new file mode 100644
@@ -0,0 +1,67 @@
+From e1cbb35ad4655fe13ccb89247c81e850f6392c92 Mon Sep 17 00:00:00 2001
+From: Gyorgy Szing <Gyorgy.Szing@arm.com>
+Date: Mon, 13 Mar 2023 21:15:59 +0100
+Subject: Add spmc_manifest for qemu
+
+This version only supports embedded packaging.
+
+Upstream-Status: Inappropriate [other]
+ - The SPMC manifest is integration specific and should live at an
+ integration spcific place. The manifest file is processed by TF-A
+ and I am adding the patch to TF-A to keep things simple.
+
+Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
+---
+ plat/qemu/fdts/optee_spmc_manifest.dts | 40 ++++++++++++++++++++++++++
+ 1 file changed, 40 insertions(+)
+ create mode 100644 plat/qemu/fdts/optee_spmc_manifest.dts
+
+diff --git a/plat/qemu/fdts/optee_spmc_manifest.dts b/plat/qemu/fdts/optee_spmc_manifest.dts
+new file mode 100644
+index 000000000..ae2ae3d95
+--- /dev/null
++++ b/plat/qemu/fdts/optee_spmc_manifest.dts
+@@ -0,0 +1,40 @@
++/* SPDX-License-Identifier: BSD-3-Clause */
++/*
++ * Copyright (c) 2023, Arm Limited. All rights reserved.
++ */
++
++/dts-v1/;
++
++/ {
++ compatible = "arm,ffa-core-manifest-1.0";
++ #address-cells = <2>;
++ #size-cells = <1>;
++
++ attribute {
++ spmc_id = <0x8000>;
++ maj_ver = <0x1>;
++ min_ver = <0x0>;
++ exec_state = <0x0>;
++ load_address = <0x0 0x0e100000>;
++ entrypoint = <0x0 0x0e100000>;
++ binary_size = <0x80000>;
++ };
++
++/*
++ * This file will be preprocessed by TF-A's build system. If Measured Boot is
++ * enabled in TF-A's config, the build system will add the MEASURED_BOOT=1 macro
++ * to the preprocessor arguments.
++ */
++#if MEASURED_BOOT
++ tpm_event_log {
++ compatible = "arm,tpm_event_log";
++ tpm_event_log_addr = <0x0 0x0>;
++ tpm_event_log_size = <0x0>;
++ };
++#endif
++
++/* If the ARM_BL2_SP_LIST_DTS is defined, SPs should be loaded from FIP */
++#ifdef ARM_BL2_SP_LIST_DTS
++ #error "FIP SP load addresses configuration is missing.
++#endif
++};
+--
+2.39.1.windows.1
+
new file mode 100644
@@ -0,0 +1,263 @@
+From d215b0c08e51192baab96d75beaeacf3abf8724e Mon Sep 17 00:00:00 2001
+From: Jens Wiklander <jens.wiklander@linaro.org>
+Date: Fri, 18 Nov 2022 15:40:04 +0100
+Subject: feat(qemu): update abi between spmd and spmc
+
+Updates the ABI between SPMD and the SPMC at S-EL1 so that the hard
+coded SPMC manifest can be replaced by a proper manifest via TOS FW
+Config. TOS FW Config is provided via QEMU_TOS_FW_CONFIG_DTS as a DTS
+file when building. The DTS is turned into a DTB which is added to the
+FIP.
+
+Note that this is an incompatible change and requires corresponding
+change in OP-TEE ("core: sel1 spmc: boot abi update").
+
+Upstream-Status: Accepted
+
+Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
+Change-Id: Ibabe78ef50a24f775492854ce5ac54e4d471e369
+---
+ plat/qemu/common/qemu_bl2_mem_params_desc.c | 18 +++++++++++-
+ plat/qemu/common/qemu_bl2_setup.c | 32 +++++++++++++--------
+ plat/qemu/common/qemu_io_storage.c | 16 ++++++++++-
+ plat/qemu/common/qemu_spmd_manifest.c | 31 --------------------
+ plat/qemu/qemu/include/platform_def.h | 3 ++
+ plat/qemu/qemu/platform.mk | 12 +++++++-
+ 6 files changed, 66 insertions(+), 46 deletions(-)
+ delete mode 100644 plat/qemu/common/qemu_spmd_manifest.c
+
+diff --git a/plat/qemu/common/qemu_bl2_mem_params_desc.c b/plat/qemu/common/qemu_bl2_mem_params_desc.c
+index 5af3a2264..8d8047c92 100644
+--- a/plat/qemu/common/qemu_bl2_mem_params_desc.c
++++ b/plat/qemu/common/qemu_bl2_mem_params_desc.c
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
++ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+@@ -122,6 +122,22 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
+ #endif
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
++
++#if defined(SPD_spmd)
++ /* Fill TOS_FW_CONFIG related information */
++ {
++ .image_id = TOS_FW_CONFIG_ID,
++ SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
++ VERSION_2, entry_point_info_t, SECURE | NON_EXECUTABLE),
++ SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
++ VERSION_2, image_info_t, 0),
++ .image_info.image_base = TOS_FW_CONFIG_BASE,
++ .image_info.image_max_size = TOS_FW_CONFIG_LIMIT -
++ TOS_FW_CONFIG_BASE,
++ .next_handoff_image_id = INVALID_IMAGE_ID,
++ },
++#endif
++
+ # endif /* QEMU_LOAD_BL32 */
+
+ /* Fill BL33 related information */
+diff --git a/plat/qemu/common/qemu_bl2_setup.c b/plat/qemu/common/qemu_bl2_setup.c
+index 2c0da15b9..6afa3a44d 100644
+--- a/plat/qemu/common/qemu_bl2_setup.c
++++ b/plat/qemu/common/qemu_bl2_setup.c
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
++ * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+@@ -149,8 +149,7 @@ static int qemu_bl2_handle_post_image_load(unsigned int image_id)
+ bl_mem_params_node_t *paged_mem_params = NULL;
+ #endif
+ #if defined(SPD_spmd)
+- unsigned int mode_rw = MODE_RW_64;
+- uint64_t pagable_part = 0;
++ bl_mem_params_node_t *bl32_mem_params = NULL;
+ #endif
+
+ assert(bl_mem_params);
+@@ -170,17 +169,18 @@ static int qemu_bl2_handle_post_image_load(unsigned int image_id)
+ if (err != 0) {
+ WARN("OPTEE header parse error.\n");
+ }
+-#if defined(SPD_spmd)
+- mode_rw = bl_mem_params->ep_info.args.arg0;
+- pagable_part = bl_mem_params->ep_info.args.arg1;
+-#endif
+ #endif
+
+-#if defined(SPD_spmd)
+- bl_mem_params->ep_info.args.arg0 = ARM_PRELOADED_DTB_BASE;
+- bl_mem_params->ep_info.args.arg1 = pagable_part;
+- bl_mem_params->ep_info.args.arg2 = mode_rw;
+- bl_mem_params->ep_info.args.arg3 = 0;
++#if defined(SPMC_OPTEE)
++ /*
++ * Explicit zeroes to unused registers since they may have
++ * been populated by parse_optee_header() above.
++ *
++ * OP-TEE expects system DTB in x2 and TOS_FW_CONFIG in x0,
++ * the latter is filled in below for TOS_FW_CONFIG_ID and
++ * applies to any other SPMC too.
++ */
++ bl_mem_params->ep_info.args.arg2 = ARM_PRELOADED_DTB_BASE;
+ #elif defined(SPD_opteed)
+ /*
+ * OP-TEE expect to receive DTB address in x2.
+@@ -224,6 +224,14 @@ static int qemu_bl2_handle_post_image_load(unsigned int image_id)
+
+ bl_mem_params->ep_info.spsr = qemu_get_spsr_for_bl33_entry();
+ break;
++#if defined(SPD_spmd)
++ case TOS_FW_CONFIG_ID:
++ /* An SPMC expects TOS_FW_CONFIG in x0/r0 */
++ bl32_mem_params = get_bl_mem_params_node(BL32_IMAGE_ID);
++ bl32_mem_params->ep_info.args.arg0 =
++ bl_mem_params->image_info.image_base;
++ break;
++#endif
+ default:
+ /* Do nothing in default case */
+ break;
+diff --git a/plat/qemu/common/qemu_io_storage.c b/plat/qemu/common/qemu_io_storage.c
+index 1107e443f..e2d4932c0 100644
+--- a/plat/qemu/common/qemu_io_storage.c
++++ b/plat/qemu/common/qemu_io_storage.c
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
++ * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+@@ -24,6 +24,7 @@
+ #define BL2_IMAGE_NAME "bl2.bin"
+ #define BL31_IMAGE_NAME "bl31.bin"
+ #define BL32_IMAGE_NAME "bl32.bin"
++#define TOS_FW_CONFIG_NAME "tos_fw_config.dtb"
+ #define BL32_EXTRA1_IMAGE_NAME "bl32_extra1.bin"
+ #define BL32_EXTRA2_IMAGE_NAME "bl32_extra2.bin"
+ #define BL33_IMAGE_NAME "bl33.bin"
+@@ -78,6 +79,10 @@ static const io_uuid_spec_t bl32_extra2_uuid_spec = {
+ .uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
+ };
+
++static const io_uuid_spec_t tos_fw_config_uuid_spec = {
++ .uuid = UUID_TOS_FW_CONFIG,
++};
++
+ static const io_uuid_spec_t bl33_uuid_spec = {
+ .uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
+ };
+@@ -137,6 +142,10 @@ static const io_file_spec_t sh_file_spec[] = {
+ .path = BL32_EXTRA2_IMAGE_NAME,
+ .mode = FOPEN_MODE_RB
+ },
++ [TOS_FW_CONFIG_ID] = {
++ .path = TOS_FW_CONFIG_NAME,
++ .mode = FOPEN_MODE_RB
++ },
+ [BL33_IMAGE_ID] = {
+ .path = BL33_IMAGE_NAME,
+ .mode = FOPEN_MODE_RB
+@@ -252,6 +261,11 @@ static const struct plat_io_policy policies[] = {
+ open_fip
+ },
+ #endif
++ [TOS_FW_CONFIG_ID] = {
++ &fip_dev_handle,
++ (uintptr_t)&tos_fw_config_uuid_spec,
++ open_fip
++ },
+ [BL33_IMAGE_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&bl33_uuid_spec,
+diff --git a/plat/qemu/common/qemu_spmd_manifest.c b/plat/qemu/common/qemu_spmd_manifest.c
+deleted file mode 100644
+index fd46e2675..000000000
+--- a/plat/qemu/common/qemu_spmd_manifest.c
++++ /dev/null
+@@ -1,31 +0,0 @@
+-/*
+- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+- *
+- * SPDX-License-Identifier: BSD-3-Clause
+- */
+-
+-#include <assert.h>
+-
+-#include <services/spm_core_manifest.h>
+-
+-#include <plat/common/platform.h>
+-#include <platform_def.h>
+-
+-int plat_spm_core_manifest_load(spmc_manifest_attribute_t *manifest,
+- const void *pm_addr)
+-{
+- entry_point_info_t *ep_info = bl31_plat_get_next_image_ep_info(SECURE);
+-
+- assert(ep_info != NULL);
+- assert(manifest != NULL);
+-
+- manifest->major_version = 1;
+- manifest->minor_version = 0;
+- manifest->exec_state = ep_info->args.arg2;
+- manifest->load_address = BL32_BASE;
+- manifest->entrypoint = BL32_BASE;
+- manifest->binary_size = BL32_LIMIT - BL32_BASE;
+- manifest->spmc_id = 0x8000;
+-
+- return 0;
+-}
+diff --git a/plat/qemu/qemu/include/platform_def.h b/plat/qemu/qemu/include/platform_def.h
+index c9ed6409f..5c3239cb8 100644
+--- a/plat/qemu/qemu/include/platform_def.h
++++ b/plat/qemu/qemu/include/platform_def.h
+@@ -118,6 +118,9 @@
+ #define BL_RAM_BASE (SHARED_RAM_BASE + SHARED_RAM_SIZE)
+ #define BL_RAM_SIZE (SEC_SRAM_SIZE - SHARED_RAM_SIZE)
+
++#define TOS_FW_CONFIG_BASE BL_RAM_BASE
++#define TOS_FW_CONFIG_LIMIT (TOS_FW_CONFIG_BASE + PAGE_SIZE)
++
+ /*
+ * BL1 specific defines.
+ *
+diff --git a/plat/qemu/qemu/platform.mk b/plat/qemu/qemu/platform.mk
+index 6becc32fa..02493025a 100644
+--- a/plat/qemu/qemu/platform.mk
++++ b/plat/qemu/qemu/platform.mk
+@@ -212,7 +212,10 @@ BL31_SOURCES += lib/cpus/aarch64/aem_generic.S \
+ ${QEMU_GIC_SOURCES}
+
+ ifeq (${SPD},spmd)
+-BL31_SOURCES += plat/qemu/common/qemu_spmd_manifest.c
++BL31_SOURCES += plat/common/plat_spmd_manifest.c \
++ common/uuid.c \
++ ${LIBFDT_SRCS} \
++ ${FDT_WRAPPERS_SOURCES}
+ endif
+ endif
+
+@@ -233,6 +236,13 @@ $(eval $(call TOOL_ADD_IMG,bl32_extra2,--tos-fw-extra2))
+ endif
+ endif
+
++ifneq ($(QEMU_TOS_FW_CONFIG_DTS),)
++FDT_SOURCES += ${QEMU_TOS_FW_CONFIG_DTS}
++QEMU_TOS_FW_CONFIG := ${BUILD_PLAT}/fdts/$(notdir $(basename ${QEMU_TOS_FW_CONFIG_DTS})).dtb
++# Add the TOS_FW_CONFIG to FIP
++$(eval $(call TOOL_ADD_PAYLOAD,${QEMU_TOS_FW_CONFIG},--tos-fw-config,${QEMU_TOS_FW_CONFIG}))
++endif
++
+ SEPARATE_CODE_AND_RODATA := 1
+ ENABLE_STACK_PROTECTOR := 0
+ ifneq ($(ENABLE_STACK_PROTECTOR), 0)
+--
+2.39.1.windows.1
+
@@ -47,7 +47,10 @@ EXTRA_OEMAKE:append:arm:qemuall = " \
BL32_RAM_LOCATION=tdram \
AARCH32_SP=optee \
"
-
+# When using OP-TEE SPMC specify the SPMC manifest file.
+EXTRA_OEMAKE:append:qemuarm64-secureboot = "${@bb.utils.contains('MACHINE_FEATURES', 'arm-ffa', \
+ 'QEMU_TOS_FW_CONFIG_DTS=${S}/plat/qemu/fdts/optee_spmc_manifest.dts', '', d)}"
+
do_compile:append:qemuarm64-secureboot() {
# Create a secure flash image for booting AArch64 Qemu. See:
# https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/docs/plat/qemu.rst
@@ -5,6 +5,12 @@ SRCREV_tfa = "9881bb93a3bc0a3ea37e9f093e09ab4b360a9e48"
SRC_URI += "file://rwx-segments.patch"
+# Enable passing TOS_FW_CONFIG from FIP package to Trusted OS.
+SRC_URI:append:qemuarm64-secureboot = " \
+ file://add-spmc_manifest-for-qemu.patch \
+ file://feat-qemu-update-abi-between-spmd-and-spmc.patch \
+ "
+
LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
# mbed TLS v2.28.2
This change: - cherry-picks TF-A changes from master which implement passing TOS_FW_CONFIG DTB from the FIP package to the trusted OS. - add an OP-TEE SPMC specific SPMC manifest file - configures TF-A to build the manifest, add it to the FIP package and pass it to OP-TEE as a boot argument. This functionality needs matching changes in OPTEE (OP-TEE v3.21 or v3.20 + carried patches.) Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> --- .../files/add-spmc_manifest-for-qemu.patch | 67 +++++ ...emu-update-abi-between-spmd-and-spmc.patch | 263 ++++++++++++++++++ .../trusted-firmware-a_%.bbappend | 5 +- .../trusted-firmware-a_2.8.0.bb | 6 + 4 files changed, 340 insertions(+), 1 deletion(-) create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/add-spmc_manifest-for-qemu.patch create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/feat-qemu-update-abi-between-spmd-and-spmc.patch