self._console_ports = {} + + def parse_port(self, console): + if console in self._console_ports: + return self._console_ports[console] + + while True: + try: + line = next(self._lines).strip().decode(errors='ignore') + m = re.match(r"^(\S+): Listening for serial connection on port (\d+)$", line) + if m: + matched_console = m.group(1) + matched_port = int(m.group(2)) + if matched_console == console: + return matched_port + else: + self._console_ports[matched_console] = matched_port + except StopIteration: + # self._lines might be a growing log file + pass + + +# This function is backported from Python 3.8. Remove it and replace call sites +# with shlex.join once OE-core support for earlier Python versions is dropped. +def shlex_join(split_command): + """Return a shell-escaped string from *split_command*.""" + return ' '.join(shlex.quote(arg) for arg in split_command) + + class FVPRunner: def __init__(self, logger): - self._terminal_ports = {} - self._line_callbacks = [] self._logger = logger self._fvp_process = None self._telnets = [] self._pexpects = [] - def add_line_callback(self, callback): - self._line_callbacks.append(callback) - - async def start(self, config, extra_args=[], terminal_choice="none"): + def start(self, config, extra_args=[], terminal_choice="none", stdout=subprocess.PIPE): cli = cli_from_config(config, terminal_choice) cli += extra_args # Pass through environment variables needed for GUI applications, such # as xterm, to work. env = config['env'] - for name in ('DISPLAY', 'WAYLAND_DISPLAY'): + for name in ('DISPLAY', 'WAYLAND_DISPLAY', 'XAUTHORITY'): if name in os.environ: env[name] = os.environ[name] - self._logger.debug(f"Constructed FVP call: {cli}") - self._fvp_process = await asyncio.create_subprocess_exec( - *cli, - stdin=subprocess.DEVNULL, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, + self._logger.debug(f"Constructed FVP call: {shlex_join(cli)}") + self._fvp_process = subprocess.Popen( + cli, + stdin=subprocess.DEVNULL, stdout=stdout, stderr=subprocess.STDOUT, env=env) - def detect_terminals(line): - m = re.match(r"^(\S+): Listening for serial connection on port (\d+)$", line) - if m: - terminal = m.group(1) - port = int(m.group(2)) - self._terminal_ports[terminal] = port - self.add_line_callback(detect_terminals) - - async def stop(self): + def stop(self): if self._fvp_process: self._logger.debug(f"Terminating FVP PID {self._fvp_process.pid}") try: self._fvp_process.terminate() - await asyncio.wait_for(self._fvp_process.wait(), 10.0) - except asyncio.TimeoutError: + self._fvp_process.wait(10.0) + except subprocess.TimeoutExpired: self._logger.debug(f"Killing FVP PID {self._fvp_process.pid}") self._fvp_process.kill() except ProcessLookupError: @@ -96,8 +116,8 @@ class FVPRunner: for telnet in self._telnets: try: telnet.terminate() - await asyncio.wait_for(telnet.wait(), 10.0) - except asyncio.TimeoutError: + telnet.wait(10.0) + except subprocess.TimeoutExpired: telnet.kill() except ProcessLookupError: pass @@ -117,34 +137,21 @@ class FVPRunner: else: return 0 - async def run(self, until=None): - if until and until(): - return - - async for line in self._fvp_process.stdout: - line = line.strip().decode("utf-8", errors="replace") - for callback in self._line_callbacks: - callback(line) - if until and until(): - return + def wait(self, timeout): + self._fvp_process.wait(timeout) - async def _get_terminal_port(self, terminal, timeout): - def terminal_exists(): - return terminal in self._terminal_ports - await asyncio.wait_for(self.run(terminal_exists), timeout) - return self._terminal_ports[terminal] + @property + def stdout(self): + return self._fvp_process.stdout - async def create_telnet(self, terminal, timeout=15.0): + def create_telnet(self, port): check_telnet() - port = await self._get_terminal_port(terminal, timeout) - telnet = await asyncio.create_subprocess_exec("telnet", "localhost", str(port), stdin=sys.stdin, stdout=sys.stdout) + telnet = subprocess.Popen(["telnet", "localhost", str(port)], stdin=sys.stdin, stdout=sys.stdout) self._telnets.append(telnet) return telnet - async def create_pexpect(self, terminal, timeout=15.0, **kwargs): - check_telnet() + def create_pexpect(self, port, **kwargs): import pexpect - port = await self._get_terminal_port(terminal, timeout) instance = pexpect.spawn(f"telnet localhost {port}", **kwargs) self._pexpects.append(instance) return instance diff --git a/meta-arm/meta-arm/lib/oeqa/controllers/fvp.py b/meta-arm/meta-arm/lib/oeqa/controllers/fvp.py index c8dcf2982d..e8a094f1df 100644 --- a/meta-arm/meta-arm/lib/oeqa/controllers/fvp.py +++ b/meta-arm/meta-arm/lib/oeqa/controllers/fvp.py @@ -1,4 +1,3 @@ -import asyncio import pathlib import pexpect import os @@ -13,7 +12,7 @@ class OEFVPSSHTarget(OESSHTarget): Contains common logic to start and stop an FVP. """ def __init__(self, logger, target_ip, server_ip, timeout=300, user='root', - port=None, dir_image=None, rootfs=None, **kwargs): + port=None, dir_image=None, rootfs=None, bootlog=None, **kwargs): super().__init__(logger, target_ip, server_ip, timeout, user, port) image_dir = pathlib.Path(dir_image) # rootfs may have multiple extensions so we need to strip *all* suffixes @@ -21,36 +20,40 @@ class OEFVPSSHTarget(OESSHTarget): basename = basename.name.replace("".join(basename.suffixes), "") self.fvpconf = image_dir / (basename + ".fvpconf") self.config = conffile.load(self.fvpconf) + self.bootlog = bootlog if not self.fvpconf.exists(): raise FileNotFoundError(f"Cannot find {self.fvpconf}") - async def boot_fvp(self): - self.fvp = runner.FVPRunner(self.logger) - await self.fvp.start(self.config) - self.logger.debug(f"Started FVP PID {self.fvp.pid()}") - await self._after_start() - - async def _after_start(self): + def _after_start(self): pass - async def _after_stop(self): - pass - - async def stop_fvp(self): - returncode = await self.fvp.stop() - await self._after_stop() - - self.logger.debug(f"Stopped FVP with return code {returncode}") - def start(self, **kwargs): - # When we can assume Py3.7+, this can simply be asyncio.run() - loop = asyncio.get_event_loop() - loop.run_until_complete(asyncio.gather(self.boot_fvp())) + self.fvp_log = self._create_logfile("fvp") + self.fvp = runner.FVPRunner(self.logger) + self.fvp.start(self.config, stdout=self.fvp_log) + self.logger.debug(f"Started FVP PID {self.fvp.pid()}") + self._after_start() def stop(self, **kwargs): - loop = asyncio.get_event_loop() - loop.run_until_complete(asyncio.gather(self.stop_fvp())) + returncode = self.fvp.stop() + self.logger.debug(f"Stopped FVP with return code {returncode}") + + def _create_logfile(self, name): + if not self.bootlog: + return None + + test_log_path = pathlib.Path(self.bootlog).parent + test_log_suffix = pathlib.Path(self.bootlog).suffix + fvp_log_file = f"{name}_log{test_log_suffix}" + fvp_log_path = pathlib.Path(test_log_path, fvp_log_file) + fvp_log_symlink = pathlib.Path(test_log_path, f"{name}_log") + try: + os.remove(fvp_log_symlink) + except: + pass + os.symlink(fvp_log_file, fvp_log_symlink) + return open(fvp_log_path, 'wb') class OEFVPTarget(OEFVPSSHTarget): @@ -59,31 +62,34 @@ class OEFVPTarget(OEFVPSSHTarget): waits for a Linux shell before returning to ensure that SSH commands work with the default test dependencies. """ - def __init__(self, logger, target_ip, server_ip, bootlog=None, **kwargs): + def __init__(self, logger, target_ip, server_ip, **kwargs): super().__init__(logger, target_ip, server_ip, **kwargs) - self.logfile = bootlog and open(bootlog, "wb") or None + self.logfile = self.bootlog and open(self.bootlog, "wb") or None # FVPs boot slowly, so allow ten minutes self.boot_timeout = 10 * 60 - async def _after_start(self): - self.logger.debug(f"Awaiting console on terminal {self.config['consoles']['default']}") - console = await self.fvp.create_pexpect(self.config['consoles']['default']) - try: - console.expect("login\\:", timeout=self.boot_timeout) - self.logger.debug("Found login prompt") - except pexpect.TIMEOUT: - self.logger.info("Timed out waiting for login prompt.") - self.logger.info("Boot log follows:") - self.logger.info(b"\n".join(console.before.splitlines()[-200:]).decode("utf-8", errors="replace")) - raise RuntimeError("Failed to start FVP.") + def _after_start(self): + with open(self.fvp_log.name, 'rb') as logfile: + parser = runner.ConsolePortParser(logfile) + self.logger.debug(f"Awaiting console on terminal {self.config['consoles']['default']}") + port = parser.parse_port(self.config['consoles']['default']) + console = self.fvp.create_pexpect(port) + try: + console.expect("login\\:", timeout=self.boot_timeout) + self.logger.debug("Found login prompt") + except pexpect.TIMEOUT: + self.logger.info("Timed out waiting for login prompt.") + self.logger.info("Boot log follows:") + self.logger.info(b"\n".join(console.before.splitlines()[-200:]).decode("utf-8", errors="replace")) + raise RuntimeError("Failed to start FVP.") class OEFVPSerialTarget(OEFVPSSHTarget): """ This target is intended for interaction with the target over one or more telnet consoles using pexpect. - + This still depends on OEFVPSSHTarget so SSH commands can still be run on the target, but note that this class does not inherently guarantee that the SSH server is running prior to running test cases. Test cases that use @@ -92,40 +98,25 @@ class OEFVPSerialTarget(OEFVPSSHTarget): """ DEFAULT_CONSOLE = "default" - def __init__(self, logger, target_ip, server_ip, bootlog=None, **kwargs): + def __init__(self, logger, target_ip, server_ip, **kwargs): super().__init__(logger, target_ip, server_ip, **kwargs) self.terminals = {} - self.test_log_path = pathlib.Path(bootlog).parent - self.test_log_suffix = pathlib.Path(bootlog).suffix - self.bootlog = bootlog - - async def _add_terminal(self, name, fvp_name): - logfile = self._create_logfile(name) - self.logger.info(f'Creating terminal {name} on {fvp_name}') - self.terminals[name] = \ - await self.fvp.create_pexpect(fvp_name, logfile=logfile) - - def _create_logfile(self, name): - fvp_log_file = f"{name}_log{self.test_log_suffix}" - fvp_log_path = pathlib.Path(self.test_log_path, fvp_log_file) - fvp_log_symlink = pathlib.Path(self.test_log_path, f"{name}_log") - try: - os.remove(fvp_log_symlink) - except: - pass - os.symlink(fvp_log_file, fvp_log_symlink) - return open(fvp_log_path, 'wb') - - async def _after_start(self): - for name, console in self.config["consoles"].items(): - await self._add_terminal(name, console) - - # testimage.bbclass expects to see a log file at `bootlog`, - # so make a symlink to the 'default' log file - if name == 'default': - default_test_file = f"{name}_log{self.test_log_suffix}" - os.symlink(default_test_file, self.bootlog) + def _after_start(self): + with open(self.fvp_log.name, 'rb') as logfile: + parser = runner.ConsolePortParser(logfile) + for name, console in self.config["consoles"].items(): + logfile = self._create_logfile(name) + self.logger.info(f'Creating terminal {name} on {console}') + port = parser.parse_port(console) + self.terminals[name] = \ + self.fvp.create_pexpect(port, logfile=logfile) + + # testimage.bbclass expects to see a log file at `bootlog`, + # so make a symlink to the 'default' log file + if name == 'default': + default_test_file = f"{name}_log{self.test_log_suffix}" + os.symlink(default_test_file, self.bootlog) def _get_terminal(self, name): return self.terminals[name] diff --git a/meta-arm/meta-arm/lib/oeqa/selftest/cases/runfvp.py b/meta-arm/meta-arm/lib/oeqa/selftest/cases/runfvp.py index cf8a3c53f4..5cc8660f2b 100644 --- a/meta-arm/meta-arm/lib/oeqa/selftest/cases/runfvp.py +++ b/meta-arm/meta-arm/lib/oeqa/selftest/cases/runfvp.py @@ -81,13 +81,13 @@ class ConfFileTests(OESelftestTestCase): class RunnerTests(OESelftestTestCase): def create_mock(self): - return unittest.mock.patch("asyncio.create_subprocess_exec") + return unittest.mock.patch("subprocess.Popen") def test_start(self): from fvp import runner with self.create_mock() as m: fvp = runner.FVPRunner(self.logger) - asyncio.run(fvp.start({ + fvp.start({ "fvp-bindir": "/usr/bin", "exe": "FVP_Binary", "parameters": {'foo': 'bar'}, @@ -96,13 +96,13 @@ class RunnerTests(OESelftestTestCase): "terminals": {}, "args": ['--extra-arg'], "env": {"FOO": "BAR"} - })) + }) - m.assert_called_once_with('/usr/bin/FVP_Binary', + m.assert_called_once_with(['/usr/bin/FVP_Binary', '--parameter', 'foo=bar', '--data', 'data1', '--application', 'a1=file', - '--extra-arg', + '--extra-arg'], stdin=unittest.mock.ANY, stdout=unittest.mock.ANY, stderr=unittest.mock.ANY, @@ -113,7 +113,7 @@ class RunnerTests(OESelftestTestCase): from fvp import runner with self.create_mock() as m: fvp = runner.FVPRunner(self.logger) - asyncio.run(fvp.start({ + fvp.start({ "fvp-bindir": "/usr/bin", "exe": "FVP_Binary", "parameters": {}, @@ -122,9 +122,9 @@ class RunnerTests(OESelftestTestCase): "terminals": {}, "args": [], "env": {"FOO": "BAR"} - })) + }) - m.assert_called_once_with('/usr/bin/FVP_Binary', + m.assert_called_once_with(['/usr/bin/FVP_Binary'], stdin=unittest.mock.ANY, stdout=unittest.mock.ANY, stderr=unittest.mock.ANY, diff --git a/meta-arm/meta-arm/recipes-bsp/scp-firmware/scp-firmware_2.10.0.bb b/meta-arm/meta-arm/recipes-bsp/scp-firmware/scp-firmware_2.10.0.bb index 4828fb552e..055e0c1b0c 100644 --- a/meta-arm/meta-arm/recipes-bsp/scp-firmware/scp-firmware_2.10.0.bb +++ b/meta-arm/meta-arm/recipes-bsp/scp-firmware/scp-firmware_2.10.0.bb @@ -27,7 +27,7 @@ DEPENDS = "virtual/arm-none-eabi-gcc-native \ # For now we only build with GCC, so stop meta-clang trying to get involved TOOLCHAIN = "gcc" -SCP_BUILD_STR = "${@bb.utils.contains('SCP_BUILD_RELEASE', '1', 'release', 'debug', d)}" +SCP_BUILD_STR = "${@bb.utils.contains('SCP_BUILD_RELEASE', '1', 'Release', 'Debug', d)}" inherit deploy @@ -46,6 +46,7 @@ CFLAGS[unexport] = "1" EXTRA_OECMAKE = "-D CMAKE_BUILD_TYPE=${SCP_BUILD_STR} \ -D SCP_LOG_LEVEL=${SCP_LOG_LEVEL} \ -D SCP_PLATFORM_FEATURE_SET=${SCP_PLATFORM_FEATURE_SET} \ + -D DISABLE_CPPCHECK=1 \ " do_configure() { diff --git a/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb b/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb index c10efd5a62..6b06c8a968 100644 --- a/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb +++ b/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.6.0.bb @@ -16,20 +16,19 @@ LIC_FILES_CHKSUM = "file://license.rst;md5=07f368487da347f3c7bd0fc3085f3afa \ file://../mcuboot/LICENSE;md5=b6ee33f1d12a5e6ee3de1e82fb51eeb8" SRC_URI = "git://git.trustedfirmware.org/TF-M/trusted-firmware-m.git;protocol=https;branch=${SRCBRANCH_tfm};name=tfm;destsuffix=git/tfm \ - git://git.trustedfirmware.org/TF-M/tf-m-tests.git;protocol=https;branch=${SRCBRANCH_tfm-tests};name=tfm-tests;destsuffix=git/tf-m-tests \ + git://git.trustedfirmware.org/TF-M/tf-m-tests.git;protocol=https;nobranch=1;name=tfm-tests;destsuffix=git/tf-m-tests \ git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=${SRCBRANCH_mbedtls};name=mbedtls;destsuffix=git/mbedtls \ git://github.com/mcu-tools/mcuboot.git;protocol=https;branch=${SRCBRANCH_mcuboot};name=mcuboot;destsuffix=git/mcuboot \ " # The required dependencies are documented in tf-m/config/config_default.cmake # TF-Mv1.6.0 -SRCBRANCH_tfm ?= "release/1.6.x" +SRCBRANCH_tfm ?= "master" SRCREV_tfm = "7387d88158701a3c51ad51c90a05326ee12847a8" # mbedtls-3.1.0 SRCBRANCH_mbedtls ?= "master" SRCREV_mbedtls = "d65aeb37349ad1a50e0f6c9b694d4b5290d60e49" # TF-Mv1.6.0 -SRCBRANCH_tfm-tests ?= "release/1.6.x" SRCREV_tfm-tests = "723905d46019596f3f2df66d79b5d6bff6f3f213" # v1.9.0 SRCBRANCH_mcuboot ?= "main" @@ -108,10 +107,9 @@ export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules" # TF-M ships patches that it needs applied to mbedcrypto, so apply them # as part of do_patch. -apply_local_patches() { - cat ${S}/lib/ext/mbedcrypto/*.patch | patch -p1 -d ${S}/../mbedtls -} -do_patch[postfuncs] += "apply_local_patches" +LOCAL_SRC_PATCHES_INPUT_DIR = "${S}/lib/ext/mbedcrypto" +LOCAL_SRC_PATCHES_DEST_DIR = "${S}/../mbedtls" +inherit apply_local_src_patches do_configure[cleandirs] = "${B}" do_configure() { diff --git a/meta-arm/meta-arm/recipes-devtools/edk2-basetools/edk2-basetools-native_202211.bb b/meta-arm/meta-arm/recipes-devtools/edk2-basetools/edk2-basetools-native_202211.bb new file mode 100644 index 0000000000..6a59c22cab --- /dev/null +++ b/meta-arm/meta-arm/recipes-devtools/edk2-basetools/edk2-basetools-native_202211.bb @@ -0,0 +1,24 @@ +# Install EDK2 Base Tools in native sysroot. Currently the BaseTools are not +# built, they are just copied to native sysroot. This is sufficient for +# generating UEFI capsules as it only depends on some python scripts. Other +# tools need to be built first before adding to sysroot. + +SUMMARY = "EDK2 Base Tools" +LICENSE = "BSD-2-Clause-Patent" + +# EDK2 +SRC_URI = "git://github.com/tianocore/edk2.git;branch=master;protocol=https" +LIC_FILES_CHKSUM = "file://License.txt;md5=2b415520383f7964e96700ae12b4570a" + +SRCREV = "fff6d81270b57ee786ea18ad74f43149b9f03494" + +S = "${WORKDIR}/git" + +inherit native + +RDEPENDS:${PN} += "python3-core" + +do_install () { + mkdir -p ${D}${bindir}/edk2-BaseTools + cp -r ${WORKDIR}/git/BaseTools/* ${D}${bindir}/edk2-BaseTools/ +} diff --git a/meta-arm/meta-arm/recipes-devtools/fvp/fvp-base-r-aem_11.19.14.bb b/meta-arm/meta-arm/recipes-devtools/fvp/fvp-base-r-aem_11.20.15.bb index 3ef089121e..f5175b2c38 100644 --- a/meta-arm/meta-arm/recipes-devtools/fvp/fvp-base-r-aem_11.19.14.bb +++ b/meta-arm/meta-arm/recipes-devtools/fvp/fvp-base-r-aem_11.20.15.bb @@ -5,6 +5,6 @@ LIC_FILES_CHKSUM = "file://license_terms/license_agreement.txt;md5=1a33828e132ba file://license_terms/third_party_licenses/third_party_licenses.txt;md5=34a1ba318d745f05e6197def68ea5411 \ file://license_terms/third_party_licenses/arm_license_management_utilities/third_party_licenses.txt;md5=2e53bda6ff2db4c35d69944b93926c9f" -SRC_URI[sha256sum] = "788ede659414af36a2d09489e400c4d822c859b726565f1f171bc3102a9413d0" +SRC_URI[sha256sum] = "c252616489b79fffa3bb721255b1c99ff4ee8c38e4beebce4fa05862a3195fe9" MODEL_CODE = "FVP_Base_AEMv8R" diff --git a/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb b/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb index 35ffe0b797..7d556616f0 100644 --- a/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb +++ b/meta-arm/meta-arm/recipes-devtools/fvp/fvp-corstone1000.bb @@ -2,10 +2,10 @@ require fvp-ecosystem.inc MODEL = "Corstone-1000-23" MODEL_CODE = "FVP_Corstone_1000" -PV = "11.17_23" +PV = "11.19_21" -SRC_URI = "https://developer.arm.com/-/media/Arm%20Developer%20Community/Downloads/OSS/FVP/${MODEL}/Linux/${MODEL_CODE}_${PV}.tgz;subdir=${BP}" -SRC_URI[sha256sum] = "00ccb72d02c90e2424d24a625d275cabf8ea8dc024713985208f618bb88d1934" +SRC_URI = "https://developer.arm.com/-/media/Arm%20Developer%20Community/Downloads/OSS/FVP/${MODEL}/Linux/${MODEL_CODE}_${PV}_${FVP_ARCH}.tgz;subdir=${BP}" +SRC_URI[sha256sum] = "dbdcb8b0c206fd56fd2296fe338a62902eb978883ba07f4da28440e180383b24" LIC_FILES_CHKSUM = "file://license_terms/license_agreement.txt;md5=1a33828e132ba71861c11688dbb0bd16 \ - file://license_terms/third_party_licenses.txt;md5=41029e71051b1c786bae3112a29905a7" + file://license_terms/third_party_licenses/third_party_licenses.txt;md5=34a1ba318d745f05e6197def68ea5411" diff --git a/meta-arm/meta-arm/recipes-devtools/trusted-firmware-m-scripts/trusted-firmware-m-scripts-native_1.6.0.bb b/meta-arm/meta-arm/recipes-devtools/trusted-firmware-m-scripts/trusted-firmware-m-scripts-native_1.6.0.bb index 453d456abf..06c0316170 100644 --- a/meta-arm/meta-arm/recipes-devtools/trusted-firmware-m-scripts/trusted-firmware-m-scripts-native_1.6.0.bb +++ b/meta-arm/meta-arm/recipes-devtools/trusted-firmware-m-scripts/trusted-firmware-m-scripts-native_1.6.0.bb @@ -1,7 +1,7 @@ SRC_URI = "git://git.trustedfirmware.org/TF-M/trusted-firmware-m.git;protocol=https;branch=${SRCBRANCH}" # Use the wrapper script from TF-Mv1.6.0 -SRCBRANCH ?= "release/1.6.x" +SRCBRANCH ?= "master" SRCREV = "7387d88158701a3c51ad51c90a05326ee12847a8" LICENSE = "BSD-3-Clause" diff --git a/meta-arm/meta-arm/recipes-kernel/linux/arm-ffa-transport.inc b/meta-arm/meta-arm/recipes-kernel/linux/arm-ffa-transport.inc index dec31dd44d..b3d377b4bf 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/arm-ffa-transport.inc +++ b/meta-arm/meta-arm/recipes-kernel/linux/arm-ffa-transport.inc @@ -1,4 +1,4 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" +FILESEXTRAPATHS:prepend := "${ARMFILESPATHS}" # Enable ARM-FFA transport SRC_URI:append = " \ diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/arm-ffa-transport.cfg b/meta-arm/meta-arm/recipes-kernel/linux/files/arm-ffa-transport.cfg index 34de78e895..34de78e895 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/arm-ffa-transport.cfg +++ b/meta-arm/meta-arm/recipes-kernel/linux/files/arm-ffa-transport.cfg diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/efi.cfg b/meta-arm/meta-arm/recipes-kernel/linux/files/efi.cfg index 00be1bc60c..00be1bc60c 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/efi.cfg +++ b/meta-arm/meta-arm/recipes-kernel/linux/files/efi.cfg diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/generic-arm64-kmeta/generic-arm64-standard.scc b/meta-arm/meta-arm/recipes-kernel/linux/files/generic-arm64-kmeta/generic-arm64-standard.scc index 7036476902..7036476902 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/generic-arm64-kmeta/generic-arm64-standard.scc +++ b/meta-arm/meta-arm/recipes-kernel/linux/files/generic-arm64-kmeta/generic-arm64-standard.scc diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/no-strict-devmem.cfg b/meta-arm/meta-arm/recipes-kernel/linux/files/no-strict-devmem.cfg index d372acaec2..d372acaec2 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/no-strict-devmem.cfg +++ b/meta-arm/meta-arm/recipes-kernel/linux/files/no-strict-devmem.cfg diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/tee.cfg b/meta-arm/meta-arm/recipes-kernel/linux/files/tee.cfg index 53c452d4a1..53c452d4a1 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto/tee.cfg +++ b/meta-arm/meta-arm/recipes-kernel/linux/files/tee.cfg diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack/0001-perf-change-root-to-prefix-for-python-install.patch b/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack/0001-perf-change-root-to-prefix-for-python-install.patch new file mode 100644 index 0000000000..637d90aeb8 --- /dev/null +++ b/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack/0001-perf-change-root-to-prefix-for-python-install.patch @@ -0,0 +1,34 @@ +Take a patch from linux-yocto to fix buildpaths in perf's python module. + +Upstream-Status: Pending +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From b8cd0e429bf75b673c438a8277d4bc74327df992 Mon Sep 17 00:00:00 2001 +From: Tom Zanussi <tom.zanussi@intel.com> +Date: Tue, 3 Jul 2012 13:07:23 -0500 +Subject: [PATCH] perf: change --root to --prefix for python install + +Otherwise we get the sysroot path appended to the build path, not what +we want. + +Signed-off-by: Tom Zanussi <tom.zanussi@intel.com> +--- + tools/perf/Makefile.perf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tools/perf/Makefile.perf b/tools/perf/Makefile.perf +index 8f738e11356d..ee945d8e3996 100644 +--- a/tools/perf/Makefile.perf ++++ b/tools/perf/Makefile.perf +@@ -1022,7 +1022,7 @@ install-bin: install-tools install-tests install-traceevent-plugins + install: install-bin try-install-man + + install-python_ext: +- $(PYTHON_WORD) util/setup.py --quiet install --root='/$(DESTDIR_SQ)' ++ $(PYTHON_WORD) util/setup.py --quiet install --prefix='$(DESTDIR_SQ)/usr' + + # 'make install-doc' should call 'make -C Documentation install' + $(INSTALL_DOC_TARGETS): +-- +2.34.1 + diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack_5.15.bb b/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack_5.15.bb index c3c9b4dc36..804c068f41 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack_5.15.bb +++ b/meta-arm/meta-arm/recipes-kernel/linux/linux-arm64-ack_5.15.bb @@ -8,6 +8,7 @@ SRC_URI = " \ git://android.googlesource.com/kernel/common.git;protocol=https;branch=android13-5.15-lts \ file://0001-lib-build_OID_registry-fix-reproducibility-issues.patch \ file://0002-vt-conmakehash-improve-reproducibility.patch \ + file://0001-perf-change-root-to-prefix-for-python-install.patch \ " # tag: ASB-2022-05-05_13-5.15-93-ge8b3f31d7a60 diff --git a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto_%.bbappend b/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto_%.bbappend index 896add8d0a..a641ec2da2 100644 --- a/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto_%.bbappend +++ b/meta-arm/meta-arm/recipes-kernel/linux/linux-yocto_%.bbappend @@ -1,4 +1,4 @@ -ARMFILESPATHS := "${THISDIR}/${PN}:" +ARMFILESPATHS := "${THISDIR}/files:" COMPATIBLE_MACHINE:generic-arm64 = "generic-arm64" FILESEXTRAPATHS:prepend:generic-arm64 = "${ARMFILESPATHS}" diff --git a/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb b/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb index 598b281bac..aafe85160c 100644 --- a/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb +++ b/meta-arm/meta-arm/recipes-security/trusted-services/libts_git.bb @@ -24,11 +24,14 @@ do_install:append () { fi # Move the dynamic libraries into the standard place. - # Update a cmake file to use correct paths. install -d ${D}${libdir} mv ${D}${TS_INSTALL}/lib/libts* ${D}${libdir} - sed -i -e "s#/${TS_ENV}##g" ${D}${TS_INSTALL}/lib/cmake/libts/libtsTargets-noconfig.cmake + # Update generated cmake file to use correct paths. + target_cmake=$(find ${D}${TS_INSTALL}/lib/cmake/libts -type f -iname "libtsTargets-*.cmake") + if [ ! -z "$target_cmake" ]; then + sed -i -e "s#/${TS_ENV}##g" $target_cmake + fi } inherit ${@oe.utils.conditional('VIRTUAL-RUNTIME_dev_manager', 'busybox-mdev', '', 'useradd', d)} diff --git a/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-api-test-common_git.inc b/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-api-test-common_git.inc index dfd471635e..41cb0c08bc 100644 --- a/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-api-test-common_git.inc +++ b/meta-arm/meta-arm/recipes-security/trusted-services/ts-psa-api-test-common_git.inc @@ -18,11 +18,9 @@ EXTRA_OECMAKE += "\ -DPSA_ARCH_TESTS_SOURCE_DIR=${WORKDIR}/git/psatest \ " -# TS ships patches that need to be applied to psa-arch-tests +# TS check if there are patches to apply to psa-arch-tests, if so apply them apply_ts_patch() { - for p in ${S}/external/psa_arch_tests/*.patch; do - patch -p1 -d ${WORKDIR}/git/psatest < ${p} - done + find ${S}/external/psa_arch_tests -type f -name '*.patch' -exec patch -p1 -d ${WORKDIR}/git/psatest -i {} \; } do_patch[postfuncs] += "apply_ts_patch" diff --git a/meta-arm/meta-atp/README.md b/meta-arm/meta-atp/README.md index 15d0e29b81..490ddca97e 100644 --- a/meta-arm/meta-atp/README.md +++ b/meta-arm/meta-atp/README.md @@ -1,76 +1 @@ -# meta-atp layer - -The meta-atp layer supports building environments with traffic generation capabilities based on [AMBA Adaptive Traffic Profiles (ATP)](https://developer.arm.com/documentation/ihi0082/latest). - -## Recipes - -The meta-atp layer supports building the following software components: - -- Arm's implementation of the AMBA ATP specification, namely the [AMBA ATP Engine](https://github.com/ARM-software/ATP-Engine). -- Linux kernel modules and user API (UAPI) for programming ATP devices. -- Integration test suite for verification of kernel modules and UAPI. - -It is also possible to build the AMBA ATP Engine as part of the final [gem5](https://www.gem5.org/) executable. For this, meta-atp extends the `gem5-aarch64-native` recipe to add the AMBA ATP engine code as extra sources. - -## Machines - -The `gem5-atp-arm64` machine extends the `gem5-arm64` machine to instantiate a simulated platform with support for programmable AMBA ATP traffic generation. The platform includes the following models: - -- `ProfileGen` model. This is the adapter layer between gem5 and the AMBA ATP Engine. It is the source of traffic into the gem5 host platform. -- `ATPDevice` model. Software can program it using the Linux kernel modules and UAPI to control traffic generation. - -## Usage - -Users should add the meta-atp layer and layer dependencies to `conf/bblayers.conf`. See `conf/layer.conf` for dependencies. - -### Standalone Engine executable - -Users can build the AMBA ATP Engine as a standalone native executable as follows: - -```bash -bitbake atp-native -``` - -Users can run the executable through standard build scripts: - -```bash -oe-run-native atp-native atpeng [--help | args...] -``` - -## Integration of the Engine in gem5 - -Users should select the `gem5-atp-arm64` platform in their `conf/local.conf` file. - -Users can build the target image of preference, for example: - -```bash -bitbake core-image-minimal -``` - -The resulting gem5 native executable contains the AMBA ATP Engine. The resulting target image contains the kernel modules, UAPI and test suite. - -Users should run the environment as follows: - -```bash -./tmp/deploy/tools/start-gem5-atp.sh -``` - -This script launches a fast simulation to fast-forward Linux boot. Once Linux boot is completed, the fast simulation switches into a detailed simulation for the final usable environment. Users can connect and interact with the environment as follows: - -```bash -oe-run-native gem5-m5term-native m5term <PORT> -``` - -The connection PORT is announced by the deploy script as: - -```bash -system.terminal: Listening for connections on port <PORT> -``` - -This is usually port 3456. - -Users can verify access to the ATP device by running the integration test suite from within the simulated environment as follows: - -```bash -test_atp.out -``` +See ../README.md diff --git a/meta-arm/meta-atp/conf/machine/gem5-atp-arm64.conf b/meta-arm/meta-atp/conf/machine/gem5-atp-arm64.conf index d5fe22a7c0..6e6d49a9b3 100644 --- a/meta-arm/meta-atp/conf/machine/gem5-atp-arm64.conf +++ b/meta-arm/meta-atp/conf/machine/gem5-atp-arm64.conf @@ -5,7 +5,11 @@ MACHINEOVERRIDES =. "gem5-arm64:" GEM5_RUN_PROFILE = "configs/baremetal_atp.py" # Require m5term EXTRA_IMAGEDEPENDS += "gem5-m5term-native" -# Require ATP kernel modules, user API and gem5 m5ops -MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "kernel-module-atp atp-uapi gem5-m5ops" +# Require ATP kernel modules, user API and gem5 m5readfile +MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "kernel-module-atp atp-uapi gem5-m5readfile" # Optionally provide ATP kernel tests MACHINE_ESSENTIAL_EXTRA_RRECOMMENDS += "atp-test" + +# Use ATP Engine gem5 models in gem5 build +DEPENDS:append:pn-gem5-aarch64-native = " atp-gem5-native" +GEM5_EXTRAS:pn-gem5-aarch64-native = "${STAGING_DATADIR_NATIVE}/atp" diff --git a/meta-arm/meta-atp/documentation/atp-standalone.md b/meta-arm/meta-atp/documentation/atp-standalone.md new file mode 100644 index 0000000000..1ab4528a5c --- /dev/null +++ b/meta-arm/meta-atp/documentation/atp-standalone.md @@ -0,0 +1,13 @@ +# Standalone ATP Engine executable + +Users can build the AMBA ATP Engine as a standalone native executable as follows: + +```bash +bitbake atp-native +``` + +Users can run the executable through standard build scripts: + +```bash +oe-run-native atp-native atpeng [--help | args...] +``` diff --git a/meta-arm/meta-atp/documentation/gem5-atp-arm64.md b/meta-arm/meta-atp/documentation/gem5-atp-arm64.md new file mode 100644 index 0000000000..018f374cdc --- /dev/null +++ b/meta-arm/meta-atp/documentation/gem5-atp-arm64.md @@ -0,0 +1,37 @@ +## ATP Engine integration in gem5, and the gem5-atp-arm64 machine + +Users should select the `gem5-atp-arm64` machine in their `conf/local.conf` file. + +Users can build the target image of preference, for example: + +```bash +bitbake core-image-minimal +``` + +The resulting gem5 native executable contains the AMBA ATP Engine. The resulting target image contains the kernel modules, UAPI and test suite. + +Users should run the environment as follows: + +```bash +oe-run-native atp-gem5-native start-gem5-atp.sh +``` + +This script launches a fast simulation to fast-forward Linux boot. Once Linux boot is completed, the fast simulation switches into a detailed simulation for the final usable environment. Users can connect and interact with the environment as follows: + +```bash +oe-run-native gem5-m5term-native m5term <PORT> +``` + +The connection PORT is announced by the deploy script as: + +```bash +system.terminal: Listening for connections on port <PORT> +``` + +This is usually port 3456. + +Users can verify access to the ATP device by running the integration test suite from within the simulated environment as follows: + +```bash +test_atp.out +``` diff --git a/meta-arm/meta-atp/documentation/summary.md b/meta-arm/meta-atp/documentation/summary.md new file mode 100644 index 0000000000..7ac6c3f51a --- /dev/null +++ b/meta-arm/meta-atp/documentation/summary.md @@ -0,0 +1,11 @@ +# meta-atp summary + +The meta-atp layer supports building the following software components: + +- Arm's implementation of the AMBA ATP specification, namely the [AMBA ATP Engine](https://github.com/ARM-software/ATP-Engine). +- Linux kernel modules and user API (UAPI) for programming ATP devices. +- Integration test suite for verification of kernel modules and UAPI. + +It is also possible to build the AMBA ATP Engine as part of the final [gem5](https://www.gem5.org/) executable. For this, meta-atp extends the `gem5-aarch64-native` recipe to add the AMBA ATP engine code as extra sources. + +Users should add the meta-atp layer and layer dependencies to `conf/bblayers.conf`. See `conf/layer.conf` for dependencies. diff --git a/meta-arm/meta-atp/recipes-devtools/atp/atp-gem5-native_3.1.bb b/meta-arm/meta-atp/recipes-devtools/atp/atp-gem5-native_3.1.bb new file mode 100644 index 0000000000..634c9b11ac --- /dev/null +++ b/meta-arm/meta-atp/recipes-devtools/atp/atp-gem5-native_3.1.bb @@ -0,0 +1,24 @@ +require atp-source_3.1.inc +inherit native + +SUMMARY = "AMBA ATP Engine gem5 models" + +S = "${WORKDIR}/git" +SRC_URI = "${ATP_SRC} file://start-gem5-atp.sh" + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + install -d ${D}${datadir}/gem5/configs ${D}${datadir}/atp ${D}${bindir} + + # baremetal_atp.py machine configuration and sample stream.atp file + install ${S}/gem5/baremetal_atp.py ${S}/configs/stream.atp ${D}${datadir}/gem5/configs + # ATP Engine sources for gem5 to use + install ${S}/SConscript ${S}/*.hh ${S}/*.cc ${D}${datadir}/atp + cp -RL ${S}/gem5 ${S}/proto ${D}${datadir}/atp + + install ${WORKDIR}/start-gem5-atp.sh ${D}${bindir} +} + +addtask addto_recipe_sysroot after do_populate_sysroot before do_build diff --git a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-native/start-gem5-atp.sh b/meta-arm/meta-atp/recipes-devtools/atp/atp-gem5/start-gem5-atp.sh index 16dac47714..16dac47714 100755 --- a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-native/start-gem5-atp.sh +++ b/meta-arm/meta-atp/recipes-devtools/atp/atp-gem5/start-gem5-atp.sh diff --git a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-dtb.bbappend b/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-dtb.bbappend index 2b55b8928a..c96f2cdc2d 100644 --- a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-dtb.bbappend +++ b/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-dtb.bbappend @@ -1,3 +1,5 @@ -# Export datadir paths for baremetal_atp.py script -export GEM5_DATADIR = "${STAGING_DATADIR_NATIVE}/gem5" -export ATP_DATADIR = "${STAGING_DATADIR_NATIVE}/gem5" +do_compile:prepend:gem5-atp-arm64() { + # Export datadir paths for baremetal_atp.py script + export GEM5_DATADIR="${STAGING_DATADIR_NATIVE}/gem5" + export ATP_DATADIR="${STAGING_DATADIR_NATIVE}/gem5" +} diff --git a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-native_20.bbappend b/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-native_20.bbappend deleted file mode 100644 index 6607f0f8b7..0000000000 --- a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-aarch64-native_20.bbappend +++ /dev/null @@ -1,24 +0,0 @@ -require recipes-devtools/atp/atp-source_3.1.inc - -FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:" - -SRC_URI += "${ATP_SRC};destsuffix=git/atp;name=atp \ - file://start-gem5-atp.sh" -SRCREV_FORMAT = "gem5_atp" -SRCREV_atp = "${ATP_REV}" -LICENSE += "& ${ATP_LIC}" -LIC_FILES_CHKSUM += "file://atp/LICENSE;md5=${ATP_LIC_MD5}" - -EXTRA_OESCONS += "EXTRAS=${S}/atp" - -do_install:append() { - # baremetal_atp.py machine configuration and sample stream.atp file - install -m 644 ${B}/atp/gem5/baremetal_atp.py \ - ${B}/atp/configs/stream.atp \ - ${D}${datadir}/gem5/configs -} - -do_deploy:append() { - # start-gem5-atp.sh launch script - install -m 755 ${WORKDIR}/start-gem5-atp.sh ${DEPLOYDIR} -} diff --git a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-m5ops_20.bbappend b/meta-arm/meta-atp/recipes-devtools/gem5/gem5-m5ops_20.bbappend deleted file mode 100644 index 3ba0c3cacd..0000000000 --- a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-m5ops_20.bbappend +++ /dev/null @@ -1,14 +0,0 @@ -inherit update-rc.d - -FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:" - -# Add startup script calling m5 readfile for automatic checkpoint and restore -SRC_URI += "file://m5-readfile.sh" - -INITSCRIPT_NAME = "m5-readfile.sh" -INITSCRIPT_PARAMS = "defaults 99" - -do_install:append() { - install -d ${D}/${INIT_D_DIR} - install -m 755 ${WORKDIR}/m5-readfile.sh ${D}/${INIT_D_DIR} -} diff --git a/meta-arm/meta-atp/recipes-kernel/atp/atp-module_3.1.bb b/meta-arm/meta-atp/recipes-kernel/atp/atp-module_3.1.bb index 0bf4949b6f..9b54e1c833 100644 --- a/meta-arm/meta-atp/recipes-kernel/atp/atp-module_3.1.bb +++ b/meta-arm/meta-atp/recipes-kernel/atp/atp-module_3.1.bb @@ -1,3 +1,4 @@ +COMPATIBLE_MACHINE = "gem5-atp-arm64" require recipes-devtools/atp/atp-source_3.1.inc inherit module diff --git a/meta-arm/meta-atp/recipes-kernel/atp/atp-test_3.1.bb b/meta-arm/meta-atp/recipes-kernel/atp/atp-test_3.1.bb index e98e13cd17..3c88e08db3 100644 --- a/meta-arm/meta-atp/recipes-kernel/atp/atp-test_3.1.bb +++ b/meta-arm/meta-atp/recipes-kernel/atp/atp-test_3.1.bb @@ -1,3 +1,4 @@ +COMPATIBLE_MACHINE = "gem5-atp-arm64" require recipes-devtools/atp/atp-source_3.1.inc SUMMARY = "End-to-end tests evaluating ATP kernel modules service correctness" diff --git a/meta-arm/meta-atp/recipes-kernel/atp/atp-uapi_3.1.bb b/meta-arm/meta-atp/recipes-kernel/atp/atp-uapi_3.1.bb index 140105f817..a8b14796f0 100644 --- a/meta-arm/meta-atp/recipes-kernel/atp/atp-uapi_3.1.bb +++ b/meta-arm/meta-atp/recipes-kernel/atp/atp-uapi_3.1.bb @@ -1,3 +1,4 @@ +COMPATIBLE_MACHINE = "gem5-atp-arm64" require recipes-devtools/atp/atp-source_3.1.inc SUMMARY = "User API for accessing services from ATP kernel modules" diff --git a/meta-arm/meta-atp/recipes-kernel/linux/linux-yocto_%.bbappend b/meta-arm/meta-atp/recipes-kernel/linux/linux-yocto_%.bbappend index f59f8d44b6..8cb86a97e7 100644 --- a/meta-arm/meta-atp/recipes-kernel/linux/linux-yocto_%.bbappend +++ b/meta-arm/meta-atp/recipes-kernel/linux/linux-yocto_%.bbappend @@ -1,2 +1,2 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/files:" -SRC_URI += "file://no_ftrace.cfg file://smmuv3.cfg" +FILESEXTRAPATHS:prepend:gem5-atp-arm64 := "${THISDIR}/files:" +SRC_URI:append:gem5-atp-arm64 = " file://no_ftrace.cfg file://smmuv3.cfg" diff --git a/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-m5readfile.bb b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-m5readfile.bb new file mode 100644 index 0000000000..9cddc270d4 --- /dev/null +++ b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-m5readfile.bb @@ -0,0 +1,17 @@ +inherit update-rc.d + +SUMMARY = "Enables reading any script at simulation launch time" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9" + +SRC_URI = "file://m5-readfile.sh" + +INITSCRIPT_NAME = "m5-readfile.sh" +INITSCRIPT_PARAMS = "defaults 99" + +do_install() { + install -d ${D}/${INIT_D_DIR} + install -m 755 ${WORKDIR}/m5-readfile.sh ${D}/${INIT_D_DIR} +} + +RDEPENDS:${PN} = "gem5-m5ops" diff --git a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-m5ops/m5-readfile.sh b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-m5readfile/m5-readfile.sh index 44477e9640..edf79b8430 100755 --- a/meta-arm/meta-atp/recipes-devtools/gem5/gem5-m5ops/m5-readfile.sh +++ b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-m5readfile/m5-readfile.sh @@ -3,7 +3,7 @@ # Provides: m5-readfile # Required-Start: $all # Default-Start: 5 -# Description: Enables reading any script at simulation launch time. +# Description: Enables reading any script at simulation launch time. ### END INIT INFO m5 readfile | sh diff --git a/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-native.inc b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-native.inc index 91a554bbbc..0f794b3fc9 100644 --- a/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-native.inc +++ b/meta-arm/meta-gem5/recipes-devtools/gem5/gem5-native.inc @@ -12,10 +12,15 @@ GEM5_BUILD_VARIANT ?= "opt" # What gem5 binary are we building GEM5_BUILD_CONFIGS ?= "build/X86/gem5.{GEM5_BUILD_VARIANT}" +# Extra directories with sources for gem5 build. Intended to be used from +# machine configuration files, to add out-of-tree gem5 models of their +# hardware components. +GEM5_EXTRAS ?= "" + # Scons build arguments GEM5_SCONS_ARGS ?= "CC=${BUILD_CC} CXX=${BUILD_CXX} \ AS=${BUILD_AS} AR=${BUILD_AR} ${GEM5_BUILD_CONFIGS} \ - PYTHON_CONFIG=python3-config" + PYTHON_CONFIG=python3-config EXTRAS=${GEM5_EXTRAS}" # Default profile to run GEM5_RUN_PROFILE ?= "configs/example/fs.py" diff --git a/meta-arm/scripts/runfvp b/meta-arm/scripts/runfvp index c5a74b2ffa..939352b539 100755 --- a/meta-arm/scripts/runfvp +++ b/meta-arm/scripts/runfvp @@ -1,10 +1,11 @@ #! /usr/bin/env python3 -import asyncio +import itertools import os import pathlib import signal import sys +import threading import logging logger = logging.getLogger("RunFVP") @@ -37,7 +38,8 @@ def parse_args(arguments): fvp_args = [] args = parser.parse_args(args=arguments) - logging.basicConfig(level=args.verbose and logging.DEBUG or logging.WARNING) + logging.basicConfig(level=args.verbose and logging.DEBUG or logging.WARNING, + format='\033[G%(levelname)s: %(message)s') # If we're hooking up the console, don't start any terminals if args.console: @@ -47,27 +49,37 @@ def parse_args(arguments): logger.debug(f"FVP arguments: {fvp_args}") return args, fvp_args - -async def start_fvp(args, config, extra_args): +def start_fvp(args, config, extra_args): fvp = runner.FVPRunner(logger) try: - await fvp.start(config, extra_args, args.terminals) + fvp.start(config, extra_args, args.terminals) if args.console: - fvp.add_line_callback(lambda line: logger.debug(f"FVP output: {line}")) expected_terminal = config["consoles"]["default"] if not expected_terminal: logger.error("--console used but FVP_CONSOLE not set in machine configuration") return 1 - telnet = await fvp.create_telnet(expected_terminal) - await telnet.wait() + port_stdout, log_stdout = itertools.tee(fvp.stdout, 2) + parser = runner.ConsolePortParser(port_stdout) + port = parser.parse_port(expected_terminal) + + def debug_log(): + for line in log_stdout: + line = line.strip().decode(errors='ignore') + logger.debug(f'FVP output: {line}') + log_thread = threading.Thread(None, debug_log) + log_thread.start() + + telnet = fvp.create_telnet(port) + telnet.wait() logger.debug(f"Telnet quit, cancelling tasks") else: - fvp.add_line_callback(lambda line: print(line)) - await fvp.run() + for line in fvp.stdout: + print(line.strip().decode(errors='ignore')) finally: - await fvp.stop() + fvp.stop() + def runfvp(cli_args): args, extra_args = parse_args(cli_args) @@ -77,14 +89,8 @@ def runfvp(cli_args): config_file = conffile.find(args.config) logger.debug(f"Loading {config_file}") config = conffile.load(config_file) + start_fvp(args, config, extra_args) - try: - # When we can assume Py3.7+, this can simply be asyncio.run() - loop = asyncio.get_event_loop() - return loop.run_until_complete(start_fvp(args, config, extra_args)) - except asyncio.CancelledError: - # This means telnet exited, which isn't an error - return 0 if __name__ == "__main__": try: |