From patchwork Thu May 16 15:40:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: ali.oezaslan@arm.com X-Patchwork-Id: 43779 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46AAEC3DA40 for ; Thu, 16 May 2024 15:42:29 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.17575.1715874148179665277 for ; Thu, 16 May 2024 08:42:28 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ali.oezaslan@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D054E1007; Thu, 16 May 2024 08:42:51 -0700 (PDT) Received: from PW05BKJD.arm.com (PW05BKJD.arm.com [10.1.35.164]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E9D1C3F7A6; Thu, 16 May 2024 08:42:26 -0700 (PDT) From: ali.oezaslan@arm.com To: meta-arm@lists.yoctoproject.org Cc: Ali Can Ozaslan , Bence Balogh , Emekcan Aras Subject: [PATCH 1/2] arm-bsp/trusted-firmware-m: corstone1000: fix crypto failure on mps3 Date: Thu, 16 May 2024 16:40:28 +0100 Message-Id: <20240516154029.13881-2-ali.oezaslan@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240516154029.13881-1-ali.oezaslan@arm.com> References: <20240516154029.13881-1-ali.oezaslan@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 May 2024 15:42:29 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5723 From: Ali Can Ozaslan Crypto-AEAD-APIs tests fails on mps3. Configures CC312 mps3 model same as predefined cc312 FVP configuration while keeping debug ports closed. Signed-off-by: Ali Can Ozaslan Signed-off-by: Bence Balogh Signed-off-by: Emekcan Aras --- ...of-cc312-differences-between-fvp-and.patch | 31 +++++++++++++++++++ .../trusted-firmware-m-corstone1000.inc | 1 + 2 files changed, 32 insertions(+) create mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch new file mode 100644 index 00000000..3d1b35e4 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch @@ -0,0 +1,31 @@ +From a8aeaafd6c26d6bc3066164d12aabc5cb754fe1c Mon Sep 17 00:00:00 2001 +From: Ali Can Ozaslan +Date: Wed, 15 May 2024 12:12:15 +0000 +Subject: [PATCH] CC312: alignment of cc312 differences between fvp and mps3 + corstone1000 platforms + +Configures CC312 mps3 model same as predefined cc312 FVP +configuration while keeping debug ports closed. + +Signed-off-by: Ali Can Ozaslan + +Upstream-Status: Inappropriate [Requires an aligment cc3xx with mps3 hw and fvp sw models] + +--- + lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c +index 31e4332be..4d7e6fa61 100644 +--- a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c ++++ b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c +@@ -207,6 +207,9 @@ CClibRetCode_t CC_LibInit(CCRndContext_t *rndContext_ptr, CCRndWorkBuff_t *rndW + goto InitErr2; + } + ++ /* configuring secure debug to align cc312 with corstone 1000 */ ++ CC_HAL_WRITE_REGISTER(CC_REG_OFFSET(HOST_RGF,HOST_DCU_EN0), 0xffffe7fc); ++ + /* turn off the DFA since Cerberus doen't support it */ + reg = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, HOST_AO_LOCK_BITS)); + CC_REG_FLD_SET(0, HOST_AO_LOCK_BITS, HOST_FORCE_DFA_ENABLE, reg, 0x0); diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index 2bd346bf..1e835b6f 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -26,6 +26,7 @@ SRC_URI:append:corstone1000 = " \ file://0007-platform-corstone1000-Increase-ITS-max-asset-size.patch \ file://0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch \ file://0009-platform-CS1000-Increase-RSE_COMMS-buffer-size.patch \ + file://0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch \ " # TF-M ships patches for external dependencies that needs to be applied From patchwork Thu May 16 15:40:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: ali.oezaslan@arm.com X-Patchwork-Id: 43778 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4612EC25B77 for ; Thu, 16 May 2024 15:42:29 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.17395.1715874148560651502 for ; Thu, 16 May 2024 08:42:28 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ali.oezaslan@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7DDAD143D; Thu, 16 May 2024 08:42:52 -0700 (PDT) Received: from PW05BKJD.arm.com (PW05BKJD.arm.com [10.1.35.164]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id CCA5C3F7A6; Thu, 16 May 2024 08:42:27 -0700 (PDT) From: ali.oezaslan@arm.com To: meta-arm@lists.yoctoproject.org Cc: Bence Balogh Subject: [PATCH 2/2] arm-bsp/trusted-services: corstone1000: fix IAT test Date: Thu, 16 May 2024 16:40:29 +0100 Message-Id: <20240516154029.13881-3-ali.oezaslan@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240516154029.13881-1-ali.oezaslan@arm.com> References: <20240516154029.13881-1-ali.oezaslan@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 May 2024 15:42:29 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5724 From: Bence Balogh The psa-iat-api-test was failing because the PLATFORM_HAS_ATTEST_PK flag was added to the build for Corstone1000. Signed-off-by: Bence Balogh --- ...M_HAS_ATTEST_PK-define-from-IAT-test.patch | 27 +++++++++++++++++++ .../trusted-services/ts-arm-platforms.inc | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Remove-PLATFORM_HAS_ATTEST_PK-define-from-IAT-test.patch diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Remove-PLATFORM_HAS_ATTEST_PK-define-from-IAT-test.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Remove-PLATFORM_HAS_ATTEST_PK-define-from-IAT-test.patch new file mode 100644 index 00000000..addf879f --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Remove-PLATFORM_HAS_ATTEST_PK-define-from-IAT-test.patch @@ -0,0 +1,27 @@ +From a94bcd8af80c42adf99a7114174afea4000e6647 Mon Sep 17 00:00:00 2001 +From: Bence Balogh +Date: Tue, 14 May 2024 15:58:15 +0200 +Subject: [PATCH] Remove PLATFORM_HAS_ATTEST_PK define from IAT test + +Signed-off-by: Bence Balogh +Upstream-Status: Inappropriate [Should remove the flag only for CS1000] +--- + deployments/psa-api-test/initial_attestation/iat-api-test.cmake | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/deployments/psa-api-test/initial_attestation/iat-api-test.cmake b/deployments/psa-api-test/initial_attestation/iat-api-test.cmake +index 4d1d2b1a9..eb4db223c 100644 +--- a/deployments/psa-api-test/initial_attestation/iat-api-test.cmake ++++ b/deployments/psa-api-test/initial_attestation/iat-api-test.cmake +@@ -15,7 +15,7 @@ set(TS_ARCH_TEST_SUITE INITIAL_ATTESTATION CACHE STRING "Arch test suite") + # Set additional defines needed for build. + #------------------------------------------------------------------------------- + list(APPEND PSA_ARCH_TEST_EXTERNAL_DEFS +- -DPSA_ALG_MD4=0x02000002 -DPLATFORM_HAS_ATTEST_PK) ++ -DPSA_ALG_MD4=0x02000002) + + #------------------------------------------------------------------------------- + # The arch test build system puts its build output under a test suite specific +-- +2.25.1 + diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc index a0071aa8..2612c411 100644 --- a/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc +++ b/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc @@ -11,6 +11,7 @@ SRC_URI:append:corstone1000 = " \ file://0007-plat-corstone1000-Initialize-capsule-update-provider.patch \ file://0008-plat-corstone1000-add-client_id-for-FMP-service.patch \ file://0009-Remove-Werror-flag.patch \ + file://0010-Remove-PLATFORM_HAS_ATTEST_PK-define-from-IAT-test.patch \ " COMPATIBLE_MACHINE:fvp-base = "fvp-base"