new file mode 100644
@@ -0,0 +1,451 @@
+From 67e5aa83efce5f75df1c5d027e2d52f0da2eaba0 Mon Sep 17 00:00:00 2001
+From: Bence Balogh <bence.balogh@arm.com>
+Date: Thu, 5 Sep 2024 17:21:50 +0200
+Subject: [PATCH 1/5] Platform: CS1000: Remove unused BL1 files
+
+These files are not referenced anywhere so removed them to prevent
+confusion.
+Signed-off-by: Bence Balogh <bence.balogh@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ .../arm/corstone1000/bl1/CMakeLists.txt | 345 ------------------
+ .../arm/corstone1000/bl1/bl1_security_cnt.c | 75 ----
+ 2 files changed, 420 deletions(-)
+ delete mode 100644 platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
+ delete mode 100644 platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
+
+diff --git a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt b/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
+deleted file mode 100644
+index 5e140eecf6..0000000000
+--- a/platform/ext/target/arm/corstone1000/bl1/CMakeLists.txt
++++ /dev/null
+@@ -1,345 +0,0 @@
+-#-------------------------------------------------------------------------------
+-# Copyright (c) 2020-2024, Arm Limited. All rights reserved.
+-#
+-# SPDX-License-Identifier: BSD-3-Clause
+-#
+-#-------------------------------------------------------------------------------
+-
+-cmake_minimum_required(VERSION 3.15)
+-cmake_policy(SET CMP0079 NEW)
+-
+-project("BL1 Bootloader" VERSION 0.0.1 LANGUAGES C ASM)
+-
+-# BL1 only loads the BL2 image, image number always equals 1
+-set(BL1_IMAGE_NUMBER 1)
+-
+-# Version of BL2 image
+-set(BL2_IMAGE_VERSION "0.1.0")
+-
+-add_executable(bl1)
+-
+-set_target_properties(bl1
+- PROPERTIES
+- SUFFIX ".axf"
+- RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin"
+-)
+-
+-target_link_options(bl1
+- PRIVATE
+- $<$<C_COMPILER_ID:GNU>:-Wl,-Map=${CMAKE_BINARY_DIR}/bin/bl1.map>
+-)
+-
+-add_convert_to_bin_target(bl1)
+-
+-# bl2_mbedcrypto reused as it is, but it pulls the MCUBOOT_IMAGE_NUMBER=${MCUBOOT_IMAGE_NUMBER}
+-# configuration, where image number is 3. (Coming from BL2 build). To not to collide with BL1's
+-# build where image number is 1 mbedcrypto library is separated from the build of other source
+-# files.
+-target_link_libraries(bl1
+- PRIVATE
+- bl1_main
+- bl2_mbedcrypto
+- cmsis_stack_override
+- cmsis
+-)
+-
+-# add_convert_to_bin_target(bl1) requires at least one source file added to bl1. This sources will
+-# be built with wrong image number macro (value coming from BL2 config), so the start-up files
+-# added here, as those not use this image number macro.
+-target_sources(bl1
+- PRIVATE
+- $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/../Device/Source/startup_corstone1000.c>
+-)
+-
+-# Needed for the GCC startup files
+-target_include_directories(bl1
+- PRIVATE
+- ${CMAKE_SOURCE_DIR}/platform/include
+- ../Device/Include
+-)
+-
+-# target_add_scatter_file(bl1) cannot be used as it would add the platform_region_defs dependency
+-# to bl1, again pulling the image number property matching with BL2 build, so scatter setup done
+-# here by hand.
+-target_link_options(bl1
+- PRIVATE
+- -T $<TARGET_OBJECTS:bl1_scatter>
+-)
+-
+-add_library(bl1_scatter OBJECT)
+-
+-add_dependencies(bl1
+- bl1_scatter
+- )
+-
+-target_sources(bl1_scatter
+- PRIVATE
+- ../Device/Source/gcc/corstone1000_bl1.ld
+-)
+-
+-set_source_files_properties(../Device/Source/gcc/corstone1000_bl1.ld
+- PROPERTIES
+- LANGUAGE C
+-)
+-
+-target_compile_options(bl1_scatter
+- PRIVATE
+- -E
+- -P
+- -xc
+-)
+-
+-target_compile_definitions(bl1_scatter
+- PRIVATE
+- MCUBOOT_IMAGE_NUMBER=${BL1_IMAGE_NUMBER}
+- BL1
+-)
+-
+-target_include_directories(bl1_scatter
+- PRIVATE
+- ../partition
+-)
+-
+-# Library to spearate build from bl2_mbedcrypto configurations
+-add_library(bl1_main STATIC)
+-
+-target_compile_definitions(bl1_main
+- PRIVATE
+- MCUBOOT_IMAGE_NUMBER=${BL1_IMAGE_NUMBER}
+- BL1
+- BL2
+- $<$<BOOL:${PLATFORM_IS_FVP}>:PLATFORM_IS_FVP>
+-)
+-
+-# Configurations based on bl2/CMakeLists.txt
+-
+-# Many files are reused form TF-M's bl2 directory
+-set(BL2_SOURCE ${CMAKE_SOURCE_DIR}/bl2)
+-
+-target_sources(bl1_main
+- PRIVATE
+- ${BL2_SOURCE}/src/flash_map.c
+- ./provisioning.c
+-)
+-
+-target_include_directories(bl1_main
+- PRIVATE
+- $<BUILD_INTERFACE:${BL2_SOURCE}/include>
+-)
+-
+-# Include path needed for mbedcrypto headers
+-target_include_directories(bl1_main
+- PRIVATE
+- $<BUILD_INTERFACE:${MBEDCRYPTO_PATH}/include>
+-)
+-
+-# Configurations based on bl2/ext/mcuboot/CMakeLists.txt
+-target_link_libraries(bl1_main
+- PRIVATE
+- mcuboot_config
+- bl2_mbedcrypto_config
+-)
+-
+-target_include_directories(bl1_main
+- PRIVATE
+- $<BUILD_INTERFACE:${BL2_SOURCE}/ext/mcuboot/include>
+-)
+-
+-target_sources(bl1_main
+- PRIVATE
+- ${BL2_SOURCE}/ext/mcuboot/bl2_main.c
+- ${BL2_SOURCE}/ext/mcuboot/keys.c
+- ${BL2_SOURCE}/ext/mcuboot/flash_map_legacy.c
+-)
+-
+-# Configurations based on ${MCUBOOT_PATH}/boot/bootutil/CMakeLists.txt
+-# add_subdirectory("${MCUBOOT_PATH}/boot/bootutil" bootutil) cannot work as we want to define different hal
+-# functions compared to BL2
+-target_sources(bl1_main
+- PRIVATE
+- ${MCUBOOT_PATH}/boot/bootutil/src/loader.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/bootutil_misc.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/bootutil_public.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/image_validate.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/image_rsa.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/tlv.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/boot_record.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/swap_scratch.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/swap_move.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/swap_misc.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/encrypted.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/fault_injection_hardening.c
+- ${MCUBOOT_PATH}/boot/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c
+-)
+-
+-target_include_directories(bl1_main
+- PRIVATE
+- $<BUILD_INTERFACE:${MCUBOOT_PATH}/boot/bootutil/include>
+- $<BUILD_INTERFACE:${MCUBOOT_PATH}/boot/bootutil/src>
+- $<BUILD_INTERFACE:${MCUBOOT_PATH}/boot>
+-)
+-
+-# Configurations based on platform/CMakeLists.txt
+-target_include_directories(bl1_main
+- PRIVATE
+- $<BUILD_INTERFACE:${CMAKE_SOURCE_DIR}/platform/include>
+- $<BUILD_INTERFACE:${CMAKE_SOURCE_DIR}/platform/ext/driver>
+- $<BUILD_INTERFACE:${CMAKE_SOURCE_DIR}/platform/ext/common>
+- $<BUILD_INTERFACE:${CMAKE_SOURCE_DIR}/platform/ext>
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR}>:${CMAKE_SOURCE_DIR}/platform/ext/accelerator/interface>
+-)
+-
+-target_sources(bl1_main
+- PRIVATE
+- $<$<BOOL:${PLATFORM_DEFAULT_UART_STDOUT}>:${CMAKE_SOURCE_DIR}/platform/ext/common/uart_stdout.c>
+- $<$<BOOL:${PLATFORM_DEFAULT_NV_COUNTERS}>:${CMAKE_SOURCE_DIR}/platform/ext/common/template/nv_counters.c>
+- $<$<OR:$<BOOL:${PLATFORM_DEFAULT_NV_COUNTERS}>,$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${CMAKE_SOURCE_DIR}/platform/ext/common/template/flash_otp_nv_counters_backend.c>
+- $<$<BOOL:${PLATFORM_DEFAULT_OTP}>:${CMAKE_SOURCE_DIR}/platform/ext/common/template/otp_flash.c>
+-)
+-
+-target_link_libraries(bl1_main
+- PRIVATE
+- bl2_hal
+- cmsis
+-)
+-
+-target_compile_definitions(bl1_main
+- PRIVATE
+- MCUBOOT_${MCUBOOT_UPGRADE_STRATEGY}
+- $<$<BOOL:${SYMMETRIC_INITIAL_ATTESTATION}>:SYMMETRIC_INITIAL_ATTESTATION>
+- $<$<BOOL:${PLATFORM_DEFAULT_NV_COUNTERS}>:PLATFORM_DEFAULT_NV_COUNTERS>
+- $<$<BOOL:${MCUBOOT_HW_KEY}>:MCUBOOT_HW_KEY>
+- MCUBOOT_FIH_PROFILE_${MCUBOOT_FIH_PROFILE}
+- $<$<BOOL:${PLATFORM_DEFAULT_NV_COUNTERS}>:PLATFORM_DEFAULT_NV_COUNTERS>
+- $<$<BOOL:${PLATFORM_DEFAULT_OTP}>:PLATFORM_DEFAULT_OTP>
+- $<$<BOOL:${OTP_NV_COUNTERS_RAM_EMULATION}>:OTP_NV_COUNTERS_RAM_EMULATION=1>
+- $<$<BOOL:${TFM_DUMMY_PROVISIONING}>:TFM_DUMMY_PROVISIONING>
+- $<$<BOOL:${PLATFORM_DEFAULT_OTP_WRITEABLE}>:OTP_WRITEABLE>
+-)
+-
+-# Configurations based on cc312 cmake files
+-target_compile_definitions(bl1_main
+- PRIVATE
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR_OTP_STATE}>:CRYPTO_HW_ACCELERATOR_OTP_${CRYPTO_HW_ACCELERATOR_OTP_STATE}>
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR}>:CRYPTO_HW_ACCELERATOR>
+- $<$<BOOL:${ENABLE_FWU_AGENT_DEBUG_LOGS}>:ENABLE_FWU_AGENT_DEBUG_LOGS>
+-)
+-
+-target_include_directories(bl1_main
+- PRIVATE
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR}>:${CMAKE_SOURCE_DIR}/platform/ext/accelerator/cc312>
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR}>:${CMAKE_SOURCE_DIR}/lib/ext/cryptocell-312-runtime/shared/include/mbedtls>
+- $<$<BOOL:${CRYPTO_HW_ACCELERATOR}>:${CMAKE_SOURCE_DIR}/lib/ext/cryptocell-312-runtime/shared/include/crypto_api/cc3x>
+- ../soft_crc
+-)
+-
+-# Configurations based on platform level cmake files
+-target_sources(bl1_main
+- PRIVATE
+- ../CMSIS_Driver/Driver_Flash.c
+- ../CMSIS_Driver/Driver_USART.c
+- ../Device/Source/device_definition.c
+- ../Device/Source/system_core_init.c
+- ../Native_Driver/firewall.c
+- ../Native_Driver/uart_pl011_drv.c
+- ../fw_update_agent/fwu_agent.c
+- ../soft_crc/soft_crc.c
+- ../Native_Driver/arm_watchdog_drv.c
+- ../Native_Driver/watchdog.c
+- bl1_boot_hal.c
+- bl1_flash_map.c
+- bl1_security_cnt.c
+- flash_map_extended.c
+- bl1_rotpk.c
+-)
+-
+-if (PLATFORM_IS_FVP)
+-target_sources(bl1_main
+- PRIVATE
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata/spi_strataflashj3_flash_lib.c
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/cfi/cfi_drv.c
+-)
+-else()
+-target_sources(bl1_main
+- PRIVATE
+- ${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/xilinx_pg153_axi_qspi_controller_drv.c
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/spi_n25q256a_flash_lib.c
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/spi_sst26vf064b_flash_lib.c
+-)
+-endif()
+-
+-target_include_directories(bl1_main
+- PRIVATE
+- ../partition
+- ../Device/Include
+- ../.
+- ../CMSIS_Driver/Config
+- ../Device/Config
+- ../Native_Driver
+- ../fw_update_agent
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/common
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/cfi
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata
+- ${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a
+- ${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b
+-
+-)
+-
+-############################### SIGNING BL2 image ##################################
+-
+-find_package(Python3)
+-
+-set(FLASH_AREA_NUM 8)
+-configure_file(signing_layout.c.in ${CMAKE_CURRENT_BINARY_DIR}/signing_layout.c @ONLY)
+-add_library(signing_layout_for_bl2 OBJECT ${CMAKE_CURRENT_BINARY_DIR}/signing_layout.c)
+-
+-target_compile_options(signing_layout_for_bl2
+- PRIVATE
+- $<$<C_COMPILER_ID:GNU>:-E\;-xc>
+- $<$<C_COMPILER_ID:ARMClang>:-E\;-xc>
+- $<$<C_COMPILER_ID:IAR>:--preprocess=ns\;$<TARGET_OBJECTS:signing_layout_s>>
+-)
+-target_compile_definitions(signing_layout_for_bl2
+- PRIVATE
+- MCUBOOT_IMAGE_NUMBER=${BL1_IMAGE_NUMBER}
+- BL1
+-)
+-
+-target_include_directories(signing_layout_for_bl2
+- PRIVATE
+- ../partition
+-)
+-
+-if (CONFIG_TFM_BOOT_STORE_MEASUREMENTS AND CONFIG_TFM_BOOT_STORE_ENCODED_MEASUREMENTS)
+- set(MCUBOOT_MEASURED_BOOT ON)
+-endif()
+-
+-add_custom_target(bl2_signed_bin
+- ALL
+- SOURCES bl2_signed.bin
+-)
+-add_custom_command(OUTPUT bl2_signed.bin
+- DEPENDS $<TARGET_FILE_DIR:bl2>/bl2.bin
+- DEPENDS bl2_bin signing_layout_for_bl2
+- WORKING_DIRECTORY ${MCUBOOT_PATH}/scripts
+-
+- #Sign secure binary image with provided secret key
+- COMMAND ${Python3_EXECUTABLE} ${BL2_SOURCE}/ext/mcuboot/scripts/wrapper/wrapper.py
+- -v ${BL2_IMAGE_VERSION}
+- --layout $<TARGET_OBJECTS:signing_layout_for_bl2>
+- -k ${MCUBOOT_KEY_S}
+- --public-key-format $<IF:$<BOOL:${MCUBOOT_HW_KEY}>,full,hash>
+- --align 1
+- --pad
+- --pad-header
+- -H 0x400
+- -s ${MCUBOOT_SECURITY_COUNTER_S}
+- -d \"\(0,${MCUBOOT_S_IMAGE_MIN_VER}\)\"
+- $<$<STREQUAL:${MCUBOOT_UPGRADE_STRATEGY},OVERWRITE_ONLY>:--overwrite-only>
+- $<$<BOOL:${MCUBOOT_ENC_IMAGES}>:-E${MCUBOOT_KEY_ENC}>
+- $<$<BOOL:${MCUBOOT_MEASURED_BOOT}>:--measured-boot-record>
+- $<TARGET_FILE_DIR:bl2>/bl2.bin
+- ${CMAKE_CURRENT_BINARY_DIR}/bl2_signed.bin
+- COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_CURRENT_BINARY_DIR}/bl2_signed.bin $<TARGET_FILE_DIR:bl2>
+-)
+diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c b/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
+deleted file mode 100644
+index 32c1481cca..0000000000
+--- a/platform/ext/target/arm/corstone1000/bl1/bl1_security_cnt.c
++++ /dev/null
+@@ -1,75 +0,0 @@
+-/*
+- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
+- *
+- * SPDX-License-Identifier: BSD-3-Clause
+- *
+- */
+-
+-#include "bootutil/security_cnt.h"
+-#include "tfm_plat_nv_counters.h"
+-#include "tfm_plat_defs.h"
+-#include "bootutil/fault_injection_hardening.h"
+-#include <stdint.h>
+-#include "tfm_plat_provisioning.h"
+-#include "fwu_agent.h"
+-
+-fih_ret boot_nv_security_counter_init(void)
+-{
+- FIH_DECLARE(fih_rc, FIH_FAILURE);
+-
+- fih_rc = fih_ret_encode_zero_equality(tfm_plat_init_nv_counter());
+-
+- FIH_RET(fih_rc);
+-}
+-
+-fih_ret boot_nv_security_counter_get(uint32_t image_id, fih_int *security_cnt)
+-{
+- FIH_DECLARE(fih_rc, FIH_FAILURE);
+- uint32_t security_cnt_soft;
+-
+- /* Check if it's a null-pointer. */
+- if (!security_cnt) {
+- FIH_RET(FIH_FAILURE);
+- }
+-
+- if (image_id != 0) {
+- FIH_RET(FIH_FAILURE);
+- }
+-
+- fih_rc = fih_ret_encode_zero_equality(
+- tfm_plat_read_nv_counter(PLAT_NV_COUNTER_BL1_0,
+- sizeof(security_cnt_soft),
+- (uint8_t *)&security_cnt_soft));
+- *security_cnt = fih_int_encode(security_cnt_soft);
+-
+- FIH_RET(fih_rc);
+-}
+-
+-int32_t boot_nv_security_counter_update(uint32_t image_id,
+- uint32_t img_security_cnt)
+-{
+- enum tfm_plat_err_t err;
+- enum fwu_agent_error_t fwu_err;
+-
+- if (image_id != 0) {
+- return -1;
+- }
+-
+- if (tfm_plat_provisioning_is_required()) {
+-
+- err = tfm_plat_set_nv_counter(PLAT_NV_COUNTER_BL1_0, img_security_cnt);
+- if (err != TFM_PLAT_ERR_SUCCESS) {
+- return -1;
+- }
+-
+- } else {
+-
+- fwu_err = fwu_stage_nv_counter(FWU_BL2_NV_COUNTER, img_security_cnt);
+- if (fwu_err != FWU_AGENT_SUCCESS) {
+- return -1;
+- }
+-
+- }
+-
+- return 0;
+-}
+--
+2.25.1
+
new file mode 100644
@@ -0,0 +1,61 @@
+From 60793058794f0ac8ea35a69b2dddf97ccba1acdb Mon Sep 17 00:00:00 2001
+From: Bence Balogh <bence.balogh@arm.com>
+Date: Thu, 5 Sep 2024 21:29:07 +0200
+Subject: [PATCH 2/5] Platform: CS1000: Remove duplicated metadata write
+
+The metadata replica_2 was written twice which is not needed.
+Signed-off-by: Bence Balogh <bence.balogh@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ .../corstone1000/fw_update_agent/fwu_agent.c | 28 -------------------
+ 1 file changed, 28 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+index d0028a56d8..2b69447dc5 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+@@ -499,20 +499,6 @@ static enum fwu_agent_error_t metadata_write(
+ return FWU_AGENT_ERROR;
+ }
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+-
+- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+- if (ret != ARM_DRIVER_OK) {
+- return FWU_AGENT_ERROR;
+- }
+-
+- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+- p_metadata, sizeof(struct fwu_metadata));
+- if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+- return FWU_AGENT_ERROR;
+- }
+-
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+ p_metadata->active_index, p_metadata->previous_active_index);
+ return FWU_AGENT_SUCCESS;
+@@ -569,20 +555,6 @@ static enum fwu_agent_error_t metadata_write(
+ return FWU_AGENT_ERROR;
+ }
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+-
+- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
+- if (ret != ARM_DRIVER_OK) {
+- return FWU_AGENT_ERROR;
+- }
+-
+- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
+- p_metadata, sizeof(struct fwu_metadata));
+- if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+- return FWU_AGENT_ERROR;
+- }
+-
+ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+ p_metadata->active_index, p_metadata->previous_active_index);
+ return FWU_AGENT_SUCCESS;
+--
+2.25.1
+
new file mode 100644
@@ -0,0 +1,193 @@
+From 09827a44518b05a2cc58602dda18474973abfb83 Mon Sep 17 00:00:00 2001
+From: Bence Balogh <bence.balogh@arm.com>
+Date: Thu, 5 Sep 2024 17:28:56 +0200
+Subject: [PATCH 3/5] Platform: CS1000: Fix compiler switch in BL1
+
+The fwu_agent.c used the "BL1" definition to check if the source file
+is building for the BL1 or for the TFM_S target.
+But the "BL1" definition is added to the build flags for every file
+that links against platform_region_defs, see
+tfm/cmake/spe-CMakeLists.cmake:
+
+target_compile_definitions(platform_region_defs
+ INTERFACE
+ $<$<BOOL:${BL1}>:BL1>
+ ....
+)
+
+This means the "#if BL1" condition was true for both cases.
+
+This commit:
+- Adds a new definition that is only added to the
+ platform_bl1_1 target.
+- Fixes the #elif with no expression error that came up.
+- Moves the partition table loading because previously it was not
+ loaded during the runtime TFM_S execution, only in BL2.
+
+Signed-off-by: Bence Balogh <bence.balogh@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ .../target/arm/corstone1000/CMakeLists.txt | 7 ++++
+ .../corstone1000/fw_update_agent/fwu_agent.c | 33 +++++++++----------
+ 2 files changed, 23 insertions(+), 17 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
+index 89db1732a9..f6880cba3c 100644
+--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
++++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
+@@ -144,6 +144,7 @@ target_sources(platform_s
+ partition/gpt.c
+ $<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c>
+ rse_comms_permissions_hal.c
++ platform.c
+ )
+
+ if (PLATFORM_IS_FVP)
+@@ -213,6 +214,12 @@ target_compile_definitions(platform_bl1_1
+ $<$<BOOL:${CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING}>:CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING>
+ MBEDTLS_CONFIG_FILE="${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h"
+ MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_default.h"
++
++ # This definition is only added to the bl1_main target. There are
++ # files that are shared between the BL1 and TFM_S targets. This flag
++ # can be used if the BL1 target needs different implementation than
++ # the TFM_S target.
++ BL1_BUILD
+ )
+
+ target_include_directories(platform_bl1_1_interface
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+index 2b69447dc5..9890eeaf90 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+@@ -21,7 +21,7 @@
+ #include "uefi_fmp.h"
+ #include "uart_stdout.h"
+ #include "soft_crc.h"
+-#if !BL1
++#ifndef BL1_BUILD
+ #include "partition.h"
+ #include "platform.h"
+ #endif
+@@ -197,7 +197,7 @@ extern ARM_DRIVER_FLASH FWU_METADATA_FLASH_DEV;
+
+ #define HOST_ACK_TIMEOUT_SEC (6 * 60) /* ~seconds, not exact */
+
+-#if BL1
++#ifdef BL1_BUILD
+ static enum fwu_agent_error_t private_metadata_read(
+ struct fwu_private_metadata* p_metadata)
+ {
+@@ -220,7 +220,7 @@ static enum fwu_agent_error_t private_metadata_read(
+
+ return FWU_AGENT_SUCCESS;
+ }
+-#elif
++#else
+ static enum fwu_agent_error_t private_metadata_read(
+ struct fwu_private_metadata* p_metadata)
+ {
+@@ -253,7 +253,7 @@ static enum fwu_agent_error_t private_metadata_read(
+ }
+ #endif
+
+-#if BL1
++#ifdef BL1_BUILD
+ static enum fwu_agent_error_t private_metadata_write(
+ struct fwu_private_metadata* p_metadata)
+ {
+@@ -280,7 +280,7 @@ static enum fwu_agent_error_t private_metadata_write(
+ FWU_LOG_MSG("%s: success\n\r", __func__);
+ return FWU_AGENT_SUCCESS;
+ }
+-#elif
++#else
+ static enum fwu_agent_error_t private_metadata_write(
+ struct fwu_private_metadata* p_metadata)
+ {
+@@ -339,7 +339,7 @@ static enum fwu_agent_error_t metadata_validate(struct fwu_metadata *p_metadata)
+ return FWU_AGENT_SUCCESS;
+ }
+
+-#if BL1
++#ifdef BL1_BUILD
+ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metadata *p_metadata)
+ {
+ int ret;
+@@ -362,7 +362,7 @@ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metada
+
+ return FWU_AGENT_SUCCESS;
+ }
+-#elif
++#else
+ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metadata *p_metadata)
+ {
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+@@ -396,7 +396,7 @@ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metada
+ }
+ #endif
+
+-#if BL1
++#ifdef BL1_BUILD
+ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+ {
+ int ret;
+@@ -423,7 +423,7 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+
+ return FWU_AGENT_SUCCESS;
+ }
+-#elif
++#else
+ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+ {
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+@@ -461,7 +461,7 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+ #endif
+
+
+-#if BL1
++#ifdef BL1_BUILD
+ static enum fwu_agent_error_t metadata_write(
+ struct fwu_metadata *p_metadata)
+ {
+@@ -503,7 +503,7 @@ static enum fwu_agent_error_t metadata_write(
+ p_metadata->active_index, p_metadata->previous_active_index);
+ return FWU_AGENT_SUCCESS;
+ }
+-#elif
++#else
+ static enum fwu_agent_error_t metadata_write(
+ struct fwu_metadata *p_metadata)
+ {
+@@ -567,11 +567,15 @@ enum fwu_agent_error_t fwu_metadata_init(void)
+ enum fwu_agent_error_t ret;
+ ARM_FLASH_INFO* flash_info;
+
+-
+ if (is_initialized) {
+ return FWU_AGENT_SUCCESS;
+ }
+
++ #ifndef BL1_BUILD
++ plat_io_storage_init();
++ partition_init(PLATFORM_GPT_IMAGE);
++ #endif
++
+ /* Code assumes everything fits into a sector */
+ if (sizeof(struct fwu_metadata) > FWU_METADATA_FLASH_SECTOR_SIZE) {
+ return FWU_AGENT_ERROR;
+@@ -605,11 +609,6 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
+
+ FWU_LOG_MSG("%s: enter\n\r", __func__);
+
+-#if !BL1
+- plat_io_storage_init();
+- partition_init(PLATFORM_GPT_IMAGE);
+-#endif
+-
+ ret = fwu_metadata_init();
+ if (ret) {
+ return ret;
+--
+2.25.1
+
new file mode 100644
@@ -0,0 +1,355 @@
+From df0b5f5f7da1d7dbe10ccf35f9971e58e3110f6e Mon Sep 17 00:00:00 2001
+From: Bence Balogh <bence.balogh@arm.com>
+Date: Mon, 9 Sep 2024 09:42:58 +0200
+Subject: [PATCH 1/2] Platform: CS1000: Validate both metadata replicas
+
+According to the [1] both metadata replica integrity should be checked
+during the update agent initialization, and if one of the replica is
+corrupted then it should be fixed by copying the other replica.
+
+This commit:
+- Adds the integrity check and correction to the
+ corstone1000_fwu_host_ack() function. This function is called when
+ the Host core has booted.
+- Updates the metadata_read() function so both replica can be read.
+- Adds metadata_write_replica() function to write metadata replicas
+ separately.
+
+[1] https://developer.arm.com/documentation/den0118/a/?lang=en
+
+Signed-off-by: Bence Balogh <bence.balogh@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ .../corstone1000/fw_update_agent/fwu_agent.c | 155 ++++++++++++------
+ .../corstone1000/fw_update_agent/fwu_agent.h | 7 +
+ 2 files changed, 111 insertions(+), 51 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+index 9890eeaf90..a09653b3ac 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c
+@@ -397,18 +397,30 @@ static enum fwu_agent_error_t metadata_read_without_validation(struct fwu_metada
+ #endif
+
+ #ifdef BL1_BUILD
+-static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
++static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata, uint8_t replica_num)
+ {
+ int ret;
++ uint32_t replica_offset = 0;
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
++ FWU_LOG_MSG("%s: enter\n\r", __func__);
++
++ if (replica_num == 1) {
++ replica_offset = FWU_METADATA_REPLICA_1_OFFSET;
++ } else if (replica_num == 2) {
++ replica_offset = FWU_METADATA_REPLICA_2_OFFSET;
++ } else {
++ FWU_LOG_MSG("%s: replica_num must be 1 or 2\n\r", __func__);
++ return FWU_AGENT_ERROR;
++ }
++
++ FWU_LOG_MSG("%s: flash addr = %u, size = %d\n\r", __func__,
++ replica_offset, sizeof(struct fwu_metadata));
+
+ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+- ret = FWU_METADATA_FLASH_DEV.ReadData(FWU_METADATA_REPLICA_1_OFFSET,
++ ret = FWU_METADATA_FLASH_DEV.ReadData(replica_offset,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+@@ -424,7 +436,7 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+ return FWU_AGENT_SUCCESS;
+ }
+ #else
+-static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
++static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata, uint8_t replica_num)
+ {
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+ partition_entry_t *part;
+@@ -434,7 +446,15 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+ return FWU_AGENT_ERROR;
+ }
+
+- part = get_partition_entry_by_type(&metadata_uuid);
++ if (replica_num == 1) {
++ part = get_partition_entry_by_type(&metadata_uuid);
++ } else if (replica_num == 2) {
++ part = get_partition_replica_by_type(&metadata_uuid);
++ } else {
++ FWU_LOG_MSG("%s: replica_num must be 1 or 2\n\r", __func__);
++ return FWU_AGENT_ERROR;
++ }
++
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+@@ -463,37 +483,35 @@ static enum fwu_agent_error_t metadata_read(struct fwu_metadata *p_metadata)
+
+ #ifdef BL1_BUILD
+ static enum fwu_agent_error_t metadata_write(
+- struct fwu_metadata *p_metadata)
++ struct fwu_metadata *p_metadata, uint8_t replica_num)
+ {
+ int ret;
++ uint32_t replica_offset = 0;
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- FWU_METADATA_REPLICA_1_OFFSET, sizeof(struct fwu_metadata));
++ FWU_LOG_MSG("%s: enter\n\r", __func__);
+
+- if (!p_metadata) {
++ if (replica_num == 1) {
++ replica_offset = FWU_METADATA_REPLICA_1_OFFSET;
++ } else if (replica_num == 2) {
++ replica_offset = FWU_METADATA_REPLICA_2_OFFSET;
++ } else {
++ FWU_LOG_MSG("%s: replica_num must be 1 or 2\n\r", __func__);
+ return FWU_AGENT_ERROR;
+ }
+
+- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_1_OFFSET);
+- if (ret != ARM_DRIVER_OK) {
+- return FWU_AGENT_ERROR;
+- }
++ FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
++ replica_offset, sizeof(struct fwu_metadata));
+
+- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_1_OFFSET,
+- p_metadata, sizeof(struct fwu_metadata));
+- if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
++ if (!p_metadata) {
+ return FWU_AGENT_ERROR;
+ }
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- FWU_METADATA_REPLICA_2_OFFSET, sizeof(struct fwu_metadata));
+-
+- ret = FWU_METADATA_FLASH_DEV.EraseSector(FWU_METADATA_REPLICA_2_OFFSET);
++ ret = FWU_METADATA_FLASH_DEV.EraseSector(replica_offset);
+ if (ret != ARM_DRIVER_OK) {
+ return FWU_AGENT_ERROR;
+ }
+
+- ret = FWU_METADATA_FLASH_DEV.ProgramData(FWU_METADATA_REPLICA_2_OFFSET,
++ ret = FWU_METADATA_FLASH_DEV.ProgramData(replica_offset,
+ p_metadata, sizeof(struct fwu_metadata));
+ if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+ return FWU_AGENT_ERROR;
+@@ -505,7 +523,7 @@ static enum fwu_agent_error_t metadata_write(
+ }
+ #else
+ static enum fwu_agent_error_t metadata_write(
+- struct fwu_metadata *p_metadata)
++ struct fwu_metadata *p_metadata, uint8_t replica_num)
+ {
+ uuid_t metadata_uuid = FWU_METADATA_TYPE_UUID;
+ partition_entry_t *part;
+@@ -515,7 +533,15 @@ static enum fwu_agent_error_t metadata_write(
+ return FWU_AGENT_ERROR;
+ }
+
+- part = get_partition_entry_by_type(&metadata_uuid);
++ if (replica_num == 1) {
++ part = get_partition_entry_by_type(&metadata_uuid);
++ } else if (replica_num == 2) {
++ part = get_partition_replica_by_type(&metadata_uuid);
++ } else {
++ FWU_LOG_MSG("%s: replica_num must be 1 or 2\n\r", __func__);
++ return FWU_AGENT_ERROR;
++ }
++
+ if (!part) {
+ FWU_LOG_MSG("%s: FWU metadata partition not found\n\r", __func__);
+ return FWU_AGENT_ERROR;
+@@ -535,32 +561,51 @@ static enum fwu_agent_error_t metadata_write(
+ return FWU_AGENT_ERROR;
+ }
+
+- part = get_partition_replica_by_type(&metadata_uuid);
+- if (!part) {
+- FWU_LOG_MSG("%s: FWU metadata replica partition not found\n\r", __func__);
+- return FWU_AGENT_ERROR;
+- }
++ FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
++ p_metadata->active_index, p_metadata->previous_active_index);
++ return FWU_AGENT_SUCCESS;
++}
++#endif
+
+- FWU_LOG_MSG("%s: enter: flash addr = %u, size = %d\n\r", __func__,
+- part->start, sizeof(struct fwu_metadata));
++static enum fwu_agent_error_t metadata_write_both_replica(
++ struct fwu_metadata *p_metadata)
++{
++ enum fwu_agent_error_t ret = FWU_AGENT_ERROR;
+
+- ret = FWU_METADATA_FLASH_DEV.EraseSector(part->start);
+- if (ret != ARM_DRIVER_OK) {
+- return FWU_AGENT_ERROR;
++ ret = metadata_write(&_metadata, 1);
++ if (ret) {
++ return ret;
+ }
+
+- ret = FWU_METADATA_FLASH_DEV.ProgramData(part->start,
+- p_metadata, sizeof(struct fwu_metadata));
+- if (ret < 0 || ret != sizeof(struct fwu_metadata)) {
+- return FWU_AGENT_ERROR;
++ ret = metadata_write(&_metadata, 2);
++ if (ret) {
++ return ret;
+ }
+
+- FWU_LOG_MSG("%s: success: active = %u, previous = %d\n\r", __func__,
+- p_metadata->active_index, p_metadata->previous_active_index);
+ return FWU_AGENT_SUCCESS;
+ }
+-#endif
+
++enum fwu_agent_error_t fwu_metadata_check_and_correct_integrity(void)
++{
++ enum fwu_agent_error_t ret_replica_1 = FWU_AGENT_ERROR;
++ enum fwu_agent_error_t ret_replica_2 = FWU_AGENT_ERROR;
++
++ /* Check integrity of both metadata replica */
++ ret_replica_1 = metadata_read(&_metadata, 1);
++ ret_replica_2 = metadata_read(&_metadata, 2);
++
++ if (ret_replica_1 != FWU_AGENT_SUCCESS && ret_replica_2 != FWU_AGENT_SUCCESS) {
++ return FWU_AGENT_ERROR;
++ } else if (ret_replica_1 == FWU_AGENT_SUCCESS && ret_replica_2 != FWU_AGENT_SUCCESS) {
++ metadata_read(&_metadata, 1);
++ metadata_write(&_metadata, 2);
++ } else if (ret_replica_1 != FWU_AGENT_SUCCESS && ret_replica_2 == FWU_AGENT_SUCCESS) {
++ metadata_read(&_metadata, 2);
++ metadata_write(&_metadata, 1);
++ }
++
++ return FWU_AGENT_SUCCESS;
++}
+
+ enum fwu_agent_error_t fwu_metadata_init(void)
+ {
+@@ -619,7 +664,7 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
+ * had a firmware data?. If yes, then don't initialize
+ * metadata
+ */
+- metadata_read(&_metadata);
++ metadata_read(&_metadata, 1);
+ if(_metadata.active_index < 2 || _metadata.previous_active_index <2){
+ if(_metadata.active_index ^ _metadata.previous_active_index)
+ return FWU_AGENT_SUCCESS;
+@@ -654,13 +699,13 @@ enum fwu_agent_error_t fwu_metadata_provision(void)
+ _metadata.crc_32 = crc32((uint8_t *)&_metadata.version,
+ sizeof(struct fwu_metadata) - sizeof(_metadata.crc_32));
+
+- ret = metadata_write(&_metadata);
++ ret = metadata_write_both_replica(&_metadata);
+ if (ret) {
+ return ret;
+ }
+
+ memset(&_metadata, 0, sizeof(struct fwu_metadata));
+- ret = metadata_read(&_metadata);
++ ret = metadata_read(&_metadata, 1);
+ if (ret) {
+ return ret;
+ }
+@@ -827,7 +872,7 @@ static enum fwu_agent_error_t flash_full_capsule(
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(metadata->crc_32));
+
+- ret = metadata_write(metadata);
++ ret = metadata_write_both_replica(metadata);
+ if (ret) {
+ return ret;
+ }
+@@ -854,7 +899,7 @@ enum fwu_agent_error_t corstone1000_fwu_flash_image(void)
+
+ Select_Write_Mode_For_Shared_Flash();
+
+- if (metadata_read(&_metadata)) {
++ if (metadata_read(&_metadata, 1)) {
+ ret = FWU_AGENT_ERROR;
+ goto out;
+ }
+@@ -940,7 +985,7 @@ static enum fwu_agent_error_t accept_full_capsule(
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(metadata->crc_32));
+
+- ret = metadata_write(metadata);
++ ret = metadata_write_both_replica(metadata);
+ if (ret) {
+ return ret;
+ }
+@@ -1036,7 +1081,7 @@ static enum fwu_agent_error_t fwu_select_previous(
+ metadata->crc_32 = crc32((uint8_t *)&metadata->version,
+ sizeof(struct fwu_metadata) - sizeof(metadata->crc_32));
+
+- ret = metadata_write(metadata);
++ ret = metadata_write_both_replica(metadata);
+ if (ret) {
+ return ret;
+ }
+@@ -1066,7 +1111,7 @@ void bl1_get_active_bl2_image(uint32_t *offset)
+ FWU_ASSERT(0);
+ }
+
+- if (metadata_read(&_metadata)) {
++ if (metadata_read(&_metadata, 1)) {
+ FWU_ASSERT(0);
+ }
+
+@@ -1205,9 +1250,17 @@ enum fwu_agent_error_t corstone1000_fwu_host_ack(void)
+ return FWU_AGENT_ERROR;
+ }
+
++ /* This cannot be added to the fwu_metadata_init() because that function is
++ * called before the logging is enabled by TF-M. */
++ ret = fwu_metadata_check_and_correct_integrity();
++ if (ret = FWU_AGENT_SUCCESS) {
++ FWU_LOG_MSG("fwu_metadata_check_and_correct_integrity failed\r\n");
++ return ret;
++ }
++
+ Select_Write_Mode_For_Shared_Flash();
+
+- if (metadata_read(&_metadata)) {
++ if (metadata_read(&_metadata, 1)) {
+ ret = FWU_AGENT_ERROR;
+ goto out;
+ }
+@@ -1317,7 +1370,7 @@ void host_acknowledgement_timer_to_reset(void)
+ FWU_ASSERT(0);
+ }
+
+- if (metadata_read(&_metadata)) {
++ if (metadata_read(&_metadata, 1)) {
+ FWU_ASSERT(0);
+ }
+
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
+index 701f205583..78e1042778 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.h
+@@ -70,4 +70,11 @@ enum fwu_nv_counter_index_t {
+ enum fwu_agent_error_t fwu_stage_nv_counter(enum fwu_nv_counter_index_t index,
+ uint32_t img_security_cnt);
+
++/*
++ * Check if both metadata replica is valid by calculating and comparing crc32.
++ * If one of the replica is corrupted then update it with the valid replica.
++ * If both of the replicas are corrupted then the correction is not possible.
++ */
++enum fwu_agent_error_t fwu_metadata_check_and_correct_integrity(void);
++
+ #endif /* FWU_AGENT_H */
+--
+2.25.1
+
@@ -38,6 +38,10 @@ SRC_URI:append:corstone1000 = " \
file://0016-Platform-CS1000-Add-crypto-configs-for-ADAC.patch \
file://0017-Platform-CS1000-Fix-platform-name-in-logs.patch \
file://0018-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch \
+ file://0019-Platform-CS1000-Remove-unused-BL1-files.patch \
+ file://0020-Platform-CS1000-Remove-duplicated-metadata-write.patch \
+ file://0021-Platform-CS1000-Fix-compiler-switch-in-BL1.patch \
+ file://0022-Platform-CS1000-Validate-both-metadata-replicas.patch \
"
FILESEXTRAPATHS:prepend:corstone1000-mps3 := "${THISDIR}/files/corstone1000/psa-adac:"