jim.lai/OpenBMC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Your Name
2026-04-23 17:07:55 +08:00
commit b7e39e063b
16725 changed files with 1625565 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/boot-wrapper-aarch64-fvp-baser-aemv8r64.inc
+36
View File
@@ -0,0 +1,36 @@
COMPATIBLE_MACHINE = "fvp-baser-aemv8r64"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/${MACHINE}:"
SRC_URI:append = " \
file://0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch \
file://0002-aarch64-Prepare-for-EL1-booting.patch \
file://0003-aarch64-Prepare-for-lower-EL-booting.patch \
file://0004-gic-v3-Prepare-for-gicv3-with-EL2.patch \
file://0005-aarch64-Prepare-for-booting-with-EL2.patch \
file://0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch \
file://0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch \
file://0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch \
file://0009-lds-Mark-the-mem-range.patch \
file://0010-common-Introduce-the-libfdt.patch \
file://0011-common-Add-essential-libc-functions.patch \
file://0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch \
file://0013-platform-Add-print_hex-func.patch \
file://0014-common-Add-mem-usage-to-memreserve.patch \
file://0015-boot-Add-the-enable-keep-el-compile-option.patch \
file://0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch \
file://0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch \
file://0018-PSCI-Add-function-call-entry-point.patch \
file://0019-lds-Rearrange-and-mark-the-sections.patch \
file://0020-common-Provide-firmware-info-using-libfdt.patch \
file://0021-boot-Enable-firmware-node-initialization.patch \
"
BOOT_WRAPPER_AARCH64_CMDLINE = "\
earlycon console=ttyAMA0 loglevel=8 rootfstype=ext4 root=/dev/vda1 rw"
EXTRA_OECONF += "--enable-psci=hvc --enable-keep-el"
TUNE_CCARGS = ""
BOOT_WRAPPER_AARCH64_KERNEL = "u-boot.bin"
do_deploy[depends] += "u-boot:do_deploy"
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/boot-wrapper-aarch64_%.bbappend
+4
View File
@@ -0,0 +1,4 @@
MACHINE_BOOT_WRAPPER_AARCH64_REQUIRE ?= ""
MACHINE_BOOT_WRAPPER_AARCH64_REQUIRE:fvp-baser-aemv8r64 ?= "boot-wrapper-aarch64-fvp-baser-aemv8r64.inc"
require ${MACHINE_BOOT_WRAPPER_AARCH64_REQUIRE}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch
+135
View File
@@ -0,0 +1,135 @@
From 545f6950ae4dc55b4974986aa9629adb16eaf4e1 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Rename labels and prepare for lower EL booting
Prepare for booting from lower EL. Rename *_el3 relavant labels with
*_el_max and *_no_el3 with *_keep_el. Since the original _no_el3 means
"We neither do init sequence at this highest EL nor drop to lower EL
when entering to kernel", we rename it with _keep_el to make it more
clear for lower EL initialisation.
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
---
arch/aarch64/boot.S | 28 ++++++++++++++++++++--------
arch/aarch64/psci.S | 9 +++++----
arch/aarch64/spin.S | 4 ++--
3 files changed, 27 insertions(+), 14 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index d682ba5..fab694e 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -34,18 +34,30 @@ ASM_FUNC(_start)
/*
* EL3 initialisation
+ * Boot sequence
+ * If CurrentEL == EL3, then goto EL3 initialisation and drop to
+ * lower EL before entering the kernel.
+ * Else, no initialisation and keep the current EL before
+ * entering the kernel.
*/
mrs x0, CurrentEL
cmp x0, #CURRENTEL_EL3
- b.eq 1f
+ b.eq el3_init
+ /*
+ * We stay in the current EL for entering the kernel
+ */
mov w0, #1
- ldr x1, =flag_no_el3
+ ldr x1, =flag_keep_el
str w0, [x1]
- b start_no_el3
+ b start_keep_el
-1: mov x0, #0x30 // RES1
+ /*
+ * EL3 initialisation
+ */
+el3_init:
+ mov x0, #0x30 // RES1
orr x0, x0, #(1 << 0) // Non-secure EL1
orr x0, x0, #(1 << 8) // HVC enable
@@ -145,7 +157,7 @@ ASM_FUNC(_start)
bl gic_secure_init
- b start_el3
+ b start_el_max
err_invalid_id:
b .
@@ -172,7 +184,7 @@ ASM_FUNC(jump_kernel)
bl find_logical_id
bl setup_stack // Reset stack pointer
- ldr w0, flag_no_el3
+ ldr w0, flag_keep_el
cmp w0, #0 // Prepare Z flag
mov x0, x20
@@ -181,7 +193,7 @@ ASM_FUNC(jump_kernel)
mov x3, x23
b.eq 1f
- br x19 // No EL3
+ br x19 // Keep current EL
1: mov x4, #SPSR_KERNEL
@@ -199,5 +211,5 @@ ASM_FUNC(jump_kernel)
.data
.align 3
-flag_no_el3:
+flag_keep_el:
.long 0
diff --git a/arch/aarch64/psci.S b/arch/aarch64/psci.S
index 8bd224b..7b8919a 100644
--- a/arch/aarch64/psci.S
+++ b/arch/aarch64/psci.S
@@ -79,7 +79,7 @@ smc_exit:
ldp x18, x19, [sp], #16
eret
-ASM_FUNC(start_el3)
+ASM_FUNC(start_el_max)
ldr x0, =vector
bl setup_vector
@@ -89,10 +89,11 @@ ASM_FUNC(start_el3)
b psci_first_spin
/*
- * This PSCI implementation requires EL3. Without EL3 we'll only boot the
- * primary cpu, all others will be trapped in an infinite loop.
+ * This PSCI implementation requires the highest EL(EL3 or Armv8-R EL2).
+ * Without the highest EL, we'll only boot the primary cpu, all othersr
+ * will be trapped in an infinite loop.
*/
-ASM_FUNC(start_no_el3)
+ASM_FUNC(start_keep_el)
cpuid x0, x1
bl find_logical_id
cbz x0, psci_first_spin
diff --git a/arch/aarch64/spin.S b/arch/aarch64/spin.S
index 1ea1c0b..bfb1d47 100644
--- a/arch/aarch64/spin.S
+++ b/arch/aarch64/spin.S
@@ -12,8 +12,8 @@
.text
-ASM_FUNC(start_el3)
-ASM_FUNC(start_no_el3)
+ASM_FUNC(start_el_max)
+ASM_FUNC(start_keep_el)
cpuid x0, x1
bl find_logical_id
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0002-aarch64-Prepare-for-EL1-booting.patch
+48
View File
@@ -0,0 +1,48 @@
From bad32d3fc127a421be416b17e4f7d6d514f06abb Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for EL1 booting
When booting from EL1, add a check and skip the init of
sctlr_el2 in jump_kernel
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
---
arch/aarch64/boot.S | 6 +++++-
arch/aarch64/include/asm/cpu.h | 1 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index fab694e..5105b41 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -177,10 +177,14 @@ ASM_FUNC(jump_kernel)
ldr x0, =SCTLR_EL1_KERNEL
msr sctlr_el1, x0
+ mrs x0, CurrentEL
+ cmp x0, #CURRENTEL_EL2
+ b.lt 1f
+
ldr x0, =SCTLR_EL2_KERNEL
msr sctlr_el2, x0
- cpuid x0, x1
+1: cpuid x0, x1
bl find_logical_id
bl setup_stack // Reset stack pointer
diff --git a/arch/aarch64/include/asm/cpu.h b/arch/aarch64/include/asm/cpu.h
index 49d3f86..3767da3 100644
--- a/arch/aarch64/include/asm/cpu.h
+++ b/arch/aarch64/include/asm/cpu.h
@@ -11,6 +11,7 @@
#define MPIDR_ID_BITS 0xff00ffffff
+#define CURRENTEL_EL2 (2 << 2)
#define CURRENTEL_EL3 (3 << 2)
/*
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0003-aarch64-Prepare-for-lower-EL-booting.patch
+55
View File
@@ -0,0 +1,55 @@
From 252cbd36e51414b60ab68306f9c38e358709494d Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for lower EL booting
Save SPSR_KERNEL into spsr_to_elx during el3_init.
The jump_kernel will load spsr_to_elx into spsr_el3.
This change will make it easier to control whether drop to lower EL
before jumping to the kernel.
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
---
arch/aarch64/boot.S | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index 5105b41..243198d 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -151,7 +151,16 @@ el3_init:
mov x0, #ZCR_EL3_LEN_MAX // SVE: Enable full vector len
msr ZCR_EL3, x0 // for EL2.
-1:
+ /*
+ * Save SPSR_KERNEL into spsr_to_elx.
+ * The jump_kernel will load spsr_to_elx into spsr_el3
+ */
+1: mov w0, #SPSR_KERNEL
+ ldr x1, =spsr_to_elx
+ str w0, [x1]
+ b el_max_init
+
+el_max_init:
ldr x0, =COUNTER_FREQ
msr cntfrq_el0, x0
@@ -199,7 +208,7 @@ ASM_FUNC(jump_kernel)
b.eq 1f
br x19 // Keep current EL
-1: mov x4, #SPSR_KERNEL
+1: ldr w4, spsr_to_elx
/*
* If bit 0 of the kernel address is set, we're entering in AArch32
@@ -217,3 +226,5 @@ ASM_FUNC(jump_kernel)
.align 3
flag_keep_el:
.long 0
+spsr_to_elx:
+ .long 0
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0004-gic-v3-Prepare-for-gicv3-with-EL2.patch
+105
View File
@@ -0,0 +1,105 @@
From bff110a95a5e4c9db2d61e629b4aa4b84530201e Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] gic-v3: Prepare for gicv3 with EL2
This is a preparation for allowing boot-wrapper configuring the gicv3
with EL2.
When confiuring with EL2, since there is no ICC_CTLR_EL2, the
ICC_CTLR_EL3 cannot be replaced with ICC_CTLR_EL2 simply.
See [https://developer.arm.com/documentation/ihi0069/latest/].
As the caller, gic_secure_init expects the ICC_CTLR to be written,
we change the function into gic_init_icc_ctlr(). In the GIC spec,
the r/w bits in this register ([6:0]) either affect EL3 IRQ routing
(not applicable since no EL3), non-secure IRQ handling (not applicable
since only secure state in Armv8-R aarch64), or are aliased to
ICC_CTLR_EL1 bits.
So, based on this, the new gic_init_icc_ctlr() would be:
When currentEL is EL3, init ICC_CTLR_EL3 as before.
When currentEL is not EL3, init ICC_CTLR_EL1 with ICC_CTLR_EL1_RESET.
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
---
arch/aarch32/include/asm/gic-v3.h | 7 +++++++
arch/aarch64/include/asm/gic-v3.h | 23 ++++++++++++++++++++---
common/gic-v3.c | 2 +-
3 files changed, 28 insertions(+), 4 deletions(-)
diff --git a/arch/aarch32/include/asm/gic-v3.h b/arch/aarch32/include/asm/gic-v3.h
index 65f38de..11e7bc7 100644
--- a/arch/aarch32/include/asm/gic-v3.h
+++ b/arch/aarch32/include/asm/gic-v3.h
@@ -9,6 +9,8 @@
#ifndef __ASM_AARCH32_GICV3_H
#define __ASM_AARCH32_GICV3_H
+#define ICC_CTLR_RESET (0UL)
+
static inline void gic_write_icc_sre(uint32_t val)
{
asm volatile ("mcr p15, 6, %0, c12, c12, 5" : : "r" (val));
@@ -19,4 +21,9 @@ static inline void gic_write_icc_ctlr(uint32_t val)
asm volatile ("mcr p15, 6, %0, c12, c12, 4" : : "r" (val));
}
+static inline void gic_init_icc_ctlr()
+{
+ gic_write_icc_ctlr(ICC_CTLR_RESET);
+}
+
#endif
diff --git a/arch/aarch64/include/asm/gic-v3.h b/arch/aarch64/include/asm/gic-v3.h
index 5b32380..090ab0b 100644
--- a/arch/aarch64/include/asm/gic-v3.h
+++ b/arch/aarch64/include/asm/gic-v3.h
@@ -15,14 +15,31 @@
#define ICC_CTLR_EL3 "S3_6_C12_C12_4"
#define ICC_PMR_EL1 "S3_0_C4_C6_0"
+#define ICC_CTLR_EL3_RESET (0UL)
+#define ICC_CTLR_EL1_RESET (0UL)
+
+static inline uint32_t current_el(void)
+{
+ uint32_t val;
+
+ asm volatile ("mrs %0, CurrentEL" : "=r" (val));
+ return val;
+}
+
static inline void gic_write_icc_sre(uint32_t val)
{
- asm volatile ("msr " ICC_SRE_EL3 ", %0" : : "r" (val));
+ if (current_el() == CURRENTEL_EL3)
+ asm volatile ("msr " ICC_SRE_EL3 ", %0" : : "r" (val));
+ else
+ asm volatile ("msr " ICC_SRE_EL2 ", %0" : : "r" (val));
}
-static inline void gic_write_icc_ctlr(uint32_t val)
+static inline void gic_init_icc_ctlr()
{
- asm volatile ("msr " ICC_CTLR_EL3 ", %0" : : "r" (val));
+ if (current_el() == CURRENTEL_EL3)
+ asm volatile ("msr " ICC_CTLR_EL3 ", %0" : : "r" (ICC_CTLR_EL3_RESET));
+ else
+ asm volatile ("msr " ICC_CTLR_EL1 ", %0" : : "r" (ICC_CTLR_EL1_RESET));
}
#endif
diff --git a/common/gic-v3.c b/common/gic-v3.c
index 6207007..a0fe564 100644
--- a/common/gic-v3.c
+++ b/common/gic-v3.c
@@ -117,6 +117,6 @@ void gic_secure_init(void)
gic_write_icc_sre(ICC_SRE_Enable | ICC_SRE_DIB | ICC_SRE_DFB | ICC_SRE_SRE);
isb();
- gic_write_icc_ctlr(0);
+ gic_init_icc_ctlr();
isb();
}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0005-aarch64-Prepare-for-booting-with-EL2.patch
+63
View File
@@ -0,0 +1,63 @@
From ba955efb35ce1d41b562190d7c2fbcbcf8ef97ff Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for booting with EL2
Prepare for allowing boot-wrapper to be entered in EL2.
Detect current EL and set the corresponding EL registers.
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
---
arch/aarch64/boot.S | 8 ++++++++
arch/aarch64/utils.S | 10 +++++++++-
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index 243198d..3593ca5 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -216,10 +216,18 @@ ASM_FUNC(jump_kernel)
*/
bfi x4, x19, #5, #1
+ mrs x5, CurrentEL
+ cmp x5, #CURRENTEL_EL2
+ b.eq 1f
+
msr elr_el3, x19
msr spsr_el3, x4
eret
+1: msr elr_el2, x19
+ msr spsr_el2, x4
+ eret
+
.ltorg
.data
diff --git a/arch/aarch64/utils.S b/arch/aarch64/utils.S
index 85c7f8a..f02a249 100644
--- a/arch/aarch64/utils.S
+++ b/arch/aarch64/utils.S
@@ -34,10 +34,18 @@ ASM_FUNC(find_logical_id)
ret
/*
- * Setup EL3 vectors
+ * Setup EL3/EL2 vectors
* x0: vector address
*/
ASM_FUNC(setup_vector)
+ mrs x1, CurrentEL
+ cmp x1, #CURRENTEL_EL2
+ b.eq 1f
+
msr VBAR_EL3, x0
isb
ret
+
+1: msr VBAR_EL2, x0
+ isb
+ ret
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch
+182
View File
@@ -0,0 +1,182 @@
From 8e44fac113d935affed1550480631f3fe7f30584 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Introduce EL2 boot code for Armv8-R AArch64
The Armv8-R AArch64 profile does not support the EL3 exception level.
The Armv8-R AArch64 profile allows for an (optional) VMSAv8-64 MMU
at EL1, which allows to run off-the-shelf Linux. However EL2 only
supports a PMSA, which is not supported by Linux, so we need to drop
into EL1 before entering the kernel.
We add a new err_invalid_arch symbol as a dead loop. If we detect the
current Armv8-R aarch64 only supports with PMSA, meaning we cannot boot
Linux anymore, then we jump to err_invalid_arch.
During Armv8-R aarch64 init, to make sure nothing unexpected traps into
EL2, we auto-detect and config FIEN and EnSCXT in HCR_EL2.
The boot sequence is:
If CurrentEL == EL3, then goto EL3 initialisation and drop to lower EL
before entering the kernel.
If CurrentEL == EL2 && id_aa64mmfr0_el1.MSA == 0xf (Armv8-R aarch64),
if id_aa64mmfr0_el1.MSA_frac == 0x2,
then goto Armv8-R AArch64 initialisation and drop to EL1 before
entering the kernel.
else, which means VMSA unsupported and cannot boot Linux,
goto err_invalid_arch (dead loop).
Else, no initialisation and keep the current EL before entering the
kernel.
Upstream-Status: Pending
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
---
arch/aarch64/boot.S | 92 +++++++++++++++++++++++++++++++++-
arch/aarch64/include/asm/cpu.h | 2 +
2 files changed, 92 insertions(+), 2 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index 3593ca5..a219ea7 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -37,16 +37,24 @@ ASM_FUNC(_start)
* Boot sequence
* If CurrentEL == EL3, then goto EL3 initialisation and drop to
* lower EL before entering the kernel.
+ * If CurrentEL == EL2 && id_aa64mmfr0_el1.MSA == 0xf, then
+ * If id_aa64mmfr0_el1.MSA_frac == 0x2, then goto
+ * Armv8-R AArch64 initialisation and drop to EL1 before
+ * entering the kernel.
+ * Else, which means VMSA unsupported and cannot boot Linux,
+ * goto err_invalid_arch (dead loop).
* Else, no initialisation and keep the current EL before
* entering the kernel.
*/
mrs x0, CurrentEL
- cmp x0, #CURRENTEL_EL3
- b.eq el3_init
+ cmp x0, #CURRENTEL_EL2
+ bgt el3_init
+ beq el2_init
/*
* We stay in the current EL for entering the kernel
*/
+keep_el:
mov w0, #1
ldr x1, =flag_keep_el
str w0, [x1]
@@ -160,6 +168,85 @@ el3_init:
str w0, [x1]
b el_max_init
+ /*
+ * EL2 Armv8-R AArch64 initialisation
+ */
+el2_init:
+ /* Detect Armv8-R AArch64 */
+ mrs x1, id_aa64mmfr0_el1
+ /*
+ * Check MSA, bits [51:48]:
+ * 0xf means Armv8-R AArch64.
+ * If not 0xf, proceed in Armv8-A EL2.
+ */
+ ubfx x0, x1, #48, #4 // MSA
+ cmp x0, 0xf
+ bne keep_el
+ /*
+ * Check MSA_frac, bits [55:52]:
+ * 0x2 means EL1&0 translation regime also supports VMSAv8-64.
+ */
+ ubfx x0, x1, #52, #4 // MSA_frac
+ cmp x0, 0x2
+ /*
+ * If not 0x2, no VMSA, so cannot boot Linux and dead loop.
+ * Also, since the architecture guarantees that those CPUID
+ * fields never lose features when the value in a field
+ * increases, we use blt to cover it.
+ */
+ blt err_invalid_arch
+
+ mrs x0, midr_el1
+ msr vpidr_el2, x0
+
+ mrs x0, mpidr_el1
+ msr vmpidr_el2, x0
+
+ mov x0, #(1 << 31) // VTCR_MSA: VMSAv8-64 support
+ msr vtcr_el2, x0
+
+ /* Init HCR_EL2 */
+ mov x0, #(1 << 31) // RES1: Armv8-R aarch64 only
+
+ mrs x1, id_aa64pfr0_el1
+ ubfx x2, x1, #56, 4 // ID_AA64PFR0_EL1.CSV2
+ cmp x2, 0x2
+ b.lt 1f
+ /*
+ * Disable trap when accessing SCTXNUM_EL0 or SCTXNUM_EL1
+ * if FEAT_CSV2.
+ */
+ orr x0, x0, #(1 << 53) // HCR_EL2.EnSCXT
+
+1: ubfx x2, x1, #28, 4 // ID_AA64PFR0_EL1.RAS
+ cmp x2, 0x2
+ b.lt 1f
+ /* Disable trap when accessing ERXPFGCDN_EL1 if FEAT_RASv1p1. */
+ orr x0, x0, #(1 << 47) // HCR_EL2.FIEN
+
+ /* Enable pointer authentication if present */
+1: mrs x1, id_aa64isar1_el1
+ /*
+ * If ID_AA64ISAR1_EL1.{GPI, GPA, API, APA} == {0000, 0000, 0000, 0000}
+ * then HCR_EL2.APK and HCR_EL2.API are RES 0.
+ * Else
+ * set HCR_EL2.APK and HCR_EL2.API.
+ */
+ ldr x2, =(((0xff) << 24) | (0xff << 4))
+ and x1, x1, x2
+ cbz x1, 1f
+
+ orr x0, x0, #(1 << 40) // HCR_EL2.APK
+ orr x0, x0, #(1 << 41) // HCR_EL2.API
+
+1: msr hcr_el2, x0
+ isb
+
+ mov w0, #SPSR_KERNEL_EL1
+ ldr x1, =spsr_to_elx
+ str w0, [x1]
+ // fall through
+
el_max_init:
ldr x0, =COUNTER_FREQ
msr cntfrq_el0, x0
@@ -169,6 +256,7 @@ el_max_init:
b start_el_max
err_invalid_id:
+err_invalid_arch:
b .
/*
diff --git a/arch/aarch64/include/asm/cpu.h b/arch/aarch64/include/asm/cpu.h
index 3767da3..3c0e00d 100644
--- a/arch/aarch64/include/asm/cpu.h
+++ b/arch/aarch64/include/asm/cpu.h
@@ -25,6 +25,7 @@
#define SPSR_I (1 << 7) /* IRQ masked */
#define SPSR_F (1 << 6) /* FIQ masked */
#define SPSR_T (1 << 5) /* Thumb */
+#define SPSR_EL1H (5 << 0) /* EL1 Handler mode */
#define SPSR_EL2H (9 << 0) /* EL2 Handler mode */
#define SPSR_HYP (0x1a << 0) /* M[3:0] = hyp, M[4] = AArch32 */
@@ -50,6 +51,7 @@
#else
#define SCTLR_EL1_KERNEL SCTLR_EL1_RES1
#define SPSR_KERNEL (SPSR_A | SPSR_D | SPSR_I | SPSR_F | SPSR_EL2H)
+#define SPSR_KERNEL_EL1 (SPSR_A | SPSR_D | SPSR_I | SPSR_F | SPSR_EL1H)
#endif
#ifndef __ASSEMBLY__
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch
+89
View File
@@ -0,0 +1,89 @@
From 0b9a966b8a28961b078215ee7169e32a976d5e7d Mon Sep 17 00:00:00 2001
From: Qi Feng <qi.feng@arm.com>
Date: Wed, 26 May 2021 17:52:01 +0800
Subject: [PATCH] Allow --enable-psci to choose between smc and hvc
According to Armv8-R AArch64 manual [1], Armv8-R AArch64 does not
support smc:
- Pseudocode for AArch64.CheckForSMCUndefOrTrap has this snippet:
if !HaveEL(EL3) || PSTATE.EL == EL0 then
UNDEFINED;
And Armv8-R AArch64 does not have EL3.
- In the document of HCR_EL2 TSC bit:
If EL3 is not implemented and HCR_EL2.NV is 0, it is IMPLEMENTATION
DEFINED whether this bit is:
- RES0.
- Implemented with the functionality as described in HCR_EL2.TSC.
So hvc is needed in this situation. And due to the lack of libfdt, the
psci method cannot be modified at runtime.
To use smc, use --enable-psci or --enable-psci=smc.
To use hvc, use --enable-psci=hvc.
[1]: https://developer.arm.com/documentation/ddi0600/latest/
Issue-Id: SCM-2654
Upstream-Status: Pending
Signed-off-by: Qi Feng <qi.feng@arm.com>
Change-Id: Ib8afabdad2d98bc37371d165bbb6f1f9b88bfc87
Upstream-Status: Pending
Signed-off-by: Huifeng Zhang <Huifeng.Zhang@arm.com>
---
Makefile.am | 10 +++++-----
configure.ac | 14 +++++++++-----
2 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 5731a19..fc66662 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -50,11 +50,11 @@ endif
if PSCI
ARCH_OBJ += psci.o
COMMON_OBJ += psci.o
-PSCI_NODE := psci { \
- compatible = \"arm,psci\"; \
- method = \"smc\"; \
- cpu_on = <$(PSCI_CPU_ON)>; \
- cpu_off = <$(PSCI_CPU_OFF)>; \
+PSCI_NODE := psci { \
+ compatible = \"arm,psci\"; \
+ method = \"$(PSCI_METHOD)\"; \
+ cpu_on = <$(PSCI_CPU_ON)>; \
+ cpu_off = <$(PSCI_CPU_OFF)>; \
};
CPU_NODES := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/addpsci.pl $(KERNEL_DTB))
else
diff --git a/configure.ac b/configure.ac
index 9e3b722..53e51be 100644
--- a/configure.ac
+++ b/configure.ac
@@ -83,13 +83,17 @@ AS_IF([test "x$X_IMAGE" != "x"],
# Allow a user to pass --enable-psci
AC_ARG_ENABLE([psci],
AS_HELP_STRING([--disable-psci], [disable the psci boot method]),
- [USE_PSCI=$enableval], [USE_PSCI="yes"])
-AM_CONDITIONAL([PSCI], [test "x$USE_PSCI" = "xyes"])
-AS_IF([test "x$USE_PSCI" = "xyes"], [], [USE_PSCI=no])
-
-AS_IF([test "x$USE_PSCI" != "xyes" -a "x$KERNEL_ES" = "x32"],
+ [case "${enableval}" in
+ yes|smc) USE_PSCI=smc ;;
+ hvc) USE_PSCI=hvc ;;
+ *) AC_MSG_ERROR([Bad value "${enableval}" for --enable-psci. Use "smc" or "hvc"]) ;;
+ esac], [USE_PSCI="yes"])
+AM_CONDITIONAL([PSCI], [test "x$USE_PSCI" = "xyes" -o "x$USE_PSCI" = "xsmc" -o "x$USE_PSCI" = "xhvc"])
+
+AS_IF([test "x$USE_PSCI" = "xno" -a "x$KERNEL_ES" = "x32"],
[AC_MSG_ERROR([With an AArch32 kernel, boot method must be PSCI.])]
)
+AC_SUBST([PSCI_METHOD], [$USE_PSCI])
# Allow a user to pass --with-initrd
AC_ARG_WITH([initrd],
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch
+48
View File
@@ -0,0 +1,48 @@
From 521c121eccb386aca7c75d92528e495546adccec Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Mon, 25 Oct 2021 17:09:13 +0800
Subject: [PATCH] aarch64: Disable CNTPCT_EL0 trap for v8-R64
To allow EL1 to access CNTPCT_EL0 without traping into EL2, we need to
set CNTHCTL_EL2.EL1PCTEN to 1.
For v8-R64, the CNTHCTL_EL2 register follows the v8-A architecture.
However, as described in the v8-A architecture profile, the
CNTHCTL_EL2's bit assignments are different according to whether the
FEAT_VHE is implemented.
Since v8-R64 does not support FEAT_VHE, we do not need to detect
FEAT_VHE. We can simply set CNTHCTL_EL2.EL1PCTEN to 1.
Issue-ID: SCM-3508
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I4147e66341c8153312021e6f2ab67d0037246da1
---
arch/aarch64/boot.S | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index a219ea7..27b1139 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -240,6 +240,18 @@ el2_init:
orr x0, x0, #(1 << 41) // HCR_EL2.API
1: msr hcr_el2, x0
+
+ /*
+ * To disable trap when accessing CNTPCT_EL0, we need to set
+ * CNTHCTL_EL2.EL1PCTEN to 1. However, the CNTHCTL_EL2 bit assignments
+ * are different according to whether the FEAT_VHE is implemented.
+ *
+ * For Armv8-R AArch64, FEAT_VHE is not supported, so we do not need to
+ * detect FEAT_VHE(ID_AA64MMFR1_EL1.VH) and simply set
+ * CNTHCTL_EL2.EL1PCTEN to 1.
+ */
+ mov x0, #1 // CNTHCTL_EL2.EL1PCTEN
+ msr cnthctl_el2, x0
isb
mov w0, #SPSR_KERNEL_EL1
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0009-lds-Mark-the-mem-range.patch
+38
View File
@@ -0,0 +1,38 @@
From 780df234d98db81485b1f351f902a68def35c9d4 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 15:10:28 +0800
Subject: [PATCH] lds: Mark the mem range
Add firmware_start and firmware_end, so that we can use them to
calculate the mem range of boot-wrapper and then set the range to
/memreserve/ of dtb.
Issue-ID: SCM-3815
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: Idc5a2894e193c75381049a0f359b4b2a51c567ee
---
model.lds.S | 2 ++
1 file changed, 2 insertions(+)
diff --git a/model.lds.S b/model.lds.S
index d4e7e13..ab98ddf 100644
--- a/model.lds.S
+++ b/model.lds.S
@@ -64,6 +64,7 @@ SECTIONS
#endif
.boot PHYS_OFFSET: {
+ PROVIDE(firmware_start = .);
*(.init)
*(.text*)
*(.data* .rodata* .bss* COMMON)
@@ -76,6 +77,7 @@ SECTIONS
mbox = .;
QUAD(0x0)
}
+ PROVIDE(firmware_end = .);
ASSERT(etext <= (PHYS_OFFSET + TEXT_LIMIT), ".text overflow!")
}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0010-common-Introduce-the-libfdt.patch
+6044
View File
File diff suppressed because it is too large Load Diff
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0011-common-Add-essential-libc-functions.patch
+101
View File
@@ -0,0 +1,101 @@
From e2eff4f80e65cb3fcbe6345b5376a6bf7de7e2cc Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 28 Dec 2021 17:28:25 +0800
Subject: [PATCH] common: Add essential libc functions
The libfdt uses some of the libc functions, e.g. memcmp, memmove,
strlen .etc. Add them in lib.c.
The code is copied from TF-A (v2.5) [1] project, which is under the
terms of BSD license. It is the same with boot-wrapper.
[1]: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
Issue-Id: SCM-3814
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: If3b55b00afa8694c7522df989a41e0b38eda1d38
---
common/lib.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 70 insertions(+), 1 deletion(-)
diff --git a/common/lib.c b/common/lib.c
index fcf5f69..0be1c4a 100644
--- a/common/lib.c
+++ b/common/lib.c
@@ -32,4 +32,73 @@ void *memset(void *s, int c, size_t n)
return s;
}
-/* TODO: memmove and memcmp could also be called */
+int memcmp(const void *s1, const void *s2, size_t len)
+{
+ const unsigned char *s = s1;
+ const unsigned char *d = s2;
+ unsigned char sc;
+ unsigned char dc;
+
+ while (len--) {
+ sc = *s++;
+ dc = *d++;
+ if (sc - dc)
+ return (sc - dc);
+ }
+
+ return 0;
+}
+
+void *memmove(void *dst, const void *src, size_t len)
+{
+ if ((size_t)dst - (size_t)src >= len) {
+ /* destination not in source data, so can safely use memcpy */
+ return memcpy(dst, src, len);
+ } else {
+ /* copy backwards... */
+ const char *end = dst;
+ const char *s = (const char *)src + len;
+ char *d = (char *)dst + len;
+ while (d != end)
+ *--d = *--s;
+ }
+ return dst;
+}
+
+void *memchr(const void *src, int c, size_t len)
+{
+ const unsigned char *s = src;
+
+ while (len--) {
+ if (*s == (unsigned char)c)
+ return (void *) s;
+ s++;
+ }
+
+ return NULL;
+}
+
+char *strrchr(const char *p, int ch)
+{
+ char *save;
+ char c;
+
+ c = ch;
+ for (save = NULL;; ++p) {
+ if (*p == c)
+ save = (char *)p;
+ if (*p == '\0')
+ return (save);
+ }
+ /* NOTREACHED */
+}
+
+size_t strlen(const char *s)
+{
+ const char *cursor = s;
+
+ while (*cursor)
+ cursor++;
+
+ return cursor - s;
+}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch
+61
View File
@@ -0,0 +1,61 @@
From f4d5cf4c3424598a2b3bb391717313b70c79ea28 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 28 Dec 2021 17:42:48 +0800
Subject: [PATCH] Makefile: Add the libfdt to the Makefile system
Add the libfdt into Makefile system. The libfdt uses const value and
thus gcc will enable the stack guard. The stack guard will fail the
compile. Add -fno-stack-protector to fix it.
Issue-Id: SCM-3814
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I472bc28cdc5cde3b22461a4b7d7a3752ae382b4b
---
Makefile.am | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index fc66662..ab2c3a9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -36,6 +36,9 @@ PSCI_CPU_OFF := 0x84000002
COMMON_SRC := common/
COMMON_OBJ := boot.o bakery_lock.o platform.o lib.o
+LIBFDT_SRC := common/libfdt/
+LIBFDT_OBJS := fdt.o fdt_ro.o fdt_rw.o
+
ARCH_OBJ := boot.o stack.o utils.o
if BOOTWRAPPER_32
@@ -127,11 +130,12 @@ CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
CFLAGS += -Wall -fomit-frame-pointer
CFLAGS += -ffreestanding -nostdlib
CFLAGS += -fno-stack-protector
+CFLAGS += -fno-stack-protector
CFLAGS += -ffunction-sections -fdata-sections
CFLAGS += -fno-pic -fno-pie
LDFLAGS += --gc-sections
-OBJ := $(addprefix $(ARCH_SRC),$(ARCH_OBJ)) $(addprefix $(COMMON_SRC),$(COMMON_OBJ))
+OBJ := $(addprefix $(ARCH_SRC),$(ARCH_OBJ)) $(addprefix $(COMMON_SRC),$(COMMON_OBJ)) $(addprefix $(LIBFDT_SRC),$(LIBFDT_OBJS))
# Don't lookup all prerequisites in $(top_srcdir), only the source files. When
# building outside the source tree $(ARCH_SRC) needs to be created.
@@ -152,10 +156,13 @@ $(ARCH_SRC):
$(COMMON_SRC):
$(MKDIR_P) $@
+$(LIBFDT_SRC):
+ $(MKDIR_P) $@
+
%.o: %.S Makefile | $(ARCH_SRC)
$(CC) $(CPPFLAGS) -D__ASSEMBLY__ $(CFLAGS) $(DEFINES) -c -o $@ $<
-%.o: %.c Makefile | $(COMMON_SRC)
+%.o: %.c Makefile | $(COMMON_SRC) $(LIBFDT_SRC)
$(CC) $(CPPFLAGS) $(CFLAGS) $(DEFINES) -c -o $@ $<
model.lds: $(LD_SCRIPT) Makefile
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0013-platform-Add-print_hex-func.patch
+67
View File
@@ -0,0 +1,67 @@
From f0ece5e8cac761a76a86df7204bae7c6ef09215f Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 10:50:21 +0800
Subject: [PATCH] platform: Add print_hex func
Refine the print functions, and add a new print_hex func to print hex
numbers.
Issue-Id: SCM-3814
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: Ic960345d9ef0b41d81d30c4a4dbd9c31139907c4
---
common/platform.c | 33 +++++++++++++++++++++++++--------
1 file changed, 25 insertions(+), 8 deletions(-)
diff --git a/common/platform.c b/common/platform.c
index d11f568..8269392 100644
--- a/common/platform.c
+++ b/common/platform.c
@@ -30,20 +30,37 @@
#define V2M_SYS(reg) ((void *)SYSREGS_BASE + V2M_SYS_##reg)
#endif
-static void print_string(const char *str)
+static void print_char(const char c)
{
uint32_t flags;
+ do {
+ flags = raw_readl(PL011(UARTFR));
+ } while (flags & PL011_UARTFR_FIFO_FULL);
+ raw_writel(c, PL011(UARTDR));
+
+ do {
+ flags = raw_readl(PL011(UARTFR));
+ } while (flags & PL011_UARTFR_BUSY);
+}
+
+void print_string(const char *str)
+{
while (*str) {
- do
- flags = raw_readl(PL011(UARTFR));
- while (flags & PL011_UARTFR_FIFO_FULL);
+ print_char(*str++);
+ }
+}
- raw_writel(*str++, PL011(UARTDR));
+#define HEX_CHARS_PER_INT (2 * sizeof(int))
+
+void print_hex(unsigned int val)
+{
- do
- flags = raw_readl(PL011(UARTFR));
- while (flags & PL011_UARTFR_BUSY);
+ const char hex_chars[16] = "0123456789abcdef";
+ int i;
+ for (i = HEX_CHARS_PER_INT - 1; i >= 0; i--) {
+ int v = (val >> (4 * i)) & 0xf;
+ print_char(hex_chars[v]);
}
}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0014-common-Add-mem-usage-to-memreserve.patch
+96
View File
@@ -0,0 +1,96 @@
From f4704146e1af9f6e0a2220db6b39a328c813fac1 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 19 Jan 2022 16:19:02 +0800
Subject: [PATCH] common: Add mem usage to /memreserve/
Set /memreserve/ to prevent next boot stages from overrding PSCI
services with libfdt.
Issue-Id: SCM-3815
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I2ea80cdf736a910fa2c3deb622e21d50f04be960
---
Makefile.am | 2 +-
common/boot.c | 1 +
common/device_tree.c | 34 ++++++++++++++++++++++++++++++++++
include/boot.h | 1 +
4 files changed, 37 insertions(+), 1 deletion(-)
create mode 100644 common/device_tree.c
diff --git a/Makefile.am b/Makefile.am
index ab2c3a9..e905602 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -34,7 +34,7 @@ endif
PSCI_CPU_OFF := 0x84000002
COMMON_SRC := common/
-COMMON_OBJ := boot.o bakery_lock.o platform.o lib.o
+COMMON_OBJ := boot.o bakery_lock.o platform.o lib.o device_tree.o
LIBFDT_SRC := common/libfdt/
LIBFDT_OBJS := fdt.o fdt_ro.o fdt_rw.o
diff --git a/common/boot.c b/common/boot.c
index c74d34c..ee2bea0 100644
--- a/common/boot.c
+++ b/common/boot.c
@@ -63,6 +63,7 @@ void __noreturn first_spin(unsigned int cpu, unsigned long *mbox,
{
if (cpu == 0) {
init_platform();
+ dt_add_memreserve();
*mbox = (unsigned long)&entrypoint;
sevl();
diff --git a/common/device_tree.c b/common/device_tree.c
new file mode 100644
index 0000000..4d0876c
--- /dev/null
+++ b/common/device_tree.c
@@ -0,0 +1,34 @@
+/*
+ * device_tree.c - Basic device tree node handler
+ *
+ * Copyright (C) 2021 ARM Limited. All rights reserved.
+ *
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE.txt file.
+ */
+#include <libfdt.h>
+
+extern unsigned long dtb;
+extern char firmware_start[], firmware_end[];
+
+extern void print_string(const char *str);
+
+static void *blob;
+
+
+void dt_add_memreserve(void)
+{
+ int ret;
+
+ blob = (void*)&dtb;
+ print_string("Add /memreserve/\n\r");
+
+ fdt_open_into(blob, blob, fdt_totalsize(blob) +
+ sizeof(struct fdt_reserve_entry));
+ ret = fdt_add_mem_rsv(blob, (uint64_t)firmware_start,
+ (uint64_t)(firmware_end - firmware_start));
+
+ if(ret < 0) {
+ print_string("reserve mem add err\n\r");
+ }
+}
diff --git a/include/boot.h b/include/boot.h
index d75e013..c3e2ec1 100644
--- a/include/boot.h
+++ b/include/boot.h
@@ -16,4 +16,5 @@ void __noreturn spin(unsigned long *mbox, unsigned long invalid, int is_entry);
void __noreturn first_spin(unsigned int cpu, unsigned long *mbox,
unsigned long invalid_addr);
+void dt_add_memreserve(void);
#endif
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0015-boot-Add-the-enable-keep-el-compile-option.patch
+102
View File
@@ -0,0 +1,102 @@
From 5995f83592aea874f5b423538e36675e2204582b Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 4 Jan 2022 17:01:55 +0800
Subject: [PATCH] boot: Add the --enable-keep-el compile option
Add --enable-keep-el compile option to enable boot-wrapper booting next
stage at EL2.
The Armv8R AArch64 boots at EL2. If the next stage requires EL2 booting,
the boot-wrapper should not drop to EL1.
Currently, this option only works for Armv8R AArch64. Also, to work with
Linux PSCI, this option will cause secondary cores booting at EL1.
Issue-Id: SCM-3813
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I3ba9c87cf0b59d163ca433f74c9e3a46e5ca2c63
---
Makefile.am | 4 ++++
arch/aarch64/boot.S | 6 +++++-
common/psci.c | 6 ++++++
configure.ac | 5 +++++
4 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index e905602..6604baa 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -33,6 +33,10 @@ PSCI_CPU_ON := 0xc4000003
endif
PSCI_CPU_OFF := 0x84000002
+if KEEP_EL
+DEFINES += -DKEEP_EL
+endif
+
COMMON_SRC := common/
COMMON_OBJ := boot.o bakery_lock.o platform.o lib.o device_tree.o
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index 27b1139..c079d22 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -254,7 +254,11 @@ el2_init:
msr cnthctl_el2, x0
isb
+#ifdef KEEP_EL
+ mov w0, #SPSR_KERNEL
+#else
mov w0, #SPSR_KERNEL_EL1
+#endif
ldr x1, =spsr_to_elx
str w0, [x1]
// fall through
@@ -334,5 +338,5 @@ ASM_FUNC(jump_kernel)
.align 3
flag_keep_el:
.long 0
-spsr_to_elx:
+ASM_DATA(spsr_to_elx)
.long 0
diff --git a/common/psci.c b/common/psci.c
index a0e8700..945780b 100644
--- a/common/psci.c
+++ b/common/psci.c
@@ -18,6 +18,8 @@
#error "No MPIDRs provided"
#endif
+extern unsigned int spsr_to_elx;
+
static unsigned long branch_table[NR_CPUS];
bakery_ticket_t branch_table_lock[NR_CPUS];
@@ -44,6 +46,10 @@ static int psci_cpu_on(unsigned long target_mpidr, unsigned long address)
ret = psci_store_address(cpu, address);
bakery_unlock(branch_table_lock, this_cpu);
+#ifdef KEEP_EL
+ spsr_to_elx = SPSR_KERNEL_EL1;
+#endif
+
return ret;
}
diff --git a/configure.ac b/configure.ac
index 53e51be..0e07db3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -25,6 +25,11 @@ AS_IF([test "x$BOOTWRAPPER_ES" = x32 -a "x$KERNEL_ES" != x32],
[AC_MSG_ERROR([a 32-bit boot-wrapper cannot launch a 64-bit kernel])]
)
+AC_ARG_ENABLE([keep-el],
+ AC_HELP_STRING([--enable-keep-el], [keep exception level when start kernel]),
+ [KEEP_EL=yes], [KEEP_EL=no])
+AM_CONDITIONAL([KEEP_EL], [test "x$KEEP_EL" = xyes])
+
# Allow a user to pass --with-kernel-dir
AC_ARG_WITH([kernel-dir],
AS_HELP_STRING([--with-kernel-dir], [specify the root Linux kernel build directory (required)]),
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch
+31
View File
@@ -0,0 +1,31 @@
From 0c0695cd3160ccdb95bae29b7668918015c0b6aa Mon Sep 17 00:00:00 2001
From: Peter Hoyes <Peter.Hoyes@arm.com>
Date: Tue, 1 Feb 2022 11:28:46 +0000
Subject: [PATCH] Makefile: Change COUNTER_FREQ to 100 MHz
Older Arm Fast Models (AEM < RevC) had a base frequency of 24 MHz. but
the RevC base models use 100 MHz. There is not a robust method of
determining the configured base frequency at runtime, so update
COUNTER_FREQ to be 100 MHz.
Issue-Id: SCM-3871
Upstream-Status: Pending
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: Ia9ad0f8ee488d1a887791f1fa1d8f3bf9c5887fd
---
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index 6604baa..cc6504e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -13,7 +13,7 @@ SCRIPT_DIR := $(top_srcdir)/scripts
PHYS_OFFSET := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/findmem.pl $(KERNEL_DTB))
UART_BASE := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/findbase.pl $(KERNEL_DTB) 0 'arm,pl011')
SYSREGS_BASE := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/findbase.pl $(KERNEL_DTB) 0 'arm,vexpress-sysreg' 2> /dev/null)
-COUNTER_FREQ := 24000000
+COUNTER_FREQ := 100000000
CPU_IDS := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/findcpuids.pl $(KERNEL_DTB))
NR_CPUS := $(shell echo $(CPU_IDS) | tr ',' ' ' | wc -w)
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch
+49
View File
@@ -0,0 +1,49 @@
From fa73d885be85eee4369b292ec601e7b024a68807 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 10:48:39 +0800
Subject: [PATCH] PSCI: Apply flush cache after setting branch_data
For v8-R64, Hypervisor calls boot-wrapper's PSCI service using simple
function call (instead of hvc).
In this case, hypervisor's main core has enabled MPU and cache, but
the secondary cores which are spinning have not enabled cache.
That means if the main core set the branch_data to 1 to boot other
cores, the secondary cores cannot see the change of branch_data and
also cannot break the spin.
Thus, the PSCI service in boot-wrapper needs a cache flush after
setting branch_data in order to let other cores see the change.
Issue-ID: SCM-3816
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: Ifc282091c54d8fb2ffdb8cfa7fd3ffc1f4be717e
---
common/psci.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/common/psci.c b/common/psci.c
index 945780b..6efc695 100644
--- a/common/psci.c
+++ b/common/psci.c
@@ -24,12 +24,18 @@ static unsigned long branch_table[NR_CPUS];
bakery_ticket_t branch_table_lock[NR_CPUS];
+static inline void flush_per_cpu_data(void *data)
+{
+ asm volatile ("dc cvac, %0" : : "r" (data));
+}
+
static int psci_store_address(unsigned int cpu, unsigned long address)
{
if (branch_table[cpu] != PSCI_ADDR_INVALID)
return PSCI_RET_ALREADY_ON;
branch_table[cpu] = address;
+ flush_per_cpu_data((void*)&(branch_table[cpu]));
return PSCI_RET_SUCCESS;
}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0018-PSCI-Add-function-call-entry-point.patch
+71
View File
@@ -0,0 +1,71 @@
From 9da48e3433b919868650cd60e28827273a42c63b Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 Jan 2022 14:56:36 +0800
Subject: [PATCH] PSCI: Add function call entry point
The max exception level of Armv8R AArch64 is EL2, which means it has no
exclusive EL for firmware. That is, firmware and hypervisors have to share
the EL2. Also, hypervisors cannot call firmware services via a 'smc'
instruction. Thus, boot-wrapper has to provide a function entry point
for Armv8R AArch64.
Issue-Id: SCM-3816
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I06ec8e50298603155c6d8ae2330e71db2f111182
---
common/psci.c | 24 ++++++++++++++++++++----
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/common/psci.c b/common/psci.c
index 6efc695..8fdefb5 100644
--- a/common/psci.c
+++ b/common/psci.c
@@ -20,6 +20,8 @@
extern unsigned int spsr_to_elx;
+unsigned long flag_from_smc_fn[NR_CPUS];
+
static unsigned long branch_table[NR_CPUS];
bakery_ticket_t branch_table_lock[NR_CPUS];
@@ -49,12 +51,14 @@ static int psci_cpu_on(unsigned long target_mpidr, unsigned long address)
return PSCI_RET_INVALID_PARAMETERS;
bakery_lock(branch_table_lock, this_cpu);
- ret = psci_store_address(cpu, address);
- bakery_unlock(branch_table_lock, this_cpu);
-
#ifdef KEEP_EL
- spsr_to_elx = SPSR_KERNEL_EL1;
+ if (!flag_from_smc_fn[this_cpu]) {
+ spsr_to_elx = SPSR_KERNEL_EL1;
+ flush_per_cpu_data((void*)&(spsr_to_elx));
+ }
#endif
+ ret = psci_store_address(cpu, address);
+ bakery_unlock(branch_table_lock, this_cpu);
return ret;
}
@@ -90,6 +94,18 @@ long psci_call(unsigned long fid, unsigned long arg1, unsigned long arg2)
}
}
+long smc_fn_entry(unsigned long fid, unsigned long arg1, unsigned long arg2)
+{
+ long ret;
+ unsigned int this_cpu = this_cpu_logical_id();
+
+ flag_from_smc_fn[this_cpu] = 1;
+ ret = psci_call(fid, arg1, arg2);
+ flag_from_smc_fn[this_cpu] = 0;
+
+ return ret;
+}
+
void __noreturn psci_first_spin(unsigned int cpu)
{
if (cpu == MPIDR_INVALID)
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0019-lds-Rearrange-and-mark-the-sections.patch
+58
View File
@@ -0,0 +1,58 @@
From 7c5e40d9f8699a55ac2187c035429c643e6d0ef0 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 15:10:28 +0800
Subject: [PATCH] lds: Rearrange and mark the sections
To make it possible for the next stage to protect sections with MPU,
boot-wrapper needs to provide the text and data section information.
By rearranging the .data .rodata and .vector sections, all sections
can be split into 2 big sections:
- RO and Executable
- RW and Non-Executable
Add firmware_data to mark the boundry, thus:
firmware_start to firmware_data - 1 indicates RO and Executable section,
firmware_data to firmware_end - 1 indicates RW and Non-Executable
section.
Also, the firmware_data and firmware_end should align with 64 bytes,
since Armv8R AArch64 MPU requires it.
Issue-ID: SCM-3816
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I55342aa7492f2c7b5c16ab9a6472c8cb45cff8fd
---
model.lds.S | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/model.lds.S b/model.lds.S
index ab98ddf..85451f9 100644
--- a/model.lds.S
+++ b/model.lds.S
@@ -63,12 +63,16 @@ SECTIONS
}
#endif
+#define FIRMWARE_ALIGN . = ALIGN(1 << 6)
.boot PHYS_OFFSET: {
PROVIDE(firmware_start = .);
*(.init)
*(.text*)
- *(.data* .rodata* .bss* COMMON)
*(.vectors)
+ *(.rodata*)
+ FIRMWARE_ALIGN;
+ PROVIDE(firmware_data = .);
+ *(.data* .bss* COMMON)
*(.stack)
PROVIDE(etext = .);
}
@@ -77,6 +81,7 @@ SECTIONS
mbox = .;
QUAD(0x0)
}
+ FIRMWARE_ALIGN;
PROVIDE(firmware_end = .);
ASSERT(etext <= (PHYS_OFFSET + TEXT_LIMIT), ".text overflow!")
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0020-common-Provide-firmware-info-using-libfdt.patch
+342
View File
@@ -0,0 +1,342 @@
From 3c1140c29c39561848056fb4b9a03042b00279f3 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 15:17:38 +0800
Subject: [PATCH] common: Provide firmware info using libfdt
Boot-wrapper uses libfdt to provide more info in device tree.
We add a new node to include those new firmware relevant infomation.
The new node defined as follows:
fw-shared-info {
compatible = "firmware,shared_info";
#address-cells = <0x02>;
#size-cells = <0x02>;
version = "1.0";
regions = <START_ADDR_HIGH START_ADDR_LOW SIZE_HIGH SIZE_LOW
0x0 0x80000000 0x0 0x400000
0x0 0x90000000 0x0 0x400000
0x0 0xA0000000 0x0 0x400000>;
regions-permission = "RX", "R", "RWX", "RW";
regions-cache = "Cache", "NCache", "Cache", "Device"
function_entry = <ENTRY_ADDR_HIGH ENRTY_ADDR_LOW>;
};
The node path is /fw-shared-info.
For boot-wrapper, in real case, it will be:
fw-shared-info {
compatible = "firmware,shared_info";
#address-cells = <0x02>;
#size-cells = <0x02>;
version = "1.0";
regions = <0x0 firmware_start 0x0 firmware_code_size
0x0 firmware_data 0x0 firmware_data_size>;
regions-permission = "RX", "RW";
regions-cache = "Cache", "Cache";
function_entry = <0x0 smc_fn_entry>;
};
Issue-Id: SCM-3816
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: I6ebc59ce2bd3939b0fe066720d57821eaa1bed27
---
common/device_tree.c | 271 ++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 270 insertions(+), 1 deletion(-)
diff --git a/common/device_tree.c b/common/device_tree.c
index 4d0876c..7f7befc 100644
--- a/common/device_tree.c
+++ b/common/device_tree.c
@@ -8,13 +8,225 @@
*/
#include <libfdt.h>
+#define DEVICE_TREE_DEBUG 1
+
+#define FW_NODE_NAME "/fw-shared-info"
+#define FW_COMPAT "firmware,shared_info"
+#define FW_INFO_VER "1.0"
+
+#ifdef BOOTWRAPPER_32
+#define CELL_NUM 1
+#define VAL_TYPE uint32_t
+#else
+#define CELL_NUM 2
+#define VAL_TYPE uint64_t
+#endif
+
+#define ALIGN(x) (((x) + (FDT_TAGSIZE) - 1) & ~((FDT_TAGSIZE) - 1))
+
extern unsigned long dtb;
-extern char firmware_start[], firmware_end[];
+extern char firmware_start[], firmware_data[], firmware_end[];
+
+extern long smc_fn_entry(unsigned long, unsigned long, unsigned long);
extern void print_string(const char *str);
+extern void print_hex(unsigned int val);
static void *blob;
+static char *realloc_node(char *fdt, const char *name)
+{
+ int delta;
+ int new_sz;
+ /* FDT_BEGIN_NODE, node name in off_struct and FDT_END_NODE */
+ delta = sizeof(struct fdt_node_header) + ALIGN(strlen(name) + 1)
+ + FDT_TAGSIZE;
+ new_sz = fdt_totalsize(fdt) + delta;
+ fdt_open_into(fdt, fdt, new_sz);
+ return fdt;
+}
+
+static int create_node(const char *node_name)
+{
+ int node = 0;
+ char *p;
+
+ p = strrchr(node_name, '/');
+ if (!p) {
+ print_string("node name without '/'\r\n");
+ return -1;
+ }
+ *p = '\0';
+
+ blob = realloc_node(blob, p + 1);
+
+ if (p > node_name) {
+ node = fdt_path_offset(blob, node_name);
+ if (node < 0) {
+ print_string("no node name\r\n");
+ return -1;
+ }
+ }
+
+ node = fdt_add_subnode(blob, node, p + 1);
+ if (node < 0) {
+ print_string("add subnode err\r\n");
+ return -1;
+ }
+
+ return node;
+}
+
+static int dt_create_fw_node(void) {
+ int fw_node;
+
+ fw_node = fdt_path_offset(blob, FW_NODE_NAME);
+
+ if(fw_node < 0) {
+ fw_node = create_node(FW_NODE_NAME);
+ }
+
+ return fw_node;
+}
+
+static char *realloc_property(char *fdt, int nodeoffset, const char *name,
+ int newlen)
+{
+ int delta = 0;
+ int oldlen = 0;
+ int new_sz;
+
+ if (!fdt_get_property(fdt, nodeoffset, name, &oldlen))
+ delta = sizeof(struct fdt_property) + strlen(name) + 1;
+
+ if (newlen > oldlen)
+ delta += ALIGN(newlen) - ALIGN(oldlen);
+
+ new_sz = fdt_totalsize(fdt) + delta;
+ fdt_open_into(fdt, fdt, new_sz);
+ return fdt;
+}
+
+static void dt_set_prop(int node, char *property, void *buf, int len)
+{
+ int err;
+
+ err = fdt_setprop(blob, node, property, buf, len);
+ if (err == -FDT_ERR_NOSPACE) {
+ blob = realloc_property(blob, node, property, len);
+ err = fdt_setprop(blob, node, property, buf, len);
+ }
+ if (err) {
+ print_string("fdt error\n\r");
+ }
+}
+
+static void dt_set_prop_u32(int node, char *property, uint32_t val)
+{
+ fdt32_t fdt_val = cpu_to_fdt32(val);
+ int len = sizeof(fdt32_t);
+
+ dt_set_prop(node, property, (void*)&fdt_val, len);
+}
+
+static void dt_set_prop_u64(int node, char *property, uint64_t val)
+{
+ fdt64_t fdt_val = cpu_to_fdt64(val);
+ int len = sizeof(fdt64_t);
+
+ dt_set_prop(node, property, (void*)&fdt_val, len);
+}
+
+/* This dt_set_prop_u32_array maybe unused according to the BOOTWRAPPER_32 */
+__attribute__((unused))
+static void dt_set_prop_u32_array(int node, char *property, uint32_t *vals,
+ int size)
+{
+ fdt32_t *fdt_vals = (fdt32_t*)vals;
+ int len = sizeof(fdt32_t) * size;
+
+ for (int i = 0; i < size; i++) {
+ fdt_vals[i] = cpu_to_fdt32(vals[i]);
+ }
+
+ dt_set_prop(node, property, (void*)fdt_vals, len);
+}
+
+static void dt_set_prop_u64_array(int node, char *property, uint64_t *vals,
+ int size)
+{
+ fdt64_t *fdt_vals = (fdt64_t*)vals;
+ int len = sizeof(fdt64_t) * size;
+
+ for (int i = 0; i < size; i++) {
+ fdt_vals[i] = cpu_to_fdt64(vals[i]);
+ }
+
+ dt_set_prop(node, property, (void*)fdt_vals, len);
+}
+
+#if DEVICE_TREE_DEBUG
+static void dt_dump_string(const void *s, int len)
+{
+ char *sub = (char*)s;
+ int sublen;
+ while(*sub && ((uint64_t)sub - (uint64_t)s) < len) {
+ sublen = strlen(sub) + 1;
+ print_string(sub);
+ print_string(" ");
+ sub += sublen;
+ }
+ print_string("\n\r");
+}
+
+static void dt_dump_fdt32_array(const void *vals, int len)
+{
+ fdt32_t *fdt_vals = (fdt32_t*)vals;
+ len = len / sizeof(fdt32_t);
+ for (int i = 0; i < len; i++) {
+ print_hex(fdt32_to_cpu(fdt_vals[i]));
+ print_string(" ");
+ }
+ print_string("\n\r");
+}
+
+static void dt_dump(int node, char *property, char type)
+{
+ const void *val;
+ int len;
+
+ val = fdt_getprop(blob, node, property, &len);
+ print_string(property);
+ print_string(": ");
+
+ if (type == 's') {
+ /* string type */
+ dt_dump_string(val, len);
+ return;
+ }
+
+ /* uint type */
+ dt_dump_fdt32_array(val, len);
+}
+
+void dt_dump_all(int node)
+{
+ if (node >= 0) {
+ print_string(FW_NODE_NAME" info:\r\n");
+ dt_dump(node, "compatible", 's');
+ dt_dump(node, "version", 's');
+ dt_dump(node, "function_entry", 'i');
+ dt_dump(node, "address-cells", 'i');
+ dt_dump(node, "size-cells", 'i');
+ dt_dump(node, "regions", 'i');
+ dt_dump(node, "regions-permission", 's');
+ dt_dump(node, "regions-cache", 's');
+ print_string("\r\n");
+ }
+}
+#else
+void dt_dump_all(int node) { (void*)node; return; }
+#endif
void dt_add_memreserve(void)
{
@@ -32,3 +244,60 @@ void dt_add_memreserve(void)
print_string("reserve mem add err\n\r");
}
}
+
+void dt_fw_node_init(int enable)
+{
+ int fw_node;
+
+ VAL_TYPE regions[] = {
+ /* code region: start, end, ro, x, cachable */
+ (VAL_TYPE)firmware_start,
+ (VAL_TYPE)(firmware_data - firmware_start),
+ /* data region: start, end, rw, xn, cachable */
+ (VAL_TYPE)firmware_data,
+ (VAL_TYPE)(firmware_end - firmware_data),
+ };
+ int regions_num = sizeof(regions) / sizeof(VAL_TYPE);
+ char regions_permission[] = "RX\0RW";
+ char regions_cache[] = "Cache\0Cache";
+
+ if (!enable)
+ return;
+
+ print_string("Prepare "FW_NODE_NAME" node\n\r");
+
+ blob = (void*)&dtb;
+
+ if(fdt_path_offset(blob, "/psci") < 0) {
+ print_string("/psci node not found\n\r");
+ return;
+ }
+
+ fw_node = dt_create_fw_node();
+
+ if(fw_node < 0) {
+ print_string(FW_NODE_NAME" node create err\n\r");
+ }
+
+ dt_set_prop(fw_node, "compatible", FW_COMPAT, sizeof(FW_COMPAT));
+ dt_set_prop(fw_node, "version", FW_INFO_VER, sizeof(FW_INFO_VER));
+
+ dt_set_prop_u32(fw_node, "address-cells", CELL_NUM);
+ dt_set_prop_u32(fw_node, "size-cells", CELL_NUM);
+ dt_set_prop(fw_node, "regions-permission", regions_permission,
+ sizeof(regions_permission));
+ dt_set_prop(fw_node, "regions-cache", regions_cache,
+ sizeof(regions_cache));
+
+#ifdef BOOTWRAPPER_32
+ dt_set_prop_u32_array(fw_node, "regions", regions, regions_num);
+ dt_set_prop_u32(fw_node, "function_entry", (VAL_TYPE)smc_fn_entry);
+#else
+ dt_set_prop_u64_array(fw_node, "regions", regions, regions_num);
+ dt_set_prop_u64(fw_node, "function_entry", (VAL_TYPE)smc_fn_entry);
+#endif
+
+ fdt_pack(blob);
+
+ dt_dump_all(fw_node);
+}
meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0021-boot-Enable-firmware-node-initialization.patch
+95
View File
@@ -0,0 +1,95 @@
From b1105e862e8f770fc195bc20e9c64d231dd32f66 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 15:33:17 +0800
Subject: [PATCH] boot: Enable firmware node initialization
Enable the firmware node initialization, so that the next stage
(hypervisor) could share the EL2 with firmware (boot-wrapper). The next
stage (hypervisor) get the smccc entry point, code/data sections, the
sections attrs and firmware node version and so on.
It is worth noting that this EL2 sharing mechanism is only for Armv8R
AArch64, thus add flag_v8r to record if the arch is Armv8R AArch64.
Enable the firmware node initialization only if it is Armv8R AArch64.
Also, we increase the stack size to 1024 to fix the stack overflow issue
when using the libfdt.
Add -fno-builtin options to CFLAGS to avoid the issue that the 'memset'
in common/lib.c conflicts with builtin 'memset' function. GCC version
>= 10 will have an incorrect compilation without -fno-builtin;
Issue-Id: SCM-3816
Upstream-Status: Inappropriate [other]
Implementation pending further discussion
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Change-Id: Ib274485a34d26215595fd0cd737be86610289817
---
Makefile.am | 4 ++--
arch/aarch64/boot.S | 6 ++++++
common/boot.c | 4 ++++
3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index cc6504e..fbe6b81 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,7 @@ DEFINES += -DCPU_IDS=$(CPU_IDS)
DEFINES += -DNR_CPUS=$(NR_CPUS)
DEFINES += $(if $(SYSREGS_BASE), -DSYSREGS_BASE=$(SYSREGS_BASE), )
DEFINES += -DUART_BASE=$(UART_BASE)
-DEFINES += -DSTACK_SIZE=256
+DEFINES += -DSTACK_SIZE=1024
if KERNEL_32
DEFINES += -DKERNEL_32
@@ -134,7 +134,7 @@ CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
CFLAGS += -Wall -fomit-frame-pointer
CFLAGS += -ffreestanding -nostdlib
CFLAGS += -fno-stack-protector
-CFLAGS += -fno-stack-protector
+CFLAGS += -fno-stack-protector -fno-builtin
CFLAGS += -ffunction-sections -fdata-sections
CFLAGS += -fno-pic -fno-pie
LDFLAGS += --gc-sections
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
index c079d22..daaa674 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
@@ -261,6 +261,10 @@ el2_init:
#endif
ldr x1, =spsr_to_elx
str w0, [x1]
+
+ mov w0, #1
+ ldr x1, =flag_v8r
+ str w0, [x1]
// fall through
el_max_init:
@@ -340,3 +344,5 @@ flag_keep_el:
.long 0
ASM_DATA(spsr_to_elx)
.long 0
+ASM_DATA(flag_v8r)
+ .long 0
diff --git a/common/boot.c b/common/boot.c
index ee2bea0..38b2dca 100644
--- a/common/boot.c
+++ b/common/boot.c
@@ -11,6 +11,9 @@
extern unsigned long entrypoint;
extern unsigned long dtb;
+extern unsigned int flag_v8r;
+
+extern void dt_fw_node_init(int enable);
void init_platform(void);
@@ -64,6 +67,7 @@ void __noreturn first_spin(unsigned int cpu, unsigned long *mbox,
if (cpu == 0) {
init_platform();
dt_add_memreserve();
+ dt_fw_node_init(flag_v8r == 1);
*mbox = (unsigned long)&entrypoint;
sevl();
meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
+51
View File
@@ -0,0 +1,51 @@
SUMMARY = "External system Cortex-M3 Firmware"
DESCRIPTION = "Firmware to be loaded and run in External System Harness in\
support to the main application CPU."
HOMEPAGE = "https://git.linaro.org/landing-teams/working/arm/external-system.git"
DEPENDS = "gcc-arm-none-eabi-native"
INHIBIT_DEFAULT_DEPS="1"
LICENSE = "BSD-3-Clause & Apache-2.0"
LIC_FILES_CHKSUM = "file://license.md;md5=e44b2531cd6ffe9dece394dbe988d9a0 \
file://cmsis/LICENSE.txt;md5=e3fc50a88d0a364313df4b21ef20c29e"
SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master \
file://race.patch"
SRCREV = "8c9dca74b104ff6c9722fb0738ba93dd3719c080"
PV .= "+git${SRCPV}"
COMPATIBLE_MACHINE = "(corstone1000)"
# PRODUCT is passed to the Makefile to specify the platform to be used.
PRODUCT = "corstone-1000"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build"
# remove once arm-none-eabi-gcc updates to 13 or newer like poky
DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map"
LDFLAGS[unexport] = "1"
do_compile() {
oe_runmake -C ${S} V=y \
BUILD_PATH=${B} \
PRODUCT=${PRODUCT} \
CROSS_COMPILE=arm-none-eabi- \
all
}
do_compile[cleandirs] = "${B}"
do_install() {
install -D -p -m 0644 ${B}/product/${PRODUCT}/firmware/release/bin/firmware.bin ${D}/firmware/es_flashfw.bin
}
FILES:${PN} = "/firmware"
SYSROOT_DIRS += "/firmware"
inherit deploy
do_deploy() {
cp -rf ${D}/firmware/* ${DEPLOYDIR}/
}
addtask deploy after do_install
meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch
+66
View File
@@ -0,0 +1,66 @@
Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1]
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 34e1c04534607f5605255f39fb46e26261fc9c4e Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Tue, 8 Sep 2020 11:49:08 +0100
Subject: [PATCH] tools/gen_module_code: atomically rewrite the generated files
The gen_module rule in rules.mk is marked as .PHONY, so make will
execute it whenever it is mentioned. This results in gen_module_code
being executed 64 times for a Juno build.
However in heavily parallel builds there's a good chance that
gen_module_code is writing a file whilst the compiler is reading it
because make also doesn't know what files are generated by
gen_module_code.
The correct fix is to adjust the Makefiles so that the dependencies are
correct but this isn't trivial, so band-aid the problem by atomically
writing the generated files.
Change-Id: I82d44f9ea6537a91002e1f80de8861d208571630
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
tools/gen_module_code.py | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/tools/gen_module_code.py b/tools/gen_module_code.py
index 7b3953845..ee099b713 100755
--- a/tools/gen_module_code.py
+++ b/tools/gen_module_code.py
@@ -17,6 +17,7 @@
import argparse
import os
import sys
+import tempfile
DEFAULT_PATH = 'build/'
@@ -53,13 +54,21 @@
def generate_file(path, filename, content):
full_filename = os.path.join(path, filename)
- with open(full_filename, 'a+') as f:
- f.seek(0)
- if f.read() != content:
+
+ try:
+ with open(full_filename) as f:
+ rewrite = f.read() != content
+ except FileNotFoundError:
+ rewrite = True
+
+ if rewrite:
+ with tempfile.NamedTemporaryFile(prefix="gen-module-code",
+ dir=path,
+ delete=False,
+ mode="wt") as f:
print("[GEN] {}...".format(full_filename))
- f.seek(0)
- f.truncate()
f.write(content)
+ os.replace(f.name, full_filename)
def generate_header(path, modules):
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch
+250
View File
@@ -0,0 +1,250 @@
From f526797b83113cc64e3e658c22d8a5d269896a2a Mon Sep 17 00:00:00 2001
From: Ben Horgan <ben.horgan@arm.com>
Date: Fri, 4 Mar 2022 16:48:14 +0000
Subject: [PATCH] feat: emulate cntp timer register accesses using cnthps
Upstream-Status: Inappropriate [Experimental feature]
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Change-Id: I67508203273baf3bd8e6be2d99717028db945715
---
Makefile | 3 +-
src/arch/aarch64/hypervisor/BUILD.gn | 1 +
src/arch/aarch64/hypervisor/cpu.c | 11 ++-
src/arch/aarch64/hypervisor/handler.c | 6 ++
src/arch/aarch64/hypervisor/timer_el1.c | 104 ++++++++++++++++++++++++
src/arch/aarch64/hypervisor/timer_el1.h | 20 +++++
src/arch/aarch64/msr.h | 8 ++
7 files changed, 150 insertions(+), 3 deletions(-)
create mode 100644 src/arch/aarch64/hypervisor/timer_el1.c
create mode 100644 src/arch/aarch64/hypervisor/timer_el1.h
diff --git a/Makefile b/Makefile
index 95cab9a5..21cca938 100644
--- a/Makefile
+++ b/Makefile
@@ -60,7 +60,8 @@ CHECKPATCH := $(CURDIR)/third_party/linux/scripts/checkpatch.pl \
# debug_el1.c : uses XMACROS, which checkpatch doesn't understand.
# perfmon.c : uses XMACROS, which checkpatch doesn't understand.
# feature_id.c : uses XMACROS, which checkpatch doesn't understand.
-CHECKPATCH_IGNORE := "src/arch/aarch64/hypervisor/debug_el1.c\|src/arch/aarch64/hypervisor/perfmon.c\|src/arch/aarch64/hypervisor/feature_id.c"
+# timer_el1.c : uses XMACROS, which checkpatch doesn't understand.
+CHECKPATCH_IGNORE := "src/arch/aarch64/hypervisor/debug_el1.c\|src/arch/aarch64/hypervisor/perfmon.c\|src/arch/aarch64/hypervisor/feature_id.c\|src/arch/aarch64/hypervisor/timer_el1.c"
OUT ?= out/$(PROJECT)
OUT_DIR = out/$(PROJECT)
diff --git a/src/arch/aarch64/hypervisor/BUILD.gn b/src/arch/aarch64/hypervisor/BUILD.gn
index 6068d1e8..de1a414d 100644
--- a/src/arch/aarch64/hypervisor/BUILD.gn
+++ b/src/arch/aarch64/hypervisor/BUILD.gn
@@ -45,6 +45,7 @@ source_set("hypervisor") {
"handler.c",
"perfmon.c",
"psci_handler.c",
+ "timer_el1.c",
"vm.c",
]
diff --git a/src/arch/aarch64/hypervisor/cpu.c b/src/arch/aarch64/hypervisor/cpu.c
index bcf5ffce..d2df77d8 100644
--- a/src/arch/aarch64/hypervisor/cpu.c
+++ b/src/arch/aarch64/hypervisor/cpu.c
@@ -98,13 +98,20 @@ void arch_regs_reset(struct vcpu *vcpu)
if (is_primary) {
/*
* cnthctl_el2 is redefined when VHE is enabled.
- * EL1PCTEN, don't trap phys cnt access.
- * EL1PCEN, don't trap phys timer access.
+ * EL1PCTEN, don't trap phys cnt access. Except when in
+ * secure world without vhe.
+ * EL1PCEN, don't trap phys timer access. Except when in
+ * secure world without vhe.
*/
if (has_vhe_support()) {
cnthctl |= (1U << 10) | (1U << 11);
} else {
+#if SECURE_WORLD == 1
+ cnthctl &= ~(1U << 0);
+ cnthctl &= ~(1U << 1);
+#else
cnthctl |= (1U << 0) | (1U << 1);
+#endif
}
}
diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
index 4bd8a3b4..4c1b6e48 100644
--- a/src/arch/aarch64/hypervisor/handler.c
+++ b/src/arch/aarch64/hypervisor/handler.c
@@ -34,6 +34,7 @@
#include "psci_handler.h"
#include "smc.h"
#include "sysregs.h"
+#include "timer_el1.h"
/**
* Hypervisor Fault Address Register Non-Secure.
@@ -1277,6 +1278,11 @@ void handle_system_register_access(uintreg_t esr_el2)
inject_el1_unknown_exception(vcpu, esr_el2);
return;
}
+ } else if (timer_el1_is_register_access(esr_el2)) {
+ if (!timer_el1_process_access(vcpu, vm_id, esr_el2)) {
+ inject_el1_unknown_exception(vcpu, esr_el2);
+ return;
+ }
} else {
inject_el1_unknown_exception(vcpu, esr_el2);
return;
diff --git a/src/arch/aarch64/hypervisor/timer_el1.c b/src/arch/aarch64/hypervisor/timer_el1.c
new file mode 100644
index 00000000..c30e5543
--- /dev/null
+++ b/src/arch/aarch64/hypervisor/timer_el1.c
@@ -0,0 +1,104 @@
+/*
+ * Copyright 2022 The Hafnium Authors.
+ *
+ * Use of this source code is governed by a BSD-style
+ * license that can be found in the LICENSE file or at
+ * https://opensource.org/licenses/BSD-3-Clause.
+ */
+
+#include "timer_el1.h"
+
+#include "hf/dlog.h"
+
+#include "msr.h"
+#include "sysregs.h"
+
+/*
+ * Physical timer (CNTP) register encodings as defined in
+ * table D13-8 of the ARMv8 ARM (DDI0487F).
+ * TYPE, op0, op1, crn, crm, op2
+ * The register names are the concatenation of
+ * "CNTP_", TYPE and "_EL2".
+ */
+#define CNTP_REGISTERS \
+ X(CTL, 3, 3, 14, 2, 1) \
+ X(CVAL, 3, 3, 14, 2, 2) \
+ X(TVAL, 3, 3, 14, 2, 0) \
+
+bool timer_el1_is_register_access(uintreg_t esr)
+{
+ uintreg_t sys_register = GET_ISS_SYSREG(esr);
+ bool is_timer_access;
+ switch (sys_register) {
+#define X(type, op0, op1, crn, crm, op2) \
+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \
+ is_timer_access = true; \
+ break;
+ CNTP_REGISTERS
+#undef X
+ case (GET_ISS_ENCODING(3, 3, 14, 0, 1)):
+ is_timer_access = true;
+ break;
+ default:
+ is_timer_access = false;
+ }
+
+ return is_timer_access;
+}
+
+/* Accesses to CNTP timer emulated with CNTHPS */
+bool timer_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
+ uintreg_t esr)
+{
+ uintreg_t sys_register = GET_ISS_SYSREG(esr);
+ uintreg_t rt_register = GET_ISS_RT(esr);
+ uintreg_t value;
+
+ if (ISS_IS_READ(esr)) {
+ switch (sys_register) {
+#define X(type, op0, op1, crn, crm, op2) \
+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \
+ value = read_msr(MSR_CNTHPS_##type##_EL2); \
+ vcpu->regs.r[rt_register] = value; \
+ break;
+ CNTP_REGISTERS
+#undef X
+ case (GET_ISS_ENCODING(3, 3, 14, 0, 1)):
+ value = read_msr(cntpct_el0);
+ vcpu->regs.r[rt_register] = value;
+ break;
+ default:
+ dlog_notice(
+ "Unsupported timer register "
+ "read: "
+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, "
+ "rt=%d.\n",
+ GET_ISS_OP0(esr), GET_ISS_OP1(esr),
+ GET_ISS_CRN(esr), GET_ISS_CRM(esr),
+ GET_ISS_OP2(esr), GET_ISS_RT(esr));
+ break;
+ }
+ } else {
+ value = vcpu->regs.r[rt_register];
+ switch (sys_register) {
+#define X(type, op0, op1, crn, crm, op2) \
+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \
+ write_msr(MSR_CNTHPS_##type##_EL2, value); \
+ break;
+ CNTP_REGISTERS
+#undef X
+ default:
+ dlog_notice(
+ "Unsupported timer register "
+ "write: "
+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, "
+ "rt=%d, value=%d.\n",
+ GET_ISS_OP0(esr), GET_ISS_OP1(esr),
+ GET_ISS_CRN(esr), GET_ISS_CRM(esr),
+ GET_ISS_OP2(esr), GET_ISS_RT(esr), value);
+ break;
+ }
+ }
+
+ return true;
+}
diff --git a/src/arch/aarch64/hypervisor/timer_el1.h b/src/arch/aarch64/hypervisor/timer_el1.h
new file mode 100644
index 00000000..04a43b6c
--- /dev/null
+++ b/src/arch/aarch64/hypervisor/timer_el1.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright 2022 The Hafnium Authors.
+ *
+ * Use of this source code is governed by a BSD-style
+ * license that can be found in the LICENSE file or at
+ * https://opensource.org/licenses/BSD-3-Clause.
+ */
+
+#pragma once
+
+#include "hf/arch/types.h"
+
+#include "hf/cpu.h"
+
+#include "vmapi/hf/ffa.h"
+
+bool timer_el1_is_register_access(uintreg_t esr);
+
+bool timer_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
+ uintreg_t esr);
diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h
index cd6778b4..55e78330 100644
--- a/src/arch/aarch64/msr.h
+++ b/src/arch/aarch64/msr.h
@@ -126,3 +126,11 @@
#define MSR_ELR_EL12 S3_5_C4_C0_1
#endif
+
+/*
+ * Secure EL2 Physical timer (CNTHPS) register encodings as defined in
+ * table D13-8 of the ARMv8 ARM (DDI0487F).
+ */
+#define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1
+#define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2
+#define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-tc-increase-heap-pages.patch
+27
View File
@@ -0,0 +1,27 @@
From 613dea068fa546956717ce0b60328e39d451f661 Mon Sep 17 00:00:00 2001
From: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Date: Fri, 29 Apr 2022 20:07:50 +0100
Subject: [PATCH] tc: increase heap pages
Upstream-Status: Pending
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
---
BUILD.gn | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/BUILD.gn b/BUILD.gn
index 6b9b383..62ba763 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -235,7 +235,7 @@ aarch64_toolchains("secure_tc") {
gicd_base_address = "0x30000000"
gicr_base_address = "0x30080000"
gicr_frames = 8
- heap_pages = 60
+ heap_pages = 120
max_cpus = 8
max_vms = 16
branch_protection = "standard"
--
2.30.2
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-emulate-interrupt-controller-register-access.patch
+157
View File
@@ -0,0 +1,157 @@
From 97a8ca1835f5d9512dacda497540d5523e56c7dd Mon Sep 17 00:00:00 2001
From: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Date: Tue, 26 Apr 2022 14:43:58 +0100
Subject: [PATCH] feat: emulate interrupt controller register access
This emulates ICC_SGI1R_EL1 and ICC_IGRPEN1_EL1 register
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I0c11f034f3676067597461a183a341c809adcaa4
Upstream-Status: Inappropriate [Experimental feature]
---
src/arch/aarch64/hypervisor/handler.c | 5 ++
src/arch/aarch64/hypervisor/perfmon.c | 84 +++++++++++++++++++++++++++
src/arch/aarch64/hypervisor/perfmon.h | 5 ++
src/arch/aarch64/msr.h | 3 +
4 files changed, 97 insertions(+)
diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
index 4c1b6e48..cd5146bd 100644
--- a/src/arch/aarch64/hypervisor/handler.c
+++ b/src/arch/aarch64/hypervisor/handler.c
@@ -1283,6 +1283,11 @@ void handle_system_register_access(uintreg_t esr_el2)
inject_el1_unknown_exception(vcpu, esr_el2);
return;
}
+ } else if (intr_ctrl_is_register_access(esr_el2)) {
+ if (!intr_ctrl_el1_process_access(vcpu, vm_id, esr_el2)) {
+ inject_el1_unknown_exception(vcpu, esr_el2);
+ return;
+ }
} else {
inject_el1_unknown_exception(vcpu, esr_el2);
return;
diff --git a/src/arch/aarch64/hypervisor/perfmon.c b/src/arch/aarch64/hypervisor/perfmon.c
index f13b0354..05e216c8 100644
--- a/src/arch/aarch64/hypervisor/perfmon.c
+++ b/src/arch/aarch64/hypervisor/perfmon.c
@@ -116,6 +116,10 @@
X(PMEVTYPER30_EL0 , 3, 3, 14, 15, 6) \
X(PMCCFILTR_EL0 , 3, 3, 14, 15, 7)
+#define INTR_CTRL_REGISTERS \
+ X(ICC_IGRPEN1_EL1 , 3, 0, 12, 12, 7) \
+ X(ICC_SGI1R_EL1 , 3, 0, 12, 11, 5) \
+
/* clang-format on */
/**
@@ -232,3 +236,83 @@ uintreg_t perfmon_get_pmccfiltr_el0_init_value(ffa_vm_id_t vm_id)
return 0;
}
+
+bool intr_ctrl_is_register_access(uintreg_t esr)
+{
+ uintreg_t op0 = GET_ISS_OP0(esr);
+ uintreg_t op1 = GET_ISS_OP1(esr);
+ uintreg_t crn = GET_ISS_CRN(esr);
+ uintreg_t crm = GET_ISS_CRM(esr);
+
+ if (op0 == 3 && op1 == 0 && crn == 12 && crm == 12) {
+ return true;
+ }
+
+ if (op0 == 3 && op1 == 0 && crn == 12 && crm == 11) {
+ return true;
+ }
+
+ return false;
+}
+
+bool intr_ctrl_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
+ uintreg_t esr)
+{
+ uintreg_t sys_register = GET_ISS_SYSREG(esr);
+ uintreg_t rt_register = GET_ISS_RT(esr);
+ uintreg_t value;
+
+ /* +1 because Rt can access register XZR */
+ CHECK(rt_register < NUM_GP_REGS + 1);
+
+ if (ISS_IS_READ(esr)) {
+ switch (sys_register) {
+#define X(reg_name, op0, op1, crn, crm, op2) \
+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \
+ value = read_msr(reg_name); \
+ break;
+ INTR_CTRL_REGISTERS
+#undef X
+ default:
+ value = vcpu->regs.r[rt_register];
+ dlog_notice(
+ "Unsupported interrupt control register "
+ "read: "
+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, "
+ "rt=%d.\n",
+ GET_ISS_OP0(esr), GET_ISS_OP1(esr),
+ GET_ISS_CRN(esr), GET_ISS_CRM(esr),
+ GET_ISS_OP2(esr), GET_ISS_RT(esr));
+ break;
+ }
+ if (rt_register != RT_REG_XZR) {
+ vcpu->regs.r[rt_register] = value;
+ }
+ } else {
+ if (rt_register != RT_REG_XZR) {
+ value = vcpu->regs.r[rt_register];
+ } else {
+ value = 0;
+ }
+ switch (sys_register) {
+#define X(reg_name, op0, op1, crn, crm, op2) \
+ case (GET_ISS_ENCODING(op0, op1, crn, crm, op2)): \
+ write_msr(reg_name, value); \
+ break;
+ INTR_CTRL_REGISTERS
+#undef X
+ default:
+ dlog_notice(
+ "Unsupported interrupt control register "
+ "write: "
+ "op0=%d, op1=%d, crn=%d, crm=%d, op2=%d, "
+ "rt=%d.\n",
+ GET_ISS_OP0(esr), GET_ISS_OP1(esr),
+ GET_ISS_CRN(esr), GET_ISS_CRM(esr),
+ GET_ISS_OP2(esr), GET_ISS_RT(esr));
+ break;
+ }
+ }
+
+ return true;
+}
diff --git a/src/arch/aarch64/hypervisor/perfmon.h b/src/arch/aarch64/hypervisor/perfmon.h
index 81669ba1..c90d45bf 100644
--- a/src/arch/aarch64/hypervisor/perfmon.h
+++ b/src/arch/aarch64/hypervisor/perfmon.h
@@ -70,3 +70,8 @@ bool perfmon_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
uintreg_t esr_el2);
uintreg_t perfmon_get_pmccfiltr_el0_init_value(ffa_vm_id_t vm_id);
+
+bool intr_ctrl_is_register_access(uintreg_t esr);
+
+bool intr_ctrl_el1_process_access(struct vcpu *vcpu, ffa_vm_id_t vm_id,
+ uintreg_t esr);
diff --git a/src/arch/aarch64/msr.h b/src/arch/aarch64/msr.h
index 55e78330..82aa8846 100644
--- a/src/arch/aarch64/msr.h
+++ b/src/arch/aarch64/msr.h
@@ -134,3 +134,6 @@
#define MSR_CNTHPS_CTL_EL2 S3_4_C14_C5_1
#define MSR_CNTHPS_CVAL_EL2 S3_4_C14_C5_2
#define MSR_CNTHPS_TVAL_EL2 S3_4_C14_C5_0
+
+#define ICC_IGRPEN1_EL1 S3_0_C12_C12_7
+#define ICC_SGI1R_EL1 S3_0_C12_C11_5
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
+31
View File
@@ -0,0 +1,31 @@
From 1fef5bd2504ce3a203c56a3b66dba773cd4893c6 Mon Sep 17 00:00:00 2001
From: Davidson K <davidson.kumaresan@arm.com>
Date: Thu, 8 Sep 2022 10:47:10 +0530
Subject: [PATCH] feat(vhe): enable vhe and disable branch protection for TC
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: I60cd607d9f2bf0114b482980e7ca68e24aaf4d1f
Upstream-Status: Pending [Not submitted to upstream yet]
---
BUILD.gn | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/BUILD.gn b/BUILD.gn
index 62ba763..f26ce03 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -238,7 +238,6 @@ aarch64_toolchains("secure_tc") {
heap_pages = 120
max_cpus = 8
max_vms = 16
- branch_protection = "standard"
toolchain_args = {
plat_ffa = "//src/arch/aarch64/plat/ffa:spmc"
plat_psci = "//src/arch/aarch64/plat/psci:spmc"
@@ -247,5 +246,6 @@ aarch64_toolchains("secure_tc") {
secure_world = "1"
pl011_base_address = "0x7ff80000"
enable_mte = "1"
+ enable_vhe = "1"
}
}
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0003-feat-disable-alignment-check-for-EL0-partitions.patch
+318
View File
@@ -0,0 +1,318 @@
From 1c4d28493faed6cf189c75fa91d19131e6a34e04 Mon Sep 17 00:00:00 2001
From: Olivier Deprez <olivier.deprez@arm.com>
Date: Mon, 8 Aug 2022 19:14:23 +0200
Subject: [PATCH] feat: disable alignment check for EL0 partitions
Relax hw alignment check specifically for (S-)EL0 partitions when
Hafnium runs with VHE enabled. EL1 partitions have a specific control
for EL1 and EL0 with respect to alignment check.
Create a hyp_state structure (from already defined flying registers)
within the vCPU context to hold the Hypervisor EL2 static configuration
applied when a vCPU runs. This state is switched back and forth when
running the Hypervisor or the VM.
Add SCTLR_EL2 to this context. An EL0 partition context is initialized
with SCTLR_EL2.A=0 such that alignment check is disabled when EL0 runs
in the EL2&0 translation regime. SCTLR_EL2.A is set back when returning
to the Hypervisor such that Hypervisor execution runs with aligment
check enabled at EL2.
Remove HCR_EL2 saving from vCPU exit path provided this register state
is static and doesn't change while a vCPU runs.
The rationale for such change is to permit running upstream SW stacks
such as the EDKII/StandaloneMm [1] for which default build assumes
unaligned accesses are permitted. Similar query exists for running
Trusted Services on top of Hafnium [2].
[1] https://github.com/tianocore/edk2/tree/master/StandaloneMmPkg
[2] https://trusted-services.readthedocs.io/en/integration/
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2906f4c712425fcfb31adbf89e2e3b9ca293f181
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/hafnium/hafnium/+/16195]
---
src/arch/aarch64/hypervisor/cpu.c | 9 ++++---
src/arch/aarch64/hypervisor/exceptions.S | 32 ++++++++++++++++--------
src/arch/aarch64/hypervisor/feature_id.c | 6 ++---
src/arch/aarch64/hypervisor/handler.c | 18 +++++++------
src/arch/aarch64/inc/hf/arch/types.h | 9 +++++--
src/arch/aarch64/mm.c | 2 +-
src/arch/aarch64/sysregs.c | 11 ++++++--
src/arch/aarch64/sysregs.h | 2 +-
8 files changed, 59 insertions(+), 30 deletions(-)
diff --git a/src/arch/aarch64/hypervisor/cpu.c b/src/arch/aarch64/hypervisor/cpu.c
index d2df77d8..a000159b 100644
--- a/src/arch/aarch64/hypervisor/cpu.c
+++ b/src/arch/aarch64/hypervisor/cpu.c
@@ -115,7 +115,9 @@ void arch_regs_reset(struct vcpu *vcpu)
}
}
- r->hcr_el2 = get_hcr_el2_value(vm_id, vcpu->vm->el0_partition);
+ r->hyp_state.hcr_el2 =
+ get_hcr_el2_value(vm_id, vcpu->vm->el0_partition);
+ r->hyp_state.sctlr_el2 = get_sctlr_el2_value(vcpu->vm->el0_partition);
r->lazy.cnthctl_el2 = cnthctl;
if (vcpu->vm->el0_partition) {
CHECK(has_vhe_support());
@@ -125,10 +127,11 @@ void arch_regs_reset(struct vcpu *vcpu)
* are ignored and treated as 0. There is no need to mask the
* VMID (used as asid) to only 8 bits.
*/
- r->ttbr0_el2 = pa_addr(table) | ((uint64_t)vm_id << 48);
+ r->hyp_state.ttbr0_el2 =
+ pa_addr(table) | ((uint64_t)vm_id << 48);
r->spsr = PSR_PE_MODE_EL0T;
} else {
- r->ttbr0_el2 = read_msr(ttbr0_el2);
+ r->hyp_state.ttbr0_el2 = read_msr(ttbr0_el2);
r->lazy.vtcr_el2 = arch_mm_get_vtcr_el2();
r->lazy.vttbr_el2 = pa_addr(table) | ((uint64_t)vm_id << 48);
#if SECURE_WORLD == 1
diff --git a/src/arch/aarch64/hypervisor/exceptions.S b/src/arch/aarch64/hypervisor/exceptions.S
index 539e196d..d3732f86 100644
--- a/src/arch/aarch64/hypervisor/exceptions.S
+++ b/src/arch/aarch64/hypervisor/exceptions.S
@@ -20,6 +20,9 @@
#define ID_AA64PFR0_SVE_SHIFT (32)
#define ID_AA64PFR0_SVE_LENGTH (4)
+#define SCTLR_EL2_A_SHIFT (1)
+#define HCR_EL2_TGE_SHIFT (27)
+
/**
* Saves the volatile registers into the register buffer of the current vCPU.
*/
@@ -51,8 +54,6 @@
mrs x1, elr_el2
mrs x2, spsr_el2
stp x1, x2, [x18, #VCPU_REGS + 8 * 31]
- mrs x1, hcr_el2
- str x1, [x18, #VCPU_REGS + 8 * 33]
.endm
/**
@@ -871,12 +872,13 @@ vcpu_restore_volatile_and_run:
msr elr_el2, x1
msr spsr_el2, x2
- ldr x1, [x0, #VCPU_REGS + 8 * 33]
+ ldp x1, x2, [x0, #VCPU_REGS + 8 * 33]
msr hcr_el2, x1
+ msr ttbr0_el2, x2
isb
- ldr x1, [x0, #VCPU_REGS + 8 * 34]
- msr ttbr0_el2, x1
+ ldr x1, [x0, #VCPU_REGS + 8 * 35]
+ msr sctlr_el2, x1
isb
/* Restore x0..x3, which we have used as scratch before. */
@@ -886,15 +888,17 @@ vcpu_restore_volatile_and_run:
#if ENABLE_VHE
enable_vhe_tge:
+ mrs x0, id_aa64mmfr1_el1
+ tst x0, #0xf00
+ b.eq 1f
+
/**
* Switch to host mode ({E2H, TGE} = {1,1}) when VHE is enabled.
* Note that E2H is always set when VHE is enabled.
*/
- mrs x0, id_aa64mmfr1_el1
- tst x0, #0xf00
- b.eq 1f
- orr x1, x1, #(1 << 27)
- msr hcr_el2, x1
+ mrs x0, hcr_el2
+ orr x0, x0, #(1 << HCR_EL2_TGE_SHIFT)
+ msr hcr_el2, x0
isb
/**
@@ -905,6 +909,14 @@ enable_vhe_tge:
ldr x0, [x0]
msr ttbr0_el2, x0
isb
+
+ /**
+ * Enable alignment check while Hypervisor runs.
+ */
+ mrs x0, sctlr_el2
+ orr x0, x0, #(1 << SCTLR_EL2_A_SHIFT)
+ msr sctlr_el2, x0
+ isb
1:
ret
#endif
diff --git a/src/arch/aarch64/hypervisor/feature_id.c b/src/arch/aarch64/hypervisor/feature_id.c
index ed3bf8f1..57f32627 100644
--- a/src/arch/aarch64/hypervisor/feature_id.c
+++ b/src/arch/aarch64/hypervisor/feature_id.c
@@ -175,7 +175,7 @@ void feature_set_traps(struct vm *vm, struct arch_regs *regs)
~(ID_AA64MMFR1_EL1_VH_MASK << ID_AA64MMFR1_EL1_VH_SHIFT);
if (features & HF_FEATURE_RAS) {
- regs->hcr_el2 |= HCR_EL2_TERR;
+ regs->hyp_state.hcr_el2 |= HCR_EL2_TERR;
vm->arch.tid3_masks.id_aa64mmfr1_el1 &=
~ID_AA64MMFR1_EL1_SPEC_SEI;
vm->arch.tid3_masks.id_aa64pfr0_el1 &= ~ID_AA64PFR0_EL1_RAS;
@@ -221,14 +221,14 @@ void feature_set_traps(struct vm *vm, struct arch_regs *regs)
}
if (features & HF_FEATURE_LOR) {
- regs->hcr_el2 |= HCR_EL2_TLOR;
+ regs->hyp_state.hcr_el2 |= HCR_EL2_TLOR;
vm->arch.tid3_masks.id_aa64mmfr1_el1 &= ~ID_AA64MMFR1_EL1_LO;
}
if (features & HF_FEATURE_PAUTH) {
/* APK and API bits *enable* trapping when cleared. */
- regs->hcr_el2 &= ~(HCR_EL2_APK | HCR_EL2_API);
+ regs->hyp_state.hcr_el2 &= ~(HCR_EL2_APK | HCR_EL2_API);
vm->arch.tid3_masks.id_aa64isar1_el1 &= ~ID_AA64ISAR1_EL1_GPI;
vm->arch.tid3_masks.id_aa64isar1_el1 &= ~ID_AA64ISAR1_EL1_GPA;
diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
index cd5146bd..8a3d6289 100644
--- a/src/arch/aarch64/hypervisor/handler.c
+++ b/src/arch/aarch64/hypervisor/handler.c
@@ -272,9 +272,9 @@ noreturn void sync_current_exception_noreturn(uintreg_t elr, uintreg_t spsr)
static void set_virtual_irq(struct arch_regs *r, bool enable)
{
if (enable) {
- r->hcr_el2 |= HCR_EL2_VI;
+ r->hyp_state.hcr_el2 |= HCR_EL2_VI;
} else {
- r->hcr_el2 &= ~HCR_EL2_VI;
+ r->hyp_state.hcr_el2 &= ~HCR_EL2_VI;
}
}
@@ -283,14 +283,15 @@ static void set_virtual_irq(struct arch_regs *r, bool enable)
*/
static void set_virtual_irq_current(bool enable)
{
- uintreg_t hcr_el2 = current()->regs.hcr_el2;
+ struct vcpu *vcpu = current();
+ uintreg_t hcr_el2 = vcpu->regs.hyp_state.hcr_el2;
if (enable) {
hcr_el2 |= HCR_EL2_VI;
} else {
hcr_el2 &= ~HCR_EL2_VI;
}
- current()->regs.hcr_el2 = hcr_el2;
+ vcpu->regs.hyp_state.hcr_el2 = hcr_el2;
}
/**
@@ -300,9 +301,9 @@ static void set_virtual_irq_current(bool enable)
static void set_virtual_fiq(struct arch_regs *r, bool enable)
{
if (enable) {
- r->hcr_el2 |= HCR_EL2_VF;
+ r->hyp_state.hcr_el2 |= HCR_EL2_VF;
} else {
- r->hcr_el2 &= ~HCR_EL2_VF;
+ r->hyp_state.hcr_el2 &= ~HCR_EL2_VF;
}
}
@@ -311,14 +312,15 @@ static void set_virtual_fiq(struct arch_regs *r, bool enable)
*/
static void set_virtual_fiq_current(bool enable)
{
- uintreg_t hcr_el2 = current()->regs.hcr_el2;
+ struct vcpu *vcpu = current();
+ uintreg_t hcr_el2 = vcpu->regs.hyp_state.hcr_el2;
if (enable) {
hcr_el2 |= HCR_EL2_VF;
} else {
hcr_el2 &= ~HCR_EL2_VF;
}
- current()->regs.hcr_el2 = hcr_el2;
+ vcpu->regs.hyp_state.hcr_el2 = hcr_el2;
}
#if SECURE_WORLD == 1
diff --git a/src/arch/aarch64/inc/hf/arch/types.h b/src/arch/aarch64/inc/hf/arch/types.h
index 6379d73e..6b8b24f1 100644
--- a/src/arch/aarch64/inc/hf/arch/types.h
+++ b/src/arch/aarch64/inc/hf/arch/types.h
@@ -79,8 +79,13 @@ struct arch_regs {
uintreg_t r[NUM_GP_REGS];
uintreg_t pc;
uintreg_t spsr;
- uintreg_t hcr_el2;
- uintreg_t ttbr0_el2;
+
+ /* Hypervisor configuration while a vCPU runs. */
+ struct {
+ uintreg_t hcr_el2;
+ uintreg_t ttbr0_el2;
+ uintreg_t sctlr_el2;
+ } hyp_state;
/*
* System registers.
diff --git a/src/arch/aarch64/mm.c b/src/arch/aarch64/mm.c
index 8ee65ca0..487ae353 100644
--- a/src/arch/aarch64/mm.c
+++ b/src/arch/aarch64/mm.c
@@ -886,7 +886,7 @@ bool arch_mm_init(paddr_t table)
#endif
(0xff << (8 * STAGE1_NORMALINDX)),
- .sctlr_el2 = get_sctlr_el2_value(),
+ .sctlr_el2 = get_sctlr_el2_value(false),
.vstcr_el2 = (1U << 31) | /* RES1. */
(0 << 30) | /* SA. */
(0 << 29) | /* SW. */
diff --git a/src/arch/aarch64/sysregs.c b/src/arch/aarch64/sysregs.c
index e8c154b1..087ba4ed 100644
--- a/src/arch/aarch64/sysregs.c
+++ b/src/arch/aarch64/sysregs.c
@@ -159,7 +159,7 @@ uintreg_t get_cptr_el2_value(void)
/**
* Returns the value for SCTLR_EL2 for the CPU.
*/
-uintreg_t get_sctlr_el2_value(void)
+uintreg_t get_sctlr_el2_value(bool is_el0_partition)
{
uintreg_t sctlr_el2_value = 0;
@@ -173,7 +173,14 @@ uintreg_t get_sctlr_el2_value(void)
/* MMU-related bits. */
sctlr_el2_value |= SCTLR_EL2_M;
- sctlr_el2_value |= SCTLR_EL2_A;
+
+ /*
+ * Alignment check enabled, but in the case of an EL0 partition
+ * with VHE enabled.
+ */
+ if (!(has_vhe_support() && is_el0_partition)) {
+ sctlr_el2_value |= SCTLR_EL2_A;
+ }
sctlr_el2_value |= SCTLR_EL2_C;
sctlr_el2_value |= SCTLR_EL2_SA;
sctlr_el2_value |= SCTLR_EL2_I;
diff --git a/src/arch/aarch64/sysregs.h b/src/arch/aarch64/sysregs.h
index babd2375..6fdab58e 100644
--- a/src/arch/aarch64/sysregs.h
+++ b/src/arch/aarch64/sysregs.h
@@ -668,7 +668,7 @@ uintreg_t get_mdcr_el2_value(void);
uintreg_t get_cptr_el2_value(void);
-uintreg_t get_sctlr_el2_value(void);
+uintreg_t get_sctlr_el2_value(bool is_el0_partition);
/**
* Branch Target Identification mechanism support in AArch64 state.
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch
+41
View File
@@ -0,0 +1,41 @@
From 4b59905d2fec01cc17038b1c167b4e57e7835adf Mon Sep 17 00:00:00 2001
From: Davidson K <davidson.kumaresan@arm.com>
Date: Thu, 7 Oct 2021 12:20:08 +0530
Subject: [PATCH] feat(vhe): set STAGE1_NS while mapping memory from NWd to SWd
If the memory is shared by a VM executing in non secure world, attribute
MM_MODE_NS had to be set while mapping that in a S-EL0 SP executing in
secure world. It will not be needed for a S-EL1 SP since the NS bit is
available only for the stage 1 translations and the stage 1 translations
for a S-EL1 SP will be handled by a trusted OS running in S-EL1.
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: I074e2d5a50a659bd3c097d797c4901f08d210b1b
Upstream-Status: Pending [Not submitted to upstream yet]
---
src/ffa_memory.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/ffa_memory.c b/src/ffa_memory.c
index 048cca9c..8910cc79 100644
--- a/src/ffa_memory.c
+++ b/src/ffa_memory.c
@@ -2483,6 +2483,18 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked,
memory_to_attributes = ffa_memory_permissions_to_mode(
permissions, share_state->sender_orig_mode);
+
+ if (to_locked.vm->el0_partition) {
+ /*
+ * Get extra mapping attributes for the given VM ID.
+ * If the memory is shared by a VM executing in non secure
+ * world, attribute MM_MODE_NS had to be set while mapping
+ * that in a SP executing in secure world.
+ */
+ memory_to_attributes |= arch_mm_extra_attributes_from_vm(
+ retrieve_request->sender);
+ }
+
ret = ffa_retrieve_check_update(
to_locked, memory_region->sender, share_state->fragments,
share_state->fragment_constituent_counts,
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc
+25
View File
@@ -0,0 +1,25 @@
# TC specific configuration
COMPATIBLE_MACHINE = "(tc?)"
HAFNIUM_PLATFORM = "secure_tc"
# Intermediate SHA with 2.7 baseline version
SRCREV = "dd0561820946fe23bcd57cc129140437f72102a5"
PV = "2.7+git${SRCPV}"
FILESEXTRAPATHS:prepend:tc := "${THISDIR}/files/tc:"
SRC_URI:remove = "file://0003-Fix-build-with-clang-15.patch"
SRC_URI:append = " \
file://0001-feat-emulate-cntp-timer-register-accesses-using-cnth.patch \
file://0002-feat-emulate-interrupt-controller-register-access.patch \
file://0003-feat-disable-alignment-check-for-EL0-partitions.patch \
file://0004-feat-vhe-set-STAGE1_NS-while-mapping-memory-from-NWd.patch \
file://0001-tc-increase-heap-pages.patch;patchdir=project/reference \
file://0002-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch;patchdir=project/reference \
"
do_compile() {
PATH="${S}/prebuilts/linux-x64/clang/bin:$PATH" oe_runmake -C ${S}
}
meta-arm/meta-arm-bsp/recipes-bsp/hafnium/hafnium_%.bbappend
+6
View File
@@ -0,0 +1,6 @@
# Machine specific configurations
MACHINE_HAFNIUM_REQUIRE ?= ""
MACHINE_HAFNIUM_REQUIRE:tc = "hafnium-tc.inc"
require ${MACHINE_HAFNIUM_REQUIRE}
meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb
+38
View File
@@ -0,0 +1,38 @@
SUMARY = "Corstone1000 platform Image"
DESCRIPTION = "This is the main image which is the container of all the binaries \
generated for the Corstone1000 platform."
LICENSE = "MIT"
COMPATIBLE_MACHINE = "corstone1000"
inherit image
inherit tfm_sign_image
inherit uefi_capsule
PACKAGE_INSTALL = ""
IMAGE_FSTYPES += "wic uefi_capsule"
UEFI_FIRMWARE_BINARY = "${PN}-${MACHINE}.${CAPSULE_IMGTYPE}"
UEFI_CAPSULE_CONFIG = "${THISDIR}/files/${PN}-capsule-update-image.json"
CAPSULE_IMGTYPE = "wic"
do_sign_images() {
# Sign TF-A BL2
sign_host_image ${RECIPE_SYSROOT}/firmware/${TFA_BL2_BINARY} \
${TFA_BL2_RE_IMAGE_LOAD_ADDRESS} ${TFA_BL2_RE_SIGN_BIN_SIZE}
# Update BL2 in the FIP image
cp ${RECIPE_SYSROOT}/firmware/${TFA_FIP_BINARY} .
fiptool update --tb-fw \
${TFM_IMAGE_SIGN_DEPLOY_DIR}/signed_${TFA_BL2_BINARY} \
${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY}
# Sign the FIP image
sign_host_image ${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY} \
${TFA_FIP_RE_IMAGE_LOAD_ADDRESS} ${TFA_FIP_RE_SIGN_BIN_SIZE}
}
do_sign_images[depends] = "\
trusted-firmware-a:do_populate_sysroot \
fiptool-native:do_populate_sysroot \
"
meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-initramfs-image.bb
+28
View File
@@ -0,0 +1,28 @@
SUMARY = "Corstone1000 platform Initramfs Image"
DESCRIPTION = "This is the main Linux image which includes an initramfs kernel/rootfs bundle."
LICENSE = "MIT"
COMPATIBLE_MACHINE = "corstone1000"
IMAGE_FSTYPES = "${INITRAMFS_FSTYPES}"
inherit core-image
# By default all basic packages required for a bootable system are installed
# by core-image . These packages are: packagegroup-core-boot and
# packagegroup-base-extended
inherit image-buildinfo
#package management is not supported in corstone1000
IMAGE_FEATURES:remove = "package-management"
# all optee packages
IMAGE_INSTALL += "optee-client"
# external system linux userspace test application
IMAGE_INSTALL += "corstone1000-external-sys-tests"
# TS PSA API tests commands for crypto, its, ps and iat
IMAGE_INSTALL += "packagegroup-ts-tests-psa"
meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json
+11
View File
@@ -0,0 +1,11 @@
{
"Payloads": [
{
"FwVersion": "5",
"Guid": "e2bb9c06-70e9-4b14-97a3-5a7913176e3f",
"LowestSupportedVersion": "1",
"Payload": "$UEFI_FIRMWARE_BINARY",
"UpdateImageIndex": "0"
}
]
}
meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno.bb
+79
View File
@@ -0,0 +1,79 @@
DESCRIPTION = "Firmware Image for Juno to be copied to the Configuration \
microSD card"
LICENSE = "BSD-3-Clause"
SECTION = "firmware"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9"
INHIBIT_DEFAULT_DEPS = "1"
DEPENDS = "trusted-firmware-a virtual/kernel virtual/control-processor-firmware"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "juno"
LINARO_RELEASE = "19.06"
SRC_URI = "http://releases.linaro.org/members/arm/platforms/${LINARO_RELEASE}/juno-latest-oe-uboot.zip;subdir=${UNPACK_DIR} \
file://images-r0.txt \
file://images-r1.txt \
file://images-r2.txt \
file://uEnv.txt \
"
SRC_URI[md5sum] = "01b662b81fa409d55ff298238ad24003"
SRC_URI[sha256sum] = "b8a3909bb3bc4350a8771b863193a3e33b358e2a727624a77c9ecf13516cec82"
UNPACK_DIR = "juno-firmware-${LINARO_RELEASE}"
inherit deploy nopackages
do_configure[noexec] = "1"
do_compile[noexec] = "1"
# The ${D} is used as a temporary directory and we don't generate any
# packages for this recipe.
do_install() {
cp -a ${WORKDIR}/${UNPACK_DIR} ${D}
cp -f ${RECIPE_SYSROOT}/firmware/bl1-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/bl1.bin
cp -f ${RECIPE_SYSROOT}/firmware/fip-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/fip.bin
cp -f ${RECIPE_SYSROOT}/firmware/scp_romfw_bypass.bin \
${D}/${UNPACK_DIR}/SOFTWARE/scp_bl1.bin
# u-boot environment file
cp -f ${WORKDIR}/uEnv.txt ${D}/${UNPACK_DIR}/SOFTWARE/
# Juno images list file
cp -f ${WORKDIR}/images-r0.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262B/images.txt
cp -f ${WORKDIR}/images-r1.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262C/images.txt
cp -f ${WORKDIR}/images-r2.txt ${D}/${UNPACK_DIR}/SITE1/HBI0262D/images.txt
}
do_deploy() {
# To avoid dependency loop between firmware-image-juno:do_install
# and virtual/kernel:do_deploy when INITRAMFS_IMAGE_BUNDLE = "1",
# we need to handle the kernel binaries copying in the do_deploy
# task.
for f in ${KERNEL_DEVICETREE}; do
install -m 755 -c ${DEPLOY_DIR_IMAGE}/$(basename $f) \
${D}/${UNPACK_DIR}/SOFTWARE/.
done
if [ "${INITRAMFS_IMAGE_BUNDLE}" -eq 1 ]; then
cp -L -f ${DEPLOY_DIR_IMAGE}/Image.gz-initramfs-juno.bin \
${D}/${UNPACK_DIR}/SOFTWARE/Image
else
cp -L -f ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE} ${D}/${UNPACK_DIR}/SOFTWARE/
fi
# Compress the files
tar -C ${D}/${UNPACK_DIR} -zcvf ${WORKDIR}/${PN}.tar.gz ./
# Deploy the compressed archive to the deploy folder
install -D -p -m0644 ${WORKDIR}/${PN}.tar.gz ${DEPLOYDIR}/${PN}.tar.gz
}
do_deploy[depends] += "virtual/kernel:do_deploy"
addtask deploy after do_install
meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r0.txt
+71
View File
@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r1.txt
+71
View File
@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r1.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/images-r2.txt
+71
View File
@@ -0,0 +1,71 @@
TITLE: Versatile Express Images Configuration File
[IMAGES]
TOTALIMAGES: 10 ;Number of Images (Max: 32)
NOR0UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR0ADDRESS: 0x00000000 ;Image Flash Address
NOR0FILE: \SOFTWARE\fip.bin ;Image File Name
NOR0LOAD: 00000000 ;Image Load Address
NOR0ENTRY: 00000000 ;Image Entry Point
NOR1UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR1ADDRESS: 0x03EC0000 ;Image Flash Address
NOR1FILE: \SOFTWARE\bl1.bin ;Image File Name
NOR1LOAD: 00000000 ;Image Load Address
NOR1ENTRY: 00000000 ;Image Entry Point
NOR2UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR2ADDRESS: 0x00500000 ;Image Flash Address
NOR2FILE: \SOFTWARE\Image ;Image File Name
NOR2NAME: norkern ;Rename kernel to norkern
NOR2LOAD: 00000000 ;Image Load Address
NOR2ENTRY: 00000000 ;Image Entry Point
NOR3UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR3ADDRESS: 0x03000000 ;Image Flash Address
NOR3FILE: \SOFTWARE\juno-r2.dtb ;Image File Name
NOR3NAME: board.dtb ;Specify target filename to preserve file extension
NOR3LOAD: 00000000 ;Image Load Address
NOR3ENTRY: 00000000 ;Image Entry Point
NOR4UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR4ADDRESS: 0x030C0000 ;Image Flash Address
NOR4FILE: \SOFTWARE\hdlcdclk.dat ;Image File Name
NOR4LOAD: 00000000 ;Image Load Address
NOR4ENTRY: 00000000 ;Image Entry Point
NOR5UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR5ADDRESS: 0x03E40000 ;Image Flash Address
NOR5FILE: \SOFTWARE\scp_bl1.bin ;Image File Name
NOR5LOAD: 00000000 ;Image Load Address
NOR5ENTRY: 00000000 ;Image Entry Point
NOR6UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR6ADDRESS: 0x0BF00000 ;Image Flash Address
NOR6FILE: \SOFTWARE\startup.nsh ;Image File Name
NOR6NAME: startup.nsh
NOR6LOAD: 00000000 ;Image Load Address
NOR6ENTRY: 00000000 ;Image Entry Point
NOR7UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR7ADDRESS: 0x0BFC0000 ;Image Flash Address
NOR7FILE: \SOFTWARE\blank.img ;Image File Name
NOR7NAME: BOOTENV
NOR7LOAD: 00000000 ;Image Load Address
NOR7ENTRY: 00000000 ;Image Entry Point
NOR8UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR8ADDRESS: 0x03100000 ;Image Flash Address
NOR8FILE: \SOFTWARE\selftest ;Image File Name
NOR8LOAD: 00000000 ;Image Load Address
NOR8ENTRY: 00000000 ;Image Entry Point
NOR9UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
NOR9ADDRESS: 0x03180000 ;Image Flash Address
NOR9NAME: uEnv.txt
NOR9FILE: \SOFTWARE\uEnv.txt ;Image File Name
NOR9LOAD: 00000000 ;Image Load Address
NOR9ENTRY: 00000000 ;Image Entry Point
meta-arm/meta-arm-bsp/recipes-bsp/images/firmware-image-juno/uEnv.txt
+11
View File
@@ -0,0 +1,11 @@
uenvcmd=run mybootcmd
mybootcmd=echo Loading custom boot command; \
echo Loading kernel; \
afs load ${kernel_name} ${kernel_addr_r} ; \
if test $? -eq 1; then echo Loading ${kernel_alt_name} instead of ${kernel_name}; afs load ${kernel_alt_name} ${kernel_addr_r}; fi; \
echo Loading device tree; \
afs load ${fdtfile} ${fdt_addr_r}; \
if test $? -eq 1; then echo Loading ${fdt_alt_name} instead of ${fdtfile}; \
afs load ${fdt_alt_name} ${fdt_addr_r}; fi; fdt addr ${fdt_addr_r}; fdt resize; \
booti ${kernel_addr_r} - ${fdt_addr_r};
meta-arm/meta-arm-bsp/recipes-bsp/images/n1sdp-board-firmware_2022.06.22.bb
+37
View File
@@ -0,0 +1,37 @@
SUMMARY = "Board Firmware binaries for N1SDP"
SECTION = "firmware"
LICENSE = "STM-SLA0044-Rev5"
LIC_FILES_CHKSUM = "file://LICENSES/MB/STM.TXT;md5=1b74d8c842307d03c116f2d71cbf868a"
inherit deploy
INHIBIT_DEFAULT_DEPS = "1"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "n1sdp"
SRC_URI = "git://git.gitlab.arm.com/arm-reference-solutions/board-firmware.git;protocol=https;branch=n1sdp"
SRCREV = "70ba494265eee76747faff38264860c19e214540"
PV .= "+git${SRCPV}"
S = "${WORKDIR}/git"
INSTALL_DIR = "/n1sdp-board-firmware_source"
do_install() {
rm -rf ${S}/SOFTWARE
install -d ${D}${INSTALL_DIR}
cp -Rp --no-preserve=ownership ${S}/* ${D}${INSTALL_DIR}
}
FILES:${PN}-staticdev += " ${INSTALL_DIR}/LIB/sensor.a"
FILES:${PN} = "${INSTALL_DIR}"
SYSROOT_DIRS += "${INSTALL_DIR}"
do_deploy() {
install -d ${DEPLOYDIR}${INSTALL_DIR}
cp -Rp --no-preserve=ownership ${S}/* ${DEPLOYDIR}${INSTALL_DIR}
}
addtask deploy after do_install before do_build
meta-arm/meta-arm-bsp/recipes-bsp/images/sdcard-image-n1sdp_0.1.bb
+85
View File
@@ -0,0 +1,85 @@
SUMMARY = "Firmware image recipe for generating SD-Card artifacts."
inherit deploy nopackages
DEPENDS = "trusted-firmware-a \
virtual/control-processor-firmware \
n1sdp-board-firmware"
LICENSE = "MIT"
PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "n1sdp"
RM_WORK_EXCLUDE += "${PN}"
do_configure[noexec] = "1"
do_compile[noexec] = "1"
do_install[noexec] = "1"
FIRMWARE_DIR = "n1sdp-board-firmware_source"
PRIMARY_DIR = "${WORKDIR}/n1sdp-board-firmware_primary"
SECONDARY_DIR = "${WORKDIR}/n1sdp-board-firmware_secondary"
SOC_BINARIES = "mcp_fw.bin scp_fw.bin mcp_rom.bin scp_rom.bin"
prepare_package() {
cd ${WORKDIR}
# Master/Primary
cp -av ${RECIPE_SYSROOT}/${FIRMWARE_DIR}/* ${PRIMARY_DIR}
mkdir -p ${PRIMARY_DIR}/SOFTWARE/
# Copy FIP binary
cp -v ${RECIPE_SYSROOT}/firmware/fip.bin ${PRIMARY_DIR}/SOFTWARE/
# Copy SOC binaries
for f in ${SOC_BINARIES}; do
cp -v ${RECIPE_SYSROOT}/firmware/${f} ${PRIMARY_DIR}/SOFTWARE/
done
sed -i -e 's|^C2C_ENABLE.*|C2C_ENABLE: TRUE ;C2C enable TRUE/FALSE|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|^C2C_SIDE.*|C2C_SIDE: MASTER ;C2C side SLAVE/MASTER|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|.*SOCCON: 0x1170.*PLATFORM_CTRL.*|SOCCON: 0x1170 0x00000100 ;SoC SCC PLATFORM_CTRL|' \
${PRIMARY_DIR}/MB/HBI0316A/io_v123f.txt
# Update load address for trusted boot
sed -i -e '/^IMAGE4ADDRESS:/ s|0x60200000|0x64200000|' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
sed -i -e '/^IMAGE4UPDATE:/ s|FORCE |SCP_AUTO|' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
sed -i -e '/^IMAGE4FILE: \\SOFTWARE\\/s|uefi.bin|fip.bin |' ${PRIMARY_DIR}/MB/HBI0316A/images.txt
# Slave/Secondary
cp -av ${RECIPE_SYSROOT}/${FIRMWARE_DIR}/* ${SECONDARY_DIR}
mkdir -p ${SECONDARY_DIR}/SOFTWARE/
# Copy SOC binaries
for f in ${SOC_BINARIES}; do
cp -v ${RECIPE_SYSROOT}/firmware/${f} ${SECONDARY_DIR}/SOFTWARE/
done
sed -i -e 's|^C2C_ENABLE.*|C2C_ENABLE: TRUE ;C2C enable TRUE/FALSE|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|^C2C_SIDE.*|C2C_SIDE: SLAVE ;C2C side SLAVE/MASTER|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e 's|.*SOCCON: 0x1170.*PLATFORM_CTRL.*|SOCCON: 0x1170 0x00000101 ;SoC SCC PLATFORM_CTRL|' \
${SECONDARY_DIR}/MB/HBI0316A/io_v123f.txt
sed -i -e '/^TOTALIMAGES:/ s|5|4|' ${SECONDARY_DIR}/MB/HBI0316A/images.txt
sed -i -e 's|^IMAGE4|;&|' ${SECONDARY_DIR}/MB/HBI0316A/images.txt
}
do_deploy() {
# prepare Master & Slave packages
prepare_package
for dir in ${PRIMARY_DIR} ${SECONDARY_DIR}; do
dir_name=$(basename ${dir})
mkdir -p ${D}/${dir_name}
cp -av ${dir} ${D}
# Compress the files
tar -C ${D}/${dir_name} -zcvf ${DEPLOYDIR}/${dir_name}.tar.gz ./
done
}
do_deploy[dirs] += "${PRIMARY_DIR} ${SECONDARY_DIR}"
do_deploy[cleandirs] += "${PRIMARY_DIR} ${SECONDARY_DIR}"
do_deploy[umask] = "022"
addtask deploy after do_prepare_recipe_sysroot
meta-arm/meta-arm-bsp/recipes-bsp/images/tc-artifacts-image.bb
+14
View File
@@ -0,0 +1,14 @@
# SPDX-License-Identifier: Apache-2.0
#
# Copyright (c) 2020 Arm Limited
#
SUMMARY = "Total Compute Images"
DESCRIPTION = "Build all the images required for Total Compute platform"
LICENSE = "Apache-2.0"
COMPATIBLE_MACHINE = "(tc?)"
inherit nopackages
# The last image to be built is trusted-firmware-a
DEPENDS += " trusted-firmware-a"
meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-juno.inc
+15
View File
@@ -0,0 +1,15 @@
# juno specific SCP configuration
COMPATIBLE_MACHINE = "juno"
FW_TARGETS = "scp"
FW_INSTALL:append = " romfw_bypass"
do_install:append() {
for TYPE in ${FW_INSTALL}; do
if [ "$TYPE" = "romfw_bypass" ]; then
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.bin" "${D}/firmware/${FW}_${TYPE}.bin"
install -D "${B}/${TYPE}/${FW_TARGETS}/bin/${SCP_PLATFORM}-bl1-bypass.elf" "${D}/firmware/${FW}_${TYPE}.elf"
fi
done
}
meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-n1sdp.inc
+35
View File
@@ -0,0 +1,35 @@
# N1SDP specific SCP configurations and build instructions
COMPATIBLE_MACHINE:n1sdp = "n1sdp"
SCP_LOG_LEVEL = "INFO"
DEPENDS += "fiptool-native"
DEPENDS += "trusted-firmware-a"
DEPENDS += "n1sdp-board-firmware"
# The n1sdp sensor library is needed for building SCP N1SDP Platform
# https://github.com/ARM-software/SCP-firmware/tree/master/product/n1sdp
EXTRA_OECMAKE:append = " \
-DSCP_N1SDP_SENSOR_LIB_PATH=${RECIPE_SYSROOT}/n1sdp-board-firmware_source/LIB/sensor.a \
"
do_install:append() {
fiptool \
create \
--scp-fw "${D}/firmware/scp_ramfw.bin" \
--blob uuid=cfacc2c4-15e8-4668-82be-430a38fad705,file="${RECIPE_SYSROOT}/firmware/bl1.bin" \
"scp_fw.bin"
# This UUID is FIP_UUID_MCP_BL2 in SCP-Firmware.
fiptool \
create \
--blob uuid=54464222-a4cf-4bf8-b1b6-cee7dade539e,file="${D}/firmware/mcp_ramfw.bin" \
"mcp_fw.bin"
install "scp_fw.bin" "${D}/firmware/scp_fw.bin"
install "mcp_fw.bin" "${D}/firmware/mcp_fw.bin"
ln -sf "scp_romfw.bin" "${D}/firmware/scp_rom.bin"
ln -sf "mcp_romfw.bin" "${D}/firmware/mcp_rom.bin"
}
meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-sgi575.inc
+5
View File
@@ -0,0 +1,5 @@
# SGI575 specific SCP configurations and build instructions
COMPATIBLE_MACHINE:sgi575 = "sgi575"
SCP_LOG_LEVEL = "INFO"
meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-tc.inc
+5
View File
@@ -0,0 +1,5 @@
# TC specific SCP configuration
COMPATIBLE_MACHINE = "(tc1)"
FW_TARGETS = "scp"
meta-arm/meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware_%.bbappend
+10
View File
@@ -0,0 +1,10 @@
# Include machine specific SCP configurations
MACHINE_SCP_REQUIRE ?= ""
MACHINE_SCP_REQUIRE:juno = "scp-firmware-juno.inc"
MACHINE_SCP_REQUIRE:n1sdp = "scp-firmware-n1sdp.inc"
MACHINE_SCP_REQUIRE:sgi575 = "scp-firmware-sgi575.inc"
MACHINE_SCP_REQUIRE:tc = "scp-firmware-tc.inc"
require ${MACHINE_SCP_REQUIRE}
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0001-Fix-FF-A-version-in-SPMC-manifest.patch
+34
View File
@@ -0,0 +1,34 @@
Upstream-Status: Inappropriate
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
From a31aee0988ef64724ec5866f10709f51f8cb3237 Mon Sep 17 00:00:00 2001
From: emeara01 <emekcan.aras@arm.com>
Date: Wed, 11 May 2022 14:37:06 +0100
Subject: [PATCH] Fix FF-A version in SPMC manifest
OPTEE does not support FF-A version 1.1 in SPMC at the moment.
This commit corrects the FF-A version in corstone1000_spmc_manifest.dts.
This patch will not be upstreamed and will be dropped once
OPTEE version is updated for Corstone1000.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
---
.../corstone1000/common/fdts/corstone1000_spmc_manifest.dts | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
index 8e49ab83f..5baa1b115 100644
--- a/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
+++ b/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts
@@ -20,7 +20,7 @@
attribute {
spmc_id = <0x8000>;
maj_ver = <0x1>;
- min_ver = <0x1>;
+ min_ver = <0x0>;
exec_state = <0x0>;
load_address = <0x0 0x2002000>;
entrypoint = <0x0 0x2002000>;
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/corstone1000/0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch
+167
View File
@@ -0,0 +1,167 @@
From 360aa32846a97e775750e06865d462c6258179fa Mon Sep 17 00:00:00 2001
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Date: Mon, 9 Jan 2023 13:59:06 +0000
Subject: [PATCH] feat(corstone1000): bl2 loads fip based on metadata
Previously bl2 was reading the boot_index directly with a hard coded
address and then set the fip image spec with fip offsets base based on
the boot_index value.
This commit removes this logic and rely on PSA_FWU_SUPPORT
which reads the fip partition based on the active firmware bank written in
metadata.
Note: fip partition contains signature area at the begining. Hence, the fip
image starts at fip partition + fip signature area size.
Upstream-Status: Pending
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
%% original patch: 0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch
---
bl2/bl2_main.c | 4 +++
.../corstone1000/common/corstone1000_plat.c | 32 ++++++-------------
.../common/include/platform_def.h | 12 +++----
tools/cert_create/Makefile | 4 +--
tools/fiptool/Makefile | 4 +--
5 files changed, 24 insertions(+), 32 deletions(-)
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index 5da803795..f25dc3029 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -86,6 +86,10 @@ void bl2_main(void)
/* Perform remaining generic architectural setup in S-EL1 */
bl2_arch_setup();
+#if ARM_GPT_SUPPORT
+ partition_init(GPT_IMAGE_ID);
+#endif
+
#if PSA_FWU_SUPPORT
fwu_init();
#endif /* PSA_FWU_SUPPORT */
diff --git a/plat/arm/board/corstone1000/common/corstone1000_plat.c b/plat/arm/board/corstone1000/common/corstone1000_plat.c
index 0235f8b84..7f9708a82 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_plat.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_plat.c
@@ -33,36 +33,17 @@ const mmap_region_t plat_arm_mmap[] = {
static void set_fip_image_source(void)
{
const struct plat_io_policy *policy;
- /*
- * metadata for firmware update is written at 0x0000 offset of the flash.
- * PLAT_ARM_BOOT_BANK_FLAG contains the boot bank that TF-M is booted.
- * As per firmware update spec, at a given point of time, only one bank
- * is active. This means, TF-A should boot from the same bank as TF-M.
- */
- volatile uint32_t *boot_bank_flag = (uint32_t *)(PLAT_ARM_BOOT_BANK_FLAG);
-
- if (*boot_bank_flag > 1) {
- VERBOSE("Boot_bank is set higher than possible values");
- }
-
- VERBOSE("Boot bank flag = %u.\n\r", *boot_bank_flag);
policy = FCONF_GET_PROPERTY(arm, io_policies, FIP_IMAGE_ID);
assert(policy != NULL);
assert(policy->image_spec != 0UL);
+ /* FIP Partition contains Signature area at the begining which TF-A doesn't expect */
io_block_spec_t *spec = (io_block_spec_t *)policy->image_spec;
+ spec->offset += FIP_SIGNATURE_AREA_SIZE;
+ spec->length -= FIP_SIGNATURE_AREA_SIZE;
- if ((*boot_bank_flag) == 0) {
- VERBOSE("Booting from bank 0: fip offset = 0x%lx\n\r",
- PLAT_ARM_FIP_BASE_BANK0);
- spec->offset = PLAT_ARM_FIP_BASE_BANK0;
- } else {
- VERBOSE("Booting from bank 1: fip offset = 0x%lx\n\r",
- PLAT_ARM_FIP_BASE_BANK1);
- spec->offset = PLAT_ARM_FIP_BASE_BANK1;
- }
}
void bl2_platform_setup(void)
@@ -75,6 +56,13 @@ void bl2_platform_setup(void)
set_fip_image_source();
}
+void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
+{
+ arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ NOTICE("CS1k: early at bl2_platform_setup\n");
+}
+
/* corstone1000 only has one always-on power domain and there
* is no power control present
*/
diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
index 584d485f3..0bfab05a4 100644
--- a/plat/arm/board/corstone1000/common/include/platform_def.h
+++ b/plat/arm/board/corstone1000/common/include/platform_def.h
@@ -173,16 +173,16 @@
/* NOR Flash */
-#define PLAT_ARM_BOOT_BANK_FLAG UL(0x08002000)
-#define PLAT_ARM_FIP_BASE_BANK0 UL(0x081EF000)
-#define PLAT_ARM_FIP_BASE_BANK1 UL(0x0916F000)
-#define PLAT_ARM_FIP_MAX_SIZE UL(0x1ff000) /* 1.996 MB */
-
#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
#define PLAT_ARM_NVM_SIZE (SZ_32M) /* 32 MB */
+#define PLAT_ARM_FIP_MAX_SIZE UL(0x1ff000) /* 1.996 MB */
-#define PLAT_ARM_FLASH_IMAGE_BASE PLAT_ARM_FIP_BASE_BANK0
+#define PLAT_ARM_FLASH_IMAGE_BASE UL(0x08000000)
#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE PLAT_ARM_FIP_MAX_SIZE
+#define PLAT_ARM_FIP_OFFSET_IN_GPT (0x86000)
+
+/* FIP Information */
+#define FIP_SIGNATURE_AREA_SIZE (0x1000) /* 4 KB */
/*
* Some data must be aligned on the biggest cache line size in the platform.
diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile
index ca548b836..32b5486a0 100644
--- a/tools/cert_create/Makefile
+++ b/tools/cert_create/Makefile
@@ -69,8 +69,8 @@ INC_DIR += -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include
# directory. However, for a local build of OpenSSL, the built binaries are
# located under the main project directory (i.e.: ${OPENSSL_DIR}, not
# ${OPENSSL_DIR}/lib/).
-LIB_DIR := -L ${OPENSSL_DIR}/lib -L ${OPENSSL_DIR}
-LIB := -lssl -lcrypto
+LIB_DIR := -L ${OPENSSL_DIR}/lib -L ${OPENSSL_DIR} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS}
+LIB := -lssl -lcrypto ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS}
HOSTCC ?= gcc
diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile
index e6aeba95b..7c047479e 100644
--- a/tools/fiptool/Makefile
+++ b/tools/fiptool/Makefile
@@ -29,7 +29,7 @@ endif
# directory. However, for a local build of OpenSSL, the built binaries are
# located under the main project directory (i.e.: ${OPENSSL_DIR}, not
# ${OPENSSL_DIR}/lib/).
-LDLIBS := -L${OPENSSL_DIR}/lib -L${OPENSSL_DIR} -lcrypto
+LDLIBS := -L${OPENSSL_DIR}/lib -L${OPENSSL_DIR} -lcrypto ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS} ${BUILD_LDFLAGS}
ifeq (${V},0)
Q := @
@@ -37,7 +37,7 @@ else
Q :=
endif
-INCLUDE_PATHS := -I../../include/tools_share -I${OPENSSL_DIR}/include
+INCLUDE_PATHS := -I../../include/tools_share -I${OPENSSL_DIR}/include ${BUILD_CFLAGS} ${BUILD_CFLAGS} ${BUILD_CFLAGS} ${BUILD_CFLAGS} ${BUILD_CFLAGS} ${BUILD_CFLAGS}
HOSTCC ?= gcc
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/files/tc/generate_metadata.py
+63
View File
@@ -0,0 +1,63 @@
#!/usr/bin/env python3
# Copyright (c) 2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
import argparse
import uuid
import zlib
def main(metadata_file, img_type_uuids, location_uuids, img_uuids):
def add_field_to_metadata(value):
# Write the integer values to file in little endian representation
with open(metadata_file, "ab") as fp:
fp.write(value.to_bytes(4, byteorder='little'))
def add_uuid_to_metadata(uuid_str):
# Validate UUID string and write to file in little endian representation
uuid_val = uuid.UUID(uuid_str)
with open(metadata_file, "ab") as fp:
fp.write(uuid_val.bytes_le)
# Fill metadata preamble
add_field_to_metadata(1) #version=1
add_field_to_metadata(0) #active_index=0
add_field_to_metadata(0) #previous_active_index=0
for img_type_uuid, location_uuid in zip(img_type_uuids, location_uuids):
# Fill metadata image entry
add_uuid_to_metadata(img_type_uuid) # img_type_uuid
add_uuid_to_metadata(location_uuid) # location_uuid
for img_uuid in img_uuids:
# Fill metadata bank image info
add_uuid_to_metadata(img_uuid) # image unique bank_uuid
add_field_to_metadata(1) # accepted=1
add_field_to_metadata(0) # reserved (MBZ)
# Prepend CRC32
with open(metadata_file, 'rb+') as fp:
content = fp.read()
crc = zlib.crc32(content)
fp.seek(0)
fp.write(crc.to_bytes(4, byteorder='little') + content)
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument('--metadata_file', required=True,
help='Output binary file to store the metadata')
parser.add_argument('--img_type_uuids', type=str, nargs='+', required=True,
help='A list of UUIDs identifying the image types')
parser.add_argument('--location_uuids', type=str, nargs='+', required=True,
help='A list of UUIDs of the storage volumes where the images are located. '
'Must have the same length as img_type_uuids.')
parser.add_argument('--img_uuids', type=str, nargs='+', required=True,
help='A list UUIDs of the images in a firmware bank')
args = parser.parse_args()
if len(args.img_type_uuids) != len(args.location_uuids):
parser.print_help()
raise argparse.ArgumentError(None, 'Arguments img_type_uuids and location_uuids must have the same length.')
main(args.metadata_file, args.img_type_uuids, args.location_uuids, args.img_uuids)
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend
+4
View File
@@ -0,0 +1,4 @@
# Machine specific TFAs
COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
SRCREV:corstone1000 = "5f591f67738a1bbe6b262c53d9dad46ed8bbcd67"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc
+47
View File
@@ -0,0 +1,47 @@
# Corstone1000 64-bit machines specific TFA support
COMPATIBLE_MACHINE = "(corstone1000)"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/corstone1000:"
SRC_URI:append = " \
file://0001-Fix-FF-A-version-in-SPMC-manifest.patch \
file://0002-feat-corstone1000-bl2-loads-fip-based-on-metadata.patch \
"
#Sets TF-A version to 2.8.0
SRCREV_tfa = "9881bb93a3bc0a3ea37e9f093e09ab4b360a9e48"
PV = "2.8.0"
TFA_DEBUG = "1"
TFA_UBOOT ?= "1"
TFA_MBEDTLS = "1"
TFA_BUILD_TARGET = "bl2 bl31 fip"
# Enabling Secure-EL1 Payload Dispatcher (SPD)
TFA_SPD = "spmd"
# Cortex-A35 supports Armv8.0-A (no S-EL2 execution state).
# So, the SPD SPMC component should run at the S-EL1 execution state
TFA_SPMD_SPM_AT_SEL2 = "0"
# BL2 loads BL32 (optee). So, optee needs to be built first:
DEPENDS += "optee-os"
EXTRA_OEMAKE:append = " \
ARCH=aarch64 \
TARGET_PLATFORM=${TFA_TARGET_PLATFORM} \
ENABLE_STACK_PROTECTOR=strong \
ENABLE_PIE=1 \
BL2_AT_EL3=1 \
CREATE_KEYS=1 \
GENERATE_COT=1 \
TRUSTED_BOARD_BOOT=1 \
ARM_GPT_SUPPORT=1 \
PSA_FWU_SUPPORT=1 \
NR_OF_IMAGES_IN_FW_BANK=4 \
COT=tbbr \
ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
BL32=${RECIPE_SYSROOT}/lib/firmware/tee-pager_v2.bin \
LOG_LEVEL=50 \
"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone500.inc
+17
View File
@@ -0,0 +1,17 @@
# Corstone-500 specific TFA support
COMPATIBLE_MACHINE = "corstone500"
TFA_PLATFORM = "a5ds"
TFA_DEBUG = "1"
TFA_UBOOT = "1"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1.bin fip.bin"
EXTRA_OEMAKE:append = " \
ARCH=aarch32 \
FVP_HW_CONFIG_DTS=fdts/a5ds.dts \
ARM_ARCH_MAJOR=7 \
AARCH32_SP=sp_min \
ARM_CORTEX_A5=yes \
ARM_XLAT_TABLES_LIB_V1=1 \
"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-fvp.inc
+12
View File
@@ -0,0 +1,12 @@
# FVP specific TFA parameters
#
# Armv8-A Base Platform FVP
#
COMPATIBLE_MACHINE = "fvp-base"
TFA_PLATFORM = "fvp"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT ?= "1"
TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-juno.inc
+13
View File
@@ -0,0 +1,13 @@
# Juno specific TFA support
COMPATIBLE_MACHINE = "juno"
TFA_PLATFORM = "juno"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT ?= "1"
TFA_BUILD_TARGET = "bl1 bl2 bl31 dtbs fip"
# Juno needs the System Control Processor Firmware
DEPENDS += "virtual/control-processor-firmware"
EXTRA_OEMAKE:append = " SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc
+31
View File
@@ -0,0 +1,31 @@
# N1SDP specific TFA support
COMPATIBLE_MACHINE = "n1sdp"
TFA_PLATFORM = "n1sdp"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 bl2 bl31 n1sdp-multi-chip n1sdp-single-chip n1sdp_fw_config n1sdp_tb_fw_config fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
TFA_ROT_KEY= "plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
# Enabling Secure-EL1 Payload Dispatcher (SPD)
TFA_SPD = "spmd"
# Cortex-A35 supports Armv8.0-A (no S-EL2 execution state).
# So, the SPD SPMC component should run at the S-EL1 execution state
TFA_SPMD_SPM_AT_SEL2 = "0"
# BL2 loads BL32 (optee). So, optee needs to be built first:
DEPENDS += "optee-os"
EXTRA_OEMAKE:append = "\
TRUSTED_BOARD_BOOT=1 \
GENERATE_COT=1 \
CREATE_KEYS=1 \
ARM_ROTPK_LOCATION="devel_rsa" \
ROT_KEY="${TFA_ROT_KEY}" \
BL32=${RECIPE_SYSROOT}/lib/firmware/tee-pager_v2.bin \
BL33=${RECIPE_SYSROOT}/firmware/uefi.bin \
"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-sgi575.inc
+13
View File
@@ -0,0 +1,13 @@
# SGI575 specific TFA support
COMPATIBLE_MACHINE = "sgi575"
TFA_PLATFORM = "sgi575"
TFA_BUILD_TARGET = "all fip"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_DEBUG = "1"
TFA_MBEDTLS = "1"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-tc.inc
+134
View File
@@ -0,0 +1,134 @@
# TC0 specific TFA configuration
DEPENDS += "scp-firmware util-linux-native gptfdisk-native"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/tc:"
SRC_URI:append = " \
file://generate_metadata.py \
"
COMPATIBLE_MACHINE = "(tc?)"
TFA_PLATFORM = "tc"
TFA_BUILD_TARGET = "all fip"
TFA_UBOOT = "1"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_MBEDTLS = "1"
TFA_DEBUG = "1"
TFA_SPD = "spmd"
TFA_SPMD_SPM_AT_SEL2 = "1"
TFA_TARGET_PLATFORM:tc0 = "0"
TFA_TARGET_PLATFORM:tc1 = "1"
EXTRA_OEMAKE += "TARGET_PLATFORM=${TFA_TARGET_PLATFORM}"
# Set optee as SP. Set spmc manifest and sp layout file to optee
DEPENDS += "optee-os"
TFA_SP_LAYOUT_FILE = "${RECIPE_SYSROOT}/lib/firmware/sp_layout.json"
TFA_ARM_SPMC_MANIFEST_DTS = "plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts"
EXTRA_OEMAKE += "SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
EXTRA_OEMAKE += "PSA_FWU_SUPPORT=1 ARM_GPT_SUPPORT=1"
EXTRA_OEMAKE += "CTX_INCLUDE_MTE_REGS=1"
do_generate_gpt() {
gpt_image="${BUILD_DIR}/fip_gpt.bin"
fip_bin="${BUILD_DIR}/fip.bin"
# the FIP partition type is not standardized, so generate one
fip_type_uuid=`uuidgen --sha1 --namespace @dns --name "fip_type_uuid"`
# metadata partition type UUID, specified by the document:
# Platform Security Firmware Update for the A-profile Arm Architecture
# version: 1.0BET0
metadata_type_uuid="8a7a84a0-8387-40f6-ab41-a8b9a5a60d23"
location_uuid=`uuidgen`
FIP_A_uuid=`uuidgen`
FIP_B_uuid=`uuidgen`
# maximum FIP size 4MB. This is the current size of the FIP rounded up to an integer number of MB.
fip_max_size=4194304
fip_bin_size=$(stat -c %s $fip_bin)
if [ $fip_max_size -lt $fip_bin_size ]; then
bberror "FIP binary ($fip_bin_size bytes) is larger than the GPT partition ($fip_max_size bytes)"
fi
# maximum metadata size 512B. This is the current size of the metadata rounded up to an integer number of sectors.
metadata_max_size=512
metadata_file="${BUILD_DIR}/metadata.bin"
python3 ${WORKDIR}/generate_metadata.py --metadata_file $metadata_file \
--img_type_uuids $fip_type_uuid \
--location_uuids $location_uuid \
--img_uuids $FIP_A_uuid $FIP_B_uuid
# create GPT image. The GPT contains 2 FIP partitions: FIP_A and FIP_B, and 2 metadata partitions: FWU-Metadata and Bkup-FWU-Metadata.
# the GPT layout is the following:
# -----------------------
# Protective MBR
# -----------------------
# Primary GPT Header
# -----------------------
# FIP_A
# -----------------------
# FIP_B
# -----------------------
# FWU-Metadata
# -----------------------
# Bkup-FWU-Metadata
# -----------------------
# Secondary GPT Header
# -----------------------
sector_size=512
gpt_header_size=33 # valid only for 512-byte sectors
num_sectors_fip=`expr $fip_max_size / $sector_size`
num_sectors_metadata=`expr $metadata_max_size / $sector_size`
start_sector_1=`expr 1 + $gpt_header_size` # size of MBR is 1 sector
start_sector_2=`expr $start_sector_1 + $num_sectors_fip`
start_sector_3=`expr $start_sector_2 + $num_sectors_fip`
start_sector_4=`expr $start_sector_3 + $num_sectors_metadata`
num_sectors_gpt=`expr $start_sector_4 + $num_sectors_metadata + $gpt_header_size`
gpt_size=`expr $num_sectors_gpt \* $sector_size`
# create raw image
dd if=/dev/zero of=$gpt_image bs=$gpt_size count=1
# create the GPT layout
sgdisk $gpt_image \
--set-alignment 1 \
--disk-guid $location_uuid \
\
--new 1:$start_sector_1:+$num_sectors_fip \
--change-name 1:FIP_A \
--typecode 1:$fip_type_uuid \
--partition-guid 1:$FIP_A_uuid \
\
--new 2:$start_sector_2:+$num_sectors_fip \
--change-name 2:FIP_B \
--typecode 2:$fip_type_uuid \
--partition-guid 2:$FIP_B_uuid \
\
--new 3:$start_sector_3:+$num_sectors_metadata \
--change-name 3:FWU-Metadata \
--typecode 3:$metadata_type_uuid \
\
--new 4:$start_sector_4:+$num_sectors_metadata \
--change-name 4:Bkup-FWU-Metadata \
--typecode 4:$metadata_type_uuid
# populate the GPT partitions
dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_1 count=$num_sectors_fip conv=notrunc
dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_2 count=$num_sectors_fip conv=notrunc
dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_3 count=$num_sectors_metadata conv=notrunc
dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_4 count=$num_sectors_metadata conv=notrunc
}
addtask do_generate_gpt after do_compile before do_install
do_install:append() {
install -m 0644 ${BUILD_DIR}/fip_gpt.bin ${D}/firmware/fip_gpt-tc.bin
ln -sf fip_gpt-tc.bin ${D}/firmware/fip_gpt.bin
}
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend
+14
View File
@@ -0,0 +1,14 @@
FILESEXTRAPATHS:prepend := "${THISDIR}/files/:"
# Machine specific TFAs
MACHINE_TFA_REQUIRE ?= ""
MACHINE_TFA_REQUIRE:corstone500 = "trusted-firmware-a-corstone500.inc"
MACHINE_TFA_REQUIRE:corstone1000 = "trusted-firmware-a-corstone1000.inc"
MACHINE_TFA_REQUIRE:fvp-base = "trusted-firmware-a-fvp.inc"
MACHINE_TFA_REQUIRE:juno = "trusted-firmware-a-juno.inc"
MACHINE_TFA_REQUIRE:n1sdp = "trusted-firmware-a-n1sdp.inc"
MACHINE_TFA_REQUIRE:sgi575 = "trusted-firmware-a-sgi575.inc"
MACHINE_TFA_REQUIRE:tc = "trusted-firmware-a-tc.inc"
require ${MACHINE_TFA_REQUIRE}
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-make-sure-to-write-fwu-metadata-to-repl.patch
+43
View File
@@ -0,0 +1,43 @@
From 0ee6842d348e206d511ec89a7ff5b29a6f325456 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Sun, 29 Jan 2023 19:01:08 +0000
Subject: [PATCH] corstone1000: make sure to write fwu metadata to replica 2
u-boot and other, before using fwu metadata validate if
the copies in both replicas are good. so, make sure
we write fwu metadata in both replicas.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20550]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
.../arm/corstone1000/fw_update_agent/fwu_agent.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index e1fa297ac923..215902ce71b9 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -238,6 +238,20 @@ static enum fwu_agent_error_t metadata_write(
return FWU_AGENT_ERROR;
}
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
p_metadata->active_index, p_metadata->previous_active_index);
return FWU_AGENT_SUCCESS;
--
2.39.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-corstone1000-get-fwu-and-private-metadata-f.patch
+307
View File
@@ -0,0 +1,307 @@
From 4a4d1b0a5a2455ad799a45f7f87c0c9fd0173034 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Wed, 29 Mar 2023 10:58:32 +0100
Subject: [PATCH] Platform: Corstone1000: get fwu and private metadata from gpt
Read and Write the FWU metadata and private metadata using instead
static flash offsets get the partitions and start address from gpt
partition table.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20551]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
.../target/arm/corstone1000/CMakeLists.txt | 7 ++
.../corstone1000/fw_update_agent/fwu_agent.c | 90 +++++++++++++++----
.../target/arm/corstone1000/partition/efi.h | 1 +
.../arm/corstone1000/partition/partition.c | 14 +++
.../arm/corstone1000/partition/partition.h | 1 +
.../ext/target/arm/corstone1000/platform.h | 5 ++
6 files changed, 99 insertions(+), 19 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index 19863bcdb6d2..f232c7639bd5 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -64,6 +64,8 @@ target_include_directories(platform_s
cc312
fw_update_agent
soft_crc
+ io
+ partition
)
target_sources(platform_s
@@ -81,6 +83,11 @@ target_sources(platform_s
fw_update_agent/fwu_agent.c
fw_update_agent/uefi_fmp.c
soft_crc/soft_crc.c
+ io/io_block.c
+ io/io_flash.c
+ io/io_storage.c
+ partition/partition.c
+ partition/gpt.c
$<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c>
)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index b6ed656de833..9c76b25a3a38 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -14,6 +14,8 @@
#include "region_defs.h"
#include "uefi_capsule_parser.h"
#include "flash_common.h"
+#include "partition.h"
+#include "platform.h"
#include "platform_base_address.h"
#include "platform_description.h"
#include "tfm_plat_nv_counters.h"
@@ -146,6 +148,8 @@ extern ARM_DRIVER_FLASH FWU_METADATA_FLASH_DEV;
static enum fwu_agent_error_t private_metadata_read(
struct fwu_private_metadata* p_metadata)
{
+ partition_entry_t *part;
+ uuid_t private_uuid = PRIVATE_METADATA_TYPE_UUID;
int ret;
FWU_LOG_MSG("%s: enter\n\r", __func__);
@@ -154,7 +158,13 @@ static enum fwu_agent_error_t private_metadata_read(
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET, p_metadata,
+ part = get_partition_entry_by_type(&private_uuid);
+ if (!part) {
+ FWU_LOG_MSG("Private metadata partition not found\n\r");
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(part->start, p_metadata,
sizeof(struct fwu_private_metadata));
if (ret < 0 || ret != sizeof(struct fwu_private_metadata)) {
return FWU_AGENT_ERROR;
@@ -169,6 +179,8 @@ static enum fwu_agent_error_t private_metadata_read(
static enum fwu_agent_error_t private_metadata_write(
struct fwu_private_metadata* p_metadata)
{
+ uuid_t private_uuid = PRIVATE_METADATA_TYPE_UUID;
+ partition_entry_t *part;
int ret;
FWU_LOG_MSG("%s: enter: boot_index = %u\n\r", __func__,
@@ -178,12 +190,18 @@ static enum fwu_agent_error_t private_metadata_write(
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET);
+ part = get_partition_entry_by_type(&private_uuid);
+ if (!part) {
+ FWU_LOG_MSG("Private metadata partition not found\n\r");
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(part->start);
if (ret != ARM_DRIVER_OK) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET,
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(part->start,
p_metadata, sizeof(struct fwu_private_metadata));
if (ret < 0 || ret != sizeof(struct fwu_private_metadata)) {
return FWU_AGENT_ERROR;
@@ -219,16 +237,25 @@ static enum fwu_agent_error_t metadata_validate(struct fwu_metadata *p_metadata)
static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metadata *p_metadata)
{
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+ partition_entry_t *part;
int ret;
- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
- FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
-
if (!p_metadata) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
+ part = get_partition_entry_by_type(&metadata_uuid);
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ part->start, sizeof(struct fwu_metadata));
+
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(part->start,
p_metadata, sizeof(struct fwu_metadata));
if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
return FWU_AGENT_ERROR;
@@ -242,16 +269,24 @@ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metada
static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
{
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+ partition_entry_t *part;
int ret;
- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
- FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
-
if (!p_metadata) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
+ part = get_partition_entry_by_type(&metadata_uuid);
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ part->start, sizeof(struct fwu_metadata));
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(part->start,
p_metadata, sizeof(struct fwu_metadata));
if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
return FWU_AGENT_ERROR;
@@ -270,35 +305,49 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
static enum fwu_agent_error_t metadata_write(
struct fwu_metadata *p_metadata)
{
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+ partition_entry_t *part;
int ret;
- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
- FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
-
if (!p_metadata) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_1_OFFSET);
+ part = get_partition_entry_by_type(&metadata_uuid);
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ part->start, sizeof(struct fwu_metadata));
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(part->start);
if (ret != ARM_DRIVER_OK) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_1_OFFSET,
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(part->start,
p_metadata, sizeof(struct fwu_metadata));
if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
return FWU_AGENT_ERROR;
}
+ part = get_partition_replica_by_type(&metadata_uuid);
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata replica partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+ }
+
FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
- FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+ part->start, sizeof(struct fwu_metadata));
- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(part->start);
if (ret != ARM_DRIVER_OK) {
return FWU_AGENT_ERROR;
}
- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(part->start,
p_metadata, sizeof(struct fwu_metadata));
if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
return FWU_AGENT_ERROR;
@@ -355,6 +404,9 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
FWU_LOG_MSG("%s: enter\n\r", __func__);
+ plat_io_storage_init();
+ partition_init(PLATFORM_GPT_IMAGE);
+
ret = fwu_metadata_init();
if (ret) {
return ret;
diff --git a/platform/ext/target/arm/corstone1000/partition/efi.h b/platform/ext/target/arm/corstone1000/partition/efi.h
index f66daffb32d6..7e6a4bc883e6 100644
--- a/platform/ext/target/arm/corstone1000/partition/efi.h
+++ b/platform/ext/target/arm/corstone1000/partition/efi.h
@@ -8,6 +8,7 @@
#ifndef DRIVERS_PARTITION_EFI_H
#define DRIVERS_PARTITION_EFI_H
+#include <stdint.h>
#include <string.h>
#include "uuid.h"
diff --git a/platform/ext/target/arm/corstone1000/partition/partition.c b/platform/ext/target/arm/corstone1000/partition/partition.c
index afc6aa1c5cb8..d76e123d728f 100644
--- a/platform/ext/target/arm/corstone1000/partition/partition.c
+++ b/platform/ext/target/arm/corstone1000/partition/partition.c
@@ -293,6 +293,20 @@ const partition_entry_t *get_partition_entry_by_type(const uuid_t *type_uuid) {
return NULL;
}
+const partition_entry_t *get_partition_replica_by_type(const uuid_t *type_uuid) {
+ int count = 0;
+ int i;
+
+ for (i = 0; i < list.entry_count; i++) {
+ if (guidcmp(type_uuid, &list.list[i].type_guid) == 0) {
+ if (++count == 2)
+ return &list.list[i];
+ }
+ }
+
+ return NULL;
+}
+
const partition_entry_t *get_partition_entry_by_uuid(const uuid_t *part_uuid) {
int i;
diff --git a/platform/ext/target/arm/corstone1000/partition/partition.h b/platform/ext/target/arm/corstone1000/partition/partition.h
index 54af47aca415..450cf20a073c 100644
--- a/platform/ext/target/arm/corstone1000/partition/partition.h
+++ b/platform/ext/target/arm/corstone1000/partition/partition.h
@@ -40,6 +40,7 @@ typedef struct partition_entry_list {
int load_partition_table(unsigned int image_id);
const partition_entry_t *get_partition_entry(const char *name);
const partition_entry_t *get_partition_entry_by_type(const uuid_t *type_guid);
+const partition_entry_t *get_partition_replica_by_type(const uuid_t *type_uuid);
const partition_entry_t *get_partition_entry_by_uuid(const uuid_t *part_uuid);
const partition_entry_list_t *get_partition_entry_list(void);
void partition_init(unsigned int image_id);
diff --git a/platform/ext/target/arm/corstone1000/platform.h b/platform/ext/target/arm/corstone1000/platform.h
index 894f5e309029..a88093ed4f9d 100644
--- a/platform/ext/target/arm/corstone1000/platform.h
+++ b/platform/ext/target/arm/corstone1000/platform.h
@@ -13,6 +13,11 @@ typedef enum {
PLATFORM_IMAGE_COUNT,
}platform_image_id_t;
+#define FWU_METADATA_TYPE_UUID \
+ ((uuid_t){{0xa0, 0x84, 0x7a, 0x8a}, {0x87, 0x83}, {0xf6, 0x40}, 0xab, 0x41, {0xa8, 0xb9, 0xa5, 0xa6, 0x0d, 0x23}})
+#define PRIVATE_METADATA_TYPE_UUID \
+ ((uuid_t){{0xc3, 0x5d, 0xb5, 0xec}, {0xb7, 0x8a}, {0x84, 0x4a}, 0xab, 0x56, {0xeb, 0x0a, 0x99, 0x74, 0xdb, 0x42}})
+
/* Initialize io storage of the platform */
int32_t plat_io_storage_init(void);
--
2.40.0
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-Platform-corstone1000-Add-watchdog_reset_timer.patch
+47
View File
@@ -0,0 +1,47 @@
From 33d8f45c8f14e9e0d7add7d2804ed76c7d7fd0c2 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Sat, 25 Feb 2023 09:04:38 +0000
Subject: [PATCH 1/7] Platform: corstone1000: Add watchdog_reset_timer
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Implement watchdog_reset_timer
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20552]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I2684ca54f9a456b22efcbcd364abef3537d4c91f
---
.../arm/corstone1000/Native_Driver/watchdog.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
index 4e024a3b1..f6e182194 100644
--- a/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
+++ b/platform/ext/target/arm/corstone1000/Native_Driver/watchdog.c
@@ -80,6 +80,23 @@ int corstone1000_watchdog_init()
return ARM_DRIVER_OK;
}
+/**
+ * \brief Reset the Secure Enclave & SoC Watchdog's.
+ *
+ * \returns ARM Driver return code.
+ */
+int corstone1000_watchdog_reset_timer() {
+ /* Unlock, clear and lock the watchdog timer */
+ arm_watchdog_unlock(&SE_WD_DEV);
+ arm_watchdog_clear_interrupt_and_refresh_counter(&SE_WD_DEV);
+ arm_watchdog_lock(&SE_WD_DEV);
+ /* Unlock, clear and lock the watchdog timer */
+ arm_watchdog_unlock(&SOC_WD_DEV);
+ arm_watchdog_clear_interrupt_and_refresh_counter(&SOC_WD_DEV);
+ arm_watchdog_lock(&SOC_WD_DEV);
+ return ARM_DRIVER_OK;
+}
+
/*
* Secure Host Watchdog WS1 Handler
* efi_reset_system from the host triggers "Secure
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s.patch
+1034
View File
File diff suppressed because it is too large Load Diff
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s-B.patch
+202
View File
@@ -0,0 +1,202 @@
From d5a7cde4648d2247f83a0f259aa088152199dfbd Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 27 Feb 2023 20:58:30 +0000
Subject: [PATCH 2/6] Platform: corstone1000: Replace MCUBOOT BL1 by TFM's
(BL2)
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Set region_defs of BL2 correctly
Set FLASH Areas 0 and 1 to have BL2
Set FLASH Areas 2 and 3 to have TFM
Set FLASH Areas 4 and 5 to have FIP
Initialize FLASH in BL1_2 boot platform code
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20554]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I987d29cb6318b8b30cafab67d24f446aaadfe500
---
.../arm/corstone1000/bl1/boot_hal_bl1.c | 14 +++++++
.../target/arm/corstone1000/bl2_flash_map.c | 8 ++--
.../ext/target/arm/corstone1000/config.cmake | 3 ++
.../arm/corstone1000/partition/flash_layout.h | 41 +++++++++++++------
.../arm/corstone1000/partition/region_defs.h | 4 +-
5 files changed, 51 insertions(+), 19 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
index 678342443..2124720b2 100644
--- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
@@ -638,6 +638,13 @@ int32_t boot_platform_init(void)
int32_t boot_platform_post_init(void)
{
+ int32_t result;
+ if (platform_code_is_bl1_2) {
+ result = FLASH_DEV_NAME.Initialize(NULL);
+ if (result != ARM_DRIVER_OK) {
+ return 1;
+ }
+ }
return 0;
}
@@ -665,6 +672,13 @@ void boot_platform_quit(struct boot_arm_vector_table *vt)
stdio_uninit();
#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */
+ if (platform_code_is_bl1_2) {
+ result = FLASH_DEV_NAME.Uninitialize();
+ if (result != ARM_DRIVER_OK) {
+ return 1;
+ }
+ }
+
result = corstone1000_watchdog_reset_timer();
if (result != ARM_DRIVER_OK) {
while (1);
diff --git a/platform/ext/target/arm/corstone1000/bl2_flash_map.c b/platform/ext/target/arm/corstone1000/bl2_flash_map.c
index 599f80b41..2b1cdfa19 100644
--- a/platform/ext/target/arm/corstone1000/bl2_flash_map.c
+++ b/platform/ext/target/arm/corstone1000/bl2_flash_map.c
@@ -25,14 +25,14 @@ extern ARM_DRIVER_FLASH FLASH_DEV_NAME;
*/
struct flash_area flash_map[] = {
{
- .fa_id = FLASH_AREA_0_ID,
+ .fa_id = FLASH_AREA_2_ID,
.fa_device_id = FLASH_DEVICE_ID,
.fa_driver = &FLASH_DEV_NAME,
.fa_off = FLASH_INVALID_OFFSET,
.fa_size = FLASH_INVALID_SIZE,
},
{
- .fa_id = FLASH_AREA_1_ID,
+ .fa_id = FLASH_AREA_3_ID,
.fa_device_id = FLASH_DEVICE_ID,
.fa_driver = &FLASH_DEV_NAME,
.fa_off = FLASH_INVALID_OFFSET,
@@ -40,14 +40,14 @@ struct flash_area flash_map[] = {
},
#ifndef TFM_S_REG_TEST
{
- .fa_id = FLASH_AREA_2_ID,
+ .fa_id = FLASH_AREA_4_ID,
.fa_device_id = FLASH_DEVICE_ID,
.fa_driver = &FLASH_DEV_NAME,
.fa_off = FLASH_INVALID_OFFSET,
.fa_size = FLASH_INVALID_SIZE,
},
{
- .fa_id = FLASH_AREA_3_ID,
+ .fa_id = FLASH_AREA_5_ID,
.fa_device_id = FLASH_DEVICE_ID,
.fa_driver = &FLASH_DEV_NAME,
.fa_off = FLASH_INVALID_OFFSET,
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
index 1b0675404..bec6b84f0 100644
--- a/platform/ext/target/arm/corstone1000/config.cmake
+++ b/platform/ext/target/arm/corstone1000/config.cmake
@@ -16,6 +16,9 @@ set(TFM_BL1_SOFTWARE_CRYPTO OFF CACHE BOOL "Whether BL1_1
set(TFM_BL1_MEMORY_MAPPED_FLASH OFF CACHE BOOL "Whether BL1 can directly access flash content")
set(TFM_BL1_PQ_CRYPTO OFF CACHE BOOL "Enable LMS PQ crypto for BL2 verification. This is experimental and should not yet be used in production")
+set(TFM_BL2_IMAGE_FLASH_AREA_NUM 0 CACHE STRING "Which flash area BL2 is stored in")
+set(MCUBOOT_S_IMAGE_FLASH_AREA_NUM 2 CACHE STRING "ID of the flash area containing the primary Secure image")
+
set(BL2 ON CACHE BOOL "Whether to build BL2")
set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
set(DEFAULT_MCUBOOT_FLASH_MAP OFF CACHE BOOL "Whether to use the default flash map defined by TF-M project")
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
index a95ff63ef..41b4c6323 100644
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
@@ -136,23 +136,38 @@
#define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */
#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */
-/* Macros needed to imgtool.py, used when creating BL2 signed image */
-#define BL2_IMAGE_LOAD_ADDRESS (SRAM_BASE + TFM_PARTITION_SIZE + BL2_DATA_GAP_SIZE)
-#define BL2_IMAGE_OFFSET (0x0)
-#define BL2_IMAGE_MAX_SIZE (SE_BL2_PARTITION_SIZE)
+/************************************************************/
+/* Bank : Images flash offsets are with respect to the bank */
+/************************************************************/
-/* Image 1: TF-M primary and secondary images */
+/* Image 0: BL2 primary and secondary images */
#define FLASH_AREA_0_ID (1)
-#define FLASH_AREA_0_SIZE (TFM_PARTITION_SIZE)
+#define FLASH_AREA_0_OFFSET (0) /* starting from 0th offset of the bank */
+#define FLASH_AREA_0_SIZE (SE_BL2_PARTITION_SIZE)
+
#define FLASH_AREA_1_ID (FLASH_AREA_0_ID + 1)
-#define FLASH_AREA_1_SIZE (TFM_PARTITION_SIZE)
+#define FLASH_AREA_1_OFFSET (FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE)
+#define FLASH_AREA_1_SIZE (SE_BL2_PARTITION_SIZE)
+
+/* Image 1: TF-M primary and secondary images */
+#define FLASH_AREA_2_ID (1)
+#define FLASH_AREA_2_SIZE (TFM_PARTITION_SIZE)
+#define FLASH_AREA_3_ID (FLASH_AREA_2_ID + 1)
+#define FLASH_AREA_3_SIZE (TFM_PARTITION_SIZE)
/* Image 2: Host FIP */
#define FIP_SIGNATURE_AREA_SIZE (0x1000) /* 4 KB */
/* Host BL2 (TF-A) primary and secondary image. */
-#define FLASH_AREA_2_ID (FLASH_AREA_1_ID + 1)
-#define FLASH_AREA_3_ID (FLASH_AREA_2_ID + 1)
+#define FLASH_AREA_4_ID (FLASH_AREA_3_ID + 1)
+#define FLASH_AREA_5_ID (FLASH_AREA_4_ID + 1)
+
+#define BL1_FLASH_AREA_IMAGE_PRIMARY(x) (((x) == 0) ? FLASH_AREA_0_ID : \
+ 255 )
+#define BL1_FLASH_AREA_IMAGE_SECONDARY(x) (((x) == 0) ? FLASH_AREA_1_ID : \
+ 255 )
+
+#define BL1_FLASH_AREA_IMAGE_SCRATCH 255
/* Macros needed to imgtool.py, used when creating TF-M signed image */
#define S_IMAGE_LOAD_ADDRESS (SRAM_BASE)
@@ -161,11 +176,11 @@
#define NON_SECURE_IMAGE_OFFSET (TFM_PARTITION_SIZE)
#define NON_SECURE_IMAGE_MAX_SIZE (0x0)
-#define FLASH_AREA_IMAGE_PRIMARY(x) (((x) == 0) ? FLASH_AREA_0_ID : \
- ((x) == 1) ? FLASH_AREA_2_ID : \
+#define FLASH_AREA_IMAGE_PRIMARY(x) (((x) == 0) ? FLASH_AREA_2_ID : \
+ ((x) == 1) ? FLASH_AREA_4_ID : \
255 )
-#define FLASH_AREA_IMAGE_SECONDARY(x) (((x) == 0) ? FLASH_AREA_1_ID : \
- ((x) == 1) ? FLASH_AREA_3_ID : \
+#define FLASH_AREA_IMAGE_SECONDARY(x) (((x) == 0) ? FLASH_AREA_3_ID : \
+ ((x) == 1) ? FLASH_AREA_5_ID : \
255 )
#define FLASH_AREA_IMAGE_SCRATCH 255
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
index 8157c36bf..fc9f734f6 100644
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
@@ -48,7 +48,7 @@
(TFM_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE)
#define IMAGE_BL2_CODE_SIZE \
- (SE_BL2_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE)
+ (SE_BL2_PARTITION_SIZE - BL1_HEADER_SIZE - BL1_TRAILER_SIZE)
/* Secure regions */
#define S_CODE_START (SRAM_BASE + BL2_HEADER_SIZE)
@@ -86,7 +86,7 @@
/* SE BL2 regions */
#define BL2_IMAGE_START (SRAM_BASE + SRAM_SIZE - SE_BL2_PARTITION_SIZE)
-#define BL2_CODE_START (BL2_IMAGE_START + BL2_HEADER_SIZE)
+#define BL2_CODE_START (BL2_IMAGE_START + BL1_HEADER_SIZE)
#define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE)
#define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-corstone1000-Reorganize-bl2-files.patch
+61
View File
@@ -0,0 +1,61 @@
From 535d366137d2dd0804d3e67ada78151e0e318eeb Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Fri, 3 Mar 2023 12:25:04 +0000
Subject: [PATCH 3/6] Platform: corstone1000: Reorganize bl2 files
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
To be consistnant, organize bl2 files same as bl1 files
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20555]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I3332f4dbbde1c5f2cde5a187b038dc3430b9503f
---
platform/ext/target/arm/corstone1000/CMakeLists.txt | 6 +++---
.../ext/target/arm/corstone1000/{ => bl2}/boot_hal_bl2.c | 0
.../corstone1000/{bl2_flash_map.c => bl2/flash_map_bl2.c} | 0
.../{bl2_security_cnt.c => bl2/security_cnt_bl2.c} | 0
4 files changed, 3 insertions(+), 3 deletions(-)
rename platform/ext/target/arm/corstone1000/{ => bl2}/boot_hal_bl2.c (100%)
rename platform/ext/target/arm/corstone1000/{bl2_flash_map.c => bl2/flash_map_bl2.c} (100%)
rename platform/ext/target/arm/corstone1000/{bl2_security_cnt.c => bl2/security_cnt_bl2.c} (100%)
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index a4fe28c08..3d4c787a6 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -196,7 +196,7 @@ target_sources(platform_bl2
Native_Driver/arm_watchdog_drv.c
fip_parser/fip_parser.c
fw_update_agent/fwu_agent.c
- bl2_security_cnt.c
+ bl2/security_cnt_bl2.c
$<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c>
io/io_block.c
io/io_flash.c
@@ -235,8 +235,8 @@ target_compile_definitions(platform_bl2
# platform_init/quit* apis symbol collision in bl1.
target_sources(bl2
PRIVATE
- bl2_flash_map.c
- boot_hal_bl2.c
+ bl2/flash_map_bl2.c
+ bl2/boot_hal_bl2.c
)
target_link_libraries(bl2
diff --git a/platform/ext/target/arm/corstone1000/boot_hal_bl2.c b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
similarity index 100%
rename from platform/ext/target/arm/corstone1000/boot_hal_bl2.c
rename to platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
diff --git a/platform/ext/target/arm/corstone1000/bl2_flash_map.c b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
similarity index 100%
rename from platform/ext/target/arm/corstone1000/bl2_flash_map.c
rename to platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c
diff --git a/platform/ext/target/arm/corstone1000/bl2_security_cnt.c b/platform/ext/target/arm/corstone1000/bl2/security_cnt_bl2.c
similarity index 100%
rename from platform/ext/target/arm/corstone1000/bl2_security_cnt.c
rename to platform/ext/target/arm/corstone1000/bl2/security_cnt_bl2.c
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-Platform-corstone1000-Fix-linker-script-comment.patch
+47
View File
@@ -0,0 +1,47 @@
From 25b131f0d082b32b262c4e788f3bc95b7761bef7 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 13 Mar 2023 00:16:49 +0000
Subject: [PATCH 4/6] Platform: corstone1000: Fix linker script comment
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Comment explaining the necessary defines to copy multiple ROM to RAM
sections, was refering to the wrong file.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20556]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I3e5f806330481daa24c5456d9c956e0cf589afee
---
.../arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld | 2 +-
.../arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
index d4eca2841..8ee334c6b 100644
--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
@@ -89,7 +89,7 @@ SECTIONS
/* To copy multiple ROM to RAM sections,
* define etext2/data2_start/data2_end and
- * define __STARTUP_COPY_MULTIPLE in startup_corstone700_bl2.S */
+ * define __STARTUP_COPY_MULTIPLE in startup_corstone1000.c */
.copy.table :
{
. = ALIGN(4);
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
index 6cd806378..e1e4f2966 100644
--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
@@ -84,7 +84,7 @@ SECTIONS
/* To copy multiple ROM to RAM sections,
* define etext2/data2_start/data2_end and
- * define __STARTUP_COPY_MULTIPLE in startup_corstone700_bl2.S */
+ * define __STARTUP_COPY_MULTIPLE in startup_corstone1000.c */
.copy.table :
{
. = ALIGN(4);
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-corstone1000-Fix-linkerscripts-copyright-ye.patch
+39
View File
@@ -0,0 +1,39 @@
From 7db7b197ec3f01163422450947540060d3cb0c17 Mon Sep 17 00:00:00 2001
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Date: Mon, 13 Mar 2023 00:21:44 +0000
Subject: [PATCH 6/6] Platform: corstone1000: Fix linkerscripts copyright year
set the copyright year to 2023 as these files are introduced in
2023.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20557]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I293a4a380d5d1d59aba1e2ab17e0e5924664dbb4
---
.../arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld | 2 +-
.../arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
index 8ee334c6b..cb6797f27 100644
--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
@@ -1,5 +1,5 @@
;/*
-; * Copyright (c) 2009-2022, Arm Limited. All rights reserved.
+; * Copyright (c) 2023, Arm Limited. All rights reserved.
; *
; * Licensed under the Apache License, Version 2.0 (the "License");
; * you may not use this file except in compliance with the License.
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
index e1e4f2966..e66e54aa6 100644
--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
@@ -1,5 +1,5 @@
;/*
-; * Copyright (c) 2009-2022, Arm Limited. All rights reserved.
+; * Copyright (c) 2023, Arm Limited. All rights reserved.
; *
; * Licensed under the Apache License, Version 2.0 (the "License");
; * you may not use this file except in compliance with the License.
--
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-Platform-corstone1000-fix-flash-reading-issue-for-fi.patch
+38
View File
@@ -0,0 +1,38 @@
From 7914ec3f96dbb8228e791d9492cfc3651cf9deca Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Wed, 5 Apr 2023 10:28:57 +0100
Subject: [PATCH] Platform: corstone1000: Fix Flash reading issue for FIP data
Fixes the flash reading issue since bl2 needs to read the data from
flash in XIP mode on FPGA (mps3).
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20558]
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
index cf6340c5a9..e4183c7a57 100644
--- a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
+++ b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
@@ -89,6 +89,7 @@ static bool fill_flash_map_with_fip_data(uint8_t boot_index) {
/* parse directly from flash using XIP mode */
/* FIP is large so its not a good idea to load it in memory */
+ Select_XIP_Mode_For_Shared_Flash();
result = parse_fip_and_extract_tfa_info(
FLASH_BASE_ADDRESS + fip_offset + FIP_SIGNATURE_AREA_SIZE, fip_size,
&tfa_offset, &tfa_size);
@@ -96,7 +97,7 @@ static bool fill_flash_map_with_fip_data(uint8_t boot_index) {
BOOT_LOG_ERR("parse_fip_and_extract_tfa_info failed");
return false;
}
-
+ Select_Write_Mode_For_Shared_Flash();
flash_map[2].fa_off = fip_offset + FIP_SIGNATURE_AREA_SIZE + tfa_offset;
flash_map[2].fa_size = tfa_size;
flash_map[3].fa_off = flash_map[2].fa_off + flash_map[2].fa_size;
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-Platform-corstone1000-Adds-compiler-flags-to-FWU-age.patch
+273
View File
@@ -0,0 +1,273 @@
From 11f6af40dc322630031511146763cc9059bdb805 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Fri, 14 Apr 2023 16:35:55 +0100
Subject: [PATCH] Platform: corstone1000: Adds compiler flags to FWU agent for
BL1
Adds compiler flags for BL1 to fwu_agent.c functions to not use GPT parser and
IO libraries in BL1 rom code.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20559]
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
.../corstone1000/fw_update_agent/fwu_agent.c | 176 +++++++++++++++++-
1 file changed, 174 insertions(+), 2 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index 8ecb03d157..afd8d66e42 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -14,8 +14,6 @@
#include "region_defs.h"
#include "uefi_capsule_parser.h"
#include "flash_common.h"
-#include "partition.h"
-#include "platform.h"
#include "platform_base_address.h"
#include "platform_description.h"
#include "tfm_plat_nv_counters.h"
@@ -23,6 +21,10 @@
#include "uefi_fmp.h"
#include "uart_stdout.h"
#include "soft_crc.h"
+#if !BL1
+#include "partition.h"
+#include "platform.h"
+#endif
/* Properties of image in a bank */
struct fwu_image_properties {
@@ -145,6 +147,30 @@ extern ARM_DRIVER_FLASH FWU_METADATA_FLASH_DEV;
#define HOST_ACK_TIMEOUT_SEC (6 * 60) /* ~seconds, not exact */
+#if BL1
+static enum fwu_agent_error_t private_metadata_read(
+ struct fwu_private_metadata* p_metadata)
+{
+ int ret;
+
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET, p_metadata,
+ sizeof(struct fwu_private_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_private_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: success: boot_index = %u\n\r", __func__,
+ p_metadata->boot_index);
+
+ return FWU_AGENT_SUCCESS;
+}
+#elif
static enum fwu_agent_error_t private_metadata_read(
struct fwu_private_metadata* p_metadata)
{
@@ -175,7 +201,36 @@ static enum fwu_agent_error_t private_metadata_read(
return FWU_AGENT_SUCCESS;
}
+#endif
+#if BL1
+static enum fwu_agent_error_t private_metadata_write(
+ struct fwu_private_metadata* p_metadata)
+{
+ int ret;
+
+ FWU_LOG_MSG("%s: enter: boot_index = %u\n\r", __func__,
+ p_metadata->boot_index);
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_PRIVATE_METADATA_REPLICA_1_OFFSET,
+ p_metadata, sizeof(struct fwu_private_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_private_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: success\n\r", __func__);
+ return FWU_AGENT_SUCCESS;
+}
+#elif
static enum fwu_agent_error_t private_metadata_write(
struct fwu_private_metadata* p_metadata)
{
@@ -210,6 +265,7 @@ static enum fwu_agent_error_t private_metadata_write(
FWU_LOG_MSG("%s: success\n\r", __func__);
return FWU_AGENT_SUCCESS;
}
+#endif
static enum fwu_agent_error_t metadata_validate(struct fwu_metadata *p_metadata)
{
@@ -235,6 +291,30 @@ static enum fwu_agent_error_t metadata_validate(struct fwu_metadata *p_metadata)
return FWU_AGENT_SUCCESS;
}
+#if BL1
+static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metadata *p_metadata)
+{
+ int ret;
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+ p_metadata->active_index, p_metadata->previous_active_index);
+
+ return FWU_AGENT_SUCCESS;
+}
+#elif
static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metadata *p_metadata)
{
uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
@@ -266,7 +346,36 @@ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metada
return FWU_AGENT_SUCCESS;
}
+#endif
+
+#if BL1
+static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+{
+ int ret;
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ if (metadata_validate(p_metadata) != FWU_AGENT_SUCCESS) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+ p_metadata->active_index, p_metadata->previous_active_index);
+
+ return FWU_AGENT_SUCCESS;
+}
+#elif
static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
{
uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
@@ -301,7 +410,66 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
return FWU_AGENT_SUCCESS;
}
+#endif
+
+#if BL1
+static enum fwu_agent_error_t metadata_write(
+ struct fwu_metadata *p_metadata)
+{
+ int ret;
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_1_OFFSET);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_1_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+ FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+
+ ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+ ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+ }
+
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+ p_metadata->active_index, p_metadata->previous_active_index);
+ return FWU_AGENT_SUCCESS;
+}
+#elif
static enum fwu_agent_error_t metadata_write(
struct fwu_metadata *p_metadata)
{
@@ -371,6 +539,8 @@ static enum fwu_agent_error_t metadata_write(
p_metadata->active_index, p_metadata->previous_active_index);
return FWU_AGENT_SUCCESS;
}
+#endif
+
enum fwu_agent_error_t fwu_metadata_init(void)
{
@@ -418,8 +588,10 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
FWU_LOG_MSG("%s: enter\n\r", __func__);
+#if !BL1
plat_io_storage_init();
partition_init(PLATFORM_GPT_IMAGE);
+#endif
ret = fwu_metadata_init();
if (ret) {
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-adjust-PS-asset-configuration.patch
+29
View File
@@ -0,0 +1,29 @@
From 148d82d0984273b30d8b148f0c4e0ad0d3f23062 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 17 Apr 2023 12:07:55 +0100
Subject: [PATCH 1/3] Platform: corstone1000: adjust PS asset configuration
Adjust protected storage asset configuration to be more inline
with the one in trusted service side, that would make thinks
work when testing and using more than the default variables.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20560]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Change-Id: I181f9c72a816c727c2170c609100aec1d233fea7
---
platform/ext/target/arm/corstone1000/config.cmake | 1 +
1 file changed, 1 insertion(+)
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
index bec6b84f0..0c91fa59f 100644
--- a/platform/ext/target/arm/corstone1000/config.cmake
+++ b/platform/ext/target/arm/corstone1000/config.cmake
@@ -76,3 +76,4 @@ endif()
# Platform-specific configurations
set(CONFIG_TFM_USE_TRUSTZONE OFF)
set(TFM_MULTI_CORE_TOPOLOGY ON)
+set(PS_NUM_ASSETS "40" CACHE STRING "The maximum number of assets to be stored in the Protected Storage area")
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-Platform-corstone1000-Increase-number-of-assets.patch
+36
View File
@@ -0,0 +1,36 @@
From 34263d1ea99da7b8a680a80601a73149bc9530e5 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Fri, 21 Apr 2023 15:17:21 +0100
Subject: [PATCH] Platform: corstone1000: Increase number of assets
As Corstone1000 stores at boot time few efi variables.
Therefore, number of assets is increased to compansate this early usage.
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20656]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Change-Id: Id8555a09335ce13b80c07a33c4d913f5cb0f9084
---
platform/ext/target/arm/corstone1000/config_tfm_target.h | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
index bf8d2f95f..e96836663 100644
--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
+++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
@@ -16,4 +16,12 @@
#undef PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE
#define PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE 256
+/* The maximum number of assets to be stored in the Internal Trusted Storage. */
+#undef ITS_NUM_ASSETS
+#define ITS_NUM_ASSETS 20
+
+/* The maximum number of assets to be stored in the Protected Storage area. */
+#undef PS_NUM_ASSETS
+#define PS_NUM_ASSETS 20
+
#endif /* __CONFIG_TFM_TARGET_H__ */
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch
+29
View File
@@ -0,0 +1,29 @@
From 77c5a3bd090955e48ffca92bf9535185d26e9017 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 15 May 2023 10:42:23 +0100
Subject: [PATCH 2/4] Platform: corstone1000: Increase BL2 size in flash layout
Increases BL2 size to align with the flash page size in corstone1000.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
platform/ext/target/arm/corstone1000/partition/flash_layout.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
index 41b4c6323f..bfe8c4fb3c 100644
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
@@ -89,7 +89,7 @@
#endif
/* Static Configurations of the Flash */
-#define SE_BL2_PARTITION_SIZE (0x18800) /* 98 KB */
+#define SE_BL2_PARTITION_SIZE (0x19000) /* 98 KB */
#define SE_BL2_BANK_0_OFFSET (0x9000) /* 72nd LBA */
#define SE_BL2_BANK_1_OFFSET (0x1002000) /* 32784th LBA */
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0014-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch
+33
View File
@@ -0,0 +1,33 @@
From 17244ac692495c23008ff784611d0ee1d42c83dc Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 15 May 2023 10:46:18 +0100
Subject: [PATCH 3/4] Platform: Corstone1000: Increase BL2_DATA_SIZE
Increases BL2_DATA_SIZE to accommodate the changes in
metadata_write/read.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
platform/ext/target/arm/corstone1000/partition/region_defs.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
index abfac39b62..e7f0bad2ba 100644
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
@@ -90,9 +90,10 @@
#define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE)
#define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
+#define BL2_DATA_ADDITIONAL 448 /* To increase the BL2_DATA_SIZE more than the default value */
#define BL2_DATA_START (BOOT_TFM_SHARED_DATA_BASE + \
BOOT_TFM_SHARED_DATA_SIZE)
-#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START)
+#define BL2_DATA_SIZE (BL2_CODE_START - BL2_HEADER_SIZE - BL2_DATA_START + BL2_DATA_ADDITIONAL)
#define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1)
/* SE BL1 regions */
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0015-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch
+71
View File
@@ -0,0 +1,71 @@
From 83e423497afecc202a3a50c3e472161390056ebd Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Mon, 15 May 2023 10:47:27 +0100
Subject: [PATCH 4/4] Platform: Corstone1000: Calculate the new CRC32 value
after changing the metadata
Calculates the new CRC32 value for the metadata struct after chaing a value
during the capsule update. It also updates the CRC32 field in the metadata
so it doesn't fail the CRC check after a succesfull capsule update.
It also skips doing a sanity check the BL2 nv counter after the capsule
update since the tfm bl1 does not sync metadata and nv counters in OTP during
the boot anymore.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
.../arm/corstone1000/fw_update_agent/fwu_agent.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
index afd8d66e42..f564f2902c 100644
--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
@@ -802,6 +802,8 @@ static enum fwu_agent_error_t flash_full_capsule(
}
metadata->active_index = previous_active_index;
metadata->previous_active_index = active_index;
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
ret = metadata_write(metadata);
if (ret) {
@@ -913,6 +915,8 @@ static enum fwu_agent_error_t accept_full_capsule(
if (ret) {
return ret;
}
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
ret = metadata_write(metadata);
if (ret) {
@@ -1007,6 +1011,8 @@ static enum fwu_agent_error_t fwu_select_previous(
if (ret) {
return ret;
}
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(uint32_t));
ret = metadata_write(metadata);
if (ret) {
@@ -1119,8 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters(
FWU_LOG_MSG("%s: enter\n\r", __func__);
- for (int i = 0; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
-
+ for (int i = 1; i <= FWU_MAX_NV_COUNTER_INDEX; i++) {
switch (i) {
case FWU_BL2_NV_COUNTER:
tfm_nv_counter_i = PLAT_NV_COUNTER_BL1_0;
@@ -1141,7 +1146,6 @@ static enum fwu_agent_error_t update_nv_counters(
if (err != TFM_PLAT_ERR_SUCCESS) {
return FWU_AGENT_ERROR;
}
-
if (priv_metadata->nv_counter[i] < security_cnt) {
return FWU_AGENT_ERROR;
} else if (priv_metadata->nv_counter[i] > security_cnt) {
--
2.17.1
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/rwx.patch
+25
View File
@@ -0,0 +1,25 @@
From 1d548c77d07fc9a83e3e9aa28a23aa19a0177e3b Mon Sep 17 00:00:00 2001
From: Jon Mason <jon.mason@arm.com>
Date: Wed, 18 Jan 2023 15:13:37 -0500
Subject: [PATCH] arm/trusted-firmware-m: disable fatal warnings
Signed-off-by: Jon Mason <jon.mason@arm.com>
Upstream-Status: Inappropriate
---
toolchain_GNUARM.cmake | 1 -
1 file changed, 1 deletion(-)
diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake
index 7978eaca68..88395f922a 100644
--- a/toolchain_GNUARM.cmake
+++ b/toolchain_GNUARM.cmake
@@ -71,7 +71,6 @@ macro(tfm_toolchain_reset_linker_flags)
--entry=Reset_Handler
-specs=nano.specs
LINKER:-check-sections
- LINKER:-fatal-warnings
LINKER:--gc-sections
LINKER:--no-wchar-size-warning
${MEMORY_USAGE_FLAG}
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.7.0-corstone1000.inc
+78
View File
@@ -0,0 +1,78 @@
# Corstone1000 machines specific TFM support
COMPATIBLE_MACHINE = "(corstone1000)"
TFM_PLATFORM = "arm/corstone1000"
TFM_DEBUG = "1"
## Default is the MPS3 board
TFM_PLATFORM_IS_FVP ?= "FALSE"
EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}"
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=ON"
SRCREV_tfm = "94c55967cbd1832681f07074a0945605b02ec8d0"
SRCREV_mcuboot = "9e8eddcecba931f99297765779f8b130d808a9a3"
SRCREV_mbedtls = "8c89224991adff88d53cd380f42a2baa36f91454"
# libmetal
LICENSE += "& BSD-3-Clause"
LIC_FILES_CHKSUM += "file://../libmetal/LICENSE.md;md5=fe0b8a4beea8f0813b606d15a3df3d3c"
SRC_URI += "git://github.com/OpenAMP/libmetal.git;protocol=https;branch=main;name=libmetal;destsuffix=git/libmetal"
SRCREV_libmetal = "f252f0e007fbfb8b3a52b1d5901250ddac96baad"
EXTRA_OECMAKE += "-DLIBMETAL_SRC_PATH=${S}/../libmetal -DLIBMETAL_BIN_PATH=${B}/libmetal-build"
# OpenAMP
LICENSE += "& BSD-2-Clause & BSD-3-Clause"
LIC_FILES_CHKSUM += "file://../openamp/LICENSE.md;md5=a8d8cf662ef6bf9936a1e1413585ecbf"
SRC_URI += "git://github.com/OpenAMP/open-amp.git;protocol=https;branch=main;name=openamp;destsuffix=git/openamp"
SRCREV_openamp = "347397decaa43372fc4d00f965640ebde042966d"
EXTRA_OECMAKE += "-DLIBOPENAMP_SRC_PATH=${S}/../openamp -DLIBOPENAMP_BIN_PATH=${B}/libopenamp-build"
SRC_URI:remove:corstone1000 =" \
file://rwx.patch \
"
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
SRC_URI:append:corstone1000 = " \
file://0001-Platform-corstone1000-make-sure-to-write-fwu-metadata-to-repl.patch \
file://0002-Platform-corstone1000-get-fwu-and-private-metadata-f.patch \
file://0003-Platform-corstone1000-Add-watchdog_reset_timer.patch \
file://0004-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s.patch \
file://0005-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s-B.patch \
file://0006-Platform-corstone1000-Reorganize-bl2-files.patch \
file://0007-Platform-corstone1000-Fix-linker-script-comment.patch \
file://0008-Platform-corstone1000-Fix-linkerscripts-copyright-ye.patch \
file://0009-Platform-corstone1000-fix-flash-reading-issue-for-fi.patch \
file://0010-Platform-corstone1000-Adds-compiler-flags-to-FWU-age.patch \
file://0011-Platform-corstone1000-adjust-PS-asset-configuration.patch \
file://0012-Platform-corstone1000-Increase-number-of-assets.patch \
file://0013-Platform-corstone1000-Increase-BL2-size-in-flash-lay.patch \
file://0014-Platform-Corstone1000-Increase-BL2_DATA_SIZE.patch \
file://0015-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch \
file://corstone1000/rwx.patch \
"
# TF-M ships patches for external dependencies that needs to be applied
apply_tfm_patches() {
find ${S}/lib/ext/qcbor -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../qcbor/ -i
find ${S}/lib/ext/mbedcrypto -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mbedtls/ -i
find ${S}/lib/ext/mcuboot -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../mcuboot/ -i
find ${S}/lib/ext/tf-m-tests -type f -name '*.patch' -print0 | sort -z | xargs -r -t -0 -n 1 patch -p1 -d ${S}/../tf-m-tests/ -i
}
do_patch[postfuncs] += "apply_tfm_patches"
do_install() {
install -D -p -m 0644 ${B}/install/outputs/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
install -D -p -m 0644 ${B}/install/outputs/bl2_signed.bin ${D}/firmware/bl2_signed.bin
install -D -p -m 0644 ${B}/install/outputs/bl1_1.bin ${D}/firmware/bl1_1.bin
install -D -p -m 0644 ${B}/install/outputs/bl1_provisioning_bundle.bin ${D}/firmware/bl1_provisioning_bundle.bin
}
create_bl1_image(){
dd conv=notrunc bs=1 if=${D}/firmware/bl1_1.bin of=${D}/firmware/bl1.bin seek=0
dd conv=notrunc bs=1 if=${D}/firmware/bl1_provisioning_bundle.bin of=${D}/firmware/bl1.bin seek=40960
}
do_install[postfuncs] += "create_bl1_image"
meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_1.7.%.bbappend
+9
View File
@@ -0,0 +1,9 @@
# Machine specific configurations
MACHINE_TFM_REQUIRE ?= ""
MACHINE_TFM_REQUIRE:corstone1000 = "trusted-firmware-m-1.7.0-corstone1000.inc"
require ${MACHINE_TFM_REQUIRE}
COMPATIBLE_MACHINE:tc = "(tc1)"
TFM_PLATFORM:tc = "arm/rss/tc"
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0001-arm64-smccc-add-support-for-SMCCCv1.2-x0-x17-registe.patch
+213
View File
@@ -0,0 +1,213 @@
From 5ce8bf4ad1aeb2657a7ab83c46eeb2cdaa56cfd4 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Fri, 29 Jul 2022 13:06:19 +0100
Subject: [PATCH 01/42] arm64: smccc: add support for SMCCCv1.2 x0-x17
registers
add support for x0-x17 registers used by the SMC calls
In SMCCC v1.2 [1] arguments are passed in registers x1-x17.
Results are returned in x0-x17.
This work is inspired from the following kernel commit:
arm64: smccc: Add support for SMCCCv1.2 extended input/output registers
[1]: https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token=
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v7:
* improve indentation of ARM_SMCCC_1_2_REGS_Xn_OFFS
v4:
* rename the commit title and improve description
new commit title: the current
v3:
* port x0-x17 registers support from linux kernel as defined by SMCCCv1.2
commit title:
arm64: smccc: add Xn registers support used by SMC calls
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
arch/arm/cpu/armv8/smccc-call.S | 53 +++++++++++++++++++++++++++++++++
arch/arm/lib/asm-offsets.c | 14 +++++++++
include/linux/arm-smccc.h | 43 ++++++++++++++++++++++++++
3 files changed, 110 insertions(+)
diff --git a/arch/arm/cpu/armv8/smccc-call.S b/arch/arm/cpu/armv8/smccc-call.S
index dc92b28777..ec6f299bc9 100644
--- a/arch/arm/cpu/armv8/smccc-call.S
+++ b/arch/arm/cpu/armv8/smccc-call.S
@@ -1,6 +1,8 @@
/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (c) 2015, Linaro Limited
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <linux/linkage.h>
#include <linux/arm-smccc.h>
@@ -45,3 +47,54 @@ ENDPROC(__arm_smccc_smc)
ENTRY(__arm_smccc_hvc)
SMCCC hvc
ENDPROC(__arm_smccc_hvc)
+
+#ifdef CONFIG_ARM64
+
+ .macro SMCCC_1_2 instr
+ /* Save `res` and free a GPR that won't be clobbered */
+ stp x1, x19, [sp, #-16]!
+
+ /* Ensure `args` won't be clobbered while loading regs in next step */
+ mov x19, x0
+
+ /* Load the registers x0 - x17 from the struct arm_smccc_1_2_regs */
+ ldp x0, x1, [x19, #ARM_SMCCC_1_2_REGS_X0_OFFS]
+ ldp x2, x3, [x19, #ARM_SMCCC_1_2_REGS_X2_OFFS]
+ ldp x4, x5, [x19, #ARM_SMCCC_1_2_REGS_X4_OFFS]
+ ldp x6, x7, [x19, #ARM_SMCCC_1_2_REGS_X6_OFFS]
+ ldp x8, x9, [x19, #ARM_SMCCC_1_2_REGS_X8_OFFS]
+ ldp x10, x11, [x19, #ARM_SMCCC_1_2_REGS_X10_OFFS]
+ ldp x12, x13, [x19, #ARM_SMCCC_1_2_REGS_X12_OFFS]
+ ldp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS]
+ ldp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS]
+
+ \instr #0
+
+ /* Load the `res` from the stack */
+ ldr x19, [sp]
+
+ /* Store the registers x0 - x17 into the result structure */
+ stp x0, x1, [x19, #ARM_SMCCC_1_2_REGS_X0_OFFS]
+ stp x2, x3, [x19, #ARM_SMCCC_1_2_REGS_X2_OFFS]
+ stp x4, x5, [x19, #ARM_SMCCC_1_2_REGS_X4_OFFS]
+ stp x6, x7, [x19, #ARM_SMCCC_1_2_REGS_X6_OFFS]
+ stp x8, x9, [x19, #ARM_SMCCC_1_2_REGS_X8_OFFS]
+ stp x10, x11, [x19, #ARM_SMCCC_1_2_REGS_X10_OFFS]
+ stp x12, x13, [x19, #ARM_SMCCC_1_2_REGS_X12_OFFS]
+ stp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS]
+ stp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS]
+
+ /* Restore original x19 */
+ ldp xzr, x19, [sp], #16
+ ret
+ .endm
+
+/*
+ * void arm_smccc_1_2_smc(const struct arm_smccc_1_2_regs *args,
+ * struct arm_smccc_1_2_regs *res);
+ */
+ENTRY(arm_smccc_1_2_smc)
+ SMCCC_1_2 smc
+ENDPROC(arm_smccc_1_2_smc)
+
+#endif
diff --git a/arch/arm/lib/asm-offsets.c b/arch/arm/lib/asm-offsets.c
index 22fd541f9a..db6d7ed234 100644
--- a/arch/arm/lib/asm-offsets.c
+++ b/arch/arm/lib/asm-offsets.c
@@ -9,6 +9,9 @@
* generate asm statements containing #defines,
* compile this file to assembler, and then extract the
* #defines from the assembly-language output.
+ *
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
@@ -117,6 +120,17 @@ int main(void)
DEFINE(ARM_SMCCC_RES_X2_OFFS, offsetof(struct arm_smccc_res, a2));
DEFINE(ARM_SMCCC_QUIRK_ID_OFFS, offsetof(struct arm_smccc_quirk, id));
DEFINE(ARM_SMCCC_QUIRK_STATE_OFFS, offsetof(struct arm_smccc_quirk, state));
+#ifdef CONFIG_ARM64
+ DEFINE(ARM_SMCCC_1_2_REGS_X0_OFFS, offsetof(struct arm_smccc_1_2_regs, a0));
+ DEFINE(ARM_SMCCC_1_2_REGS_X2_OFFS, offsetof(struct arm_smccc_1_2_regs, a2));
+ DEFINE(ARM_SMCCC_1_2_REGS_X4_OFFS, offsetof(struct arm_smccc_1_2_regs, a4));
+ DEFINE(ARM_SMCCC_1_2_REGS_X6_OFFS, offsetof(struct arm_smccc_1_2_regs, a6));
+ DEFINE(ARM_SMCCC_1_2_REGS_X8_OFFS, offsetof(struct arm_smccc_1_2_regs, a8));
+ DEFINE(ARM_SMCCC_1_2_REGS_X10_OFFS, offsetof(struct arm_smccc_1_2_regs, a10));
+ DEFINE(ARM_SMCCC_1_2_REGS_X12_OFFS, offsetof(struct arm_smccc_1_2_regs, a12));
+ DEFINE(ARM_SMCCC_1_2_REGS_X14_OFFS, offsetof(struct arm_smccc_1_2_regs, a14));
+ DEFINE(ARM_SMCCC_1_2_REGS_X16_OFFS, offsetof(struct arm_smccc_1_2_regs, a16));
+#endif
#endif
return 0;
diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
index e1d09884a1..9105031d55 100644
--- a/include/linux/arm-smccc.h
+++ b/include/linux/arm-smccc.h
@@ -1,6 +1,8 @@
/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (c) 2015, Linaro Limited
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef __LINUX_ARM_SMCCC_H
#define __LINUX_ARM_SMCCC_H
@@ -70,6 +72,47 @@ struct arm_smccc_res {
unsigned long a3;
};
+#ifdef CONFIG_ARM64
+/**
+ * struct arm_smccc_1_2_regs - Arguments for or Results from SMC call
+ * @a0-a17 argument values from registers 0 to 17
+ */
+struct arm_smccc_1_2_regs {
+ unsigned long a0;
+ unsigned long a1;
+ unsigned long a2;
+ unsigned long a3;
+ unsigned long a4;
+ unsigned long a5;
+ unsigned long a6;
+ unsigned long a7;
+ unsigned long a8;
+ unsigned long a9;
+ unsigned long a10;
+ unsigned long a11;
+ unsigned long a12;
+ unsigned long a13;
+ unsigned long a14;
+ unsigned long a15;
+ unsigned long a16;
+ unsigned long a17;
+};
+
+/**
+ * arm_smccc_1_2_smc() - make SMC calls
+ * @args: arguments passed via struct arm_smccc_1_2_regs
+ * @res: result values via struct arm_smccc_1_2_regs
+ *
+ * This function is used to make SMC calls following SMC Calling Convention
+ * v1.2 or above. The content of the supplied param are copied from the
+ * structure to registers prior to the SMC instruction. The return values
+ * are updated with the content from registers on return from the SMC
+ * instruction.
+ */
+asmlinkage void arm_smccc_1_2_smc(const struct arm_smccc_1_2_regs *args,
+ struct arm_smccc_1_2_regs *res);
+#endif
+
/**
* struct arm_smccc_quirk - Contains quirk information
* @id: quirk identification
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0002-lib-uuid-introduce-uuid_str_to_le_bin-function.patch
+134
View File
@@ -0,0 +1,134 @@
From 1dcebf6f57e3490f7b3e2464b4114b993dd70c7c Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Thu, 4 Aug 2022 16:46:47 +0100
Subject: [PATCH 02/42] lib: uuid: introduce uuid_str_to_le_bin function
convert UUID string to little endian binary data
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8:
* use simple_strtoull() in uuid_str_to_le_bin() to support 32-bit platforms
v7:
* rename be_uuid_str_to_le_bin() to uuid_str_to_le_bin()
* make uuid_str_to_le_bin() implementation similar to uuid_str_to_bin()
by using same APIs
v4:
* rename ffa_uuid_str_to_bin to be_uuid_str_to_le_bin and put in
a standalone commit (the current)
v3:
* introduce ffa_uuid_str_to_bin (provided by
arm_ffa: introduce Arm FF-A low-level driver)
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
include/uuid.h | 8 ++++++++
lib/uuid.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 54 insertions(+)
diff --git a/include/uuid.h b/include/uuid.h
index 4a4883d3b5..293a8eb0a5 100644
--- a/include/uuid.h
+++ b/include/uuid.h
@@ -2,6 +2,8 @@
/*
* Copyright (C) 2014 Samsung Electronics
* Przemyslaw Marczak <p.marczak@samsung.com>
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef __UUID_H__
#define __UUID_H__
@@ -44,4 +46,10 @@ int uuid_guid_get_bin(const char *guid_str, unsigned char *guid_bin);
const char *uuid_guid_get_str(const unsigned char *guid_bin);
void gen_rand_uuid(unsigned char *uuid_bin);
void gen_rand_uuid_str(char *uuid_str, int str_format);
+
+/**
+ * uuid_str_to_le_bin - Converts a UUID string to little endian binary data
+ */
+int uuid_str_to_le_bin(const char *uuid_str, unsigned char *uuid_bin);
+
#endif
diff --git a/lib/uuid.c b/lib/uuid.c
index 465e1ac38f..d29f561a70 100644
--- a/lib/uuid.c
+++ b/lib/uuid.c
@@ -1,6 +1,8 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2011 Calxeda, Inc.
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
@@ -346,6 +348,50 @@ int uuid_str_to_bin(const char *uuid_str, unsigned char *uuid_bin,
return 0;
}
+/**
+ * uuid_str_to_le_bin() - Convert string UUID to little endian binary data.
+ * @uuid_str: pointer to UUID string
+ * @uuid_bin: pointer to allocated array for little endian output [16B]
+ *
+ * UUID string is 36 characters (36 bytes):
+ *
+ * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+ *
+ * where x is a hexadecimal character. Fields are separated by '-'s.
+ * When converting to a little endian binary UUID, the string fields are reversed.
+ *
+ * Return:
+ *
+ * uuid_bin filled with little endian UUID data
+ * On success 0 is returned. Otherwise, failure code.
+ */
+int uuid_str_to_le_bin(const char *uuid_str, unsigned char *uuid_bin)
+{
+ u16 tmp16;
+ u32 tmp32;
+ u64 tmp64;
+
+ if (!uuid_str_valid(uuid_str) || !uuid_bin)
+ return -EINVAL;
+
+ tmp32 = cpu_to_le32(hextoul(uuid_str, NULL));
+ memcpy(uuid_bin, &tmp32, 4);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 9, NULL));
+ memcpy(uuid_bin + 4, &tmp16, 2);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 14, NULL));
+ memcpy(uuid_bin + 6, &tmp16, 2);
+
+ tmp16 = cpu_to_le16(hextoul(uuid_str + 19, NULL));
+ memcpy(uuid_bin + 8, &tmp16, 2);
+
+ tmp64 = cpu_to_le64(simple_strtoull(uuid_str + 24, NULL, 16));
+ memcpy(uuid_bin + 10, &tmp64, 6);
+
+ return 0;
+}
+
/*
* uuid_bin_to_str() - convert big endian binary data to string UUID or GUID.
*
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0003-arm_ffa-introduce-Arm-FF-A-low-level-driver.patch
+2139
View File
File diff suppressed because it is too large Load Diff
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0004-arm_ffa-efi-unmap-RX-TX-buffers.patch
+74
View File
@@ -0,0 +1,74 @@
From b09b391e33e024a18842dfdc99282d0050cc5fcb Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Thu, 6 Oct 2022 15:04:25 +0100
Subject: [PATCH 04/42] arm_ffa: efi: unmap RX/TX buffers
unmap RX/TX buffers at ExitBootServices()
Unmapping the RX/TX buffers created by u-boot is needed before EFI
runtime.
At EFI runtime the linux kernel takes care of allocating its own RX/TX
buffers and registering them with the secure world.
Secure world should be using the RX/TX buffers created by the kernel.
So, RX/TX buffers created by u-boot must be unmapped.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8: pass NULL device pointer to the FF-A bus operation
v7: replace debug() by log_err()
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
lib/efi_loader/efi_boottime.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index e65ca6a4cb..3481f2afe7 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -3,6 +3,9 @@
* EFI application boot time services
*
* Copyright (c) 2016 Alexander Graf
+ *
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
@@ -23,6 +26,10 @@
#include <asm/setjmp.h>
#include <linux/libfdt_env.h>
+#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT)
+#include <arm_ffa.h>
+#endif
+
DECLARE_GLOBAL_DATA_PTR;
/* Task priority level */
@@ -2178,6 +2185,12 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
dm_remove_devices_flags(DM_REMOVE_ACTIVE_ALL);
}
+#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT)
+ /* unmap FF-A RX/TX buffers */
+ if (ffa_bus_ops_get()->rxtx_unmap(NULL))
+ log_err("Can't unmap FF-A RX/TX buffers\n");
+#endif
+
/* Patch out unsupported runtime function */
efi_runtime_detach();
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0005-arm_ffa-introduce-armffa-command.patch
+364
View File
@@ -0,0 +1,364 @@
From f3bc86a7ec63c0454577cb6712395c577b2cfd66 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 6 Jun 2022 12:46:38 +0100
Subject: [PATCH 05/42] arm_ffa: introduce armffa command
Provide armffa command showcasing the use of the FF-A driver
The armffa command allows to query secure partitions data from
the secure world and exchanging messages with the partitions
using 64-bit FF-A direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8:
* update partition_info_get() second argument to be an SP count
* pass NULL device pointer to the FF-A bus discovery and operations
v7:
* adapt do_ffa_dev_list() following the recent update on
uclass_first_device/uclass_next_device functions (they return void now)
* set armffa command to use 64-bit direct messaging
v4:
* remove pattern data in do_ffa_msg_send_direct_req
v3:
* use the new driver interfaces (partition_info_get, sync_send_receive)
in armffa command
v2:
* replace use of ffa_helper_init_device function by
ffa_helper_bus_discover
v1:
* introduce armffa command
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
MAINTAINERS | 1 +
cmd/Kconfig | 10 ++
cmd/Makefile | 2 +
cmd/armffa.c | 237 +++++++++++++++++++++++++++++++
drivers/firmware/arm-ffa/Kconfig | 1 +
5 files changed, 251 insertions(+)
create mode 100644 cmd/armffa.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 509619d31c..61ce6c436f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -267,6 +267,7 @@ F: configs/cortina_presidio-asic-pnand_defconfig
ARM FF-A
M: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
S: Maintained
+F: cmd/armffa.c
F: doc/arch/arm64.ffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
diff --git a/cmd/Kconfig b/cmd/Kconfig
index b2d7598717..7d0a40e8ac 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -924,6 +924,16 @@ endmenu
menu "Device access commands"
+config CMD_ARMFFA
+ bool "Arm FF-A test command"
+ depends on ARM_FFA_TRANSPORT
+ help
+ Provides a test command for the Arm FF-A driver
+ supported options:
+ - Listing the partition(s) info
+ - Sending a data pattern to the specified partition
+ - Displaying the arm_ffa device info
+
config CMD_ARMFLASH
#depends on FLASH_CFI_DRIVER
bool "armflash"
diff --git a/cmd/Makefile b/cmd/Makefile
index 0b6a96c1d9..c757f1647d 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -12,6 +12,8 @@ obj-y += panic.o
obj-y += version.o
# command
+
+obj-$(CONFIG_CMD_ARMFFA) += armffa.o
obj-$(CONFIG_CMD_ACPI) += acpi.o
obj-$(CONFIG_CMD_ADDRMAP) += addrmap.o
obj-$(CONFIG_CMD_AES) += aes.o
diff --git a/cmd/armffa.c b/cmd/armffa.c
new file mode 100644
index 0000000000..d2e8687bfb
--- /dev/null
+++ b/cmd/armffa.c
@@ -0,0 +1,237 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <arm_ffa.h>
+#include <asm/io.h>
+#include <common.h>
+#include <command.h>
+#include <dm.h>
+#include <mapmem.h>
+#include <stdlib.h>
+
+/**
+ * do_ffa_get_singular_partition_info - implementation of the getpart subcommand
+ * @cmdtp: Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * This function queries the secure partition information which the UUID is provided
+ * as an argument. The function uses the arm_ffa driver partition_info_get operation
+ * to retrieve the data.
+ * The input UUID string is expected to be in big endian format.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+static int do_ffa_get_singular_partition_info(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ u32 count = 0;
+ int ret;
+ struct ffa_partition_info *parts_info;
+ u32 info_idx;
+
+ if (argc != 1)
+ return -EINVAL;
+
+ /* Mode 1: getting the number of secure partitions */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, argv[0], &count, NULL);
+ if (ret != 0) {
+ ffa_err("Failure in querying partitions count (error code: %d)", ret);
+ return ret;
+ }
+
+ if (!count) {
+ ffa_info("No secure partition found");
+ return ret;
+ }
+
+ /*
+ * pre-allocate a buffer to be filled by the driver
+ * with ffa_partition_info structs
+ */
+
+ ffa_info("Pre-allocating %d partition(s) info structures", count);
+
+ parts_info = calloc(count, sizeof(struct ffa_partition_info));
+ if (!parts_info)
+ return -EINVAL;
+
+ /*
+ * ask the driver to fill the buffer with the SPs info
+ */
+
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, argv[0], &count, parts_info);
+ if (ret != 0) {
+ ffa_err("Failure in querying partition(s) info (error code: %d)", ret);
+ free(parts_info);
+ return ret;
+ }
+
+ /*
+ * SPs found , show the partition information
+ */
+ for (info_idx = 0; info_idx < count ; info_idx++) {
+ ffa_info("Partition: id = 0x%x , exec_ctxt 0x%x , properties 0x%x",
+ parts_info[info_idx].id,
+ parts_info[info_idx].exec_ctxt,
+ parts_info[info_idx].properties);
+ }
+
+ free(parts_info);
+
+ return 0;
+}
+
+/**
+ * do_ffa_msg_send_direct_req - implementation of the ping subcommand
+ * @cmdtp: Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * This function sends data to the secure partition which the ID is provided
+ * as an argument. The function uses the arm_ffa driver sync_send_receive operation
+ * to send data.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+int do_ffa_msg_send_direct_req(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ struct ffa_send_direct_data msg = {
+ .data0 = 0xaaaaaaaa,
+ .data1 = 0xbbbbbbbb,
+ .data2 = 0xcccccccc,
+ .data3 = 0xdddddddd,
+ .data4 = 0xeeeeeeee,
+ };
+ u16 part_id;
+ int ret;
+
+ if (argc != 1)
+ return -EINVAL;
+
+ errno = 0;
+ part_id = strtoul(argv[0], NULL, 16);
+
+ if (errno) {
+ ffa_err("Invalid partition ID");
+ return -EINVAL;
+ }
+
+ ret = ffa_bus_ops_get()->sync_send_receive(NULL, part_id, &msg, 1);
+ if (ret == 0) {
+ u8 cnt;
+
+ ffa_info("SP response:\n[LSB]");
+ for (cnt = 0;
+ cnt < sizeof(struct ffa_send_direct_data) / sizeof(u64);
+ cnt++)
+ ffa_info("0x%llx", ((u64 *)&msg)[cnt]);
+ } else {
+ ffa_err("Sending direct request error (%d)", ret);
+ }
+
+ return ret;
+}
+
+/**
+ *do_ffa_dev_list - implementation of the devlist subcommand
+ * @cmdtp: [in] Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * This function queries the devices belonging to the UCLASS_FFA
+ * class. Currently, one device is expected to show up: the arm_ffa device
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+int do_ffa_dev_list(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct udevice *dev = NULL;
+ int i;
+
+ ffa_info("arm_ffa uclass entries:");
+
+ for (i = 0, uclass_first_device(UCLASS_FFA, &dev);
+ dev;
+ uclass_next_device(&dev), i++) {
+ ffa_info("entry %d - instance %08x, ops %08x, plat %08x",
+ i,
+ (u32)map_to_sysmem(dev),
+ (u32)map_to_sysmem(dev->driver->ops),
+ (u32)map_to_sysmem(dev_get_plat(dev)));
+ }
+
+ return 0;
+}
+
+static struct cmd_tbl armffa_commands[] = {
+ U_BOOT_CMD_MKENT(getpart, 1, 1, do_ffa_get_singular_partition_info, "", ""),
+ U_BOOT_CMD_MKENT(ping, 1, 1, do_ffa_msg_send_direct_req, "", ""),
+ U_BOOT_CMD_MKENT(devlist, 0, 1, do_ffa_dev_list, "", ""),
+};
+
+/**
+ * do_armffa - the armffa command main function
+ * @cmdtp: Command Table
+ * @flag: flags
+ * @argc: number of arguments
+ * @argv: arguments
+ *
+ * This function identifies which armffa subcommand to run.
+ * Then, it makes sure the arm_ffa device is probed and
+ * ready for use.
+ * Then, it runs the subcommand.
+ *
+ * Return:
+ *
+ * CMD_RET_SUCCESS: on success, otherwise failure
+ */
+static int do_armffa(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct cmd_tbl *armffa_cmd;
+ int ret;
+
+ if (argc < 2)
+ return CMD_RET_USAGE;
+
+ armffa_cmd = find_cmd_tbl(argv[1], armffa_commands, ARRAY_SIZE(armffa_commands));
+
+ argc -= 2;
+ argv += 2;
+
+ if (!armffa_cmd || argc > armffa_cmd->maxargs)
+ return CMD_RET_USAGE;
+
+ ret = ffa_bus_discover(NULL);
+ if (ret != 0)
+ return cmd_process_error(cmdtp, ret);
+
+ if (!ffa_bus_ops_get())
+ return -EINVAL;
+
+ ret = armffa_cmd->cmd(armffa_cmd, flag, argc, argv);
+
+ return cmd_process_error(armffa_cmd, ret);
+}
+
+U_BOOT_CMD(armffa, 4, 1, do_armffa,
+ "Arm FF-A operations test command",
+ "getpart <partition UUID>\n"
+ " - lists the partition(s) info\n"
+ "ping <partition ID>\n"
+ " - sends a data pattern to the specified partition\n"
+ "devlist\n"
+ " - displays the arm_ffa device info\n");
diff --git a/drivers/firmware/arm-ffa/Kconfig b/drivers/firmware/arm-ffa/Kconfig
index e4914b9bc7..be4df89d23 100644
--- a/drivers/firmware/arm-ffa/Kconfig
+++ b/drivers/firmware/arm-ffa/Kconfig
@@ -4,6 +4,7 @@ config ARM_FFA_TRANSPORT
bool "Enable Arm Firmware Framework for Armv8-A driver"
depends on DM && ARM64
select ARM_SMCCC
+ select CMD_ARMFFA
select LIB_UUID
select DEVRES
help
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0006-arm_ffa-introduce-the-FF-A-Sandbox-driver.patch
+1164
View File
File diff suppressed because it is too large Load Diff
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0007-arm_ffa-introduce-Sandbox-test-cases-for-UCLASS_FFA.patch
+472
View File
@@ -0,0 +1,472 @@
From 3664fe7503cbc4348bbd7bcb8fbf7e1db332ac5d Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 6 Jun 2022 17:26:06 +0100
Subject: [PATCH 07/42] arm_ffa: introduce Sandbox test cases for UCLASS_FFA
Add functional test cases for the FF-A core driver
These tests rely on the FF-A Sandbox driver which helps in
inspecting the FF-A core driver.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8:
* update partition_info_get() second argument to be an SP count
* pass NULL device pointer to the FF-A bus discovery and operations
v7: set the tests to use 64-bit direct messaging
v4: align sandbox tests with the new FF-A driver interfaces
and new way of error handling
v1: introduce sandbox tests
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
MAINTAINERS | 1 +
test/dm/Makefile | 2 +
test/dm/ffa.c | 392 +++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 395 insertions(+)
create mode 100644 test/dm/ffa.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 297d165f84..c1d3d4ae1c 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -272,6 +272,7 @@ F: doc/arch/arm64.ffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
F: include/sandbox_arm_ffa.h
+F: test/dm/ffa.c
ARM FREESCALE IMX
M: Stefano Babic <sbabic@denx.de>
diff --git a/test/dm/Makefile b/test/dm/Makefile
index 7a79b6e1a2..85e99e1c12 100644
--- a/test/dm/Makefile
+++ b/test/dm/Makefile
@@ -1,6 +1,7 @@
# SPDX-License-Identifier: GPL-2.0+
#
# Copyright (c) 2013 Google, Inc
+# (C) Copyright 2022 ARM Limited
obj-$(CONFIG_UT_DM) += test-dm.o
@@ -85,6 +86,7 @@ obj-$(CONFIG_POWER_DOMAIN) += power-domain.o
obj-$(CONFIG_ACPI_PMC) += pmc.o
obj-$(CONFIG_DM_PMIC) += pmic.o
obj-$(CONFIG_DM_PWM) += pwm.o
+obj-$(CONFIG_SANDBOX_FFA) += ffa.o
obj-$(CONFIG_QFW) += qfw.o
obj-$(CONFIG_RAM) += ram.o
obj-y += regmap.o
diff --git a/test/dm/ffa.c b/test/dm/ffa.c
new file mode 100644
index 0000000000..128d8626a7
--- /dev/null
+++ b/test/dm/ffa.c
@@ -0,0 +1,392 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Functional tests for UCLASS_FFA class
+ *
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <common.h>
+#include <console.h>
+#include <dm.h>
+#include <dm/test.h>
+#include "../../drivers/firmware/arm-ffa/sandbox_arm_ffa_prv.h"
+#include <sandbox_arm_ffa.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+/* Macros */
+
+#define LOG_MSG_SZ (100)
+#define LOG_CMD_SZ (LOG_MSG_SZ * 2)
+
+/* Functional tests for the UCLASS_FFA */
+
+static int dm_test_ffa_log(struct unit_test_state *uts, char *msg)
+{
+ char cmd[LOG_CMD_SZ] = {0};
+
+ console_record_reset();
+
+ snprintf(cmd, LOG_CMD_SZ, "echo \"%s\"", msg);
+ run_command(cmd, 0);
+
+ ut_assert_console_end();
+
+ return CMD_RET_SUCCESS;
+}
+
+static int check_fwk_version(struct ffa_prvdata *prvdata, struct sandbox_ffa_prvdata *sdx_prvdata,
+ struct unit_test_state *uts)
+{
+ if (prvdata->fwk_version != sdx_prvdata->fwk_version) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ,
+ "[%s]: Error: framework version: core = 0x%x , sandbox = 0x%x", __func__,
+ prvdata->fwk_version,
+ sdx_prvdata->fwk_version);
+
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int check_endpoint_id(struct ffa_prvdata *prvdata, struct unit_test_state *uts)
+{
+ if (prvdata->id) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ,
+ "[%s]: Error: endpoint id: core = 0x%x", __func__, prvdata->id);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int check_core_dev(struct ffa_prvdata *prvdata, struct unit_test_state *uts)
+{
+ if (!prvdata->dev) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ, "[%s]: Error: core device NULL", __func__);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int check_sandbox_dev(struct sandbox_ffa_prvdata *sdx_prvdata, struct unit_test_state *uts)
+{
+ if (!sdx_prvdata->dev) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ, "[%s]: Error: sandbox device NULL", __func__);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int check_rxtxbuf(struct ffa_prvdata *prvdata, struct unit_test_state *uts)
+{
+ if (!prvdata->pair.rxbuf && prvdata->pair.txbuf) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ, "[%s]: Error: rxbuf = 0x%llx txbuf = 0x%llx", __func__,
+ prvdata->pair.rxbuf,
+ prvdata->pair.txbuf);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int check_features(struct ffa_prvdata *prvdata, struct unit_test_state *uts)
+{
+ char msg[LOG_MSG_SZ] = {0};
+
+ if (prvdata->pair.rxtx_min_pages != RXTX_4K &&
+ prvdata->pair.rxtx_min_pages != RXTX_16K &&
+ prvdata->pair.rxtx_min_pages != RXTX_64K) {
+ snprintf(msg,
+ LOG_MSG_SZ,
+ "[%s]: Error: FFA_RXTX_MAP features = 0x%lx",
+ __func__,
+ prvdata->pair.rxtx_min_pages);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+
+ return CMD_RET_SUCCESS;
+}
+
+static int check_rxbuf_mapped_flag(u32 queried_func_id,
+ u8 rxbuf_mapped,
+ struct unit_test_state *uts)
+{
+ char msg[LOG_MSG_SZ] = {0};
+
+ switch (queried_func_id) {
+ case FFA_RXTX_MAP:
+ {
+ if (rxbuf_mapped)
+ return CMD_RET_SUCCESS;
+ break;
+ }
+ case FFA_RXTX_UNMAP:
+ {
+ if (!rxbuf_mapped)
+ return CMD_RET_SUCCESS;
+ break;
+ }
+ default:
+ return CMD_RET_FAILURE;
+ }
+
+ snprintf(msg, LOG_MSG_SZ, "[%s]: Error: %s mapping issue", __func__,
+ (queried_func_id == FFA_RXTX_MAP ? "FFA_RXTX_MAP" : "FFA_RXTX_UNMAP"));
+ dm_test_ffa_log(uts, msg);
+
+ return CMD_RET_FAILURE;
+}
+
+static int check_rxbuf_release_flag(u8 rxbuf_owned, struct unit_test_state *uts)
+{
+ if (rxbuf_owned) {
+ char msg[LOG_MSG_SZ] = {0};
+
+ snprintf(msg, LOG_MSG_SZ, "[%s]: Error: RX buffer not released", __func__);
+ dm_test_ffa_log(uts, msg);
+ return CMD_RET_FAILURE;
+ }
+ return CMD_RET_SUCCESS;
+}
+
+static int test_ffa_msg_send_direct_req(u16 part_id, struct unit_test_state *uts)
+{
+ struct ffa_send_direct_data msg = {0};
+ u8 cnt;
+
+ ut_assertok(ffa_bus_ops_get()->sync_send_receive(NULL, part_id, &msg, 1));
+
+ for (cnt = 0; cnt < sizeof(struct ffa_send_direct_data) / sizeof(u64); cnt++)
+ ut_assertok(((u64 *)&msg)[cnt] != 0xffffffffffffffff);
+
+ return CMD_RET_SUCCESS;
+}
+
+static int test_partitions_and_comms(const char *service_uuid,
+ struct sandbox_ffa_prvdata *sdx_prvdata,
+ struct unit_test_state *uts)
+{
+ u32 count = 0;
+ struct ffa_partition_info *parts_info;
+ u32 info_idx, exp_info_idx;
+ int ret;
+
+ /*
+ * get from the driver the count of the SPs matching the UUID
+ */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, service_uuid, &count, NULL);
+ /* make sure partitions are detected */
+ ut_assertok(ret != 0);
+ ut_assertok(count != SANDBOX_SP_COUNT_PER_VALID_SERVICE);
+
+ /*
+ * pre-allocate a buffer to be filled by the driver
+ * with ffa_partition_info structs
+ */
+
+ parts_info = calloc(count, sizeof(struct ffa_partition_info));
+ ut_assertok(!parts_info);
+
+ /*
+ * ask the driver to fill the buffer with the SPs info
+ */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, service_uuid, &count, parts_info);
+ if (ret != 0) {
+ free(parts_info);
+ ut_assertok(ret != 0);
+ }
+
+ /*
+ * SPs found , verify the partitions information
+ */
+
+ ret = CMD_RET_FAILURE;
+
+ for (info_idx = 0; info_idx < count ; info_idx++) {
+ for (exp_info_idx = 0;
+ exp_info_idx < sdx_prvdata->partitions.count;
+ exp_info_idx++) {
+ if (parts_info[info_idx].id ==
+ sdx_prvdata->partitions.descs[exp_info_idx].info.id) {
+ ret = memcmp(&parts_info[info_idx],
+ &sdx_prvdata->partitions.descs[exp_info_idx]
+ .info,
+ sizeof(struct ffa_partition_info));
+ if (ret)
+ free(parts_info);
+ ut_assertok(ret != 0);
+ /* send and receive data from the current partition */
+ test_ffa_msg_send_direct_req(parts_info[info_idx].id, uts);
+ }
+ ret = CMD_RET_SUCCESS;
+ }
+ }
+
+ free(parts_info);
+
+ /* Verify expected partitions found in the emulated secure world*/
+ ut_assertok(ret != CMD_RET_SUCCESS);
+
+ return CMD_RET_SUCCESS;
+}
+
+static int dm_test_ffa_ack(struct unit_test_state *uts)
+{
+ struct ffa_prvdata *prvdata = NULL;
+ struct sandbox_ffa_prvdata *sdx_prvdata = NULL;
+ struct ffa_sandbox_data func_data = {0};
+ u8 rxbuf_flag = 0;
+ const char *svc1_uuid = SANDBOX_SERVICE1_UUID;
+ const char *svc2_uuid = SANDBOX_SERVICE2_UUID;
+ int ret;
+
+ /* test probing FF-A devices */
+ ut_assertok(ffa_bus_discover(NULL));
+
+ /* get a pointer to the FF-A core and sandbox drivers private data */
+ func_data.data0 = &prvdata;
+ func_data.data0_size = sizeof(prvdata);
+ func_data.data1 = &sdx_prvdata;
+ func_data.data1_size = sizeof(sdx_prvdata);
+
+ ut_assertok(sandbox_ffa_query_core_state(FFA_VERSION, &func_data));
+
+ /* make sure private data pointers are retrieved */
+ ut_assertok(prvdata == 0);
+ ut_assertok(sdx_prvdata == 0);
+
+ /* make sure dev devices created */
+ ut_assertok(check_core_dev(prvdata, uts));
+ ut_assertok(check_sandbox_dev(sdx_prvdata, uts));
+
+ /* test FFA_VERSION */
+ ut_assertok(check_fwk_version(prvdata, sdx_prvdata, uts));
+
+ /* test FFA_ID_GET */
+ ut_assertok(check_endpoint_id(prvdata, uts));
+
+ /* test FFA_FEATURES */
+ ut_assertok(check_features(prvdata, uts));
+
+ /* test core RX/TX buffers */
+ ut_assertok(check_rxtxbuf(prvdata, uts));
+
+ /* test FFA_RXTX_MAP */
+ func_data.data0 = &rxbuf_flag;
+ func_data.data0_size = sizeof(rxbuf_flag);
+
+ rxbuf_flag = 0;
+ ut_assertok(sandbox_ffa_query_core_state(FFA_RXTX_MAP, &func_data));
+ ut_assertok(check_rxbuf_mapped_flag(FFA_RXTX_MAP, rxbuf_flag, uts));
+
+ /* FFA_PARTITION_INFO_GET / FFA_MSG_SEND_DIRECT_REQ */
+ ret = test_partitions_and_comms(svc1_uuid, sdx_prvdata, uts);
+ ut_assertok(ret != CMD_RET_SUCCESS);
+
+ /* test FFA_RX_RELEASE */
+ rxbuf_flag = 1;
+ ut_assertok(sandbox_ffa_query_core_state(FFA_RX_RELEASE, &func_data));
+ ut_assertok(check_rxbuf_release_flag(rxbuf_flag, uts));
+
+ /* FFA_PARTITION_INFO_GET / FFA_MSG_SEND_DIRECT_REQ */
+ ret = test_partitions_and_comms(svc2_uuid, sdx_prvdata, uts);
+ ut_assertok(ret != CMD_RET_SUCCESS);
+
+ /* test FFA_RX_RELEASE */
+ rxbuf_flag = 1;
+ ut_assertok(sandbox_ffa_query_core_state(FFA_RX_RELEASE, &func_data));
+ ut_assertok(check_rxbuf_release_flag(rxbuf_flag, uts));
+
+ /* test FFA_RXTX_UNMAP */
+ ut_assertok(ffa_bus_ops_get()->rxtx_unmap(NULL));
+
+ rxbuf_flag = 1;
+ ut_assertok(sandbox_ffa_query_core_state(FFA_RXTX_UNMAP, &func_data));
+ ut_assertok(check_rxbuf_mapped_flag(FFA_RXTX_UNMAP, rxbuf_flag, uts));
+
+ return CMD_RET_SUCCESS;
+}
+
+DM_TEST(dm_test_ffa_ack, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);
+
+static int dm_test_ffa_nack(struct unit_test_state *uts)
+{
+ struct ffa_prvdata *prvdata = NULL;
+ struct sandbox_ffa_prvdata *sdx_prvdata = NULL;
+ struct ffa_sandbox_data func_data = {0};
+ const char *valid_svc_uuid = SANDBOX_SERVICE1_UUID;
+ const char *unvalid_svc_uuid = SANDBOX_SERVICE3_UUID;
+ const char *unvalid_svc_uuid_str = SANDBOX_SERVICE4_UUID;
+ struct ffa_send_direct_data msg = {0};
+ int ret;
+ u32 count = 0;
+ u16 part_id = 0;
+
+ /* test probing FF-A devices */
+ ut_assertok(ffa_bus_discover(NULL));
+
+ /* get a pointer to the FF-A core and sandbox drivers private data */
+ func_data.data0 = &prvdata;
+ func_data.data0_size = sizeof(prvdata);
+ func_data.data1 = &sdx_prvdata;
+ func_data.data1_size = sizeof(sdx_prvdata);
+
+ ut_assertok(sandbox_ffa_query_core_state(FFA_VERSION, &func_data));
+
+ /* make sure private data pointers are retrieved */
+ ut_assertok(prvdata == 0);
+ ut_assertok(sdx_prvdata == 0);
+
+ /* make sure dev devices created */
+ ut_assertok(check_core_dev(prvdata, uts));
+ ut_assertok(check_sandbox_dev(sdx_prvdata, uts));
+
+ /* query partitions count using invalid arguments */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, unvalid_svc_uuid, NULL, NULL);
+ ut_assertok(ret != -EINVAL);
+
+ /* query partitions count using an invalid UUID string */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, unvalid_svc_uuid_str, &count, NULL);
+ ut_assertok(ret != -EINVAL);
+
+ /* query partitions count using an invalid UUID (no matching SP) */
+ count = 0;
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, unvalid_svc_uuid, &count, NULL);
+ ut_assertok(count != 0);
+
+ /* query partitions count using a valid UUID */
+ count = 0;
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, valid_svc_uuid, &count, NULL);
+ /* make sure partitions are detected */
+ ut_assertok(ret != 0);
+ ut_assertok(count != SANDBOX_SP_COUNT_PER_VALID_SERVICE);
+
+ /* send data to an invalid partition */
+ ret = ffa_bus_ops_get()->sync_send_receive(NULL, part_id, &msg, 1);
+ ut_assertok(ret != -EINVAL);
+
+ /* send data to a valid partition */
+ part_id = prvdata->partitions.descs[0].info.id;
+ ret = ffa_bus_ops_get()->sync_send_receive(NULL, part_id, &msg, 1);
+ ut_assertok(ret != 0);
+
+ return CMD_RET_SUCCESS;
+}
+
+DM_TEST(dm_test_ffa_nack, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0008-arm_ffa-introduce-armffa-command-Sandbox-test.patch
+108
View File
@@ -0,0 +1,108 @@
From 5af272d2bb2a7a8c8a4732c8d598dd1713856949 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Tue, 29 Nov 2022 14:48:34 +0000
Subject: [PATCH 08/42] arm_ffa: introduce armffa command Sandbox test
Add Sandbox test for the armffa command
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v4: drop use of helper APIs
v1: introduce armffa command sandbox test
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
MAINTAINERS | 1 +
test/cmd/Makefile | 2 ++
test/cmd/armffa.c | 39 +++++++++++++++++++++++++++++++++++++++
3 files changed, 42 insertions(+)
create mode 100644 test/cmd/armffa.c
diff --git a/MAINTAINERS b/MAINTAINERS
index c1d3d4ae1c..a2f60a3b93 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -272,6 +272,7 @@ F: doc/arch/arm64.ffa.rst
F: drivers/firmware/arm-ffa/
F: include/arm_ffa.h
F: include/sandbox_arm_ffa.h
+F: test/cmd/armffa.c
F: test/dm/ffa.c
ARM FREESCALE IMX
diff --git a/test/cmd/Makefile b/test/cmd/Makefile
index bc961df3dc..21aa6d740e 100644
--- a/test/cmd/Makefile
+++ b/test/cmd/Makefile
@@ -1,6 +1,7 @@
# SPDX-License-Identifier: GPL-2.0+
#
# Copyright (c) 2013 Google, Inc
+# (C) Copyright 2022 ARM Limited
ifdef CONFIG_HUSH_PARSER
obj-$(CONFIG_CONSOLE_RECORD) += test_echo.o
@@ -18,6 +19,7 @@ obj-$(CONFIG_CMD_PINMUX) += pinmux.o
obj-$(CONFIG_CMD_PWM) += pwm.o
ifdef CONFIG_SANDBOX
obj-$(CONFIG_CMD_SETEXPR) += setexpr.o
+obj-$(CONFIG_SANDBOX_FFA) += armffa.o
endif
obj-$(CONFIG_CMD_TEMPERATURE) += temperature.o
obj-$(CONFIG_CMD_WGET) += wget.o
diff --git a/test/cmd/armffa.c b/test/cmd/armffa.c
new file mode 100644
index 0000000000..e04363ba63
--- /dev/null
+++ b/test/cmd/armffa.c
@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Test for armffa command
+ *
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+ */
+
+#include <common.h>
+#include <dm/test.h>
+#include <sandbox_arm_ffa.h>
+#include <string.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+#define PING_CMD_SIZE 19
+
+/* Basic test of 'armffa' command */
+static int dm_test_armffa_cmd(struct unit_test_state *uts)
+{
+ char ping_cmd[PING_CMD_SIZE] = {0};
+
+ ut_assertok(ffa_bus_discover(NULL));
+
+ /* armffa getpart <UUID> */
+ ut_assertok(run_command("armffa getpart " SANDBOX_SERVICE1_UUID, 0));
+
+ snprintf(ping_cmd, PING_CMD_SIZE, "armffa ping 0x%x", SANDBOX_SP1_ID);
+
+ /* armffa ping <ID> */
+ ut_assertok(run_command(ping_cmd, 0));
+
+ /* armffa devlist */
+ ut_assertok(run_command("armffa devlist", 0));
+
+ return CMD_RET_SUCCESS;
+}
+
+DM_TEST(dm_test_armffa_cmd, UT_TESTF_SCAN_FDT | UT_TESTF_CONSOLE_REC);
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0009-arm_ffa-efi-introduce-FF-A-MM-communication.patch
+500
View File
@@ -0,0 +1,500 @@
From ca1ae0e78ee3476090919459ec5d08187d5eefbc Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Mon, 15 Aug 2022 15:12:49 +0100
Subject: [PATCH 09/42] arm_ffa: efi: introduce FF-A MM communication
Add MM communication support using FF-A transport
This feature allows accessing MM partitions services through
EFI MM communication protocol. MM partitions such as StandAlonneMM
or smm-gateway secure partitions which reside in secure world.
An MM shared buffer and a door bell event are used to exchange
the data.
The data is used by EFI services such as GetVariable()/SetVariable()
and copied from the communication buffer to the MM shared buffer.
The secure partition is notified about availability of data in the
MM shared buffer by an FF-A message (door bell).
On such event, MM SP can read the data and updates the MM shared
buffer with the response data.
The response data is copied back to the communication buffer and
consumed by the EFI subsystem.
MM communication protocol supports FF-A 64-bit direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8:
* isolate the compilation choices between FF-A and OP-TEE
* update partition_info_get() second argument to be an SP count
* pass NULL device pointer to the FF-A bus discovery and operations
v7:
* set the MM door bell event to use 64-bit direct messaging
* issue a compile time error when one of these macros are not found :
FFA_SHARED_MM_BUFFER_SIZE, FFA_SHARED_MM_BUFFER_OFFSET, FFA_SHARED_MM_BUFFER_ADDR
* make mm_sp_svc_uuid static
* replace EINVAL with ENOMEM in ffa_discover_mm_sp_id() when calloc() fails
* improve use of unmap_sysmem() in ffa_mm_communicate()
v6:
* add FF-A runtime discovery at MM communication level
* drop EFI runtime support for FF-A MM communication
* revert the changes in include/mm_communication.h for
efi_mm_communicate_header and smm_variable_access structures
v4:
* use the new FF-A driver interfaces
* discover MM partitions at runtime
* copy FF-A driver private data to EFI runtime section at
ExitBootServices()
* drop use of FFA_ERR_STAT_SUCCESS error code
* replace EFI_BUFFER_TOO_SMALL with EFI_OUT_OF_RESOURCES
in ffa_mm_communicate(). No need for efi_memcpy_runtime() anymore
* revert the error log in mm_communicate() in case of failure
* remove packed attribute from efi_mm_communicate_header and
smm_variable_communicate_header
v2:
* set default values to 0 for FFA_SHARED_MM_BUFFER_SIZE, FFA_SHARED_MM_BUFFER_ADDR and MM_SP_UUID_DATA and add warnings
v1:
* introduce FF-A MM communication
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
include/mm_communication.h | 5 +
lib/efi_loader/Kconfig | 14 +-
lib/efi_loader/efi_variable_tee.c | 294 +++++++++++++++++++++++++++++-
3 files changed, 307 insertions(+), 6 deletions(-)
diff --git a/include/mm_communication.h b/include/mm_communication.h
index e65fbde60d..d409bed777 100644
--- a/include/mm_communication.h
+++ b/include/mm_communication.h
@@ -6,6 +6,8 @@
* Copyright (c) 2017, Intel Corporation. All rights reserved.
* Copyright (C) 2020 Linaro Ltd. <sughosh.ganu@linaro.org>
* Copyright (C) 2020 Linaro Ltd. <ilias.apalodimas@linaro.org>
+ * (C) Copyright 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#ifndef _MM_COMMUNICATION_H_
@@ -13,6 +15,9 @@
#include <part_efi.h>
+/* MM service UUID string (big-endian format). This UUID is common across all MM SPs */
+#define MM_SP_UUID "33d532ed-e699-0942-c09c-a798d9cd722d"
+
/*
* Interface to the pseudo Trusted Application (TA), which provides a
* communication channel with the Standalone MM (Management Mode)
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index b498c72206..ca73908481 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -55,13 +55,23 @@ config EFI_VARIABLE_FILE_STORE
stored as file /ubootefi.var on the EFI system partition.
config EFI_MM_COMM_TEE
- bool "UEFI variables storage service via OP-TEE"
- depends on OPTEE
+ bool "UEFI variables storage service via the trusted world"
+ depends on OPTEE || ARM_FFA_TRANSPORT
help
+ Allowing access to the MM SP services (SPs such as StandAlonneMM, smm-gateway).
+ When using the u-boot OP-TEE driver, StandAlonneMM is supported.
+ When using the u-boot FF-A driver any MM SP is supported.
+
If OP-TEE is present and running StandAloneMM, dispatch all UEFI
variable related operations to that. The application will verify,
authenticate and store the variables on an RPMB.
+ When ARM_FFA_TRANSPORT is used, dispatch all UEFI variable related
+ operations to the MM SP running in the secure world.
+ A door bell mechanism is used to notify the SP when there is data in the shared
+ MM buffer. The data is copied by u-boot to the shared buffer before issuing
+ the door bell event.
+
config EFI_VARIABLE_NO_STORE
bool "Don't persist non-volatile UEFI variables"
help
diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
index dfef18435d..3933a24e8c 100644
--- a/lib/efi_loader/efi_variable_tee.c
+++ b/lib/efi_loader/efi_variable_tee.c
@@ -4,9 +4,12 @@
*
* Copyright (C) 2019 Linaro Ltd. <sughosh.ganu@linaro.org>
* Copyright (C) 2019 Linaro Ltd. <ilias.apalodimas@linaro.org>
+ * Copyright (C) 2022 ARM Limited
+ * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
*/
#include <common.h>
+#include <dm.h>
#include <efi.h>
#include <efi_api.h>
#include <efi_loader.h>
@@ -15,6 +18,36 @@
#include <malloc.h>
#include <mm_communication.h>
+#if (IS_ENABLED(CONFIG_ARM_FFA_TRANSPORT))
+
+#include <arm_ffa.h>
+#include <cpu_func.h>
+#include <mapmem.h>
+
+#ifndef FFA_SHARED_MM_BUFFER_SIZE
+#error "FFA_SHARED_MM_BUFFER_SIZE must be defined in include/configs/<board>.h"
+#define FFA_SHARED_MM_BUFFER_SIZE 0
+#endif
+
+#ifndef FFA_SHARED_MM_BUFFER_OFFSET
+#error "FFA_SHARED_MM_BUFFER_OFFSET must be defined in include/configs/<board>.h"
+#define FFA_SHARED_MM_BUFFER_OFFSET 0
+#endif
+
+#ifndef FFA_SHARED_MM_BUFFER_ADDR
+#error "FFA_SHARED_MM_BUFFER_ADDR must be defined in include/configs/<board>.h"
+#define FFA_SHARED_MM_BUFFER_ADDR 0
+#endif
+
+/* MM return codes */
+#define MM_SUCCESS (0)
+
+static const char *mm_sp_svc_uuid = MM_SP_UUID;
+
+static u16 mm_sp_id;
+
+#endif
+
extern struct efi_var_file __efi_runtime_data *efi_var_buf;
static efi_uintn_t max_buffer_size; /* comm + var + func + data */
static efi_uintn_t max_payload_size; /* func + data */
@@ -24,6 +57,7 @@ struct mm_connection {
u32 session;
};
+#if (IS_ENABLED(CONFIG_OPTEE))
/**
* get_connection() - Retrieve OP-TEE session for a specific UUID.
*
@@ -143,13 +177,248 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize)
return ret;
}
+#endif
+
+#if (IS_ENABLED(CONFIG_ARM_FFA_TRANSPORT))
/**
- * mm_communicate() - Adjust the cmonnucation buffer to StandAlonneMM and send
+ * ffa_notify_mm_sp() - Announce there is data in the shared buffer
+ *
+ * Notifies the MM partition in the trusted world that
+ * data is available in the shared buffer.
+ * This is a blocking call during which trusted world has exclusive access
+ * to the MM shared buffer.
+ *
+ * Return:
+ *
+ * 0 on success
+ */
+static int ffa_notify_mm_sp(void)
+{
+ struct ffa_send_direct_data msg = {0};
+ int ret;
+ int sp_event_ret = -1;
+
+ if (!ffa_bus_ops_get())
+ return -EINVAL;
+
+ msg.data0 = FFA_SHARED_MM_BUFFER_OFFSET; /* x3 */
+
+ ret = ffa_bus_ops_get()->sync_send_receive(NULL, mm_sp_id, &msg, 1);
+ if (ret != 0)
+ return ret;
+
+ sp_event_ret = msg.data0; /* x3 */
+
+ if (sp_event_ret == MM_SUCCESS)
+ return 0;
+
+ /*
+ * Failure to notify the MM SP
+ */
+
+ return -EACCES;
+}
+
+/**
+ * ffa_discover_mm_sp_id() - Query the MM partition ID
+ *
+ * Use the FF-A driver to get the MM partition ID.
+ * If multiple partitions are found, use the first one.
+ * This is a boot time function.
+ *
+ * Return:
+ *
+ * 0 on success
+ */
+static int ffa_discover_mm_sp_id(void)
+{
+ u32 count = 0;
+ int ret;
+ struct ffa_partition_info *parts_info;
+
+ if (!ffa_bus_ops_get())
+ return -EINVAL;
+
+ /*
+ * get from the driver the count of the SPs matching the UUID
+ */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, mm_sp_svc_uuid, &count, NULL);
+ if (ret != 0) {
+ log_err("EFI: Failure in querying partitions count (error code: %d)\n", ret);
+ return ret;
+ }
+
+ if (!count) {
+ log_info("EFI: No MM partition found\n");
+ return ret;
+ }
+
+ /*
+ * pre-allocate a buffer to be filled by the driver
+ * with ffa_partition_info structs
+ */
+
+ log_info("EFI: Pre-allocating %d partition(s) info structures\n", count);
+
+ parts_info = calloc(count, sizeof(*parts_info));
+ if (!parts_info)
+ return -ENOMEM;
+
+ /*
+ * ask the driver to fill the
+ * buffer with the SPs info
+ */
+ ret = ffa_bus_ops_get()->partition_info_get(NULL, mm_sp_svc_uuid, &count, parts_info);
+ if (ret) {
+ log_err("EFI: Failure in querying partition(s) info (error code: %d)\n", ret);
+ free(parts_info);
+ return ret;
+ }
+
+ /*
+ * MM SPs found , use the first one
+ */
+
+ mm_sp_id = parts_info[0].id;
+
+ log_info("EFI: MM partition ID 0x%x\n", mm_sp_id);
+
+ free(parts_info);
+
+ return 0;
+}
+
+/**
+ * ffa_mm_communicate() - Exchange EFI services data with the MM partition using FF-A
+ * @comm_buf: locally allocated communication buffer used for rx/tx
+ * @dsize: communication buffer size
+ *
+ * Issues a door bell event to notify the MM partition (SP) running in OP-TEE
+ * that there is data to read from the shared buffer.
+ * Communication with the MM SP is performed using FF-A transport.
+ * On the event, MM SP can read the data from the buffer and
+ * update the MM shared buffer with response data.
+ * The response data is copied back to the communication buffer.
+ *
+ * Return:
+ *
+ * EFI status code
+ */
+static efi_status_t ffa_mm_communicate(void *comm_buf, ulong comm_buf_size)
+{
+ ulong tx_data_size;
+ int ffa_ret;
+ efi_status_t efi_ret;
+ struct efi_mm_communicate_header *mm_hdr;
+ void *virt_shared_buf;
+
+ if (!comm_buf)
+ return EFI_INVALID_PARAMETER;
+
+ /* Discover MM partition ID at boot time */
+ if (!mm_sp_id && ffa_discover_mm_sp_id() != 0) {
+ log_err("EFI: Failure to discover MM partition ID at boot time\n");
+ return EFI_UNSUPPORTED;
+ }
+
+ mm_hdr = (struct efi_mm_communicate_header *)comm_buf;
+ tx_data_size = mm_hdr->message_len + sizeof(efi_guid_t) + sizeof(size_t);
+
+ if (comm_buf_size != tx_data_size || tx_data_size > FFA_SHARED_MM_BUFFER_SIZE)
+ return EFI_INVALID_PARAMETER;
+
+ /* Copy the data to the shared buffer */
+
+ virt_shared_buf = (void *)map_sysmem((phys_addr_t)FFA_SHARED_MM_BUFFER_ADDR, 0);
+ memcpy(virt_shared_buf, comm_buf, tx_data_size);
+
+ /*
+ * The secure world might have cache disabled for
+ * the device region used for shared buffer (which is the case for Optee).
+ * In this case, the secure world reads the data from DRAM.
+ * Let's flush the cache so the DRAM is updated with the latest data.
+ */
+ #ifdef CONFIG_ARM64
+ invalidate_dcache_all();
+ #endif
+
+ /* Announce there is data in the shared buffer */
+
+ ffa_ret = ffa_notify_mm_sp();
+
+ switch (ffa_ret) {
+ case 0:
+ {
+ ulong rx_data_size;
+ /* Copy the MM SP response from the shared buffer to the communication buffer */
+ rx_data_size = ((struct efi_mm_communicate_header *)virt_shared_buf)->message_len +
+ sizeof(efi_guid_t) +
+ sizeof(size_t);
+
+ if (rx_data_size > comm_buf_size) {
+ efi_ret = EFI_OUT_OF_RESOURCES;
+ break;
+ }
+
+ memcpy(comm_buf, virt_shared_buf, rx_data_size);
+ efi_ret = EFI_SUCCESS;
+ break;
+ }
+ case -EINVAL:
+ efi_ret = EFI_DEVICE_ERROR;
+ break;
+ case -EPERM:
+ efi_ret = EFI_INVALID_PARAMETER;
+ break;
+ case -EACCES:
+ efi_ret = EFI_ACCESS_DENIED;
+ break;
+ case -EBUSY:
+ efi_ret = EFI_OUT_OF_RESOURCES;
+ break;
+ default:
+ efi_ret = EFI_ACCESS_DENIED;
+ }
+
+ unmap_sysmem(virt_shared_buf);
+ return efi_ret;
+}
+#endif
+
+/**
+ * select_ffa_mm_comms() - checks FF-A support availability
+ *
+ * Making sure FF-A is compiled in. If that's the case try to discover
+ * the FF-A bus.
+ *
+ * Return:
+ *
+ * 0: FF-A ready for use. Otherwise, failure
+ */
+static efi_status_t select_ffa_mm_comms(void)
+{
+ efi_status_t ret = EFI_UNSUPPORTED;
+#if (IS_ENABLED(CONFIG_ARM_FFA_TRANSPORT))
+ ret = ffa_bus_discover(NULL);
+ if (ret)
+ ret = EFI_NOT_READY;
+#endif
+ return ret;
+}
+
+/**
+ * mm_communicate() - Adjust the communication buffer to the MM SP and send
* it to OP-TEE
*
- * @comm_buf: locally allocted communcation buffer
+ * @comm_buf: locally allocated communication buffer
* @dsize: buffer size
+ *
+ * The SP (also called partition) can be any MM SP such as StandAlonneMM or smm-gateway.
+ * The comm_buf format is the same for both partitions.
+ * When using the u-boot OP-TEE driver, StandAlonneMM is supported.
+ * When using the u-boot FF-A driver, any MM SP is supported.
+ *
* Return: status code
*/
static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize)
@@ -162,7 +431,17 @@ static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize)
mm_hdr = (struct efi_mm_communicate_header *)comm_buf;
var_hdr = (struct smm_variable_communicate_header *)mm_hdr->data;
- ret = optee_mm_communicate(comm_buf, dsize);
+ ret = select_ffa_mm_comms();
+ if (ret != EFI_SUCCESS) {
+#if (IS_ENABLED(CONFIG_OPTEE))
+ ret = optee_mm_communicate(comm_buf, dsize);
+#endif
+ } else {
+#if (IS_ENABLED(CONFIG_ARM_FFA_TRANSPORT))
+ ret = ffa_mm_communicate(comm_buf, dsize);
+#endif
+ }
+
if (ret != EFI_SUCCESS) {
log_err("%s failed!\n", __func__);
return ret;
@@ -258,6 +537,13 @@ efi_status_t EFIAPI get_max_payload(efi_uintn_t *size)
goto out;
}
*size = var_payload->size;
+
+ #if (IS_ENABLED(CONFIG_ARM_FFA_TRANSPORT))
+ if (*size > FFA_SHARED_MM_BUFFER_SIZE)
+ *size = FFA_SHARED_MM_BUFFER_SIZE - MM_COMMUNICATE_HEADER_SIZE -
+ MM_VARIABLE_COMMUNICATE_SIZE;
+ #endif
+
/*
* There seems to be a bug in EDK2 miscalculating the boundaries and
* size checks, so deduct 2 more bytes to fulfill this requirement. Fix
@@ -697,7 +983,7 @@ void efi_variables_boot_exit_notify(void)
ret = EFI_NOT_FOUND;
if (ret != EFI_SUCCESS)
- log_err("Unable to notify StMM for ExitBootServices\n");
+ log_err("Unable to notify the MM partition for ExitBootServices\n");
free(comm_buf);
/*
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0010-arm_ffa-efi-corstone1000-enable-MM-communication.patch
+86
View File
@@ -0,0 +1,86 @@
From a595dfd91d3e226eaa39e324673871c73ae0aa29 Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Fri, 23 Sep 2022 15:17:21 +0100
Subject: [PATCH 10/42] arm_ffa: efi: corstone1000: enable MM communication
turn on EFI MM communication
On corstone1000 platform MM communication between u-boot
and the secure world (Optee) is done using the FF-A bus.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Submitted [cover letter: https://lore.kernel.org/all/20221122131751.22747-1-abdellatif.elkhlifi@arm.com/]
Changelog:
===============
v8:
* drop OP-TEE configs from Corstone-1000 defconfig
v7:
* improve the definition of FFA_SHARED_MM_BUFFER_ADDR and
FFA_SHARED_MM_BUFFER_OFFSET
* update FFA_SHARED_MM_BUFFER_ADDR value
v6:
* corstone-1000: enable optee driver
* corstone-1000: remove CONFIG_ARM_FFA_EFI_RUNTIME_MODE from the defconfig
v4:
* corstone-1000: turn on EFI MM communication
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
configs/corstone1000_defconfig | 2 ++
include/configs/corstone1000.h | 10 ++++++++++
2 files changed, 12 insertions(+)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index dddfa27507..d1dc06c86c 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -52,3 +52,5 @@ CONFIG_DM_SERIAL=y
CONFIG_USB=y
CONFIG_USB_ISP1760=y
CONFIG_ERRNO_STR=y
+CONFIG_EFI_MM_COMM_TEE=y
+CONFIG_ARM_FFA_TRANSPORT=y
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index 8e0230c135..b6226fa12a 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -14,6 +14,15 @@
#include <linux/sizes.h>
+#define FFA_SHARED_MM_BUFFER_SIZE SZ_4K /* 4 KB */
+
+/*
+ * shared buffer physical address used for communication between
+ * u-boot and the MM SP
+ */
+#define FFA_SHARED_MM_BUFFER_ADDR 0x02000000UL
+#define FFA_SHARED_MM_BUFFER_OFFSET 0
+
#define V2M_BASE 0x80000000
#define CONFIG_PL011_CLOCK 50000000
@@ -22,6 +31,7 @@
#define PHYS_SDRAM_1 (V2M_BASE)
#define PHYS_SDRAM_1_SIZE 0x80000000
+#define CFG_SYS_SDRAM_BASE PHYS_SDRAM_1
#define CONFIG_SYS_SDRAM_BASE PHYS_SDRAM_1
#define BOOT_TARGET_DEVICES(func) \
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0011-efi-corstone1000-introduce-EFI-capsule-update.patch
+366
View File
@@ -0,0 +1,366 @@
From b9c44c396f9ad9588184272cdc5ed98e19e82c0a Mon Sep 17 00:00:00 2001
From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Date: Tue, 29 Nov 2022 15:11:27 +0000
Subject: [PATCH 11/42] efi: corstone1000: introduce EFI capsule update
This commit provides capsule update feature for Corstone1000.
This feature is available before and after ExitBootServices().
A platform specific capsule buffer is allocated. This buffer
is physically contiguous and allocated at the start of the DDR
memory after u-boot relocation to the end of DDR.
The capsule buffer is shared between u-boot and the secure world.
On UpdateCapsule() , capsule data is copied to the buffer
and a buffer ready event is generated using FF-A transport.
On ExitBootServices() a kernel started event is sent to the
SE Proxy FW update service. This event is generated on each boot.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
board/armltd/corstone1000/corstone1000.c | 4 +
configs/corstone1000_defconfig | 3 +
include/configs/corstone1000.h | 18 ++++
include/efi_loader.h | 4 +-
lib/efi_loader/efi_boottime.c | 36 +++++++
lib/efi_loader/efi_capsule.c | 124 ++++++++++++++++++++++-
lib/efi_loader/efi_setup.c | 15 +++
7 files changed, 200 insertions(+), 4 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index 4f4b96a095..76816f8f4e 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -66,6 +66,10 @@ static struct mm_region corstone1000_mem_map[] = {
struct mm_region *mem_map = corstone1000_mem_map;
+void set_dfu_alt_info(char *interface, char *devstr)
+{
+}
+
int board_init(void)
{
return 0;
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index d1dc06c86c..06eac3e041 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -54,3 +54,6 @@ CONFIG_USB_ISP1760=y
CONFIG_ERRNO_STR=y
CONFIG_EFI_MM_COMM_TEE=y
CONFIG_ARM_FFA_TRANSPORT=y
+CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y
+CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y
+CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index b6226fa12a..cd30499e3c 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -14,6 +14,24 @@
#include <linux/sizes.h>
+/* The SE Proxy partition ID*/
+#define CORSTONE1000_SEPROXY_PART_ID (0x8002)
+
+/* Update service ID provided by the SE Proxy secure partition*/
+#define CORSTONE1000_SEPROXY_UPDATE_SVC_ID (0x4)
+
+/* Notification events used with SE Proxy update service */
+#define CORSTONE1000_BUFFER_READY_EVT (0x1)
+#define CORSTONE1000_KERNEL_STARTED_EVT (0x2)
+
+/* Size in 4KB pages of the EFI capsule buffer */
+#define CORSTONE1000_CAPSULE_BUFFER_SIZE (8192) /* 32 MB */
+
+/* Capsule GUID */
+#define EFI_CORSTONE1000_CAPSULE_ID_GUID \
+ EFI_GUID(0x3a770ddc, 0x409b, 0x48b2, 0x81, 0x41, \
+ 0x93, 0xb7, 0xc6, 0x0b, 0x20, 0x9e)
+
#define FFA_SHARED_MM_BUFFER_SIZE SZ_4K /* 4 KB */
/*
diff --git a/include/efi_loader.h b/include/efi_loader.h
index f9e427f090..26981141c2 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -1032,11 +1032,11 @@ extern const struct efi_firmware_management_protocol efi_fmp_fit;
extern const struct efi_firmware_management_protocol efi_fmp_raw;
/* Capsule update */
-efi_status_t EFIAPI efi_update_capsule(
+efi_status_t __efi_runtime EFIAPI efi_update_capsule(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 scatter_gather_list);
-efi_status_t EFIAPI efi_query_capsule_caps(
+efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 *maximum_capsule_size,
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index fea4eb7a34..faab74474d 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -2103,6 +2103,33 @@ static void efi_exit_caches(void)
#endif
}
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+/**
+ * efi_corstone1000_kernel_started_event - notifies SE Proxy FW update service
+ *
+ * This function notifies the SE Proxy update service that the kernel has already started
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ */
+static int efi_corstone1000_kernel_started_event(void)
+{
+ struct ffa_send_direct_data msg = {0};
+
+ log_debug("[%s]\n", __func__);
+
+ /*
+ * setting the kernel started event arguments
+ */
+ msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
+ msg.data2 = CORSTONE1000_KERNEL_STARTED_EVT; /* x5 */
+
+ return ffa_bus_ops_get()->sync_send_receive(CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
+}
+
+#endif
+
/**
* efi_exit_boot_services() - stop all boot services
* @image_handle: handle of the loaded image
@@ -2209,6 +2236,15 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
/* Recalculate CRC32 */
efi_update_table_header_crc32(&systab.hdr);
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ /* Notifying SE Proxy FW update service */
+ ffa_ret = efi_corstone1000_kernel_started_event();
+ if (ffa_ret)
+ debug("[efi_boottime][ERROR]: Failure to notify SE Proxy FW update service\n");
+ else
+ debug("[efi_boottime][INFO]: SE Proxy FW update service notified\n");
+#endif
+
/* Give the payload some time to boot */
efi_set_watchdog(0);
schedule();
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 0997cd248f..9e8ddaac7f 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -26,6 +26,14 @@
#include <crypto/pkcs7_parser.h>
#include <linux/err.h>
+#ifdef CONFIG_TARGET_CORSTONE1000
+#include <arm_ffa.h>
+#include <cpu_func.h>
+
+void *__efi_runtime_data corstone1000_capsule_buf; /* capsule shared buffer virtual address */
+efi_guid_t corstone1000_capsule_guid = EFI_CORSTONE1000_CAPSULE_ID_GUID;
+#endif
+
DECLARE_GLOBAL_DATA_PTR;
const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
@@ -696,6 +704,78 @@ static efi_status_t efi_capsule_update_firmware(
}
#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+
+/**
+ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
+ * @capsule_image_size: The capsule data (header + payload)
+ *
+ * This function allocates the physically contiguous buffer shared between u-boot
+ * and the secure world. On UpdateCapsule() capsule data is copied to the buffer
+ * and a door bell event is generated.
+ * The buffer is allocated at the start of the DDR memory after u-boot has been relocated
+ * to the end of DDR.
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ */
+efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void)
+{
+ efi_status_t efi_ret;
+ u64 ram_base = CFG_SYS_SDRAM_BASE;
+
+ log_debug("[%s]\n", __func__);
+
+ efi_ret = efi_allocate_pages(EFI_ALLOCATE_ADDRESS,
+ EFI_RUNTIME_SERVICES_DATA,
+ CORSTONE1000_CAPSULE_BUFFER_SIZE,
+ &ram_base);
+
+ if (efi_ret != EFI_SUCCESS) {
+ corstone1000_capsule_buf = NULL;
+ log_err("EFI: Corstone1000: Allocating capsule shared buffer error (%d)\n"
+ , (int)efi_ret);
+ return efi_ret;
+ }
+
+ log_info("EFI: Corstone1000: Capsule shared buffer at 0x%x , size %d pages\n"
+ , (unsigned int)ram_base,
+ CORSTONE1000_CAPSULE_BUFFER_SIZE);
+
+ corstone1000_capsule_buf = (void *)map_sysmem((phys_addr_t)ram_base, 0);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * efi_corstone1000_buffer_ready_event - issue door bell event
+ * @capsule_image_size: The capsule data (header + payload)
+ *
+ * This function notifies the SE Proxy update service that capsule data is available
+ * in the capsule shared buffer.
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ */
+static int __efi_runtime efi_corstone1000_buffer_ready_event(u32 capsule_image_size)
+{
+ struct ffa_send_direct_data msg = {0};
+
+ log_debug("[%s]\n", __func__);
+
+ /*
+ * setting the buffer ready event arguments
+ */
+ msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
+ msg.data1 = capsule_image_size; /* x4 */
+ msg.data2 = CORSTONE1000_BUFFER_READY_EVT; /* x5 */
+
+ return ffa_bus_ops_get()->sync_send_receive(NULL, CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
+}
+#endif
+
/**
* efi_update_capsule() - process information from operating system
* @capsule_header_array: Array of virtual address pointers
@@ -709,7 +789,7 @@ static efi_status_t efi_capsule_update_firmware(
*
* Return: status code
*/
-efi_status_t EFIAPI efi_update_capsule(
+efi_status_t __efi_runtime EFIAPI efi_update_capsule(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 scatter_gather_list)
@@ -726,6 +806,13 @@ efi_status_t EFIAPI efi_update_capsule(
goto out;
}
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ if (capsule_count != 1 || !corstone1000_capsule_buf) {
+ ret = EFI_INVALID_PARAMETER;
+ goto out;
+ }
+#endif
+
ret = EFI_SUCCESS;
for (i = 0, capsule = *capsule_header_array; i < capsule_count;
i++, capsule = *(++capsule_header_array)) {
@@ -738,6 +825,39 @@ efi_status_t EFIAPI efi_update_capsule(
log_debug("Capsule[%d] (guid:%pUs)\n",
i, &capsule->capsule_guid);
+
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ if (guidcmp(&corstone1000_capsule_guid, &capsule->capsule_guid)) {
+ ret = EFI_INVALID_PARAMETER;
+ log_err("Corstone1000: Invalid capsule GUID\n");
+ goto out;
+ }
+
+ if (efi_size_in_pages(capsule->capsule_image_size) >
+ CORSTONE1000_CAPSULE_BUFFER_SIZE) {
+ log_err("Corstone1000: Capsule data size exceeds the shared buffer size\n");
+ ret = EFI_BUFFER_TOO_SMALL;
+ goto out;
+ }
+
+ /* copy the data to the contiguous buffer */
+ efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size);
+
+ /* invalidate the data cache */
+ invalidate_dcache_all();
+
+ /* issue buffer ready event */
+ ret = efi_corstone1000_buffer_ready_event(capsule->capsule_image_size);
+ if (ret) {
+ log_err("EFI: Corstone1000: Buffer ready event error (%d)\n", (int)ret);
+ ret = EFI_DEVICE_ERROR;
+ } else {
+ ret = EFI_SUCCESS;
+ }
+
+ goto out;
+#endif
+
if (!guidcmp(&capsule->capsule_guid,
&efi_guid_firmware_management_capsule_id)) {
ret = efi_capsule_update_firmware(capsule);
@@ -776,7 +896,7 @@ out:
*
* Return: status code
*/
-efi_status_t EFIAPI efi_query_capsule_caps(
+efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
struct efi_capsule_header **capsule_header_array,
efi_uintn_t capsule_count,
u64 *maximum_capsule_size,
diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 5437641135..1ad2fa52d7 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -16,6 +16,13 @@
efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED;
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+/**
+ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
+ */
+extern efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void);
+#endif
+
/*
* Allow unaligned memory access.
*
@@ -128,6 +135,14 @@ static efi_status_t efi_init_capsule(void)
{
efi_status_t ret = EFI_SUCCESS;
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ ret = efi_corstone1000_alloc_capsule_shared_buf();
+ if (ret != EFI_SUCCESS) {
+ printf("EFI: Corstone-1000: cannot allocate caspsule shared buffer\n");
+ return ret;
+ }
+#endif
+
if (IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_UPDATE)) {
ret = efi_set_variable_int(u"CapsuleMax",
&efi_guid_capsule_report,
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0012-arm-corstone1000-fix-unrecognized-filesystem-type.patch
+31
View File
@@ -0,0 +1,31 @@
From ac738fa33edec9ff712dee6d10491cb2eb7cfe3a Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Fri, 4 Mar 2022 15:56:09 +0000
Subject: [PATCH 12/42] arm: corstone1000: fix unrecognized filesystem type
Some usb sticks are not recognized by usb, just add a
delay before checking status.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
common/usb_storage.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/common/usb_storage.c b/common/usb_storage.c
index ac64275773..1d2680c3cd 100644
--- a/common/usb_storage.c
+++ b/common/usb_storage.c
@@ -785,6 +785,9 @@ static int usb_stor_BBB_transport(struct scsi_cmd *srb, struct us_data *us)
st:
retry = 0;
again:
+ if (srb->cmd[0] == SCSI_TST_U_RDY)
+ mdelay(100);
+
debug("STATUS phase\n");
result = usb_bulk_msg(us->pusb_dev, pipein, csw, UMASS_BBB_CSW_SIZE,
&actlen, USB_CNTL_TIMEOUT*5);
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0013-efi_capsule-corstone1000-pass-interface-id-and-buffe.patch
+74
View File
@@ -0,0 +1,74 @@
From baa961b6050508710e1c6b572f2e93ac5c488201 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 10 Dec 2021 20:03:35 +0000
Subject: [PATCH 13/42] efi_capsule: corstone1000: pass interface id and buffer
event id using register w4
Initially the interface/event IDs are passed to the SP using register
w3 and w5.
Now the SE proxy SP requires this arguments to be in register w4.
This change is to pass interface ID(31:16) and event ID(15:0)
to SE proxy SP to trigger an event to secure enclave about
firmware update.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
include/configs/corstone1000.h | 6 ++++++
lib/efi_loader/efi_capsule.c | 11 +++++++----
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index cd30499e3c..e4c7bcb96f 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -24,6 +24,12 @@
#define CORSTONE1000_BUFFER_READY_EVT (0x1)
#define CORSTONE1000_KERNEL_STARTED_EVT (0x2)
+#define PREP_SEPROXY_SVC_ID_MASK GENMASK(31, 16)
+#define PREP_SEPROXY_SVC_ID(x) (FIELD_PREP(PREP_SEPROXY_SVC_ID_MASK, (x)))
+
+#define PREP_SEPROXY_EVT_MASK GENMASK(15, 0)
+#define PREP_SEPROXY_EVT(x) (FIELD_PREP(PREP_SEPROXY_EVT_MASK, (x)))
+
/* Size in 4KB pages of the EFI capsule buffer */
#define CORSTONE1000_CAPSULE_BUFFER_SIZE (8192) /* 32 MB */
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 9e8ddaac7f..bd4cc8d272 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -29,6 +29,8 @@
#ifdef CONFIG_TARGET_CORSTONE1000
#include <arm_ffa.h>
#include <cpu_func.h>
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
void *__efi_runtime_data corstone1000_capsule_buf; /* capsule shared buffer virtual address */
efi_guid_t corstone1000_capsule_guid = EFI_CORSTONE1000_CAPSULE_ID_GUID;
@@ -766,11 +768,12 @@ static int __efi_runtime efi_corstone1000_buffer_ready_event(u32 capsule_image_s
log_debug("[%s]\n", __func__);
/*
- * setting the buffer ready event arguments
+ * setting the buffer ready event arguments in register w4:
+ * - capsule update interface ID (31:16)
+ * - the buffer ready event ID (15:0)
*/
- msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
- msg.data1 = capsule_image_size; /* x4 */
- msg.data2 = CORSTONE1000_BUFFER_READY_EVT; /* x5 */
+ msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
+ PREP_SEPROXY_EVT(CORSTONE1000_BUFFER_READY_EVT); /* w4 */
return ffa_bus_ops_get()->sync_send_receive(NULL, CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
}
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0014-efi_boottime-corstone1000-pass-interface-id-and-kern.patch
+58
View File
@@ -0,0 +1,58 @@
From d761d59dd251ae93980f659d253576fc872f2c5f Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 10 Dec 2021 20:10:41 +0000
Subject: [PATCH 14/42] efi_boottime: corstone1000: pass interface id and
kernel event id using register w4
Initially the interface/event IDs are passed to the SP using register
w3 and w5.
Now the SE proxy SP requires this arguments to be in register w4.
This change is to pass interface ID(31:16) and kernel started
event ID(15:0) to SE proxy SP to trigger an event to
secure enclave just before ExitbootService().
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_boottime.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index faab74474d..36a0be7ba1 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -30,6 +30,11 @@
#include <arm_ffa.h>
#endif
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
+#endif
+
DECLARE_GLOBAL_DATA_PTR;
/* Task priority level */
@@ -2120,10 +2125,12 @@ static int efi_corstone1000_kernel_started_event(void)
log_debug("[%s]\n", __func__);
/*
- * setting the kernel started event arguments
+ * setting the kernel started event arguments:
+ * setting capsule update interface ID(31:16)
+ * the kernel started event ID(15:0)
*/
- msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
- msg.data2 = CORSTONE1000_KERNEL_STARTED_EVT; /* x5 */
+ msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
+ PREP_SEPROXY_EVT(CORSTONE1000_KERNEL_STARTED_EVT); /* w4 */
return ffa_bus_ops_get()->sync_send_receive(CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
}
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-efi_loader-corstone1000-remove-guid-check-from-corst.patch
+53
View File
@@ -0,0 +1,53 @@
From 5e09d349ec8af6585bce777acbfd2d218fc2e8d4 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Sat, 11 Dec 2021 13:23:55 +0000
Subject: [PATCH 15/42] efi_loader: corstone1000: remove guid check from
corstone1000 config option
Use generic fmp guid and no separte check is required for
CORSTONE1000 target.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_capsule.c | 16 +---------------
1 file changed, 1 insertion(+), 15 deletions(-)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index bd4cc8d272..ef7b358ddb 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -830,12 +830,6 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
i, &capsule->capsule_guid);
#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
- if (guidcmp(&corstone1000_capsule_guid, &capsule->capsule_guid)) {
- ret = EFI_INVALID_PARAMETER;
- log_err("Corstone1000: Invalid capsule GUID\n");
- goto out;
- }
-
if (efi_size_in_pages(capsule->capsule_image_size) >
CORSTONE1000_CAPSULE_BUFFER_SIZE) {
log_err("Corstone1000: Capsule data size exceeds the shared buffer size\n");
@@ -861,15 +855,7 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
goto out;
#endif
- if (!guidcmp(&capsule->capsule_guid,
- &efi_guid_firmware_management_capsule_id)) {
- ret = efi_capsule_update_firmware(capsule);
- } else {
- log_err("Unsupported capsule type: %pUs\n",
- &capsule->capsule_guid);
- ret = EFI_UNSUPPORTED;
- }
-
+ ret = efi_capsule_update_firmware(capsule);
if (ret != EFI_SUCCESS)
goto out;
}
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi_loader-populate-ESRT-table-if-EFI_ESRT-config-op.patch
+37
View File
@@ -0,0 +1,37 @@
From e3ccad1cf9e905ec15ff772dcf53972fafcf54ee Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 17 Dec 2021 19:49:02 +0000
Subject: [PATCH 16/42] efi_loader: populate ESRT table if EFI_ESRT config
option is set
This change is to call efi_esrt_populate function if CONFIG_EFI_ESRT
is set. This will populte esrt table with firmware image info
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_capsule.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index ef7b358ddb..8eb8fc406a 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -852,6 +852,13 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
ret = EFI_SUCCESS;
}
+ if (IS_ENABLED(CONFIG_EFI_ESRT)) {
+ /* Rebuild the ESRT to reflect any updated FW images. */
+ ret = efi_esrt_populate();
+ if (ret != EFI_SUCCESS)
+ log_warning("EFI Capsule: failed to update ESRT\n");
+ }
+
goto out;
#endif
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-efi_firmware-add-get_image_info-for-corstone1000.patch
+123
View File
@@ -0,0 +1,123 @@
From d8f79ab37bae283599e40018055ff9d5648fb647 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 17 Dec 2021 19:50:25 +0000
Subject: [PATCH 17/42] efi_firmware: add get_image_info for corstone1000
This change is to populate get_image_info which eventually
will be populated in ESRT table
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_firmware.c | 72 ++++++++++++++++++++++++++++++++++-
1 file changed, 71 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 93e2b01c07..0a38a96351 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -18,11 +18,69 @@
#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \
+ EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \
+ 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f)
+
+ const efi_guid_t efi_firmware_image_type_uboot_raw =
+ EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
+
+static efi_status_t efi_corstone1000_img_info_get (
+ efi_uintn_t *image_info_size,
+ struct efi_firmware_image_descriptor *image_info,
+ u32 *descriptor_version,
+ u8 *descriptor_count,
+ efi_uintn_t *descriptor_size,
+ u32 *package_version,
+ u16 **package_version_name,
+ const efi_guid_t *image_type)
+{
+ int i = 0;
+
+ *image_info_size = sizeof(*image_info);
+ *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
+ *descriptor_count = 1;//dfu_num;
+ *descriptor_size = sizeof(*image_info);
+ if (package_version)
+ *package_version = 0xffffffff; /* not supported */
+ if(package_version_name)
+ *package_version_name = NULL; /* not supported */
+
+ if(image_info == NULL) {
+ log_warning("image_info is null\n");
+ return EFI_BUFFER_TOO_SMALL;
+ }
+
+ image_info[i].image_index = i;
+ image_info[i].image_type_id = *image_type;
+ image_info[i].image_id = 0;
+ image_info[i].image_id_name = "wic";
+ image_info[i].version = 1;
+ image_info[i].version_name = NULL;
+ image_info[i].size = 0x1000;
+ image_info[i].attributes_supported = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
+ image_info[i].attributes_setting = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
+ /* Check if the capsule authentication is enabled */
+ if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE))
+ image_info[0].attributes_setting |=
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
+ image_info[i].lowest_supported_image_version = 0;
+ image_info[i].last_attempt_version = 0;
+ image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS;
+ image_info[i].hardware_instance = 1;
+ image_info[i].dependencies = NULL;
+
+ return EFI_SUCCESS;
+}
+#endif
+
/**
* struct fmp_payload_header - EDK2 header for the FMP payload
*
* This structure describes the header which is preprended to the
- * FMP payload by the edk2 capsule generation scripts.
+ * FMP payload by the edk1 capsule generation scripts.
*
* @signature: Header signature used to identify the header
* @header_size: Size of the structure
@@ -286,10 +344,18 @@ efi_status_t EFIAPI efi_firmware_get_image_info(
!descriptor_size || !package_version || !package_version_name))
return EFI_EXIT(EFI_INVALID_PARAMETER);
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ ret = efi_corstone1000_img_info_get(image_info_size, image_info,
+ descriptor_version, descriptor_count,
+ descriptor_size,
+ package_version, package_version_name,
+ &efi_firmware_image_type_uboot_raw);
+#else
ret = efi_fill_image_desc_array(image_info_size, image_info,
descriptor_version, descriptor_count,
descriptor_size, package_version,
package_version_name);
+#endif
return EFI_EXIT(ret);
}
@@ -415,6 +481,10 @@ efi_status_t EFIAPI efi_firmware_raw_set_image(
}
}
+#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
+ return EFI_EXIT(EFI_SUCCESS);
+#endif
+
if (dfu_write_by_alt(image_index - 1, (void *)image, image_size,
NULL, NULL))
return EFI_EXIT(EFI_DEVICE_ERROR);
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0018-efi_loader-send-bootcomplete-message-to-secure-encla.patch
+183
View File
@@ -0,0 +1,183 @@
From a6fee840a411a6a7b6c276d0a7b1d5445039e6c2 Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Mon, 15 Aug 2022 15:46:18 +0100
Subject: [PATCH 18/42] efi_loader: send bootcomplete message to secure enclave
On corstone1000 platform, Secure Enclave will be expecting
an event from uboot when it performs capsule update. Previously,
an event is sent at exitbootservice level. This will create a problem
when user wants to interrupt at UEFI shell, hence, it is required
to send an uboot efi initialized event at efi sub-system initialization
stage.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
---
include/configs/corstone1000.h | 2 +-
lib/efi_loader/efi_boottime.c | 43 ----------------------------------
lib/efi_loader/efi_firmware.c | 2 +-
lib/efi_loader/efi_setup.c | 39 ++++++++++++++++++++++++++++++
4 files changed, 41 insertions(+), 45 deletions(-)
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index e4c7bcb96f..be13b98d48 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -22,7 +22,7 @@
/* Notification events used with SE Proxy update service */
#define CORSTONE1000_BUFFER_READY_EVT (0x1)
-#define CORSTONE1000_KERNEL_STARTED_EVT (0x2)
+#define CORSTONE1000_UBOOT_EFI_STARTED_EVT (0x2)
#define PREP_SEPROXY_SVC_ID_MASK GENMASK(31, 16)
#define PREP_SEPROXY_SVC_ID(x) (FIELD_PREP(PREP_SEPROXY_SVC_ID_MASK, (x)))
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 36a0be7ba1..fea4eb7a34 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -30,11 +30,6 @@
#include <arm_ffa.h>
#endif
-#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
-#include <linux/bitfield.h>
-#include <linux/bitops.h>
-#endif
-
DECLARE_GLOBAL_DATA_PTR;
/* Task priority level */
@@ -2108,35 +2103,6 @@ static void efi_exit_caches(void)
#endif
}
-#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
-/**
- * efi_corstone1000_kernel_started_event - notifies SE Proxy FW update service
- *
- * This function notifies the SE Proxy update service that the kernel has already started
- *
- * Return:
- *
- * 0: on success, otherwise failure
- */
-static int efi_corstone1000_kernel_started_event(void)
-{
- struct ffa_send_direct_data msg = {0};
-
- log_debug("[%s]\n", __func__);
-
- /*
- * setting the kernel started event arguments:
- * setting capsule update interface ID(31:16)
- * the kernel started event ID(15:0)
- */
- msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
- PREP_SEPROXY_EVT(CORSTONE1000_KERNEL_STARTED_EVT); /* w4 */
-
- return ffa_bus_ops_get()->sync_send_receive(CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
-}
-
-#endif
-
/**
* efi_exit_boot_services() - stop all boot services
* @image_handle: handle of the loaded image
@@ -2243,15 +2209,6 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
/* Recalculate CRC32 */
efi_update_table_header_crc32(&systab.hdr);
-#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
- /* Notifying SE Proxy FW update service */
- ffa_ret = efi_corstone1000_kernel_started_event();
- if (ffa_ret)
- debug("[efi_boottime][ERROR]: Failure to notify SE Proxy FW update service\n");
- else
- debug("[efi_boottime][INFO]: SE Proxy FW update service notified\n");
-#endif
-
/* Give the payload some time to boot */
efi_set_watchdog(0);
schedule();
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 0a38a96351..70568f2290 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -48,7 +48,7 @@ static efi_status_t efi_corstone1000_img_info_get (
*package_version_name = NULL; /* not supported */
if(image_info == NULL) {
- log_warning("image_info is null\n");
+ log_info("image_info is null\n");
return EFI_BUFFER_TOO_SMALL;
}
diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 1ad2fa52d7..89f988b09c 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -17,6 +17,9 @@
efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED;
#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+#include <linux/bitfield.h>
+#include <linux/bitops.h>
+#include <arm_ffa.h>
/**
* efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
*/
@@ -126,6 +129,34 @@ static efi_status_t efi_init_secure_boot(void)
}
#endif /* CONFIG_EFI_SECURE_BOOT */
+#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+/**
+ * efi_corstone1000_uboot-efi_started_event - notifies SE Proxy FW update service
+ *
+ * This function notifies the SE Proxy update service that uboot efi has already started
+ *
+ * Return:
+ *
+ * 0: on success, otherwise failure
+ * */
+static int efi_corstone1000_uboot_efi_started_event(void)
+{
+ struct ffa_send_direct_data msg = {0};
+
+ log_debug("[%s]\n", __func__);
+
+ /*
+ * setting the kernel started event arguments:
+ * setting capsule update interface ID(31:16)
+ * the kernel started event ID(15:0)
+ */
+ msg.data1 = PREP_SEPROXY_SVC_ID(CORSTONE1000_SEPROXY_UPDATE_SVC_ID) |
+ PREP_SEPROXY_EVT(CORSTONE1000_UBOOT_EFI_STARTED_EVT); /* w4 */
+
+ return ffa_bus_ops_get()->sync_send_receive(NULL, CORSTONE1000_SEPROXY_PART_ID, &msg, 0);
+}
+#endif
+
/**
* efi_init_capsule - initialize capsule update state
*
@@ -136,6 +167,14 @@ static efi_status_t efi_init_capsule(void)
efi_status_t ret = EFI_SUCCESS;
#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
+ int ffa_ret;
+
+ ffa_ret = efi_corstone1000_uboot_efi_started_event();
+ if (ffa_ret)
+ debug("[efi_boottime][ERROR]: Failure to notify SE Proxy FW update service\n");
+ else
+ debug("[efi_boottime][INFO]: SE Proxy FW update service notified\n");
+
ret = efi_corstone1000_alloc_capsule_shared_buf();
if (ret != EFI_SUCCESS) {
printf("EFI: Corstone-1000: cannot allocate caspsule shared buffer\n");
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0019-efi_loader-fix-null-pointer-exception-with-get_image.patch
+63
View File
@@ -0,0 +1,63 @@
From 3d28467e447f12c5aa276827aa742e7eed1d577a Mon Sep 17 00:00:00 2001
From: Vishnu Banavath <vishnu.banavath@arm.com>
Date: Fri, 14 Jan 2022 15:24:18 +0000
Subject: [PATCH 19/42] efi_loader: fix null pointer exception with
get_image_info
get_img_info API implemented for corstone1000 target does not
check the input attributes and as a result uboot crash's with
null pointer access. This change is to fix the null pointer
exception.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
lib/efi_loader/efi_firmware.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 70568f2290..c883e2ff0a 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -39,26 +39,29 @@ static efi_status_t efi_corstone1000_img_info_get (
int i = 0;
*image_info_size = sizeof(*image_info);
- *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
- *descriptor_count = 1;//dfu_num;
- *descriptor_size = sizeof(*image_info);
+ if(descriptor_version)
+ *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
+ if(descriptor_count)
+ *descriptor_count = 1;
+ if(descriptor_size)
+ *descriptor_size = sizeof(*image_info);
if (package_version)
*package_version = 0xffffffff; /* not supported */
if(package_version_name)
*package_version_name = NULL; /* not supported */
if(image_info == NULL) {
- log_info("image_info is null\n");
+ log_debug("image_info is null\n");
return EFI_BUFFER_TOO_SMALL;
}
- image_info[i].image_index = i;
+ image_info[i].image_index = 1;
image_info[i].image_type_id = *image_type;
image_info[i].image_id = 0;
- image_info[i].image_id_name = "wic";
- image_info[i].version = 1;
+ image_info[i].image_id_name = L"wic image";
+ image_info[i].version = 0;
image_info[i].version_name = NULL;
- image_info[i].size = 0x1000;
+ image_info[i].size = 0;
image_info[i].attributes_supported = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
image_info[i].attributes_setting = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0020-arm-corstone1000-add-mmc-for-fvp.patch
+99
View File
@@ -0,0 +1,99 @@
From d6c183a99a7d232ef5dbf886c49e7fb75b50ecf9 Mon Sep 17 00:00:00 2001
From: Rui Miguel Silva <rui.silva@linaro.org>
Date: Wed, 30 Nov 2022 15:37:22 +0000
Subject: [PATCH 20/42] arm:corstone1000: add mmc for fvp
Enable support mmc/sdcard for the corstone1000 FVP.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Upstream-Status: Pending [Not submitted to upstream yet]
---
board/armltd/corstone1000/corstone1000.c | 28 +++++++++++++++++++-----
configs/corstone1000_defconfig | 8 ++++++-
include/configs/corstone1000.h | 4 +++-
3 files changed, 32 insertions(+), 8 deletions(-)
diff --git a/board/armltd/corstone1000/corstone1000.c b/board/armltd/corstone1000/corstone1000.c
index 76816f8f4e..d6ca6e8961 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -38,19 +38,35 @@ static struct mm_region corstone1000_mem_map[] = {
}, {
/* USB */
.virt = 0x40200000UL,
- .phys = 0x40200000UL,
+ .phys = 0x40200000UL,
+ .size = 0x00100000UL,
+ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ }, {
+ /* MMC0 */
+ .virt = 0x40300000UL,
+ .phys = 0x40300000UL,
.size = 0x00100000UL,
.attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
- PTE_BLOCK_NON_SHARE |
- PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
}, {
/* ethernet */
.virt = 0x40100000UL,
- .phys = 0x40100000UL,
+ .phys = 0x40100000UL,
+ .size = 0x00100000UL,
+ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ }, {
+ /* MMC1 */
+ .virt = 0x50000000UL,
+ .phys = 0x50000000UL,
.size = 0x00100000UL,
.attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) |
- PTE_BLOCK_NON_SHARE |
- PTE_BLOCK_PXN | PTE_BLOCK_UXN
+ PTE_BLOCK_NON_SHARE |
+ PTE_BLOCK_PXN | PTE_BLOCK_UXN
}, {
/* OCVM */
.virt = 0x80000000UL,
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index 06eac3e041..f7c276a10a 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -40,7 +40,13 @@ CONFIG_VERSION_VARIABLE=y
CONFIG_NET_RANDOM_ETHADDR=y
CONFIG_REGMAP=y
CONFIG_MISC=y
-# CONFIG_MMC is not set
+CONFIG_CLK=y
+CONFIG_CMD_MMC=y
+CONFIG_DM_MMC=y
+CONFIG_ARM_PL180_MMCI=y
+CONFIG_MMC_SDHCI_ADMA_HELPERS=y
+CONFIG_MMC_WRITE=y
+CONFIG_DM_GPIO=y
CONFIG_PHYLIB=y
CONFIG_PHY_SMSC=y
CONFIG_SMC911X=y
diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
index be13b98d48..a015a1630e 100644
--- a/include/configs/corstone1000.h
+++ b/include/configs/corstone1000.h
@@ -59,7 +59,9 @@
#define CONFIG_SYS_SDRAM_BASE PHYS_SDRAM_1
#define BOOT_TARGET_DEVICES(func) \
- func(USB, usb, 0)
+ func(USB, usb, 0) \
+ func(MMC, mmc, 0) \
+ func(MMC, mmc, 1)
#include <config_distro_bootcmd.h>
--
2.25.1
meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0021-corstone1000-add-compressed-kernel-support.patch
+34
View File
@@ -0,0 +1,34 @@
From 155f20028ad5f3ba5d2362ec48abb7804eaade00 Mon Sep 17 00:00:00 2001
From: Jon Mason <jon.mason@arm.com>
Date: Wed, 30 Nov 2022 18:59:59 +0000
Subject: [PATCH 21/42] corstone1000: add compressed kernel support
The corstone1000 kernel has become too large to fit in the available
storage. Swtiching to a compressed kernel avoids the problem, but
requires uncompressing it. Add this decompression to the default boot
instructions.
Signed-off-by: Jon Mason <jon.mason@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
---
configs/corstone1000_defconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
index f7c276a10a..1179bf5f3b 100644
--- a/configs/corstone1000_defconfig
+++ b/configs/corstone1000_defconfig
@@ -15,7 +15,7 @@ CONFIG_FIT=y
CONFIG_BOOTDELAY=3
CONFIG_USE_BOOTARGS=y
CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk"
-CONFIG_BOOTCOMMAND="run retrieve_kernel_load_addr; echo Loading kernel from $kernel_addr to memory ... ; loadm $kernel_addr $kernel_addr_r 0xc00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
+CONFIG_BOOTCOMMAND="run retrieve_kernel_load_addr; echo Loading kernel from $kernel_addr to memory ... ; unzip $kernel_addr 0x90000000; loadm 0x90000000 $kernel_addr_r 0xf00000; usb start; usb reset; run distro_bootcmd; bootefi $kernel_addr_r $fdtcontroladdr;"
CONFIG_CONSOLE_RECORD=y
CONFIG_LOGLEVEL=7
# CONFIG_DISPLAY_CPUINFO is not set
--
2.25.1

Some files were not shown because too many files have changed in this diff Show More