deleted file mode 100644
@@ -1,88 +0,0 @@
-From 4d3ebb03b89b122af490824ca73287954a35bd07 Mon Sep 17 00:00:00 2001
-From: Jamie Fox <jamie.fox@arm.com>
-Date: Thu, 22 Aug 2024 16:54:45 +0100
-Subject: [PATCH] Platform: corstone1000: Fix isolation L2 memory protection
-
-The whole of the SRAM was configured unprivileged on this platform, so
-the memory protection required for isolation level 2 was not present.
-
-This patch changes the S_DATA_START to S_DATA_LIMIT MPU region to be
-configured for privileged access only. It also reorders the MPU regions
-so that the App RoT sub-region overlapping S_DATA has a higher region
-number and so takes priority in the operation of the Armv6-M MPU.
-
-Signed-off-by: Jamie Fox <jamie.fox@arm.com>
-Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/30951]
----
- .../arm/corstone1000/tfm_hal_isolation.c | 43 +++++++++----------
- 1 file changed, 21 insertions(+), 22 deletions(-)
-
-diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
-index 39b19c535..498f14ed2 100644
---- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
-+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
-+ * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
- * Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon
- * company) or an affiliate of Cypress Semiconductor Corporation. All rights
- * reserved.
-@@ -99,6 +99,26 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
- return ret;
- }
-
-+ /* Set the RAM attributes. It is needed because the first region overlaps the whole
-+ * SRAM and it has to be overridden.
-+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
-+ * and added to the platform_region_defs compile definitions.
-+ */
-+ base = S_DATA_START;
-+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
-+ ret = configure_mpu(rnr++, base, limit,
-+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
-+ if (ret != TFM_HAL_SUCCESS) {
-+ return ret;
-+ }
-+
-+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
-+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
-+ ret = configure_mpu(rnr++, base, limit,
-+ XN_EXEC_NOT_OK, AP_RW_PRIV_ONLY);
-+ if (ret != TFM_HAL_SUCCESS) {
-+ return ret;
-+ }
-
- /* RW, ZI and stack as one region */
- base = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
-@@ -133,27 +153,6 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries(
-
- #endif
-
-- /* Set the RAM attributes. It is needed because the first region overlaps the whole
-- * SRAM and it has to be overridden.
-- * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually
-- * and added to the platform_region_defs compile definitions.
-- */
-- base = S_DATA_START;
-- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
-- ret = configure_mpu(rnr++, base, limit,
-- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
-- if (ret != TFM_HAL_SUCCESS) {
-- return ret;
-- }
--
-- base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE;
-- limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE;
-- ret = configure_mpu(rnr++, base, limit,
-- XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV);
-- if (ret != TFM_HAL_SUCCESS) {
-- return ret;
-- }
--
- arm_mpu_enable();
-
- #endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */
-2.25.1
-
@@ -35,7 +35,6 @@ SRC_URI:append:corstone1000 = " \
file://0013-CC312-ADAC-Add-PSA_WANT_ALG_SHA_256-definition.patch \
file://0014-Platform-CS1000-Add-crypto-configs-for-ADAC.patch \
file://0015-Platform-CS1000-Fix-platform-name-in-logs.patch \
- file://0016-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch \
file://0017-Platform-CS1000-Remove-unused-BL1-files.patch \
file://0018-Platform-CS1000-Remove-duplicated-metadata-write.patch \
file://0019-Platform-CS1000-Fix-compiler-switch-in-BL1.patch \
similarity index 84%
rename from meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.1.0-src.inc
rename to meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.1.1-src.inc
@@ -27,28 +27,28 @@ SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_M};branch=${SRCBRANCH_tfm};name=tfm;dests
"
# The required dependencies are documented in tf-m/config/config_base.cmake
-# TF-Mv2.1.0
+# TF-Mv2.1.1
SRCBRANCH_tfm ?= "release/2.1.x"
-SRCREV_tfm = "0c4c99ba33b3e66deea070e149279278dc7647f4"
-# TF-Mv2.1.0
+SRCREV_tfm = "02bf279913439a07082dd581df033f370a8fbb92"
+# TF-Mv2.1.1
SRCBRANCH_tfm-extras ?= "release/2.1.x"
SRCREV_tfm-extras = "95add8abb15879f48f1069a0952dd9abdffbc1f8"
-# TF-Mv2.1.0
+# TF-Mv2.1.1
SRCBRANCH_tfm-tests ?= "release/2.1.x"
-SRCREV_tfm-tests = "73100d90d8871435eaffa668eb04ce5b746ecece"
-# CMSIS v6.0.0+ (intermediate SHA)
+SRCREV_tfm-tests = "6f642014a8c255e163ae0bc4d21e327de694d6a2"
+# CMSIS v6.0.0+ (intermediate SHA), CMSIS_TAG from lib/ext/cmsis/CMakeLists.txt
SRCBRANCH_cmsis ?= "main"
SRCREV_cmsis = "d0c460c1697d210b49a4b90998195831c0cd325c"
-# mbedtls-3.6.0
-SRCBRANCH_mbedtls ?= "master"
-SRCREV_mbedtls = "2ca6c285a0dd3f33982dd57299012dacab1ff206"
-# mcuboot v2.1.0
+# mbedtls-3.6.2, value from MBEDCRYPTO_VERSION
+SRCBRANCH_mbedtls ?= "mbedtls-3.6"
+SRCREV_mbedtls = "107ea89daaefb9867ea9121002fbbdf926780e98"
+# mcuboot v2.1.0, value from MCUBOOT_VERSION
SRCBRANCH_mcuboot ?= "main"
SRCREV_mcuboot = "9c99326b9756dbcc35b524636d99ed5f3e6cb29b"
-# QCBOR v1.2
+# QCBOR v1.2, value from QCBOR_VERSION in lib/ext/qcbor/CMakeLists.txt
SRCBRANCH_qcbor ?= "master"
SRCREV_qcbor = "b0e7033268e88c9f27146fa9a1415ef4c19ebaff"
-# PSA-ADAC (intermediate SHA, default value for PLATFORM_PSA_ADAC_VERSION in TF-M)
+# PSA-ADAC (intermediate SHA), value from PLATFORM_PSA_ADAC_VERSION
SRCBRANCH_tfm-psa-adac = "master"
SRCREV_tfm-psa-adac = "5f5490cebe66ae997f316f83c3fbf1f97deef625"
similarity index 100%
rename from meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.1.0.bb
rename to meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.1.1.bb
similarity index 100%
rename from meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.1.0.bb
rename to meta-arm/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.1.1.bb
Update trusted-firmware-m to the latest LTS (TF-Mv2.1.1) Changes between 0c4c99ba33b3e66deea070e149279278dc7647f4 and 02bf279913439a07082dd581df033f370a8fbb92 02bf27991343 docs: Release notes for v2.1.1 7264a32e84a0 docs: rp2350: Minor docs & script improvements 4bad159af017 Docs: Release dates update a5e02ec0c6a2 Align .gitignore contents to main branch 8fe944a652f5 Platform: RP2350: Fix NV counters in ITS 66bc1fa8eed9 Build: Fix patch formatting for 0001-iar-Add-missing-v8.1m-check.patch 895d44a4eb52 Platform: RP2350: Add NV counters to ITS e81b741aa6cc tf-m-tests: Step version for rp2350 psa-arch-tests 2be65a027c86 Platform: rp2350: Add rwx linker flag conditionally for GNUARM a85425417696 Platform: RP2350: Add RP2350 porting 9ed2e7c7f52b Platform/TFM/ITS/Config: Commits required for new platform porting f12db7c872d5 cc3xx/low-level/pka: SRAM size depends on CC3XX version c7e0192fab6f cc3xx/low-level/hash: wait for hash engine to be idle 42a4041bdff4 Crypto: Update to Mbed TLS 3.6.2 471c127e7755 Crypto: Add option to enforce ABI compatibility 7da71fd05445 tfm_spe_mailbox: Fix NULL pointer checks 974bc101e0b2 cc3xx/low-level/pka: wait for sw reset to be done before proceeding 89b9c4889c60 Crypto: Enforce MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS on Mbed TLS config 62b1300557c5 Crypto: Additional checks for writes to avoid out-of-bound access a2cead6a9ef4 tfm_spe_mailbox: Use local vars for local_copy_vects 15afe61d1194 TFMV-8: Fix unchecked user-supplied pointer via mailbox message 22e8e89c8f56 tfm_spe_mailbox: Do not write-back on input vectors checks failure 12a4c5342965 tfm_spe_mailbox: Validate vectors from NSPE 75bbe3fc0240 CC3XX: Relax assert condition in aead_crypt for input 0db7ebf32ba3 Crypto: Protect writes to avoid out-of-bound access 2ecea430fbb4 Crypto: Prevent the scratch allocator from overflowing fbcdc69b794d SPM: mailbox_agent_api: Free connection if params association fails 2a59580b5809 Crypto: Update to Mbed TLS 3.6.1 6a54ec89f22f Platform: STM32: script all_stm_platfrom 66596b4dae57 Platform: corstone1000: Fix isolation L2 memory protection 7045675209ca stm : fix error on b_u585i_iot02a with TF-Mv2.1.0 Signed-off-by: Jon Mason <jon.mason@arm.com> --- ...0-Fix-isolation-L2-memory-protection.patch | 88 ------------------- .../trusted-firmware-m-corstone1000.inc | 1 - ...c.inc => trusted-firmware-m-2.1.1-src.inc} | 24 ++--- ...rusted-firmware-m-scripts-native_2.1.1.bb} | 0 ...m_2.1.0.bb => trusted-firmware-m_2.1.1.bb} | 0 5 files changed, 12 insertions(+), 101 deletions(-) delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0016-Platform-corstone1000-Fix-isolation-L2-memory-protection.patch rename meta-arm/recipes-bsp/trusted-firmware-m/{trusted-firmware-m-2.1.0-src.inc => trusted-firmware-m-2.1.1-src.inc} (84%) rename meta-arm/recipes-bsp/trusted-firmware-m/{trusted-firmware-m-scripts-native_2.1.0.bb => trusted-firmware-m-scripts-native_2.1.1.bb} (100%) rename meta-arm/recipes-bsp/trusted-firmware-m/{trusted-firmware-m_2.1.0.bb => trusted-firmware-m_2.1.1.bb} (100%)