From patchwork Wed Aug 7 11:31:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: bence.balogh@arm.com X-Patchwork-Id: 47442 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4323C3DA7F for ; Wed, 7 Aug 2024 11:31:28 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.31103.1723030282525624692 for ; Wed, 07 Aug 2024 04:31:22 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: bence.balogh@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D8AE5FEC; Wed, 7 Aug 2024 04:31:47 -0700 (PDT) Received: from e126523.budapest.arm.com (e126523.budapest.arm.com [10.45.26.153]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 783B33F5A1; Wed, 7 Aug 2024 04:31:20 -0700 (PDT) From: bence.balogh@arm.com To: meta-arm@lists.yoctoproject.org Cc: Bence Balogh Subject: [PATCH 1/3] arm-bsp/trusted-firmware-m: corstone1000: upgrade to TF-M v2.1.x Date: Wed, 7 Aug 2024 13:31:06 +0200 Message-Id: <20240807113108.58898-2-bence.balogh@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240807113108.58898-1-bence.balogh@arm.com> References: <20240807113108.58898-1-bence.balogh@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 07 Aug 2024 11:31:28 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5954 From: Bence Balogh Update the preferred version of TrustedFirmware-M for Cortsone-1000 from 2.0.x to 2.1.x to benefit from the latest fixes and improvements as well as to reduce the number of out-of-tree patches. As a result of updating the version: * Remove no longer required out-of-tree patches * Rebase and update the numbering of the remaining out-of-tree patches Signed-off-by: Bence Balogh --- .../conf/machine/include/corstone1000.inc | 2 +- ...orstone1000-Update-MPU-configuration.patch | 274 -- ...ne1000-align-capsule-update-structs.patch} | 24 +- ...stone1000-skip-the-first-nv-counter.patch} | 10 +- ...m-corstone1000-Cover-S_DATA-with-MPU.patch | 76 - ...rstone1000-add-unique-guid-for-mps3.patch} | 8 +- ...one1000-Enable-host-firewall-in-FVP.patch} | 11 +- ...one1000-Increase-ITS-max-asset-size.patch} | 7 +- ...1000-Increase-RSE_COMMS-buffer-size.patch} | 11 +- ...f-cc312-differences-between-fvp-and.patch} | 14 +- ...S1000-Replace-OpenAMP-with-RSE_COMMS.patch | 3620 ----------------- ...e1000-Increase-buffers-for-EFI-vars.patch} | 4 +- ...0-Remove-reset-after-capsule-update.patch} | 4 +- ...S1000-Add-multicore-support-for-FVP.patch} | 14 +- ...-Corstone1000-switch-to-metadata-v2.patch} | 0 ...one1000-Increase-flash-PS-area-size.patch} | 0 .../trusted-firmware-m-corstone1000.inc | 27 +- 17 files changed, 67 insertions(+), 4039 deletions(-) delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0003-platform-corstone1000-align-capsule-update-structs.patch => 0001-platform-corstone1000-align-capsule-update-structs.patch} (94%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0004-Platform-Corstone1000-skip-the-first-nv-counter.patch => 0002-Platform-Corstone1000-skip-the-first-nv-counter.patch} (80%) delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0005-platform-corstone1000-add-unique-guid-for-mps3.patch => 0003-platform-corstone1000-add-unique-guid-for-mps3.patch} (88%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch => 0004-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch} (96%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0007-platform-corstone1000-Increase-ITS-max-asset-size.patch => 0005-platform-corstone1000-Increase-ITS-max-asset-size.patch} (86%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch => 0006-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch} (71%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch => 0007-CC312-alignment-of-cc312-differences-between-fvp-and.patch} (80%) delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch => 0008-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch} (91%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0012-corstone1000-Remove-reset-after-capsule-update.patch => 0009-corstone1000-Remove-reset-after-capsule-update.patch} (88%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0013-platform-CS1000-Add-multicore-support-for-FVP.patch => 0010-platform-CS1000-Add-multicore-support-for-FVP.patch} (93%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0014-Platform-Corstone1000-switch-to-metadata-v2.patch => 0011-Platform-Corstone1000-switch-to-metadata-v2.patch} (100%) rename meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/{0015-platform-corstone1000-Increase-flash-PS-area-size.patch => 0012-platform-corstone1000-Increase-flash-PS-area-size.patch} (100%) diff --git a/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm-bsp/conf/machine/include/corstone1000.inc index e6b4b44b..db1880e5 100644 --- a/meta-arm-bsp/conf/machine/include/corstone1000.inc +++ b/meta-arm-bsp/conf/machine/include/corstone1000.inc @@ -3,7 +3,7 @@ require conf/machine/include/arm/armv8a/tune-cortexa35.inc MACHINEOVERRIDES =. "corstone1000:" # TF-M -PREFERRED_VERSION_trusted-firmware-m ?= "2.0.%" +PREFERRED_VERSION_trusted-firmware-m ?= "2.1.%" # TF-A TFA_PLATFORM = "corstone1000" diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch deleted file mode 100644 index 25e53b56..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-Update-MPU-configuration.patch +++ /dev/null @@ -1,274 +0,0 @@ -From eb096e4c03b80f9f31e5d15ca06e5a38e4112664 Mon Sep 17 00:00:00 2001 -From: Bence Balogh -Date: Tue, 7 Nov 2023 20:25:49 +0100 -Subject: [PATCH 1/2] platform: corstone1000: Update MPU configuration - -In Armv6-M the MPU requires the regions to be aligned with -region sizes. -The commit aligns the different code/data sections using the -alignment macros. The code/data sections can be covered by -multiple MPU regions in order to save memory. - -Small adjustments had to be made in the memory layout in order to -not overflow the flash: -- Decreased TFM_PARTITION_SIZE -- Increased S_UNPRIV_DATA_SIZE - -Added checks to the MPU configuration function for checking the -MPU constraints: -- Base address has to be aligned to the size -- The minimum MPU region size is 0x100 -- The MPU can have 8 regions at most - -Change-Id: I059468e8aba0822bb354fd1cd4987ac2bb1f34d1 -Signed-off-by: Bence Balogh -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25393] - ---- - .../target/arm/corstone1000/CMakeLists.txt | 19 +++++ - .../arm/corstone1000/create-flash-image.sh | 8 +- - .../arm/corstone1000/partition/flash_layout.h | 2 +- - .../arm/corstone1000/partition/region_defs.h | 6 +- - .../arm/corstone1000/tfm_hal_isolation.c | 83 +++++++++++++++---- - 5 files changed, 93 insertions(+), 25 deletions(-) - -diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt -index e6cf15b11..8817f514c 100644 ---- a/platform/ext/target/arm/corstone1000/CMakeLists.txt -+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt -@@ -22,6 +22,25 @@ target_compile_definitions(platform_region_defs - INTERFACE - $<$:TFM_S_REG_TEST> - ) -+ -+# The Armv6-M MPU requires that the MPU regions be aligned to the region sizes. -+# The minimal region size is 0x100 bytes. -+# -+# The alignments have to be a power of two and ideally bigger than the section size (which -+# can be checked in the map file). -+# In some cases the alignment value is smaller than the actual section -+# size to save memory. In that case, multiple MPU region has to be configured to cover it. -+# -+# To save memory, the attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for -+# the SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE don't have to -+# be aligned. The higher-priority regions will overwrite these attributes if needed. -+# The RAM is also located in the SRAM so it has to be configured to overwrite these default -+# attributes. -+target_compile_definitions(platform_region_defs -+ INTERFACE -+ TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000 -+ TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100 -+) - #========================= Platform common defs ===============================# - - # Specify the location of platform specific build dependencies. -diff --git a/platform/ext/target/arm/corstone1000/create-flash-image.sh b/platform/ext/target/arm/corstone1000/create-flash-image.sh -index 2522d3674..a6be61384 100755 ---- a/platform/ext/target/arm/corstone1000/create-flash-image.sh -+++ b/platform/ext/target/arm/corstone1000/create-flash-image.sh -@@ -8,7 +8,7 @@ - - ###################################################################### - # This script is to create a flash gpt image for corstone platform --# -+# - # Flash image layout: - # |------------------------------| - # | Protective MBR | -@@ -82,15 +82,15 @@ sgdisk --mbrtogpt \ - --new=4:56:+4K --typecode=4:$PRIVATE_METADATA_TYPE_UUID --partition-guid=4:$(uuidgen) --change-name=4:'private_metadata_replica_1' \ - --new=5:64:+4k --typecode=5:$PRIVATE_METADATA_TYPE_UUID --partition-guid=5:$(uuidgen) --change-name=5:'private_metadata_replica_2' \ - --new=6:72:+100k --typecode=6:$SE_BL2_TYPE_UUID --partition-guid=6:$(uuidgen) --change-name=6:'bl2_primary' \ -- --new=7:272:+376K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \ -+ --new=7:272:+368K --typecode=7:$TFM_TYPE_UUID --partition-guid=7:$(uuidgen) --change-name=7:'tfm_primary' \ - --new=8:32784:+100k --typecode=8:$SE_BL2_TYPE_UUID --partition-guid=8:$(uuidgen) --change-name=8:'bl2_secondary' \ -- --new=9:32984:+376K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \ -+ --new=9:32984:+368K --typecode=9:$TFM_TYPE_UUID --partition-guid=9:$(uuidgen) --change-name=9:'tfm_secondary' \ - --new=10:65496:65501 --partition-guid=10:$(uuidgen) --change-name=10:'reserved_2' \ - $IMAGE - - [ $? -ne 0 ] && echo "Error occurs while writing the GPT layout" && exit 1 - --# Write partitions -+# Write partitions - # conv=notrunc avoids truncation to keep the geometry of the image. - dd if=$BIN_DIR/bl2_signed.bin of=${IMAGE} seek=72 conv=notrunc - dd if=$BIN_DIR/tfm_s_signed.bin of=${IMAGE} seek=272 conv=notrunc -diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h -index 568c8de28..7fffd94c6 100644 ---- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h -+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h -@@ -134,7 +134,7 @@ - - /* Bank configurations */ - #define BANK_PARTITION_SIZE (0xFE0000) /* 15.875 MB */ --#define TFM_PARTITION_SIZE (0x5E000) /* 376 KB */ -+#define TFM_PARTITION_SIZE (0x5C000) /* 368 KB */ - - /************************************************************/ - /* Bank : Images flash offsets are with respect to the bank */ -diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h -index 99e822f51..64ab786e5 100644 ---- a/platform/ext/target/arm/corstone1000/partition/region_defs.h -+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h -@@ -1,8 +1,10 @@ - /* -- * Copyright (c) 2017-2022 Arm Limited. All rights reserved. -+ * Copyright (c) 2017-2023 Arm Limited. All rights reserved. - * Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company) - * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. - * -+ * SPDX-License-Identifier: Apache-2.0 -+ * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at -@@ -53,7 +55,7 @@ - - #define S_DATA_START (SRAM_BASE + TFM_PARTITION_SIZE) - #define S_DATA_SIZE (SRAM_SIZE - TFM_PARTITION_SIZE) --#define S_UNPRIV_DATA_SIZE (0x2160) -+#define S_UNPRIV_DATA_SIZE (0x4000) - #define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1) - #define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE) - -diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -index 01f7687bc..98e795dde 100644 ---- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2020-2022, Arm Limited. All rights reserved. -+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved. - * Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon - * company) or an affiliate of Cypress Semiconductor Corporation. All rights - * reserved. -@@ -14,9 +14,11 @@ - #include "tfm_hal_isolation.h" - #include "mpu_config.h" - #include "mmio_defs.h" -+#include "flash_layout.h" - - #define PROT_BOUNDARY_VAL \ - ((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK) -+#define MPU_REGION_MIN_SIZE (0x100) - - #ifdef CONFIG_TFM_ENABLE_MEMORY_PROTECT - -@@ -31,20 +33,38 @@ REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Base); - REGION_DECLARE(Image$$, TFM_SP_META_PTR, $$ZI$$Limit); - #endif /* CONFIG_TFM_PARTITION_META */ - --static void configure_mpu(uint32_t rnr, uint32_t base, uint32_t limit, -- uint32_t is_xn_exec, uint32_t ap_permissions) -+static enum tfm_hal_status_t configure_mpu(uint32_t rnr, uint32_t base, -+ uint32_t limit, uint32_t is_xn_exec, uint32_t ap_permissions) - { -- uint32_t size; /* region size */ -+ uint32_t rbar_size_field; /* region size as it is used in the RBAR */ - uint32_t rasr; /* region attribute and size register */ - uint32_t rbar; /* region base address register */ - -- size = get_rbar_size_field(limit - base); -+ rbar_size_field = get_rbar_size_field(limit - base); -+ -+ /* The MPU region's base address has to be aligned to the region -+ * size for a valid MPU configuration */ -+ if ((base % (1 << (rbar_size_field + 1))) != 0) { -+ return TFM_HAL_ERROR_INVALID_INPUT; -+ } -+ -+ /* The MPU supports only 8 memory regions */ -+ if (rnr > 7) { -+ return TFM_HAL_ERROR_INVALID_INPUT; -+ } -+ -+ /* The minimum size for a region is 0x100 bytes */ -+ if((limit - base) < MPU_REGION_MIN_SIZE) { -+ return TFM_HAL_ERROR_INVALID_INPUT; -+ } - - rasr = ARM_MPU_RASR(is_xn_exec, ap_permissions, TEX, NOT_SHAREABLE, -- NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, size); -+ NOT_CACHEABLE, NOT_BUFFERABLE, SUB_REGION_DISABLE, rbar_size_field); - rbar = base & MPU_RBAR_ADDR_Msk; - - ARM_MPU_SetRegionEx(rnr, rbar, rasr); -+ -+ return TFM_HAL_SUCCESS; - } - - #endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */ -@@ -56,33 +76,60 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries( - uint32_t rnr = TFM_ISOLATION_REGION_START_NUMBER; /* current region number */ - uint32_t base; /* start address */ - uint32_t limit; /* end address */ -+ enum tfm_hal_status_t ret; - - ARM_MPU_Disable(); - -- /* TFM Core unprivileged code region */ -- base = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_START, $$RO$$Base); -- limit = (uint32_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE_END, $$RO$$Limit); -- -- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV); -- -- /* RO region */ -- base = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base); -- limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base); -+ /* Armv6-M MPU allows region overlapping. The region with the higher RNR -+ * will decide the attributes. -+ * -+ * The default attributes are set to XN_EXEC_OK and AP_RO_PRIV_UNPRIV for the -+ * whole SRAM so the PSA_ROT_LINKER_CODE, TFM_UNPRIV_CODE and APP_ROT_LINKER_CODE -+ * don't have to be aligned and memory space can be saved. -+ * This region has the lowest RNR so the next regions can overwrite these -+ * attributes if it's needed. -+ */ -+ base = SRAM_BASE; -+ limit = SRAM_BASE + SRAM_SIZE; -+ -+ ret = configure_mpu(rnr++, base, limit, -+ XN_EXEC_OK, AP_RW_PRIV_UNPRIV); -+ if (ret != TFM_HAL_SUCCESS) { -+ return ret; -+ } - -- configure_mpu(rnr++, base, limit, XN_EXEC_OK, AP_RO_PRIV_UNPRIV); - - /* RW, ZI and stack as one region */ - base = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base); - limit = (uint32_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base); - -- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ /* The section size can be bigger than the alignment size, else the code would -+ * not fit into the memory. Because of this, the sections can use multiple MPU -+ * regions. */ -+ do { -+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT, -+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ if (ret != TFM_HAL_SUCCESS) { -+ return ret; -+ } -+ base += TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT; -+ } while (base < limit); -+ - - #ifdef CONFIG_TFM_PARTITION_META - /* TFM partition metadata pointer region */ - base = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Base); - limit = (uint32_t)®ION_NAME(Image$$, TFM_SP_META_PTR, $$ZI$$Limit); - -- configure_mpu(rnr++, base, limit, XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ do { -+ ret = configure_mpu(rnr++, base, base + TFM_LINKER_SP_META_PTR_ALIGNMENT, -+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ if (ret != TFM_HAL_SUCCESS) { -+ return ret; -+ } -+ base += TFM_LINKER_SP_META_PTR_ALIGNMENT; -+ } while (base < limit); -+ - #endif - - arm_mpu_enable(); diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-align-capsule-update-structs.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-align-capsule-update-structs.patch similarity index 94% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-align-capsule-update-structs.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-align-capsule-update-structs.patch index 7aeecfa3..7a1e58c8 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-align-capsule-update-structs.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-platform-corstone1000-align-capsule-update-structs.patch @@ -1,7 +1,7 @@ -From 6807d4b30f7d4ed32d3c54dfcaf3ace63eaa4f02 Mon Sep 17 00:00:00 2001 +From 0d454ea554c57247f5435c09ef99d70f169e041b Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Thu, 26 Oct 2023 11:46:04 +0100 -Subject: [PATCH] platform: corstone1000: align capsule update structs +Subject: [PATCH 01/10] platform: corstone1000: align capsule update structs U-boot mkefitool creates capsule image without packed and byte-aligned structs. This patch aligns the capsule-update structures and avoids @@ -23,7 +23,7 @@ index c706c040ac..9f8d12ad4e 100644 uint32_t capsule_image_size; -} efi_capsule_header_t; +} efi_capsule_header_t __attribute__((packed, aligned(1))); - + typedef struct { uint32_t version; uint16_t embedded_driver_count; @@ -31,7 +31,7 @@ index c706c040ac..9f8d12ad4e 100644 uint64_t item_offset_list[]; -} efi_firmware_management_capsule_header_t; +} efi_firmware_management_capsule_header_t __attribute__((packed, aligned(1))); - + typedef struct { uint32_t version; @@ -52,14 +52,14 @@ typedef struct { @@ -40,7 +40,7 @@ index c706c040ac..9f8d12ad4e 100644 uint64_t image_capsule_support; //introduced in v3 -} efi_firmware_management_capsule_image_header_t; +} efi_firmware_management_capsule_image_header_t __attribute__((packed, aligned(1))); - + typedef struct { uint32_t signature; uint32_t header_size; @@ -48,31 +48,31 @@ index c706c040ac..9f8d12ad4e 100644 uint32_t lowest_supported_version; -} fmp_payload_header_t; +} fmp_payload_header_t __attribute__((packed, aligned(1))); - + #define ANYSIZE_ARRAY 0 - + @@ -68,18 +68,18 @@ typedef struct { uint16_t wRevision; uint16_t wCertificateType; uint8_t bCertificate[ANYSIZE_ARRAY]; -} WIN_CERTIFICATE; +} WIN_CERTIFICATE __attribute__((packed, aligned(1))); - + typedef struct { WIN_CERTIFICATE hdr; struct efi_guid cert_type; uint8_t cert_data[ANYSIZE_ARRAY]; -} win_certificate_uefi_guid_t; +} win_certificate_uefi_guid_t __attribute__((packed, aligned(1))); - + typedef struct { uint64_t monotonic_count; win_certificate_uefi_guid_t auth_info; -} efi_firmware_image_authentication_t; +} efi_firmware_image_authentication_t __attribute__((packed, aligned(1))); - - + + enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr, --- +-- 2.25.1 diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-skip-the-first-nv-counter.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-skip-the-first-nv-counter.patch similarity index 80% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-skip-the-first-nv-counter.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-skip-the-first-nv-counter.patch index 4c486e69..a33ac437 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-skip-the-first-nv-counter.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-Platform-Corstone1000-skip-the-first-nv-counter.patch @@ -1,7 +1,7 @@ -From 001e5bea183bc78352ac3ba6283d9d7912bb6ea5 Mon Sep 17 00:00:00 2001 +From b6cb92b0618afe849a8c975d5f7391610724cff2 Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Wed, 21 Feb 2024 07:44:25 +0000 -Subject: [PATCH] Platform: Corstone1000: skip the first nv counter +Subject: [PATCH 02/10] Platform: Corstone1000: skip the first nv counter It skips doing a sanity check the BL2 nv counter after the capsule update since the tfm bl1 does not sync metadata and nv counters in OTP during @@ -9,16 +9,15 @@ the boot anymore. Signed-off-by: Emekcan Aras Upstream-Status: Pending - --- .../ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -index 2e6de255b..2e6cf8047 100644 +index a4747f2212..003ab9faf8 100644 --- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c +++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -@@ -1125,7 +1125,7 @@ static enum fwu_agent_error_t update_nv_counters( +@@ -1122,7 +1122,7 @@ static enum fwu_agent_error_t update_nv_counters( FWU_LOG_MSG("%s: enter\n\r", __func__); @@ -30,4 +29,3 @@ index 2e6de255b..2e6cf8047 100644 -- 2.25.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch deleted file mode 100644 index 6676acf8..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch +++ /dev/null @@ -1,76 +0,0 @@ -From ca7696bca357cfd71a34582c65a7c7c08828b6dc Mon Sep 17 00:00:00 2001 -From: Bence Balogh -Date: Mon, 18 Dec 2023 14:00:14 +0100 -Subject: [PATCH 2/2] platform: corstone1000: Cover S_DATA with MPU - -The S_DATA has to be covered with MPU regions to override the -other MPU regions with smaller RNR values. - -Change-Id: I45fec65f51241939314941e25d287e6fdc82777c -Signed-off-by: Bence Balogh -Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25583] - ---- - .../target/arm/corstone1000/CMakeLists.txt | 8 +++++++ - .../arm/corstone1000/tfm_hal_isolation.c | 22 +++++++++++++++++++ - 2 files changed, 30 insertions(+) - -diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt -index 8817f514c..541504368 100644 ---- a/platform/ext/target/arm/corstone1000/CMakeLists.txt -+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt -@@ -40,6 +40,14 @@ target_compile_definitions(platform_region_defs - INTERFACE - TFM_LINKER_APP_ROT_LINKER_DATA_ALIGNMENT=0x2000 - TFM_LINKER_SP_META_PTR_ALIGNMENT=0x100 -+ -+ # The RAM MPU Region block sizes are calculated manually. The RAM has to be covered -+ # with the MPU regions. These regions also have to be the power of 2 and -+ # the start addresses have to be aligned to these sizes. The sizes can be calculated -+ # from the S_DATA_START and S_DATA_SIZE defines. -+ RAM_MPU_REGION_BLOCK_1_SIZE=0x4000 -+ RAM_MPU_REGION_BLOCK_2_SIZE=0x20000 -+ - ) - #========================= Platform common defs ===============================# - -diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -index 98e795dde..39b19c535 100644 ---- a/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -+++ b/platform/ext/target/arm/corstone1000/tfm_hal_isolation.c -@@ -15,6 +15,7 @@ - #include "mpu_config.h" - #include "mmio_defs.h" - #include "flash_layout.h" -+#include "region_defs.h" - - #define PROT_BOUNDARY_VAL \ - ((1U << HANDLE_ATTR_PRIV_POS) & HANDLE_ATTR_PRIV_MASK) -@@ -132,6 +133,27 @@ enum tfm_hal_status_t tfm_hal_set_up_static_boundaries( - - #endif - -+ /* Set the RAM attributes. It is needed because the first region overlaps the whole -+ * SRAM and it has to be overridden. -+ * The RAM_MPU_REGION_BLOCK_1_SIZE and RAM_MPU_REGION_BLOCK_2_SIZE are calculated manually -+ * and added to the platform_region_defs compile definitions. -+ */ -+ base = S_DATA_START; -+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE; -+ ret = configure_mpu(rnr++, base, limit, -+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ if (ret != TFM_HAL_SUCCESS) { -+ return ret; -+ } -+ -+ base = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE; -+ limit = S_DATA_START + RAM_MPU_REGION_BLOCK_1_SIZE + RAM_MPU_REGION_BLOCK_2_SIZE; -+ ret = configure_mpu(rnr++, base, limit, -+ XN_EXEC_NOT_OK, AP_RW_PRIV_UNPRIV); -+ if (ret != TFM_HAL_SUCCESS) { -+ return ret; -+ } -+ - arm_mpu_enable(); - - #endif /* CONFIG_TFM_ENABLE_MEMORY_PROTECT */ diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-add-unique-guid-for-mps3.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-add-unique-guid-for-mps3.patch similarity index 88% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-add-unique-guid-for-mps3.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-add-unique-guid-for-mps3.patch index 3711b8ce..b153b8da 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-add-unique-guid-for-mps3.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0003-platform-corstone1000-add-unique-guid-for-mps3.patch @@ -1,7 +1,7 @@ -From 3d35eb08fe0cea5c4b882c448f44530bb45c05f0 Mon Sep 17 00:00:00 2001 +From a32e7195a4fc1c9d890f9e22a795443d01dc1e8f Mon Sep 17 00:00:00 2001 From: Anusmita Dutta Mazumder Date: Tue, 2 Apr 2024 13:04:56 +0000 -Subject: [PATCH] platform: corstone1000: add unique guid for mps3 +Subject: [PATCH 03/10] platform: corstone1000: add unique guid for mps3 This patch sets unique GUID for Corstone1000 FVP and MPS3 @@ -12,7 +12,7 @@ Signed-off-by: Anusmita Dutta Mazumder 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c -index 2e6cf80470..be04e0e5df 100644 +index 003ab9faf8..5768df19b8 100644 --- a/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c +++ b/platform/ext/target/arm/corstone1000/fw_update_agent/fwu_agent.c @@ -113,13 +113,19 @@ enum fwu_agent_state_t { @@ -37,5 +37,5 @@ index 2e6cf80470..be04e0e5df 100644 #define IMAGE_NOT_ACCEPTED (0) #define BANK_0 (0) -- -2.38.1 +2.25.1 diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch similarity index 96% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch index 4f15da22..c947888d 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0004-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch @@ -1,7 +1,7 @@ -From 1410dc5504d60219279581b1cf6442f81551cfe7 Mon Sep 17 00:00:00 2001 +From a4e037b3bcf34982b8bdaf8693fd0f89d4f7fc87 Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Wed, 3 Apr 2024 13:37:40 +0100 -Subject: [PATCH] Platform: Corstone1000: Enable host firewall in FVP +Subject: [PATCH 04/10] Platform: Corstone1000: Enable host firewall in FVP Enables host firewall and mpu setup for FVP. It also fixes secure-ram configuration and disable access rights to secure ram from both normal world @@ -16,7 +16,7 @@ Upstream-Status: Pending [Not submitted to upstream yet] 3 files changed, 11 insertions(+), 35 deletions(-) diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h -index 416f0ebcd..101cad9e7 100644 +index 416f0ebcdb..101cad9e7c 100644 --- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h +++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h @@ -67,7 +67,7 @@ @@ -29,7 +29,7 @@ index 416f0ebcd..101cad9e7 100644 #define CORSTONE1000_HOST_BASE_SYSTEM_CONTROL_BASE (0x7A010000U) /* Host SCB */ #define CORSTONE1000_EXT_SYS_RESET_REG (0x7A010310U) /* external system (cortex-M3) */ diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c -index a5fee66af..7988c2392 100644 +index 45d6768215..2f693d2b1b 100644 --- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c +++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c @@ -35,7 +35,7 @@ REGION_DECLARE(Image$$, ER_DATA, $$Base)[]; @@ -159,7 +159,7 @@ index a5fee66af..7988c2392 100644 #if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) stdio_init(); diff --git a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c -index 2b1cdfa19..06cc3f0f5 100644 +index 2b1cdfa199..06cc3f0f52 100644 --- a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c +++ b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c @@ -70,7 +70,7 @@ int boot_get_image_exec_ram_info(uint32_t image_id, @@ -174,4 +174,3 @@ index 2b1cdfa19..06cc3f0f5 100644 -- 2.25.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-Increase-ITS-max-asset-size.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-Increase-ITS-max-asset-size.patch similarity index 86% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-Increase-ITS-max-asset-size.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-Increase-ITS-max-asset-size.patch index e831f034..160015fb 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-platform-corstone1000-Increase-ITS-max-asset-size.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0005-platform-corstone1000-Increase-ITS-max-asset-size.patch @@ -1,7 +1,7 @@ -From 2edf197735bd0efb1428c1710443dddcb376d930 Mon Sep 17 00:00:00 2001 +From 5b5c190ff91f387e4709950b6c734cda16c4b32d Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Wed, 17 Apr 2024 11:34:45 +0000 -Subject: [PATCH] platform: corstone1000: Increase ITS max asset size +Subject: [PATCH 05/10] platform: corstone1000: Increase ITS max asset size Increases the max asset size for ITS to enable parsec services & tests ​ @@ -25,3 +25,6 @@ index 2c7341afd4..2eb0924770 100644 +#define ITS_MAX_ASSET_SIZE 2048 + #endif /* __CONFIG_TFM_TARGET_H__ */ +-- +2.25.1 + diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch similarity index 71% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch index 3269c0e0..1e79f9fd 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch @@ -1,7 +1,7 @@ -From 21b0c9f028b6b04fa2f027510ec90969735f4dd1 Mon Sep 17 00:00:00 2001 +From 05611d5a55ac8858d07c64e48699100700578b80 Mon Sep 17 00:00:00 2001 From: Bence Balogh -Date: Wed, 17 Apr 2024 19:31:03 +0200 -Subject: [PATCH] platform: corstone1000: Increase RSE_COMMS buffer size +Date: Fri, 5 Jul 2024 21:18:08 +0200 +Subject: [PATCH 06/10] platform: corstone1000: Increase RSE_COMMS buffer size Signed-off-by: Bence Balogh Upstream-Status: Pending @@ -10,13 +10,13 @@ Upstream-Status: Pending 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h -index 6d79dd3bf..f079f6504 100644 +index 41e5c2bc34..b89460ea93 100644 --- a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h +++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h @@ -16,7 +16,7 @@ extern "C" { #endif - /* size suits to fit the largest message too (EFI variables) */ + /* size suits to fit the largest message too (EFI variables) */ -#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x2100) +#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x43C0) @@ -25,4 +25,3 @@ index 6d79dd3bf..f079f6504 100644 -- 2.25.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-CC312-alignment-of-cc312-differences-between-fvp-and.patch similarity index 80% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-CC312-alignment-of-cc312-differences-between-fvp-and.patch index 3d1b35e4..45d7049c 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0007-CC312-alignment-of-cc312-differences-between-fvp-and.patch @@ -1,22 +1,21 @@ -From a8aeaafd6c26d6bc3066164d12aabc5cb754fe1c Mon Sep 17 00:00:00 2001 +From 60ab8bbf85e9e84afd23948a71cf84c69f4aad7a Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Wed, 15 May 2024 12:12:15 +0000 -Subject: [PATCH] CC312: alignment of cc312 differences between fvp and mps3 - corstone1000 platforms +Subject: [PATCH 07/10] CC312: alignment of cc312 differences between fvp and + mps3 corstone1000 platforms -Configures CC312 mps3 model same as predefined cc312 FVP +Configures CC312 mps3 model same as predefined cc312 FVP configuration while keeping debug ports closed. Signed-off-by: Ali Can Ozaslan Upstream-Status: Inappropriate [Requires an aligment cc3xx with mps3 hw and fvp sw models] - --- lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c -index 31e4332be..4d7e6fa61 100644 +index 31e4332bed..4b08c02526 100644 --- a/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c +++ b/lib/ext/cryptocell-312-runtime/host/src/cc3x_lib/cc_lib.c @@ -207,6 +207,9 @@ CClibRetCode_t CC_LibInit(CCRndContext_t *rndContext_ptr, CCRndWorkBuff_t *rndW @@ -29,3 +28,6 @@ index 31e4332be..4d7e6fa61 100644 /* turn off the DFA since Cerberus doen't support it */ reg = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, HOST_AO_LOCK_BITS)); CC_REG_FLD_SET(0, HOST_AO_LOCK_BITS, HOST_FORCE_DFA_ENABLE, reg, 0x0); +-- +2.25.1 + diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch deleted file mode 100644 index 3e0acbe3..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch +++ /dev/null @@ -1,3620 +0,0 @@ -From 5e0e5207fe7edf7f9b47f0800388c7b3c9d69a1c Mon Sep 17 00:00:00 2001 -From: Bence Balogh -Date: Mon, 26 Feb 2024 10:20:54 +0100 -Subject: [PATCH] Platform: CS1000: Replace OpenAMP with RSE_COMMS - -The RSE_COMMS files were copied from the arm/rse platform (e7fcf4e0) -Did not copy the ATU and pointer access protocol related files as -they are not supported yet in Corstone-1000. - -There were some modifications in the files: -- Remove ATU support because Corstone-1000 doesn't have ATU -- Update and extend platform specific memory and permission checks -- Remove Armv8.1-M specific calls - -The OpenAMP related files were removed from Corstone-1000. - -Signed-off-by: Bence Balogh -Upstream-Status: Backport [75a980b37fb726dff8720b50de121c8196b70e4e] ---- - docs/platform/arm/corstone1000/readme.rst | 5 +- - .../target/arm/corstone1000/CMakeLists.txt | 5 +- - .../arm/corstone1000/Native_Driver/mhu.h | 140 +++++++ - .../Native_Driver/mhu_wrapper_v2_x.c | 353 ++++++++++++++++++ - .../ext/target/arm/corstone1000/config.cmake | 8 - - .../arm/corstone1000/openamp/CMakeLists.txt | 57 --- - ...ogger-when-the-build-type-is-release.patch | 27 -- - .../openamp/ext/libmetal/CMakeLists.txt | 23 -- - .../openamp/ext/libopenamp/CMakeLists.txt | 21 -- - .../openamp/platform_spe_dual_core_hal.c | 152 -------- - .../corstone1000/openamp/tfm_openamp_lib.h | 128 ------- - .../tfm_spe_dual_core_psa_client_secure_lib.c | 304 --------------- - .../tfm_spe_dual_core_psa_client_secure_lib.h | 39 -- - .../openamp/tfm_spe_openamp_interface.h | 39 -- - .../openamp/tfm_spe_openamp_interface_impl.c | 248 ------------ - .../tfm_spe_openamp_platform_interconnect.c | 114 ------ - .../tfm_spe_openamp_platform_interface.h | 31 -- - .../tfm_spe_psa_client_lib_unordered_map.c | 151 -------- - .../tfm_spe_psa_client_lib_unordered_map.h | 50 --- - .../openamp/tfm_spe_shm_openamp.h | 39 -- - .../arm/corstone1000/partition/region_defs.h | 12 +- - .../arm/corstone1000/rse_comms/CMakeLists.txt | 34 ++ - .../arm/corstone1000/rse_comms/rse_comms.c | 176 +++++++++ - .../arm/corstone1000/rse_comms/rse_comms.h | 48 +++ - .../corstone1000/rse_comms/rse_comms_hal.c | 232 ++++++++++++ - .../corstone1000/rse_comms/rse_comms_hal.h | 56 +++ - .../rse_comms/rse_comms_permissions_hal.h | 58 +++ - .../rse_comms/rse_comms_protocol.c | 120 ++++++ - .../rse_comms/rse_comms_protocol.h | 129 +++++++ - .../rse_comms/rse_comms_protocol_embed.c | 105 ++++++ - .../rse_comms/rse_comms_protocol_embed.h | 50 +++ - .../corstone1000/rse_comms/rse_comms_queue.c | 64 ++++ - .../corstone1000/rse_comms/rse_comms_queue.h | 25 ++ - .../corstone1000/rse_comms_permissions_hal.c | 177 +++++++++ - .../target/arm/corstone1000/tfm_interrupts.c | 51 +++ - 35 files changed, 1831 insertions(+), 1440 deletions(-) - create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/mhu.h - create mode 100644 platform/ext/target/arm/corstone1000/Native_Driver/mhu_wrapper_v2_x.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/CMakeLists.txt - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/ext/libmetal/0001-Disable-logger-when-the-build-type-is-release.patch - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/ext/libmetal/CMakeLists.txt - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_openamp_lib.h - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.h - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface.h - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface_impl.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interconnect.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interface.h - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.c - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.h - delete mode 100644 platform/ext/target/arm/corstone1000/openamp/tfm_spe_shm_openamp.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/CMakeLists.txt - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms.c - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.c - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_permissions_hal.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.c - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.c - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.c - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.h - create mode 100644 platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c - create mode 100644 platform/ext/target/arm/corstone1000/tfm_interrupts.c - -diff --git a/docs/platform/arm/corstone1000/readme.rst b/docs/platform/arm/corstone1000/readme.rst -index 59b167d8f..d46a6460e 100644 ---- a/docs/platform/arm/corstone1000/readme.rst -+++ b/docs/platform/arm/corstone1000/readme.rst -@@ -19,7 +19,8 @@ and boots the software ecosystem based on linux, u-boot, UEFI run time - services, TF-A, Secure Partitions and Optee. - - The communication between NSPE and SPE is based on PSA IPC protocol running on --top of FF-A/OpenAMP. -+top of the RSE communication protocol. The Corstone-1000 supports only the -+`Embed protocol`, and the ATU support is removed. - - .. toctree:: - :maxdepth: 1 -@@ -116,7 +117,7 @@ Other test configurations are: - - -DTEST_S_PS=ON/OFF - - -DTEST_S_PLATFORM=ON/OFF - --*Copyright (c) 2021-2023, Arm Limited. All rights reserved.* -+*Copyright (c) 2021-2024, Arm Limited. All rights reserved.* - - .. _Arm Ecosystem FVPs: https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps - .. _Arm Corstone-1000 User Guide: https://corstone1000.docs.arm.com/en/corstone1000-2022.11.23/user-guide.html -diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt -index 541504368..e2a7ac302 100644 ---- a/platform/ext/target/arm/corstone1000/CMakeLists.txt -+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt -@@ -87,7 +87,7 @@ target_add_scatter_file(bl1_2 - - #========================= Platform Secure ====================================# - --add_subdirectory(openamp) -+add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/rse_comms rse_comms) - - add_subdirectory(${PLATFORM_DIR}/ext/accelerator/cc312/cc312-rom cc312-rom) - -@@ -124,6 +124,7 @@ target_sources(platform_s - Device/Source/system_core_init.c - ${PLATFORM_DIR}/ext/target/arm/drivers/usart/pl011/uart_pl011_drv.c - Native_Driver/mhu_v2_x.c -+ Native_Driver/mhu_wrapper_v2_x.c - Native_Driver/watchdog.c - Native_Driver/arm_watchdog_drv.c - $<$:${CMAKE_CURRENT_SOURCE_DIR}/services/src/tfm_platform_system.c> -@@ -137,6 +138,7 @@ target_sources(platform_s - partition/partition.c - partition/gpt.c - $<$>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c> -+ rse_comms_permissions_hal.c - ) - - if (PLATFORM_IS_FVP) -@@ -376,6 +378,7 @@ target_sources(tfm_psa_rot_partition_ns_agent_mailbox - - target_sources(tfm_spm - PRIVATE -+ tfm_interrupts.c - tfm_hal_isolation.c - tfm_hal_platform.c - $<$:${CMAKE_CURRENT_SOURCE_DIR}/target_cfg.c> -diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/mhu.h b/platform/ext/target/arm/corstone1000/Native_Driver/mhu.h -new file mode 100644 -index 000000000..a02fdd883 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/Native_Driver/mhu.h -@@ -0,0 +1,140 @@ -+/* -+ * Copyright (c) 2022-2023 Arm Limited. All rights reserved. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+#ifndef __MHU_H__ -+#define __MHU_H__ -+ -+#include -+#include -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+/** -+ * Generic MHU error enumeration types. -+ */ -+enum mhu_error_t { -+ MHU_ERR_NONE = 0, -+ MHU_ERR_NOT_INIT = -1, -+ MHU_ERR_ALREADY_INIT = -2, -+ MHU_ERR_UNSUPPORTED_VERSION = -3, -+ MHU_ERR_UNSUPPORTED = -4, -+ MHU_ERR_INVALID_ARG = -5, -+ MHU_ERR_BUFFER_TOO_SMALL = -6, -+ MHU_ERR_GENERAL = -7, -+}; -+ -+/** -+ * \brief Initializes sender MHU. -+ * -+ * \param[in] mhu_sender_dev Pointer to the sender MHU. -+ * -+ * \return Returns mhu_error_t error code. -+ * -+ * \note This function must be called before mhu_send_data(). -+ */ -+enum mhu_error_t mhu_init_sender(void *mhu_sender_dev); -+ -+/** -+ * \brief Initializes receiver MHU. -+ * -+ * \param[in] mhu_receiver_dev Pointer to the receiver MHU. -+ * -+ * \return Returns mhu_error_t error code. -+ * -+ * \note This function must be called before mhu_receive_data(). -+ */ -+enum mhu_error_t mhu_init_receiver(void *mhu_receiver_dev); -+ -+/** -+ * \brief Sends data over MHU. -+ * -+ * \param[in] mhu_sender_dev Pointer to the sender MHU. -+ * \param[in] send_buffer Pointer to buffer containing the data to be -+ * transmitted. -+ * \param[in] size Size of the data to be transmitted in bytes. -+ * -+ * \return Returns mhu_error_t error code. -+ * -+ * \note The send_buffer must be 4-byte aligned and its length must be at least -+ * (4 - (size % 4)) bytes bigger than the data size to prevent buffer -+ * over-reading. -+ */ -+enum mhu_error_t mhu_send_data(void *mhu_sender_dev, -+ const uint8_t *send_buffer, -+ size_t size); -+ -+/** -+ * \brief Wait for data from MHU. -+ * -+ * \param[in] mhu_receiver_dev Pointer to the receiver MHU. -+ * -+ * \return Returns mhu_error_t error code. -+ * -+ * \note This function must be called before mhu_receive_data() if the MHU -+ * receiver interrupt is not used. -+ */ -+enum mhu_error_t mhu_wait_data(void *mhu_receiver_dev); -+ -+/** -+ * \brief Receives data from MHU. -+ * -+ * \param[in] mhu_receiver_dev Pointer to the receiver MHU. -+ * \param[out] receive_buffer Pointer the buffer where to store the -+ * received data. -+ * \param[in,out] size As input the size of the receive_buffer, -+ * as output the number of bytes received. -+ * As a limitation, the size of the buffer -+ * must be a multiple of 4. -+ * -+ * \return Returns mhu_error_t error code. -+ * -+ * \note The receive_buffer must be 4-byte aligned and its length must be a -+ * multiple of 4. -+ */ -+enum mhu_error_t mhu_receive_data(void *mhu_receiver_dev, -+ uint8_t *receive_buffer, -+ size_t *size); -+ -+/** -+ * \brief Signals an interrupt over the last available channel and wait for the -+ * values to be cleared by the receiver. -+ * -+ * \param[in] mhu_sender_dev Pointer to the sender MHU. -+ * \param[in] value Value that will be used while signaling. -+ * -+ * \return Returns mhu_error_t error code. -+ */ -+enum mhu_error_t signal_and_wait_for_clear(void *mhu_sender_dev, -+ uint32_t value); -+ -+/** -+ * \brief Wait for signal on the last available channel in a loop and -+ * acknowledge the transfer by clearing the status on that channel. -+ * -+ * \param[in] mhu_receiver_dev Pointer to the receiver MHU. -+ * \param[in] value Value that will be used while waiting. -+ * -+ * \return Returns mhu_error_t error code. -+ */ -+enum mhu_error_t wait_for_signal_and_clear(void *mhu_receiver_dev, -+ uint32_t value); -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __MHU_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/Native_Driver/mhu_wrapper_v2_x.c b/platform/ext/target/arm/corstone1000/Native_Driver/mhu_wrapper_v2_x.c -new file mode 100644 -index 000000000..f749f7661 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/Native_Driver/mhu_wrapper_v2_x.c -@@ -0,0 +1,353 @@ -+/* -+ * Copyright (c) 2022-2023 Arm Limited. All rights reserved. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+#include "mhu.h" -+ -+#include -+#include -+ -+#include "mhu_v2_x.h" -+ -+#define MHU_NOTIFY_VALUE (1234u) -+ -+static enum mhu_error_t -+error_mapping_to_mhu_error_t(enum mhu_v2_x_error_t err) -+{ -+ switch (err) { -+ case MHU_V_2_X_ERR_NONE: -+ return MHU_ERR_NONE; -+ case MHU_V_2_X_ERR_NOT_INIT: -+ return MHU_ERR_NOT_INIT; -+ case MHU_V_2_X_ERR_ALREADY_INIT: -+ return MHU_ERR_ALREADY_INIT; -+ case MHU_V_2_X_ERR_UNSUPPORTED_VERSION: -+ return MHU_ERR_UNSUPPORTED_VERSION; -+ case MHU_V_2_X_ERR_INVALID_ARG: -+ return MHU_ERR_INVALID_ARG; -+ case MHU_V_2_X_ERR_GENERAL: -+ return MHU_ERR_GENERAL; -+ default: -+ return MHU_ERR_GENERAL; -+ } -+} -+ -+enum mhu_error_t -+signal_and_wait_for_clear(void *mhu_sender_dev, uint32_t value) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev; -+ uint32_t channel_notify; -+ uint32_t wait_val; -+ -+ if (mhu_sender_dev == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ dev = (struct mhu_v2_x_dev_t *)mhu_sender_dev; -+ -+ /* Use the last channel for notifications */ -+ channel_notify = mhu_v2_x_get_num_channel_implemented(dev) - 1; -+ -+ /* FIXME: Avoid wasting a whole channel for notifying */ -+ err = mhu_v2_x_channel_send(dev, channel_notify, value); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ do { -+ err = mhu_v2_x_channel_poll(dev, channel_notify, &wait_val); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ break; -+ } -+ } while (wait_val != 0); -+ -+ return error_mapping_to_mhu_error_t(err); -+} -+ -+enum mhu_error_t -+wait_for_signal_and_clear(void *mhu_receiver_dev, uint32_t value) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev; -+ uint32_t channel_notify; -+ uint32_t wait_val; -+ -+ if (mhu_receiver_dev == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ dev = (struct mhu_v2_x_dev_t *)mhu_receiver_dev; -+ -+ /* Use the last channel for notifications */ -+ channel_notify = mhu_v2_x_get_num_channel_implemented(dev) - 1; -+ -+ do { -+ /* Using the last channel for notifications */ -+ err = mhu_v2_x_channel_receive(dev, channel_notify, &wait_val); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ } while (wait_val != value); -+ -+ /* Clear the last channel */ -+ err = mhu_v2_x_channel_clear(dev, channel_notify); -+ -+ return error_mapping_to_mhu_error_t(err); -+} -+ -+static enum mhu_v2_x_error_t -+clear_and_wait_for_signal(struct mhu_v2_x_dev_t *dev) -+{ -+ enum mhu_v2_x_error_t err; -+ uint32_t num_channels = mhu_v2_x_get_num_channel_implemented(dev); -+ uint32_t val, i; -+ -+ /* Clear all channels */ -+ for (i = 0; i < num_channels; ++i) { -+ err = mhu_v2_x_channel_clear(dev, i); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return err; -+ } -+ } -+ -+ do { -+ /* Using the last channel for notifications */ -+ err = mhu_v2_x_channel_receive(dev, num_channels - 1, &val); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ break; -+ } -+ } while (val != MHU_NOTIFY_VALUE); -+ -+ return err; -+} -+ -+enum mhu_error_t mhu_init_sender(void *mhu_sender_dev) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev = mhu_sender_dev; -+ -+ if (dev == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ err = mhu_v2_x_driver_init(dev, MHU_REV_READ_FROM_HW); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ /* This wrapper requires at least two channels to be implemented */ -+ if (mhu_v2_x_get_num_channel_implemented(dev) < 2) { -+ return MHU_ERR_UNSUPPORTED; -+ } -+ -+ return MHU_ERR_NONE; -+} -+ -+enum mhu_error_t mhu_init_receiver(void *mhu_receiver_dev) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev = mhu_receiver_dev; -+ uint32_t num_channels, i; -+ -+ if (dev == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ err = mhu_v2_x_driver_init(dev, MHU_REV_READ_FROM_HW); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ num_channels = mhu_v2_x_get_num_channel_implemented(dev); -+ -+ /* This wrapper requires at least two channels to be implemented */ -+ if (num_channels < 2) { -+ return MHU_ERR_UNSUPPORTED; -+ } -+ -+ /* Mask all channels except the notifying channel */ -+ for (i = 0; i < (num_channels - 1); ++i) { -+ err = mhu_v2_x_channel_mask_set(dev, i, UINT32_MAX); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ } -+ -+ /* The last channel is used for notifications */ -+ err = mhu_v2_x_channel_mask_clear(dev, (num_channels - 1), UINT32_MAX); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ err = mhu_v2_x_interrupt_enable(dev, MHU_2_1_INTR_CHCOMB_MASK); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ return MHU_ERR_NONE; -+} -+ -+enum mhu_error_t mhu_send_data(void *mhu_sender_dev, -+ const uint8_t *send_buffer, -+ size_t size) -+{ -+ enum mhu_v2_x_error_t err; -+ enum mhu_error_t mhu_err; -+ struct mhu_v2_x_dev_t *dev = mhu_sender_dev; -+ uint32_t num_channels = mhu_v2_x_get_num_channel_implemented(dev); -+ uint32_t chan = 0; -+ uint32_t i; -+ uint32_t *p; -+ -+ if (dev == NULL || send_buffer == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } else if (size == 0) { -+ return MHU_ERR_NONE; -+ } -+ -+ /* For simplicity, require the send_buffer to be 4-byte aligned. */ -+ if ((uintptr_t)send_buffer & 0x3u) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ err = mhu_v2_x_initiate_transfer(dev); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ /* First send over the size of the actual message. */ -+ err = mhu_v2_x_channel_send(dev, chan, (uint32_t)size); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ chan++; -+ -+ p = (uint32_t *)send_buffer; -+ for (i = 0; i < size; i += 4) { -+ err = mhu_v2_x_channel_send(dev, chan, *p++); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ if (++chan == (num_channels - 1)) { -+ mhu_err = signal_and_wait_for_clear(dev, MHU_NOTIFY_VALUE); -+ if (mhu_err != MHU_ERR_NONE) { -+ return mhu_err; -+ } -+ chan = 0; -+ } -+ } -+ -+ /* Signal the end of transfer. -+ * It's not required to send a signal when the message was -+ * perfectly-aligned ((num_channels - 1) channels were used in the last -+ * round) preventing it from signaling twice at the end of transfer. -+ */ -+ if (chan != 0) { -+ mhu_err = signal_and_wait_for_clear(dev, MHU_NOTIFY_VALUE); -+ if (mhu_err != MHU_ERR_NONE) { -+ return mhu_err; -+ } -+ } -+ -+ err = mhu_v2_x_close_transfer(dev); -+ return error_mapping_to_mhu_error_t(err); -+} -+ -+enum mhu_error_t mhu_wait_data(void *mhu_receiver_dev) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev = mhu_receiver_dev; -+ uint32_t num_channels = mhu_v2_x_get_num_channel_implemented(dev); -+ uint32_t val; -+ -+ do { -+ /* Using the last channel for notifications */ -+ err = mhu_v2_x_channel_receive(dev, num_channels - 1, &val); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ break; -+ } -+ } while (val != MHU_NOTIFY_VALUE); -+ -+ return error_mapping_to_mhu_error_t(err); -+} -+ -+enum mhu_error_t mhu_receive_data(void *mhu_receiver_dev, -+ uint8_t *receive_buffer, -+ size_t *size) -+{ -+ enum mhu_v2_x_error_t err; -+ struct mhu_v2_x_dev_t *dev = mhu_receiver_dev; -+ uint32_t num_channels = mhu_v2_x_get_num_channel_implemented(dev); -+ uint32_t chan = 0; -+ uint32_t message_len; -+ uint32_t i; -+ uint32_t *p; -+ -+ if (dev == NULL || receive_buffer == NULL) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ /* For simplicity, require: -+ * - the receive_buffer to be 4-byte aligned, -+ * - the buffer size to be a multiple of 4. -+ */ -+ if (((uintptr_t)receive_buffer & 0x3u) || (*size & 0x3u)) { -+ return MHU_ERR_INVALID_ARG; -+ } -+ -+ /* The first word is the length of the actual message. */ -+ err = mhu_v2_x_channel_receive(dev, chan, &message_len); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ chan++; -+ -+ if (message_len > *size) { -+ /* Message buffer too small */ -+ *size = message_len; -+ return MHU_ERR_BUFFER_TOO_SMALL; -+ } -+ -+ p = (uint32_t *)receive_buffer; -+ for (i = 0; i < message_len; i += 4) { -+ err = mhu_v2_x_channel_receive(dev, chan, p++); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ -+ /* Only wait for next transfer if there is still missing data. */ -+ if (++chan == (num_channels - 1) && (message_len - i) > 4) { -+ /* Busy wait for next transfer */ -+ err = clear_and_wait_for_signal(dev); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ chan = 0; -+ } -+ } -+ -+ /* Clear all channels */ -+ for (i = 0; i < num_channels; ++i) { -+ err = mhu_v2_x_channel_clear(dev, i); -+ if (err != MHU_V_2_X_ERR_NONE) { -+ return error_mapping_to_mhu_error_t(err); -+ } -+ } -+ -+ *size = message_len; -+ -+ return MHU_ERR_NONE; -+} -diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake -index 70bbcdafd..6a805a122 100644 ---- a/platform/ext/target/arm/corstone1000/config.cmake -+++ b/platform/ext/target/arm/corstone1000/config.cmake -@@ -37,14 +37,6 @@ set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryp - set(NS FALSE CACHE BOOL "Whether to build NS app") - set(EXTERNAL_SYSTEM_SUPPORT OFF CACHE BOOL "Whether to include external system support.") - --# External dependency on OpenAMP and Libmetal --set(LIBMETAL_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libmetal (or DOWNLOAD to fetch automatically") --set(LIBMETAL_VERSION "f252f0e007fbfb8b3a52b1d5901250ddac96baad" CACHE STRING "The version of libmetal to use") --set(LIBMETAL_FORCE_PATCH OFF CACHE BOOL "Always apply Libmetal patches") -- --set(LIBOPENAMP_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libopenamp (or DOWNLOAD to fetch automatically") --set(OPENAMP_VERSION "347397decaa43372fc4d00f965640ebde042966d" CACHE STRING "The version of openamp to use") -- - if (${PLATFORM_IS_FVP}) - set(PLATFORM_PSA_ADAC_SECURE_DEBUG FALSE CACHE BOOL "Whether to use psa-adac secure debug.") - else() -diff --git a/platform/ext/target/arm/corstone1000/openamp/CMakeLists.txt b/platform/ext/target/arm/corstone1000/openamp/CMakeLists.txt -deleted file mode 100644 -index 32c0def25..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/CMakeLists.txt -+++ /dev/null -@@ -1,57 +0,0 @@ --#------------------------------------------------------------------------------- --# Copyright (c) 2021, Arm Limited. All rights reserved. --# --# SPDX-License-Identifier: BSD-3-Clause --# --#------------------------------------------------------------------------------- -- --add_subdirectory(ext/libmetal) --add_subdirectory(ext/libopenamp) -- --set(CMAKE_SYSTEM_PROCESSOR "arm") --set(MACHINE "template") --set(LIBMETAL_INCLUDE_DIR "${LIBMETAL_BIN_PATH}/lib/include") --set(LIBMETAL_LIB "${LIBMETAL_BIN_PATH}/lib") -- --add_subdirectory(${LIBMETAL_SRC_PATH} ${LIBMETAL_BIN_PATH}) --add_subdirectory(${LIBOPENAMP_SRC_PATH} ${LIBOPENAMP_BIN_PATH}) -- --target_include_directories(platform_s -- PRIVATE -- ${LIBMETAL_BIN_PATH}/lib/include -- ${LIBOPENAMP_SRC_PATH}/lib/include --) -- --target_include_directories(platform_s -- PUBLIC -- . --) -- --target_sources(platform_s -- PRIVATE -- tfm_spe_openamp_platform_interconnect.c -- tfm_spe_dual_core_psa_client_secure_lib.c -- tfm_spe_openamp_interface_impl.c -- platform_spe_dual_core_hal.c -- tfm_spe_psa_client_lib_unordered_map.c --) -- --target_link_libraries(open_amp-static -- PRIVATE -- metal-static --) -- --target_compile_definitions(open_amp-static -- PRIVATE -- RPMSG_BUFFER_SIZE=8192 --) -- --target_link_libraries(platform_s -- PRIVATE -- open_amp-static --) -- --# Export header file shared with non-secure side --install(FILES tfm_openamp_lib.h -- DESTINATION ${INSTALL_INTERFACE_INC_DIR} --) -diff --git a/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/0001-Disable-logger-when-the-build-type-is-release.patch b/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/0001-Disable-logger-when-the-build-type-is-release.patch -deleted file mode 100644 -index 7c5eacc9f..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/0001-Disable-logger-when-the-build-type-is-release.patch -+++ /dev/null -@@ -1,27 +0,0 @@ --From d9d92c8848e4567f208f1900aff57e6a234c8130 Mon Sep 17 00:00:00 2001 --From: Mohamed Omar Asaker --Date: Wed, 7 Dec 2022 12:37:22 +0000 --Subject: [PATCH] Disable logger when the build type is release -- --Signed-off-by: Mohamed Omar Asaker ----- -- cmake/options.cmake | 3 ++- -- 1 file changed, 2 insertions(+), 1 deletion(-) -- --diff --git a/cmake/options.cmake b/cmake/options.cmake --index 25c7c96..7a2b116 100644 ----- a/cmake/options.cmake --+++ b/cmake/options.cmake --@@ -55,7 +55,8 @@ if (WITH_ZEPHYR) -- option (WITH_ZEPHYR_LIB "Build libmetal as a zephyr library" OFF) -- endif (WITH_ZEPHYR) -- ---option (WITH_DEFAULT_LOGGER "Build with default logger" ON) --+include(CMakeDependentOption) --+cmake_dependent_option(WITH_DEFAULT_LOGGER "Build with default logger" ON "${CMAKE_BUILD_TYPE} STREQUAL Debug" OFF) -- -- option (WITH_DOC "Build with documentation" ON) -- ---- --2.25.1 -- -diff --git a/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/CMakeLists.txt b/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/CMakeLists.txt -deleted file mode 100644 -index fa37fd6be..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/ext/libmetal/CMakeLists.txt -+++ /dev/null -@@ -1,23 +0,0 @@ --#------------------------------------------------------------------------------- --# Copyright (c) 2021-2022, Arm Limited. All rights reserved. --# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company) --# or an affiliate of Cypress Semiconductor Corporation. All rights reserved. --# --# SPDX-License-Identifier: BSD-3-Clause --# --#------------------------------------------------------------------------------- -- --fetch_remote_library( -- LIB_NAME libmetal -- LIB_SOURCE_PATH_VAR LIBMETAL_SRC_PATH -- LIB_BINARY_PATH_VAR LIBMETAL_BIN_PATH -- LIB_PATCH_DIR ${CMAKE_CURRENT_LIST_DIR} -- LIB_FORCE_PATCH LIBMETAL_FORCE_PATCH -- FETCH_CONTENT_ARGS -- GIT_TAG ${LIBMETAL_VERSION} -- GIT_REPOSITORY https://github.com/OpenAMP/libmetal.git --) -- --if (NOT LIB_BINARY_PATH_VAR) --set(LIBMETAL_BIN_PATH "${CMAKE_SOURCE_DIR}/build/lib/ext/libmetal-subbuild" CACHE PATH "Path to build directory of libmetal.") --endif() -diff --git a/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt b/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt -deleted file mode 100644 -index 28c5fa284..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/ext/libopenamp/CMakeLists.txt -+++ /dev/null -@@ -1,21 +0,0 @@ --#------------------------------------------------------------------------------- --# Copyright (c) 2020-2022, Arm Limited. All rights reserved. --# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company) --# or an affiliate of Cypress Semiconductor Corporation. All rights reserved. --# --# SPDX-License-Identifier: BSD-3-Clause --# --#------------------------------------------------------------------------------- -- --fetch_remote_library( -- LIB_NAME libopenamp -- LIB_SOURCE_PATH_VAR LIBOPENAMP_SRC_PATH -- LIB_BINARY_PATH_VAR LIBOPENAMP_BIN_PATH -- FETCH_CONTENT_ARGS -- GIT_TAG ${OPENAMP_VERSION} -- GIT_REPOSITORY https://github.com/OpenAMP/open-amp.git --) -- --if (NOT LIB_BINARY_PATH_VAR) --set(LIBOPENAMP_BIN_PATH "${CMAKE_SOURCE_DIR}/build/lib/ext/libopenamp-subbuild" CACHE PATH "Path to build directory of open-amp.") --endif() -diff --git a/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c b/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c -deleted file mode 100644 -index 7613345ff..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/platform_spe_dual_core_hal.c -+++ /dev/null -@@ -1,152 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * Copyright (c) 2021-2022 Cypress Semiconductor Corporation (an Infineon -- * company) or an affiliate of Cypress Semiconductor Corporation. All rights -- * reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- */ -- --#include "tfm_spe_openamp_platform_interface.h" --#include "device_cfg.h" --#include "device_definition.h" --#include "load/interrupt_defs.h" --#include "mhu_v2_x.h" --#include "tfm_plat_defs.h" --#include "tfm_spm_log.h" --#include "cmsis.h" -- --#define MHU1_SEH_NOTIFY_CH 0 --#define MHU1_SEH_NOTIFY_VAL 1234 -- --static enum tfm_plat_err_t initialize_secure_enclave_to_host_mhu(void) --{ -- enum mhu_v2_x_error_t status; -- -- status = mhu_v2_x_driver_init(&MHU1_SE_TO_HOST_DEV, MHU_REV_READ_FROM_HW); -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("Secure-enclave to Host MHU driver initialization failed: ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- SPMLOG_INFMSG("Secure-enclave to Host MHU Driver initialized successfully.\r\n"); -- -- return TFM_PLAT_ERR_SUCCESS; --} -- --static enum tfm_plat_err_t initialize_host_to_secure_enclave_mhu(void) --{ -- enum mhu_v2_x_error_t status; -- -- status = mhu_v2_x_driver_init(&MHU1_HOST_TO_SE_DEV, MHU_REV_READ_FROM_HW); -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("Host to secure-enclave MHU driver initialization failed: ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- SPMLOG_INFMSG("Host to secure-enclave MHU Driver initialized successfully.\r\n"); -- -- NVIC_EnableIRQ(HSE1_RECEIVER_COMBINED_IRQn); -- -- return TFM_PLAT_ERR_SUCCESS; --} -- --static struct irq_t mbox_irq_info = {0}; -- --void HSE1_RECEIVER_COMBINED_IRQHandler(void) --{ -- spm_handle_interrupt(mbox_irq_info.p_pt, mbox_irq_info.p_ildi); -- -- mhu_v2_x_channel_clear(&MHU1_HOST_TO_SE_DEV, 0); -- NVIC_ClearPendingIRQ(HSE1_RECEIVER_COMBINED_IRQn); --} -- --enum tfm_hal_status_t mailbox_irq_init(void *p_pt, -- const struct irq_load_info_t *p_ildi) --{ -- mbox_irq_info.p_pt = p_pt; -- mbox_irq_info.p_ildi = p_ildi; -- -- return TFM_HAL_SUCCESS; --} -- --enum tfm_plat_err_t tfm_dual_core_hal_init(void) --{ -- enum tfm_plat_err_t status; -- -- status = initialize_host_to_secure_enclave_mhu(); -- if (status) { -- return status; -- } -- status = initialize_secure_enclave_to_host_mhu(); -- -- return status; --} -- --enum tfm_plat_err_t tfm_hal_notify_peer(void) --{ -- uint32_t access_ready; -- enum mhu_v2_x_error_t status; -- struct mhu_v2_x_dev_t* dev = &MHU1_SE_TO_HOST_DEV; -- -- status = mhu_v2_x_set_access_request(dev); -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("mhu_v2_x_set_access_request failed : ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- -- do { -- status = mhu_v2_x_get_access_ready(dev, &access_ready); -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("mhu_v2_x_get_access_ready failed : ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- } while(!access_ready); -- -- status = mhu_v2_x_channel_send(dev, MHU1_SEH_NOTIFY_CH, MHU1_SEH_NOTIFY_VAL); -- -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("mhu_v2_x_channel_send : ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- -- status = mhu_v2_x_reset_access_request(dev); -- if (status != MHU_V_2_X_ERR_NONE) { -- SPMLOG_ERRMSGVAL("mhu_v2_x_reset_access_request : ", status); -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- return TFM_PLAT_ERR_SUCCESS; --} -- --/* -- * The function is implemented to support libmetal's mutex and spinlock -- * implementation. The GCC does not support a respective builtin -- * functions for Cortex M0+. So below function provides the -- * missing link for libmetal compilation. -- * This function will prevent race condition between PendSV context (where -- * entries are inserted into unordered map) and service threads (where -- * entries are removed from the unordered map). -- */ --bool __atomic_compare_exchange_4(volatile void *mem, void *expected, -- uint32_t desired, bool var, int success, int failure) --{ -- bool ret = false; -- volatile uint32_t *location = mem; -- volatile uint32_t *old_val = expected; -- /* unused variables */ -- (void)var; -- (void)success; -- (void)failure; -- -- NVIC_DisableIRQ(PendSV_IRQn); -- -- do { -- if (*location != *old_val) { -- break; -- } -- *location = desired; -- ret = true; -- } while (0); -- -- NVIC_EnableIRQ(PendSV_IRQn); -- -- return ret; --} -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_openamp_lib.h b/platform/ext/target/arm/corstone1000/openamp/tfm_openamp_lib.h -deleted file mode 100644 -index 2996ba9a8..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_openamp_lib.h -+++ /dev/null -@@ -1,128 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --/* -- * This header file is common to NSPE and SPE PSA client libraries. -- */ -- --#ifndef __TFM_OPENAMP_LIB_H__ --#define __TFM_OPENAMP_LIB_H__ -- --#include --#include "psa/client.h" -- --#ifdef __cplusplus --extern "C" { --#endif -- --/* PSA client call type value */ --#define OPENAMP_PSA_FRAMEWORK_VERSION (0x1) --#define OPENAMP_PSA_VERSION (0x2) --#define OPENAMP_PSA_CONNECT (0x3) --#define OPENAMP_PSA_CALL (0x4) --#define OPENAMP_PSA_CLOSE (0x5) -- --/* Return code of openamp APIs */ --#define OPENAMP_SUCCESS (0) --#define OPENAMP_MAP_FULL (INT32_MIN + 1) --#define OPENAMP_MAP_ERROR (INT32_MIN + 2) --#define OPENAMP_INVAL_PARAMS (INT32_MIN + 3) --#define OPENAMP_NO_PERMS (INT32_MIN + 4) --#define OPENAMP_NO_PEND_EVENT (INT32_MIN + 5) --#define OPENAMP_CHAN_BUSY (INT32_MIN + 6) --#define OPENAMP_CALLBACK_REG_ERROR (INT32_MIN + 7) --#define OPENAMP_INIT_ERROR (INT32_MIN + 8) -- --#define HOLD_INPUT_BUFFER (1) /* IF true, TF-M Library will hold the openamp -- * buffer so that openamp shared memory buffer -- * does not get freed. -- */ -- --/* -- * This structure holds the parameters used in a PSA client call. -- */ --typedef struct __attribute__((packed)) psa_client_in_params { -- union { -- struct __attribute__((packed)) { -- uint32_t sid; -- } psa_version_params; -- -- struct __attribute__((packed)) { -- uint32_t sid; -- uint32_t version; -- } psa_connect_params; -- -- struct __attribute__((packed)) { -- psa_handle_t handle; -- int32_t type; -- uint32_t in_vec; -- uint32_t in_len; -- uint32_t out_vec; -- uint32_t out_len; -- } psa_call_params; -- -- struct __attribute__((packed)) { -- psa_handle_t handle; -- } psa_close_params; -- }; --} psa_client_in_params_t; -- --/* Openamp message passed from NSPE to SPE to deliver a PSA client call */ --typedef struct __attribute__((packed)) ns_openamp_msg { -- uint32_t call_type; /* PSA client call type */ -- psa_client_in_params_t params; /* Contain parameters used in PSA -- * client call -- */ -- -- int32_t client_id; /* Optional client ID of the -- * non-secure caller. -- * It is required to identify the -- * non-secure task when NSPE OS -- * enforces non-secure task -- * isolation -- */ -- int32_t request_id; /* This is the unique ID for a -- * request send to TF-M by the -- * non-secure core. TF-M forward -- * the ID back to non-secure on the -- * reply to a given request. Using -- * this id, the non-secure library -- * can identify the request for -- * which the reply has received. -- */ --} ns_openamp_msg_t; -- --/* -- * This structure holds the location of the out data of the PSA client call. -- */ --typedef struct __attribute__((packed)) psa_client_out_params { -- uint32_t out_vec; -- uint32_t out_len; --} psa_client_out_params_t; -- -- --/* Openamp message from SPE to NSPE delivering the reply back for a PSA client -- * call. -- */ --typedef struct __attribute__((packed)) s_openamp_msg { -- int32_t request_id; /* Using this id, the non-secure -- * library identifies the request. -- * TF-M forwards the same -- * request-id received on the -- * initial request. -- */ -- int32_t reply; /* Reply of the PSA client call */ -- psa_client_out_params_t params; /* Contain out data result of the -- * PSA client call. -- */ --} s_openamp_msg_t; -- --#ifdef __cplusplus --} --#endif -- --#endif /* __TFM_OPENAMP_LIB_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c -deleted file mode 100644 -index d2eabe144..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.c -+++ /dev/null -@@ -1,304 +0,0 @@ --/* -- * Copyright (c) 2021-2022, Arm Limited. All rights reserved. -- * Copyright (c) 2021-2023 Cypress Semiconductor Corporation (an Infineon company) -- * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#include "config_impl.h" --#include "tfm_psa_call_pack.h" --#include "tfm_spe_dual_core_psa_client_secure_lib.h" --#include "tfm_rpc.h" --#include "tfm_spe_openamp_interface.h" --#include "tfm_spm_log.h" --#include "tfm_spe_psa_client_lib_unordered_map.h" --#include "psa/error.h" --#include "utilities.h" --#include "thread.h" -- --/** -- * In linux environment and for psa_call type client api, -- * the layout of the reply from tf-m to linux is as following. -- */ --typedef struct output_buffer_with_payload { -- s_openamp_msg_t header; -- psa_outvec outvec[PSA_MAX_IOVEC]; -- uint8_t payload[]; /* outdata follows */ --} output_buffer_with_payload_t; -- --static void prepare_and_send_output_msg(int32_t reply, int32_t request_id) --{ -- s_openamp_msg_t msg; -- -- msg.request_id = request_id; -- msg.reply = reply; -- -- msg.params.out_vec = 0; -- msg.params.out_len = 0; -- -- tfm_to_openamp_reply_back(&msg, sizeof(msg)); --} -- --static void prepare_and_send_preallocated_output_msg(int32_t reply, -- const unordered_map_entry_t* s_map_entry) --{ -- uint32_t out_len = s_map_entry->msg.params.psa_call_params.out_len; -- output_buffer_with_payload_t *output_msg = (output_buffer_with_payload_t*)s_map_entry->output_buffer; -- -- output_msg->header.request_id = s_map_entry->msg.request_id; -- output_msg->header.reply = reply; -- -- output_msg->header.params.out_vec = -- (uint32_t)tfm_to_openamp_translate_secure_to_non_secure_ptr( -- output_msg->outvec); -- output_msg->header.params.out_len = out_len; -- -- for (int i = 0; i < out_len; i++) { -- output_msg->outvec[i].base = tfm_to_openamp_translate_secure_to_non_secure_ptr( -- output_msg->outvec[i].base); -- } -- -- /* send msg to non-secure side */ -- tfm_to_openamp_reply_back_no_copy(output_msg, s_map_entry->output_buffer_len); --} -- --void send_service_reply_to_non_secure(int32_t reply, void *private) --{ -- unordered_map_handle_t handle; -- const unordered_map_entry_t* s_map_entry = (const unordered_map_entry_t*)private; -- -- if (s_map_entry->is_input_buffer_hold) { -- tfm_to_openamp_release_buffer(s_map_entry->input_buffer); -- } -- -- if (s_map_entry->is_output_buffer) { -- prepare_and_send_preallocated_output_msg(reply, s_map_entry); -- } else { -- prepare_and_send_output_msg(reply, s_map_entry->msg.request_id); -- } -- -- handle = unordered_map_get_entry_handle(s_map_entry); -- if (handle == INVALID_MAP_HANDLE) { -- SPMLOG_ERRMSG("FATAL_ERROR: Map handle not valid\r\n"); -- SPM_ASSERT(0); -- } -- unordered_map_free(handle); --} -- --static psa_invec * prepare_in_vecs(unordered_map_entry_t* s_map_entry) --{ -- uint32_t in_len = s_map_entry->msg.params.psa_call_params.in_len; -- SPM_ASSERT(in_len <= PSA_MAX_IOVEC); -- -- psa_invec *input_buffer_in_vec = (psa_invec*)tfm_to_openamp_translate_non_secure_to_secure_ptr( -- (void*)s_map_entry->msg.params.psa_call_params.in_vec); -- for (int i = 0; i < in_len; i++) { -- input_buffer_in_vec[i].base = tfm_to_openamp_translate_non_secure_to_secure_ptr( -- input_buffer_in_vec[i].base); -- } -- -- return input_buffer_in_vec; --} -- --static void * alloc_output_buffer_in_shared_mem(size_t length, -- unordered_map_entry_t* s_map_entry) --{ -- uint32_t buffer_sz = 0; -- -- /* pre allocate output_buffer space from openamp shared memory */ -- s_map_entry->output_buffer = tfm_to_openamp_get_buffer(&buffer_sz); -- SPM_ASSERT((s_map_entry->output_buffer != NULL) && (buffer_sz >= length)); -- s_map_entry->is_output_buffer = true; -- s_map_entry->output_buffer_len = length; -- spm_memset(s_map_entry->output_buffer, 0x0, length); -- -- return s_map_entry->output_buffer; --} -- --static psa_status_t alloc_and_prepare_out_vecs(psa_outvec **out_vec_start_ptr, -- unordered_map_entry_t* s_map_entry) --{ -- psa_outvec *input_buffer_outvec = NULL; -- size_t output_buffer_len = 0; -- size_t current_outdata_len = 0; -- output_buffer_with_payload_t *out_buffer = NULL; -- int max_shared_mem_buffer_size = 0; -- uint32_t out_len = s_map_entry->msg.params.psa_call_params.out_len; -- -- SPM_ASSERT(out_len <= PSA_MAX_IOVEC); -- *out_vec_start_ptr = NULL; -- -- if (out_len == 0) { -- return PSA_SUCCESS; -- } -- -- input_buffer_outvec = (psa_outvec*)tfm_to_openamp_translate_non_secure_to_secure_ptr( -- (void*)s_map_entry->msg.params.psa_call_params.out_vec); -- -- /* calculate and validate out data len */ -- output_buffer_len = sizeof(output_buffer_with_payload_t); -- for (int i = 0; i < out_len; i++) { -- output_buffer_len += input_buffer_outvec[i].len; -- } -- max_shared_mem_buffer_size = tfm_to_openamp_get_buffer_size(); -- if (output_buffer_len > max_shared_mem_buffer_size) { -- SPMLOG_ERRMSGVAL("required buffer size : ", output_buffer_len); -- SPMLOG_ERRMSGVAL(" is more than maximum available : ", max_shared_mem_buffer_size); -- return PSA_ERROR_INVALID_ARGUMENT; -- } -- -- /* prepare output buffer layout */ -- out_buffer = (output_buffer_with_payload_t*)alloc_output_buffer_in_shared_mem( -- output_buffer_len, s_map_entry); -- -- for (int i = 0; i < PSA_MAX_IOVEC; i++) { -- if (i < out_len) { -- out_buffer->outvec[i].base = &out_buffer->payload[current_outdata_len]; -- out_buffer->outvec[i].len = input_buffer_outvec[i].len; -- current_outdata_len += input_buffer_outvec[i].len; -- } else { -- out_buffer->outvec[i].base = NULL; -- out_buffer->outvec[i].len = 0; -- } -- } -- -- *out_vec_start_ptr = out_buffer->outvec; -- -- return PSA_SUCCESS; --} -- --static psa_status_t prepare_params_for_psa_call(struct client_params_t *params, -- unordered_map_entry_t* s_map_entry) --{ -- psa_status_t ret = PSA_SUCCESS; -- -- params->ns_client_id_stateless = s_map_entry->msg.client_id; -- -- params->p_outvecs = NULL; -- ret = alloc_and_prepare_out_vecs(¶ms->p_outvecs, s_map_entry); -- if (ret != PSA_SUCCESS) { -- return ret; -- } -- -- params->p_invecs = prepare_in_vecs(s_map_entry); -- -- /* hold the input shared memory */ -- tfm_to_openamp_hold_buffer(s_map_entry->input_buffer); -- s_map_entry->is_input_buffer_hold = true; -- -- return ret; --} -- --__STATIC_INLINE int32_t check_msg(const ns_openamp_msg_t *msg) --{ -- /* -- * TODO -- * Comprehensive check of openamp msessage content can be implemented here. -- */ -- (void)msg; -- return OPENAMP_SUCCESS; --} -- --static void send_error_to_non_secure(int32_t reply, int32_t request_id) --{ -- prepare_and_send_output_msg(reply, request_id); --} -- --int32_t register_msg_to_spe_and_verify(void **private, const void *data, size_t len) --{ -- unordered_map_entry_t *s_map_entry; -- ns_openamp_msg_t *ns_msg; -- unordered_map_handle_t map_handle; -- int32_t ret = OPENAMP_SUCCESS; -- -- *private = NULL; -- -- if (len < sizeof(ns_openamp_msg_t)) { -- SPMLOG_ERRMSG("Invalid parameters.\r\n"); -- send_error_to_non_secure(OPENAMP_INVAL_PARAMS, 0); -- return OPENAMP_INVAL_PARAMS; -- } -- -- /* start of the data is with "ns_openamp_msg_t" */ -- ns_msg = (ns_openamp_msg_t*)data; -- ret = unordered_map_insert(ns_msg, data, &map_handle); -- if (ret) { -- SPMLOG_ERRMSG("Map insert failed\r\n"); -- send_error_to_non_secure(OPENAMP_MAP_FULL, ns_msg->request_id); -- return OPENAMP_MAP_FULL; -- } -- -- s_map_entry = unordered_map_get_entry_ptr(map_handle); -- -- /* verify msg after copy to the secure memory */ -- if (check_msg(&s_map_entry->msg)) { -- SPMLOG_ERRMSG("Message is invalid\r\n"); -- send_error_to_non_secure(OPENAMP_INVAL_PARAMS, ns_msg->request_id); -- unordered_map_free(map_handle); -- return OPENAMP_INVAL_PARAMS; -- } -- -- *private = s_map_entry; -- -- return ret; --} -- --void deliver_msg_to_tfm_spe(void *private) --{ -- struct client_params_t params = {0}; -- psa_status_t psa_ret = PSA_ERROR_GENERIC_ERROR; -- unordered_map_entry_t* s_map_entry = (unordered_map_entry_t*)private; -- -- switch(s_map_entry->msg.call_type) { -- case OPENAMP_PSA_FRAMEWORK_VERSION: -- psa_ret = tfm_rpc_psa_framework_version(); -- send_service_reply_to_non_secure(psa_ret, s_map_entry); -- break; -- case OPENAMP_PSA_VERSION: -- psa_ret = tfm_rpc_psa_version(s_map_entry->msg.params.psa_version_params.sid); -- send_service_reply_to_non_secure(psa_ret, s_map_entry); -- break; -- case OPENAMP_PSA_CALL: -- psa_ret = prepare_params_for_psa_call(¶ms, s_map_entry); -- if (psa_ret != PSA_SUCCESS) { -- send_service_reply_to_non_secure(psa_ret, s_map_entry); -- break; -- } -- psa_ret = tfm_rpc_psa_call(s_map_entry->msg.params.psa_call_params.handle, -- PARAM_PACK(s_map_entry->msg.params.psa_call_params.type, -- s_map_entry->msg.params.psa_call_params.in_len, -- s_map_entry->msg.params.psa_call_params.out_len), -- ¶ms, NULL); -- if (psa_ret != PSA_SUCCESS) { -- send_service_reply_to_non_secure(psa_ret, s_map_entry); -- break; -- } -- break; --#if CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1 -- case OPENAMP_PSA_CONNECT: -- psa_ret = tfm_rpc_psa_connect(s_map_entry->msg.params.psa_connect_params.sid, -- s_map_entry->msg.params.psa_connect_params.version, -- s_map_entry->msg.client_id, -- NULL); -- if (psa_ret != PSA_SUCCESS) { -- send_service_reply_to_non_secure(psa_ret, s_map_entry); -- } -- break; -- case OPENAMP_PSA_CLOSE: -- tfm_rpc_psa_close(s_map_entry->msg.params.psa_close_params.handle); -- break; --#endif /* CONFIG_TFM_CONNECTION_BASED_SERVICE_API == 1 */ -- default: -- SPMLOG_ERRMSG("msg type did not recognized\r\n"); -- send_error_to_non_secure(OPENAMP_INVAL_PARAMS, s_map_entry->msg.request_id); -- unordered_map_free(unordered_map_get_entry_handle(s_map_entry)); -- break; -- } --} -- --void init_dual_core_psa_client_secure_lib(void) --{ -- unordered_map_init(); --} -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.h b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.h -deleted file mode 100644 -index de7891b83..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_dual_core_psa_client_secure_lib.h -+++ /dev/null -@@ -1,39 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#ifndef __TFM_SPE_DUAL_CORE_PSA_CLIENT_SECURE_LIB_H__ --#define __TFM_SPE_DUAL_CORE_PSA_CLIENT_SECURE_LIB_H__ -- --#include "tfm_openamp_lib.h" -- --/** -- * \brief Initializes the library. -- */ --void init_dual_core_psa_client_secure_lib(void); -- --/** -- * \brief Decodes the messages received from the NSPE before sending -- * to SPE. -- */ --void deliver_msg_to_tfm_spe(void *private); -- --/** -- * \brief Encodes the reply of service before sending it to NSPE. -- */ --void send_service_reply_to_non_secure(int32_t reply, void *private); -- --/** -- * \brief Validate and register the message. The message details are -- * copied inside the unordered_map. -- * -- * \retval OPENAMP_SUCCESS Successfully registered the message. -- * \retval Other return code Operation failed with an error code. -- */ --int32_t register_msg_to_spe_and_verify(void **private, -- const void *data, size_t len); -- --#endif /* __TFM_SPE_DUAL_CORE_PSA_CLIENT_SECURE_LIB_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface.h b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface.h -deleted file mode 100644 -index 25afd5017..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface.h -+++ /dev/null -@@ -1,39 +0,0 @@ --/* -- * Copyright (c) 2020 Linaro Limited -- * -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#ifndef TFM_SPE_OPENAMP_INTERFACE_H_ --#define TFM_SPE_OPENAMP_INTERFACE_H_ -- --#define SUCCESS (0) --#define ERROR (INT32_MIN + 1) -- -- --typedef void (*openamp_to_tfm_callback)(const void *data, -- size_t len); --typedef void (*openamp_to_tfm_notify)(void); -- --/* -- * These functions are the logical interface from TF-M to -- * OpenAMP. -- */ --int32_t tfm_to_openamp_init(openamp_to_tfm_callback cb, -- openamp_to_tfm_notify notify); --void tfm_to_openamp_notify(void); --void tfm_to_openamp_spe_map_spinlock_acquire(void); --void tfm_to_openamp_spe_map_spinlock_release(void); --void tfm_to_openamp_reply_back(const void* data, size_t len); --void tfm_to_openamp_reply_back_no_copy(const void* data, size_t len); --void tfm_to_openamp_hold_buffer(const void *buffer); --void tfm_to_openamp_release_buffer(const void *buffer); --void *tfm_to_openamp_get_buffer(uint32_t *len); --int tfm_to_openamp_get_buffer_size(void); --void *tfm_to_openamp_translate_non_secure_to_secure_ptr(const void *ptr); --void *tfm_to_openamp_translate_secure_to_non_secure_ptr(const void *ptr); -- --#endif /* TFM_SPE_OPENAMP_INTERFACE_H_ */ -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface_impl.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface_impl.c -deleted file mode 100644 -index aa16e9929..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_interface_impl.c -+++ /dev/null -@@ -1,248 +0,0 @@ --/* -- * Copyright (c) 2020 Linaro Limited -- * -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#include --#include --#include -- --#include "tfm_spe_openamp_interface.h" --#include "tfm_spm_log.h" --#include "tfm_spe_shm_openamp.h" -- --static metal_phys_addr_t shm_physmap[] = { SHM_START_PHY_ADDR }; --static struct metal_device shm_device = { -- .name = SHM_DEVICE_NAME, -- .bus = NULL, -- .num_regions = 1, -- { -- { -- .virt = (void *) SHM_START_VIRT_ADDR, -- .physmap = shm_physmap, -- .size = SHM_SIZE, -- .page_shift = 0xffffffff, -- .page_mask = 0xffffffff, -- .mem_flags = 0, -- .ops = { NULL }, -- }, -- }, -- .node = { NULL }, -- .irq_num = 0, -- .irq_info = NULL --}; -- --/* Space to be used by virtqueues */ --#define VQ_STATIC_SIZE (sizeof(struct virtqueue) + (VRING_SIZE * sizeof(struct vq_desc_extra))) --uint8_t vq1_static_space[VQ_STATIC_SIZE]; --uint8_t vq2_static_space[VQ_STATIC_SIZE]; -- --static struct virtio_vring_info rvrings[2]; -- --static struct virtio_device vdev; --static struct rpmsg_virtio_device rvdev; --static struct metal_io_region *io; --static struct virtqueue *vq[2]; --static struct rpmsg_virtio_shm_pool shpool; --static struct rpmsg_endpoint tfm_ept; --static struct rpmsg_endpoint *ep = &tfm_ept; --static struct metal_spinlock spe_map_slock; --static openamp_to_tfm_callback tfm_callback = NULL; --static openamp_to_tfm_notify tfm_notify = NULL; -- --static unsigned char virtio_get_status(struct virtio_device *vdev) --{ -- (void)vdev; -- uint32_t status = *(uint32_t *)VDEV_STATUS_ADDR; -- return status; --} -- --static void virtio_set_status(struct virtio_device *vdev, unsigned char status) --{ -- (void)vdev; -- *(uint32_t *)VDEV_STATUS_ADDR = status; --} -- --static uint32_t virtio_get_features(struct virtio_device *vdev) --{ -- (void)vdev; -- return 1 << VIRTIO_RPMSG_F_NS; --} -- --static void virtio_notify(struct virtqueue *vq) --{ -- (void)vq; -- tfm_notify(); --} -- --static struct virtio_dispatch dispatch = { -- .get_status = virtio_get_status, -- .set_status = virtio_set_status, -- .get_features = virtio_get_features, -- .notify = virtio_notify, --}; -- --int endpoint_cb(struct rpmsg_endpoint *ept, void *data, -- size_t len, uint32_t src, void *priv) --{ -- (void)ept; -- (void)src; -- (void)priv; -- tfm_callback(data, len); -- return 0; --} -- --static void rpmsg_service_unbind(struct rpmsg_endpoint *ept) --{ -- (void)ept; -- rpmsg_destroy_ept(ep); --} -- --void ns_bind_cb(struct rpmsg_device *rdev, const char *name, uint32_t dest) --{ -- (void)rpmsg_create_ept(ep, rdev, name, -- RPMSG_ADDR_ANY, dest, -- endpoint_cb, -- rpmsg_service_unbind); --} -- --void tfm_to_openamp_notify(void) --{ -- virtqueue_notification(vq[0]); --} -- --void tfm_to_openamp_spe_map_spinlock_acquire(void) --{ -- metal_spinlock_acquire(&spe_map_slock); --} -- --void tfm_to_openamp_spe_map_spinlock_release(void) --{ -- metal_spinlock_release(&spe_map_slock); --} -- --void tfm_to_openamp_reply_back(const void* data, size_t len) --{ -- rpmsg_send(ep, data, len); --} -- --void tfm_to_openamp_reply_back_no_copy(const void* data, size_t len) --{ -- rpmsg_send_nocopy(ep, data, len); --} -- --void tfm_to_openamp_hold_buffer(const void *buffer) --{ -- rpmsg_hold_rx_buffer(ep, (void*)buffer); --} -- --void tfm_to_openamp_release_buffer(const void *buffer) --{ -- rpmsg_release_rx_buffer(ep, (void*)buffer); --} -- --void *tfm_to_openamp_get_buffer(uint32_t *len) --{ -- return rpmsg_get_tx_payload_buffer(ep, len, 1); --} -- --int tfm_to_openamp_get_buffer_size(void) --{ -- return rpmsg_virtio_get_buffer_size(&rvdev.rdev); --} -- --void *tfm_to_openamp_translate_non_secure_to_secure_ptr(const void *ptr) --{ -- metal_phys_addr_t phys = 0; -- phys = (metal_phys_addr_t)ptr; -- return metal_io_phys_to_virt(io, phys); --} -- --void *tfm_to_openamp_translate_secure_to_non_secure_ptr(const void *ptr) --{ -- metal_phys_addr_t phys = metal_io_virt_to_phys(io, (void*)ptr); -- return (void*)phys; --} -- --int32_t tfm_to_openamp_init(openamp_to_tfm_callback cb, -- openamp_to_tfm_notify notify) --{ -- int status = 0; -- struct metal_device *device; -- struct metal_init_params metal_params = METAL_INIT_DEFAULTS; -- -- SPMLOG_INFMSG("TF-M OpenAMP[master] starting initialization...\r\n"); -- -- if (cb == NULL || notify == NULL) { -- SPMLOG_ERRMSG("invalid parameters\r\n"); -- return ERROR; -- } -- tfm_callback = cb; -- tfm_notify = notify; -- -- metal_spinlock_init(&spe_map_slock); -- -- status = metal_init(&metal_params); -- if (status != 0) { -- SPMLOG_ERRMSG("metal_init: failed - error code\r\n"); -- return ERROR; -- } -- -- status = metal_register_generic_device(&shm_device); -- if (status != 0) { -- SPMLOG_ERRMSG("Couldn't register shared memory device\r\n"); -- return ERROR; -- } -- -- status = metal_device_open("generic", SHM_DEVICE_NAME, &device); -- if (status != 0) { -- SPMLOG_ERRMSG("metal_device_open failed\r\n"); -- return ERROR; -- } -- -- io = metal_device_io_region(device, 0); -- if (io == NULL) { -- SPMLOG_ERRMSG("metal_device_io_region failed to get region\r\n"); -- return ERROR; -- } -- -- /* setup vdev */ -- -- memset(vq1_static_space, 0x0, VQ_STATIC_SIZE); -- vq[0] = (struct virtqueue *)vq1_static_space; -- -- memset(vq2_static_space, 0x0, VQ_STATIC_SIZE); -- vq[1] = (struct virtqueue *)vq2_static_space; -- -- vdev.role = RPMSG_MASTER; -- vdev.vrings_num = VRING_COUNT; -- vdev.func = &dispatch; -- rvrings[0].io = io; -- rvrings[0].info.vaddr = (void *)VRING_TX_ADDRESS; -- rvrings[0].info.num_descs = VRING_SIZE; -- rvrings[0].info.align = VRING_ALIGNMENT; -- rvrings[0].vq = vq[0]; -- -- rvrings[1].io = io; -- rvrings[1].info.vaddr = (void *)VRING_RX_ADDRESS; -- rvrings[1].info.num_descs = VRING_SIZE; -- rvrings[1].info.align = VRING_ALIGNMENT; -- rvrings[1].vq = vq[1]; -- -- vdev.vrings_info = &rvrings[0]; -- -- /* setup rvdev */ -- rpmsg_virtio_init_shm_pool(&shpool, (void *)SHM_START_VIRT_ADDR, SHM_SIZE); -- status = rpmsg_init_vdev(&rvdev, &vdev, ns_bind_cb, io, &shpool); -- if (status != 0) { -- SPMLOG_ERRMSGVAL("rpmsg_init_vdev failed : ", status); -- return ERROR; -- } -- SPMLOG_INFMSG("rpmsg_init_vdev Done!\r\n"); -- -- return SUCCESS; --} -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interconnect.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interconnect.c -deleted file mode 100644 -index db8e8ac8b..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interconnect.c -+++ /dev/null -@@ -1,114 +0,0 @@ --/* -- * Copyright (c) 2021-2022, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#include "tfm_spe_openamp_platform_interface.h" --#include "tfm_spe_dual_core_psa_client_secure_lib.h" --#include "tfm_rpc.h" --#include "tfm_spe_openamp_interface.h" --#include "tfm_multi_core.h" --#include "tfm_spm_log.h" --#include "utilities.h" -- --static void *registered_msg = NULL; -- --/* Process call from the other core. */ --void callback_from_openamp(const void *ns_msg, size_t len) --{ -- int32_t ret = OPENAMP_SUCCESS; -- void *priv = NULL; -- -- ret = register_msg_to_spe_and_verify(&priv, ns_msg, len); -- if (ret != OPENAMP_SUCCESS) { -- return; -- } -- -- /* -- * registered_msg will be used inside get_caller_private_data. -- * get_caller_private_data will be called in the same context: -- * deliver_msg* => tfm_rpc_xxx => tfm_spm_xxx => spm_init_connection -- * => tfm_rpc_set_caller_data => get_caller_private_data -- */ -- registered_msg = priv; -- -- deliver_msg_to_tfm_spe(priv); --} -- --/* RPC reply() callback */ --static void service_reply(const void *priv, int32_t ret) --{ -- send_service_reply_to_non_secure(ret, (void*)priv); --} -- --/* RPC get_caller_data() callback */ --static const void *get_caller_private_data(int32_t client_id) --{ -- if (!registered_msg) { -- SPMLOG_ERRMSG("FATAL_ERROR: Map pointer cannot be NULL.\r\n"); -- SPM_ASSERT(0); -- } -- -- return registered_msg; --} -- --/* Openamp specific operations callback for TF-M RPC */ --static const struct tfm_rpc_ops_t openamp_rpc_ops = { -- .handle_req = tfm_to_openamp_notify, /* notify openamp for pendsv/irq -- * received from the non-secure */ -- .reply = service_reply, -- .get_caller_data = get_caller_private_data, --}; -- --void notify_request_from_openamp(void) --{ -- int32_t ret; -- -- ret = tfm_hal_notify_peer(); -- if (ret) { -- SPMLOG_ERRMSGVAL("tfm_hal_notify_peer failed ", ret); -- } -- return; --} -- --/* Openmap initialization */ --static int32_t tfm_spe_openamp_lib_init(void) --{ -- int32_t ret; -- -- ret = tfm_dual_core_hal_init(); -- if (ret) { -- SPMLOG_ERRMSGVAL("tfm_dual_core_hal_init failed ", ret); -- return OPENAMP_INIT_ERROR; -- } -- -- ret = tfm_to_openamp_init(callback_from_openamp, -- notify_request_from_openamp); -- if (ret) { -- SPMLOG_ERRMSGVAL("tfm_to_openamp_init failed ", ret); -- return OPENAMP_INIT_ERROR; -- } -- -- init_dual_core_psa_client_secure_lib(); -- -- /* Register RPC callbacks */ -- ret = tfm_rpc_register_ops(&openamp_rpc_ops); -- if (ret) { -- SPMLOG_ERRMSGVAL("tfm_rpc_register_ops failed ", ret); -- return OPENAMP_CALLBACK_REG_ERROR; -- } -- -- SPMLOG_INFMSG("tfm_spe_openamp_lib_init initialized success.\r\n"); -- return OPENAMP_SUCCESS; --} -- --int32_t tfm_inter_core_comm_init(void) --{ -- if (tfm_spe_openamp_lib_init()) { -- return TFM_PLAT_ERR_SYSTEM_ERR; -- } -- -- return TFM_PLAT_ERR_SUCCESS; --} -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interface.h b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interface.h -deleted file mode 100644 -index 4c720b731..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_openamp_platform_interface.h -+++ /dev/null -@@ -1,31 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#ifndef __TFM_SPE_OPENAMP_PLATFORM_INTERFACE_H__ --#define __TFM_SPE_OPENAMP_PLATFORM_INTERFACE_H__ -- --#include "tfm_openamp_lib.h" --#include "tfm_plat_defs.h" -- --/** -- * \brief Platform specific initialization of SPE openamp. -- * -- * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -- * \retval Other return code Operation failed with an error code. -- */ --enum tfm_plat_err_t tfm_dual_core_hal_init(void); -- --/** -- * \brief Notify NSPE that a PSA client call return result is replied. -- * Implemented by platform specific inter-processor communication driver. -- * -- * \retval TFM_PLAT_ERR_SUCCESS The notification is successfully sent out. -- * \retval Other return code Operation failed with an error code. -- */ --enum tfm_plat_err_t tfm_hal_notify_peer(void); -- --#endif /* __TFM_SPE_OPENAMP_PLATFORM_INTERFACE_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.c b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.c -deleted file mode 100644 -index 007a675bd..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.c -+++ /dev/null -@@ -1,151 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#include "tfm_spe_psa_client_lib_unordered_map.h" --#include "utilities.h" --#include "tfm_spe_openamp_interface.h" --#include "tfm_spe_shm_openamp.h" --#include --#include --#include -- --/* -- * SPE map where tf-m copies the psa_client parameters -- * from non-secure memory to its local secure memory. -- */ --typedef struct unordered_map { -- /* -- * Aligned with TFM_MAX_MESSAGES. A more sophisticated approach is -- * required if the intent is to increase TFM_MAX_MESSAGES beyond -- * 32 bits. -- */ -- uint32_t busy_slots; /* protected by a spinlock */ -- unordered_map_entry_t map[TFM_MAX_MESSAGES]; --} unordered_map_t; -- -- --/* -- * TF-M secure memory map: the parameters are copied to secure memory -- * from openamp non-secure memory. This is to avoid TOCTOU attack. -- */ --static unordered_map_t psa_client_lib_map_; -- --static inline int find_first_unset_bit(uint32_t n) --{ -- int index = -1; -- n = ~n & (n+1); -- while(n>0) { -- n >>= 1; -- index++; -- } -- return index; --} -- --static inline bool is_map_full(unordered_map_t *m) --{ -- return (~(m->busy_slots) == 0); --} -- --static inline void set_bit(uint32_t *n, int index) --{ -- *n = (*n | (1 << index)); --} -- --static inline bool is_bit_set(uint32_t n, int index) --{ -- return ((n & (1 << index)) != 0); --} -- --static inline void unset_bit(uint32_t *n, int index) --{ -- uint32_t mask = 0; -- mask |= (1 << index); -- *n = (*n & ~mask); --} -- --void unordered_map_init(void) --{ -- tfm_to_openamp_spe_map_spinlock_acquire(); -- psa_client_lib_map_.busy_slots = 0; -- tfm_to_openamp_spe_map_spinlock_release(); --} -- --static int32_t alloc_map_entry(unordered_map_handle_t *handle) --{ -- int32_t ret; -- tfm_to_openamp_spe_map_spinlock_acquire(); -- do { -- if (is_map_full(&psa_client_lib_map_)) { -- ret = OPENAMP_MAP_FULL; -- break; -- } -- *handle = find_first_unset_bit(psa_client_lib_map_.busy_slots); -- set_bit(&psa_client_lib_map_.busy_slots, *handle); -- ret = OPENAMP_SUCCESS; -- } while (0); -- tfm_to_openamp_spe_map_spinlock_release(); -- return ret; --} -- --int32_t unordered_map_insert(const ns_openamp_msg_t *ns_msg, const void *in, -- unordered_map_handle_t *handle) --{ -- int32_t ret; -- -- ret = alloc_map_entry(handle); -- if (ret) { -- return ret; -- } -- -- memcpy(&psa_client_lib_map_.map[*handle].msg, ns_msg, -- sizeof(ns_openamp_msg_t)); -- -- psa_client_lib_map_.map[*handle].input_buffer = in; -- psa_client_lib_map_.map[*handle].output_buffer = NULL; -- psa_client_lib_map_.map[*handle].output_buffer_len = 0; -- psa_client_lib_map_.map[*handle].is_input_buffer_hold = false; -- psa_client_lib_map_.map[*handle].is_output_buffer = false; -- -- psa_client_lib_map_.map[*handle].handle = *handle; -- -- return OPENAMP_SUCCESS; --} -- --void unordered_map_free(unordered_map_handle_t handle) --{ -- if (handle >= TFM_MAX_MESSAGES || handle < 0) { -- return; -- } -- spm_memset(&psa_client_lib_map_.map[handle], 0, -- sizeof(unordered_map_entry_t)); -- -- tfm_to_openamp_spe_map_spinlock_acquire(); -- unset_bit(&psa_client_lib_map_.busy_slots, handle); -- tfm_to_openamp_spe_map_spinlock_release(); --} -- --unordered_map_entry_t* unordered_map_get_entry_ptr(unordered_map_handle_t handle) --{ -- if (handle >= TFM_MAX_MESSAGES || handle < 0) { -- return NULL; -- } -- if (!is_bit_set(psa_client_lib_map_.busy_slots, handle)) { -- return NULL; -- } -- return &psa_client_lib_map_.map[handle]; --} -- --unordered_map_handle_t unordered_map_get_entry_handle( -- const unordered_map_entry_t *ptr) --{ -- if (!ptr) { -- return INVALID_MAP_HANDLE; -- } -- -- return ptr->handle; --} -- -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.h b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.h -deleted file mode 100644 -index 1d094133b..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_psa_client_lib_unordered_map.h -+++ /dev/null -@@ -1,50 +0,0 @@ --/* -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#ifndef __TFM_SPE_PSA_CLIENT_LIB_UNORDERED_MAP_H__ --#define __TFM_SPE_PSA_CLIENT_LIB_UNORDERED_MAP_H__ -- --#include --#include "tfm_openamp_lib.h" -- --/* 16 bits are sufficient to store the handle. Also -- * choosing 16bits allow for better packing inside -- * the struct unordered_map_entry_t. -- */ --typedef int16_t unordered_map_handle_t; --#define INVALID_MAP_HANDLE -1 -- --/* An entry structure of map data structure */ --typedef struct unordered_map_entry { -- ns_openamp_msg_t msg; -- const void *input_buffer; -- void *output_buffer; -- size_t output_buffer_len; -- unordered_map_handle_t handle; /* entry handle */ -- bool is_input_buffer_hold; /* true when input buffer is held */ -- bool is_output_buffer; /* true when output buffer is preallocated */ --} unordered_map_entry_t; -- --/* Initialize the map data structure */ --void unordered_map_init(void); -- --/* Insert entry into the map and return a handle to the entry */ --int32_t unordered_map_insert(const ns_openamp_msg_t *msg, const void *in, -- unordered_map_handle_t *handle); -- --/* Free respective entry into the map represented by the handle */ --void unordered_map_free(unordered_map_handle_t handle); -- --/* Using a handle return the memory pointer of the entry */ --unordered_map_entry_t* unordered_map_get_entry_ptr( -- unordered_map_handle_t handle); -- --/* Using a entry memory location, return respective handle */ --unordered_map_handle_t unordered_map_get_entry_handle( -- const unordered_map_entry_t *ptr); -- --#endif /* __TFM_SPE_PSA_CLIENT_LIB_UNORDERED_MAP_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_shm_openamp.h b/platform/ext/target/arm/corstone1000/openamp/tfm_spe_shm_openamp.h -deleted file mode 100644 -index 6e8cde8f4..000000000 ---- a/platform/ext/target/arm/corstone1000/openamp/tfm_spe_shm_openamp.h -+++ /dev/null -@@ -1,39 +0,0 @@ --/* -- * Copyright (c) 2020 Linaro Limited -- * -- * Copyright (c) 2021, Arm Limited. All rights reserved. -- * -- * SPDX-License-Identifier: BSD-3-Clause -- * -- */ -- --#ifndef TFM_SPE_SHM_OPEN_AMP_H_ --#define TFM_SPE_SHM_OPEN_AMP_H_ -- --#include "region_defs.h" -- --#define VDEV_STATUS_ADDR (OPENAMP_SE_SHARED_MEMORY_START_ADDR) --#define VDEV_STATUS_SIZE (0x1000) // 4 KB --#define SHM_START_VIRT_ADDR (OPENAMP_SE_SHARED_MEMORY_START_ADDR + VDEV_STATUS_SIZE) --#define SHM_START_PHY_ADDR (OPENAMP_HOST_SHARED_MEMORY_START_ADDR + VDEV_STATUS_SIZE) --#define SHM_SIZE OPENAMP_SHARED_MEMORY_SIZE - VDEV_STATUS_SIZE --#define SHM_DEVICE_NAME "cvm.shm" -- --#define VRING_COUNT 2 --#define VRING_MEM_SIZE (0x1000) // 4 KB --#define VRING_TX_ADDRESS (SHM_START_VIRT_ADDR + SHM_SIZE - VRING_MEM_SIZE) --#define VRING_RX_ADDRESS (SHM_START_VIRT_ADDR + SHM_SIZE - (2 * VRING_MEM_SIZE)) --#define VRING_ALIGNMENT 4 --#define VRING_SIZE 16 -- --/* -- * The tf-m can only accept MAX_MESSAGES at a given time. -- * The Host should set RPMSG_BUFFER_SIZE accrodingly -- * such that tf-m does not recieve more than -- * TFM_MAX_MESSAGES messages. -- * Changing this macro DOES NOT increase TF-M capabilities -- * to handle more messages. -- */ --#define TFM_MAX_MESSAGES (32) -- --#endif /* TFM_SPE_SHM_OPEN_AMP_H_ */ -diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h -index 64ab786e5..a80b07737 100644 ---- a/platform/ext/target/arm/corstone1000/partition/region_defs.h -+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h -@@ -59,13 +59,13 @@ - #define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1) - #define S_DATA_PRIV_START (S_DATA_START + S_UNPRIV_DATA_SIZE) - --/* OpenAMP shared memory region */ --#define OPENAMP_SE_SHARED_MEMORY_START_ADDR 0xA8000000 --#define OPENAMP_HOST_SHARED_MEMORY_START_ADDR 0x88000000 --#define OPENAMP_SHARED_MEMORY_SIZE (1024 * 1024) /* 1MB */ -+/* Shared memory region */ -+#define INTER_PROCESSOR_SE_SHARED_MEMORY_START_ADDR 0xA8000000 -+#define INTER_PROCESSOR_HOST_SHARED_MEMORY_START_ADDR 0x88000000 -+#define INTER_PROCESSOR_SHARED_MEMORY_SIZE (1024 * 1024) /* 1MB */ - --#define NS_DATA_START OPENAMP_SE_SHARED_MEMORY_START_ADDR --#define NS_DATA_SIZE OPENAMP_SHARED_MEMORY_SIZE -+#define NS_DATA_START INTER_PROCESSOR_SE_SHARED_MEMORY_START_ADDR -+#define NS_DATA_SIZE INTER_PROCESSOR_SHARED_MEMORY_SIZE - - #define S_CODE_VECTOR_TABLE_SIZE (0xc0) - -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/CMakeLists.txt b/platform/ext/target/arm/corstone1000/rse_comms/CMakeLists.txt -new file mode 100644 -index 000000000..7c4bc0fef ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/CMakeLists.txt -@@ -0,0 +1,34 @@ -+#------------------------------------------------------------------------------- -+# Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+# -+# SPDX-License-Identifier: BSD-3-Clause -+# -+#------------------------------------------------------------------------------- -+ -+target_include_directories(platform_s -+ PUBLIC -+ . -+) -+ -+target_sources(platform_s -+ PRIVATE -+ rse_comms.c -+ rse_comms_hal.c -+ rse_comms_queue.c -+ rse_comms_protocol.c -+ rse_comms_protocol_embed.c -+) -+ -+target_compile_definitions(platform_s -+ PRIVATE -+ RSE_COMMS_MAX_CONCURRENT_REQ=1 -+ RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ $<$:CONFIG_TFM_HALT_ON_CORE_PANIC> -+) -+ -+# For spm_log_msgval -+target_link_libraries(platform_s -+ PRIVATE -+ tfm_spm -+ tfm_sprt -+) -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.c b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.c -new file mode 100644 -index 000000000..df2b6bffa ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.c -@@ -0,0 +1,176 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * Copyright (c) 2023 Cypress Semiconductor Corporation (an Infineon company) -+ * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms.h" -+ -+#include -+#include -+ -+#include "rse_comms_hal.h" -+#include "rse_comms_queue.h" -+#include "tfm_rpc.h" -+#include "tfm_multi_core.h" -+#include "tfm_hal_multi_core.h" -+#include "tfm_psa_call_pack.h" -+#include "tfm_spm_log.h" -+#include "rse_comms_permissions_hal.h" -+ -+static struct client_request_t *req_to_process; -+ -+static psa_status_t message_dispatch(struct client_request_t *req) -+{ -+ int32_t client_id; -+ enum tfm_plat_err_t plat_err; -+ -+ /* Create the call parameters */ -+ struct client_params_t params = { -+ .p_invecs = req->in_vec, -+ .p_outvecs = req->out_vec, -+ }; -+ -+ SPMLOG_DBGMSG("[RSE-COMMS] Dispatching message\r\n"); -+ SPMLOG_DBGMSGVAL("handle=", req->handle); -+ SPMLOG_DBGMSGVAL("type=", req->type); -+ SPMLOG_DBGMSGVAL("in_len=", req->in_len); -+ SPMLOG_DBGMSGVAL("out_len=", req->out_len); -+ if (req->in_len > 0) { -+ SPMLOG_DBGMSGVAL("in_vec[0].len=", req->in_vec[0].len); -+ } -+ if (req->in_len > 1) { -+ SPMLOG_DBGMSGVAL("in_vec[1].len=", req->in_vec[1].len); -+ } -+ if (req->in_len > 2) { -+ SPMLOG_DBGMSGVAL("in_vec[2].len=", req->in_vec[2].len); -+ } -+ if (req->in_len > 3) { -+ SPMLOG_DBGMSGVAL("in_vec[3].len=", req->in_vec[3].len); -+ } -+ if (req->out_len > 0) { -+ SPMLOG_DBGMSGVAL("out_vec[0].len=", req->out_vec[0].len); -+ } -+ if (req->out_len > 1) { -+ SPMLOG_DBGMSGVAL("out_vec[1].len=", req->out_vec[1].len); -+ } -+ if (req->out_len > 2) { -+ SPMLOG_DBGMSGVAL("out_vec[2].len=", req->out_vec[2].len); -+ } -+ if (req->out_len > 3) { -+ SPMLOG_DBGMSGVAL("out_vec[3].len=", req->out_vec[3].len); -+ } -+ -+ plat_err = comms_permissions_service_check(req->handle, -+ req->in_vec, -+ req->in_len, -+ req->type); -+ if (plat_err != TFM_PLAT_ERR_SUCCESS) { -+ SPMLOG_ERRMSG("[RSE-COMMS] Call not permitted\r\n"); -+ return PSA_ERROR_NOT_PERMITTED; -+ } -+ -+ client_id = tfm_hal_client_id_translate(req->mhu_sender_dev, -+ (int32_t)(req->client_id)); -+ if (client_id >= 0) { -+ SPMLOG_ERRMSGVAL("[RSE-COMMS] Invalid client_id: ", -+ (uint32_t)(req->client_id)); -+ return PSA_ERROR_INVALID_ARGUMENT; -+ } -+ params.ns_client_id_stateless = client_id; -+ -+ return tfm_rpc_psa_call(req->handle, -+ PARAM_PACK(req->type, -+ req->in_len, -+ req->out_len), -+ ¶ms, -+ NULL); -+} -+ -+static void rse_comms_reply(const void *owner, int32_t ret) -+{ -+ struct client_request_t *req = (struct client_request_t *)owner; -+ -+ req->return_val = ret; -+ -+ SPMLOG_DBGMSG("[RSE-COMMS] Sending reply\r\n"); -+ SPMLOG_DBGMSGVAL("protocol_ver=", req->protocol_ver); -+ SPMLOG_DBGMSGVAL("seq_num=", req->seq_num); -+ SPMLOG_DBGMSGVAL("client_id=", req->client_id); -+ SPMLOG_DBGMSGVAL("return_val=", req->return_val); -+ SPMLOG_DBGMSGVAL("out_vec[0].len=", req->out_vec[0].len); -+ SPMLOG_DBGMSGVAL("out_vec[1].len=", req->out_vec[1].len); -+ SPMLOG_DBGMSGVAL("out_vec[2].len=", req->out_vec[2].len); -+ SPMLOG_DBGMSGVAL("out_vec[3].len=", req->out_vec[3].len); -+ -+ if (tfm_multi_core_hal_reply(req) != TFM_PLAT_ERR_SUCCESS) { -+ SPMLOG_DBGMSG("[RSE-COMMS] Sending reply failed!\r\n"); -+ } -+} -+ -+static void rse_comms_handle_req(void) -+{ -+ psa_status_t status; -+ void *queue_entry; -+ -+ /* FIXME: consider memory limitations that may prevent dispatching all -+ * messages in one go. -+ */ -+ while (queue_dequeue(&queue_entry) == 0) { -+ /* Deliver PSA Client call request to handler in SPM. */ -+ req_to_process = queue_entry; -+ status = message_dispatch(req_to_process); -+#if CONFIG_TFM_SPM_BACKEND_IPC == 1 -+ /* -+ * If status == PSA_SUCCESS, peer will be replied when mailbox agent -+ * partition receives a 'ASYNC_MSG_REPLY' signal from the requested -+ * service partition. -+ * If status != PSA_SUCCESS, the service call has been finished. -+ * Reply to the peer directly. -+ */ -+ if (status != PSA_SUCCESS) { -+ SPMLOG_DBGMSGVAL("[RSE-COMMS] Message dispatch failed: ", status); -+ rse_comms_reply(req_to_process, status); -+ } -+#else -+ /* In SFN model, the service call has been finished. Reply to the peer directly. */ -+ rse_comms_reply(req_to_process, status); -+#endif -+ } -+} -+ -+static const void *rss_comms_get_caller_data(int32_t client_id) -+{ -+ (void)client_id; -+ -+ return req_to_process; -+} -+ -+static struct tfm_rpc_ops_t rpc_ops = { -+ .handle_req = rse_comms_handle_req, -+ .reply = rse_comms_reply, -+ .get_caller_data = rss_comms_get_caller_data, -+}; -+ -+int32_t tfm_inter_core_comm_init(void) -+{ -+ int32_t ret; -+ -+ /* Register RPC callbacks */ -+ ret = tfm_rpc_register_ops(&rpc_ops); -+ if (ret != TFM_RPC_SUCCESS) { -+ return ret; -+ } -+ -+ /* Platform specific initialization */ -+ ret = tfm_multi_core_hal_init(); -+ if (ret != TFM_PLAT_ERR_SUCCESS) { -+ tfm_rpc_unregister_ops(); -+ return ret; -+ } -+ -+ return TFM_RPC_SUCCESS; -+} -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h -new file mode 100644 -index 000000000..6d79dd3bf ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms.h -@@ -0,0 +1,48 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_H__ -+#define __RSE_COMMS_H__ -+ -+#include "psa/client.h" -+#include "cmsis_compiler.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+ /* size suits to fit the largest message too (EFI variables) */ -+#define RSE_COMMS_PAYLOAD_MAX_SIZE (0x2100) -+ -+/* -+ * Allocated for each client request. -+ * -+ * TODO: Sizing of payload_buf, this should be platform dependent: -+ * - sum in_vec size -+ * - sum out_vec size -+ */ -+struct client_request_t { -+ void *mhu_sender_dev; /* Pointer to MHU sender device to reply on */ -+ uint8_t protocol_ver; -+ uint8_t seq_num; -+ uint16_t client_id; -+ psa_handle_t handle; -+ int32_t type; -+ uint32_t in_len; -+ uint32_t out_len; -+ psa_invec in_vec[PSA_MAX_IOVEC]; -+ psa_outvec out_vec[PSA_MAX_IOVEC]; -+ int32_t return_val; -+ uint64_t out_vec_host_addr[PSA_MAX_IOVEC]; -+ uint8_t param_copy_buf[RSE_COMMS_PAYLOAD_MAX_SIZE]; -+}; -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.c b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.c -new file mode 100644 -index 000000000..ef6fb9e02 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.c -@@ -0,0 +1,232 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms_hal.h" -+ -+#include "rse_comms.h" -+#include "rse_comms_queue.h" -+#include "mhu.h" -+#include "cmsis.h" -+#include "device_definition.h" -+#include "tfm_peripherals_def.h" -+#include "tfm_spm_log.h" -+#include "tfm_pools.h" -+#include "rse_comms_protocol.h" -+#include -+ -+/* Declared statically to avoid using huge amounts of stack space. Maybe revisit -+ * if functions not being reentrant becomes a problem. -+ */ -+static __ALIGNED(4) struct serialized_psa_msg_t msg; -+static __ALIGNED(4) struct serialized_psa_reply_t reply; -+ -+/* The 32bit client ID is constructed as following: -+ * bit31: always 1 -+ * bit30~bit16: client source identifier. -+ 0x0000 First mailbox agent client(MHU) (by default) -+ 0x1000 Second mailbox agent client(MHU) -+ ... -+ * bit15~bit0: client input client ID -+ */ -+#define CLIENT_ID_USER_INPUT_OFFSET (0) -+#define CLIENT_ID_USER_INPUT_MASK (0xFFFFUL << CLIENT_ID_USER_INPUT_OFFSET) -+ -+#define CLIENT_ID_MHU_BASE_OFFSET (16) -+#define CLIENT_ID_MHU_BASE_MASK (0x7FFFUL << CLIENT_ID_MHU_BASE_OFFSET) -+ -+#define NS_CLIENT_ID_FLAG_OFFSET (31) -+#define NS_CLIENT_ID_FLAG_MASK (0x1UL << NS_CLIENT_ID_FLAG_OFFSET) -+ -+/* MHU for RSE <> AP_MONITOR communication */ -+#ifndef MHU0_CLIENT_ID_BASE -+#define MHU0_CLIENT_ID_BASE (0x0000UL << CLIENT_ID_MHU_BASE_OFFSET) -+#endif -+ -+#ifdef MHU_RSE_TO_AP_NS -+/* MHU for RSE <> AP_NS communication */ -+#ifndef MHU1_CLIENT_ID_BASE -+#define MHU1_CLIENT_ID_BASE (0x1000UL << CLIENT_ID_MHU_BASE_OFFSET) -+#endif -+#endif /* MHU_RSE_TO_AP_NS */ -+ -+TFM_POOL_DECLARE(req_pool, sizeof(struct client_request_t), -+ RSE_COMMS_MAX_CONCURRENT_REQ); -+ -+static enum tfm_plat_err_t initialize_mhu(void) -+{ -+ enum mhu_error_t err; -+ -+ err = mhu_init_sender(&MHU1_SE_TO_HOST_DEV); -+ if (err != MHU_ERR_NONE) { -+ SPMLOG_ERRMSGVAL("[COMMS] RSE to AP_MONITOR MHU driver init failed: ", -+ err); -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+ -+ err = mhu_init_receiver(&MHU1_HOST_TO_SE_DEV); -+ if (err != MHU_ERR_NONE) { -+ SPMLOG_ERRMSGVAL("[COMMS] AP_MONITOR to RSE MHU driver init failed: ", -+ err); -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+ -+#ifdef MHU_RSE_TO_AP_NS -+ err = mhu_init_sender(&MHU_RSE_TO_AP_NS_DEV); -+ if (err != MHU_ERR_NONE) { -+ SPMLOG_ERRMSGVAL("[COMMS] RSE to AP_NS MHU driver init failed: ", err); -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+ -+ err = mhu_init_receiver(&MHU_AP_NS_TO_RSE_DEV); -+ if (err != MHU_ERR_NONE) { -+ SPMLOG_ERRMSGVAL("[COMMS] AP_NS to RSE MHU driver init failed: ", err); -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+#endif /* MHU_RSE_TO_AP_NS */ -+ -+ SPMLOG_DBGMSG("[COMMS] MHU driver initialized successfully.\r\n"); -+ return TFM_PLAT_ERR_SUCCESS; -+} -+ -+enum tfm_plat_err_t tfm_multi_core_hal_receive(void *mhu_receiver_dev, -+ void *mhu_sender_dev, -+ uint32_t source) -+{ -+ enum mhu_error_t mhu_err; -+ enum tfm_plat_err_t err; -+ size_t msg_len = sizeof(msg); -+ size_t reply_size; -+ -+ memset(&msg, 0, sizeof(msg)); -+ memset(&reply, 0, sizeof(reply)); -+ -+ /* Receive complete message */ -+ mhu_err = mhu_receive_data(mhu_receiver_dev, (uint8_t *)&msg, &msg_len); -+ -+ /* Clear the pending interrupt for this MHU. This prevents the mailbox -+ * interrupt handler from being called without the next request arriving -+ * through the mailbox -+ */ -+ NVIC_ClearPendingIRQ(source); -+ -+ if (mhu_err != MHU_ERR_NONE) { -+ SPMLOG_DBGMSGVAL("[COMMS] MHU receive failed: ", mhu_err); -+ /* Can't respond, since we don't know anything about the message */ -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+ -+ SPMLOG_DBGMSG("[COMMS] Received message\r\n"); -+ SPMLOG_DBGMSGVAL("[COMMS] size=", msg_len); -+ SPMLOG_DBGMSGVAL("[COMMS] seq_num=", msg.header.seq_num); -+ -+ struct client_request_t *req = tfm_pool_alloc(req_pool); -+ if (!req) { -+ /* No free capacity, drop message */ -+ err = TFM_PLAT_ERR_SYSTEM_ERR; -+ goto out_return_err; -+ } -+ memset(req, 0, sizeof(struct client_request_t)); -+ -+ /* Record the MHU sender device to be used for the reply */ -+ req->mhu_sender_dev = mhu_sender_dev; -+ -+ err = rse_protocol_deserialize_msg(req, &msg, msg_len); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ /* Deserialisation failed, drop message */ -+ SPMLOG_DBGMSGVAL("[COMMS] Deserialize message failed: ", err); -+ goto out_return_err; -+ } -+ -+ if (queue_enqueue(req) != 0) { -+ /* No queue capacity, drop message */ -+ err = TFM_PLAT_ERR_SYSTEM_ERR; -+ goto out_return_err; -+ } -+ -+ /* Message successfully received */ -+ return TFM_PLAT_ERR_SUCCESS; -+ -+out_return_err: -+ /* Attempt to respond with a failure message */ -+ if (rse_protocol_serialize_error(req, &msg.header, -+ PSA_ERROR_CONNECTION_BUSY, -+ &reply, &reply_size) -+ == TFM_PLAT_ERR_SUCCESS) { -+ mhu_send_data(mhu_sender_dev, (uint8_t *)&reply, reply_size); -+ } -+ -+ if (req) { -+ tfm_pool_free(req_pool, req); -+ } -+ -+ return err; -+} -+ -+enum tfm_plat_err_t tfm_multi_core_hal_reply(struct client_request_t *req) -+{ -+ enum tfm_plat_err_t err; -+ enum mhu_error_t mhu_err; -+ size_t reply_size; -+ -+ /* This function is called by the mailbox partition with Thread priority, so -+ * MHU interrupts must be disabled to prevent concurrent accesses by -+ * tfm_multi_core_hal_receive(). -+ */ -+ NVIC_DisableIRQ(MAILBOX_IRQ); -+ -+ if (!is_valid_chunk_data_in_pool(req_pool, (uint8_t *)req)) { -+ err = TFM_PLAT_ERR_SYSTEM_ERR; -+ goto out; -+ } -+ -+ err = rse_protocol_serialize_reply(req, &reply, &reply_size); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ SPMLOG_DBGMSGVAL("[COMMS] Serialize reply failed: ", err); -+ goto out_free_req; -+ } -+ -+ mhu_err = mhu_send_data(req->mhu_sender_dev, (uint8_t *)&reply, reply_size); -+ if (mhu_err != MHU_ERR_NONE) { -+ SPMLOG_DBGMSGVAL("[COMMS] MHU send failed: ", mhu_err); -+ err = TFM_PLAT_ERR_SYSTEM_ERR; -+ goto out_free_req; -+ } -+ -+ SPMLOG_DBGMSG("[COMMS] Sent reply\r\n"); -+ -+out_free_req: -+ tfm_pool_free(req_pool, req); -+out: -+ NVIC_EnableIRQ(MAILBOX_IRQ); -+ return err; -+} -+ -+enum tfm_plat_err_t tfm_multi_core_hal_init(void) -+{ -+ int32_t spm_err; -+ -+ spm_err = tfm_pool_init(req_pool, POOL_BUFFER_SIZE(req_pool), -+ sizeof(struct client_request_t), -+ RSE_COMMS_MAX_CONCURRENT_REQ); -+ if (spm_err) { -+ return TFM_PLAT_ERR_SYSTEM_ERR; -+ } -+ -+ return initialize_mhu(); -+} -+ -+int32_t tfm_hal_client_id_translate(void *owner, int32_t client_id_in) -+{ -+ if ((uintptr_t)owner == (uintptr_t)&MHU1_SE_TO_HOST_DEV) { -+ return ((client_id_in & CLIENT_ID_USER_INPUT_MASK) | -+ (MHU0_CLIENT_ID_BASE & CLIENT_ID_MHU_BASE_MASK) | -+ (NS_CLIENT_ID_FLAG_MASK)); -+ } else { -+ SPMLOG_DBGMSG("[COMMS] client_id translation failed: invalid owner\r\n"); -+ return 0; -+ } -+} -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.h -new file mode 100644 -index 000000000..c4676cb2e ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_hal.h -@@ -0,0 +1,56 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_HAL_H__ -+#define __RSE_COMMS_HAL_H__ -+ -+#include "rse_comms.h" -+#include "tfm_plat_defs.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+/** -+ * \brief Platform specific initialization of SPE multi-core. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t tfm_multi_core_hal_init(void); -+ -+/** -+ * \brief Receive PSA client call request from NSPE. -+ * Implemented by platform specific inter-processor communication driver. -+ * -+ * \param[in] mhu_receiver_dev Pointer to MHU receiver device on which to read -+ * the message. -+ * \param[in] mhu_sender_dev Pointer to MHU sender device on which to write -+ * the reply. -+ * \param[in] source The number of the IRQ source for this MHU. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t tfm_multi_core_hal_receive(void *mhu_receiver_dev, -+ void *mhu_sender_dev, -+ uint32_t source); -+ -+/** -+ * \brief Notify NSPE that a PSA client call return result is replied. -+ * Implemented by platform specific inter-processor communication driver. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS The notification is successfully sent out. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t tfm_multi_core_hal_reply(struct client_request_t *req); -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_HAL_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_permissions_hal.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_permissions_hal.h -new file mode 100644 -index 000000000..5bd0124a6 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_permissions_hal.h -@@ -0,0 +1,58 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_PERMISSIONS_HAL_H__ -+#define __RSE_COMMS_PERMISSIONS_HAL_H__ -+ -+#include "psa/client.h" -+#include "tfm_plat_defs.h" -+#include "stdbool.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+/** -+ * \brief Check that RSE comms callers have permission to access a memory -+ * buffer. -+ * -+ * \param[in] owner The owner of host memory against which the -+ * memory access is checked (e.g. MHU device). -+ * \param[in] host_ptr Address of the memory region to be accessed. -+ * \param[in] size Size of the memory region to be accessed. -+ * \param[in] is_write True, if the memory access is a write -+ * operation, False otherwise. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Caller has permission to access buffer. -+ * \retval Other return code Caller does not have permission, or an error -+ * occurred. -+ */ -+enum tfm_plat_err_t comms_permissions_memory_check(void *owner, -+ uint64_t host_ptr, -+ uint32_t size, -+ bool is_write); -+ -+/** -+ * \brief Check that RSE comms callers have permission to access a service. -+ * -+ * \note in_vec and in_len are passed in as the Crypto partition encodes which -+ * function is requested in the first in_vec. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Caller has permission to access service. -+ * \retval Other return code Caller does not have permission, or an error -+ * occurred. -+ */ -+enum tfm_plat_err_t comms_permissions_service_check(psa_handle_t handle, -+ const psa_invec *in_vec, -+ size_t in_len, -+ int32_t type); -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_PERMISSIONS_HAL_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.c b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.c -new file mode 100644 -index 000000000..94b7995b9 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.c -@@ -0,0 +1,120 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms_protocol.h" -+ -+#include "tfm_spm_log.h" -+#include -+ -+enum tfm_plat_err_t rse_protocol_deserialize_msg( -+ struct client_request_t *req, struct serialized_psa_msg_t *msg, -+ size_t msg_len) -+{ -+ if (msg_len < sizeof(msg->header)) { -+ return TFM_PLAT_ERR_INVALID_INPUT; -+ } -+ -+ req->protocol_ver = msg->header.protocol_ver; -+ req->seq_num = msg->header.seq_num; -+ req->client_id = msg->header.client_id; -+ -+ switch (msg->header.protocol_ver) { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ case RSE_COMMS_PROTOCOL_EMBED: -+ SPMLOG_DBGMSG("[COMMS] Deserializing as embed message\r\n"); -+ return rse_protocol_embed_deserialize_msg(req, &msg->msg.embed, -+ msg_len - sizeof(struct serialized_rse_comms_header_t)); -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ case RSE_COMMS_PROTOCOL_POINTER_ACCESS: -+ SPMLOG_DBGMSG("[COMMS] Deserializing as pointer_access message\r\n"); -+ return rse_protocol_pointer_access_deserialize_msg(req, &msg->msg.pointer_access, -+ msg_len - sizeof(struct serialized_rse_comms_header_t)); -+#endif -+ default: -+ return TFM_PLAT_ERR_UNSUPPORTED; -+ } -+} -+ -+enum tfm_plat_err_t rse_protocol_serialize_reply(struct client_request_t *req, -+ struct serialized_psa_reply_t *reply, size_t *reply_size) -+{ -+ enum tfm_plat_err_t err; -+ -+ memset(reply, 0, sizeof(struct serialized_psa_reply_t)); -+ -+ reply->header.protocol_ver = req->protocol_ver; -+ reply->header.seq_num = req->seq_num; -+ reply->header.client_id = req->client_id; -+ -+ switch (reply->header.protocol_ver) { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ case RSE_COMMS_PROTOCOL_EMBED: -+ err = rse_protocol_embed_serialize_reply(req, &reply->reply.embed, -+ reply_size); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ return err; -+ } -+ break; -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ case RSE_COMMS_PROTOCOL_POINTER_ACCESS: -+ err = rse_protocol_pointer_access_serialize_reply(req, -+ &reply->reply.pointer_access, reply_size); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ return err; -+ } -+ break; -+#endif -+ default: -+ return TFM_PLAT_ERR_UNSUPPORTED; -+ } -+ -+ *reply_size += sizeof(struct serialized_rse_comms_header_t); -+ -+ return TFM_PLAT_ERR_SUCCESS; -+} -+ -+enum tfm_plat_err_t rse_protocol_serialize_error( -+ struct client_request_t *req, -+ struct serialized_rse_comms_header_t *header, psa_status_t error, -+ struct serialized_psa_reply_t *reply, size_t *reply_size) -+{ -+ enum tfm_plat_err_t err; -+ -+ memset(reply, 0, sizeof(struct serialized_psa_reply_t)); -+ memcpy(&reply->header, header, -+ sizeof(struct serialized_rse_comms_header_t)); -+ -+ switch (reply->header.protocol_ver) { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ case RSE_COMMS_PROTOCOL_EMBED: -+ err = rse_protocol_embed_serialize_error(req, error, -+ &reply->reply.embed, -+ reply_size); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ return err; -+ } -+ break; -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ case RSE_COMMS_PROTOCOL_POINTER_ACCESS: -+ err = rse_protocol_pointer_access_serialize_error(req, error, -+ &reply->reply.pointer_access, reply_size); -+ if (err != TFM_PLAT_ERR_SUCCESS) { -+ return err; -+ } -+ break; -+#endif -+ default: -+ return TFM_PLAT_ERR_UNSUPPORTED; -+ } -+ -+ *reply_size += sizeof(struct serialized_rse_comms_header_t); -+ -+ return TFM_PLAT_ERR_SUCCESS; -+} -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.h -new file mode 100644 -index 000000000..c30825f4c ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol.h -@@ -0,0 +1,129 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_PROTOCOL_H__ -+#define __RSE_COMMS_PROTOCOL_H__ -+ -+#include "psa/client.h" -+#include "cmsis_compiler.h" -+#include "rse_comms.h" -+#include "tfm_platform_system.h" -+ -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+#include "rse_comms_protocol_embed.h" -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+#include "rse_comms_protocol_pointer_access.h" -+#endif /* RSE_MHU_PROTOCOL_V0_ENABLED */ -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+enum rse_comms_protocol_version_t { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ RSE_COMMS_PROTOCOL_EMBED = 0, -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ RSE_COMMS_PROTOCOL_POINTER_ACCESS = 1, -+#endif /* RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED */ -+}; -+ -+ -+__PACKED_STRUCT serialized_rse_comms_header_t { -+ uint8_t protocol_ver; -+ uint8_t seq_num; -+ uint16_t client_id; -+}; -+ -+/* MHU message passed from NSPE to SPE to deliver a PSA client call */ -+__PACKED_STRUCT serialized_psa_msg_t { -+ struct serialized_rse_comms_header_t header; -+ __PACKED_UNION { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ struct rse_embed_msg_t embed; -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ struct rse_pointer_access_msg_t pointer_access; -+#endif /* RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED */ -+ } msg; -+}; -+ -+/* MHU reply message to hold the PSA client call return result from SPE */ -+__PACKED_STRUCT serialized_psa_reply_t { -+ struct serialized_rse_comms_header_t header; -+ __PACKED_UNION { -+#ifdef RSE_COMMS_PROTOCOL_EMBED_ENABLED -+ struct rse_embed_reply_t embed; -+#endif /* RSE_COMMS_PROTOCOL_EMBED_ENABLED */ -+#ifdef RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED -+ struct rse_pointer_access_reply_t pointer_access; -+#endif /* RSE_COMMS_PROTOCOL_POINTER_ACCESS_ENABLED */ -+ } reply; -+}; -+ -+/** -+ * \brief Convert a serialized message to a client_request_t. -+ * -+ * \param[out] req The client_request_t to fill. -+ * \param[in] msg The serialized message to extract data from. -+ * \param[in] msg_len The size of the message. -+ * -+ * \note The sanitization of the client request structure is the -+ * responsibility of the caller. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t rse_protocol_deserialize_msg(struct client_request_t *req, -+ struct serialized_psa_msg_t *msg, size_t msg_len); -+ -+/** -+ * \brief Convert a a client_request_t to a serialized reply. -+ * -+ * \param[in] req The client_request_t to serialize data from. -+ * \param[out] reply The reply to fill. -+ * \param[out] reply_size The size of the reply that was filled. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t rse_protocol_serialize_reply(struct client_request_t *req, -+ struct serialized_psa_reply_t *reply, size_t *reply_size); -+ -+/** -+ * \brief Create a serialised error reply from a header and an error code. -+ * Intended to for the RSE to notify the AP of errors during the message -+ * deserialization phase. -+ * -+ * \param[in] req The client_request_t to serialize data from. If -+ * the error occured in allocation this pointer -+ * may be NULL. This may not contain message -+ * header information if the message -+ * deserialize failed. -+ * \param[in] header The header of the received -+ * serialized_psa_msg_t whose deserialization -+ * caused the error. -+ * \param[in] error The error code to be transmitted to the AP. -+ * \param[out] reply The reply to fill. -+ * \param[out] reply_size The size of the reply that was filled. -+ * -+ * \retval TFM_PLAT_ERR_SUCCESS Operation succeeded. -+ * \retval Other return code Operation failed with an error code. -+ */ -+enum tfm_plat_err_t rse_protocol_serialize_error( -+ struct client_request_t *req, -+ struct serialized_rse_comms_header_t *header, psa_status_t error, -+ struct serialized_psa_reply_t *reply, size_t *reply_size); -+ -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_PROTOCOL_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.c b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.c -new file mode 100644 -index 000000000..5544f9fb8 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.c -@@ -0,0 +1,105 @@ -+/* -+ * Copyright (c) 2022, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms_protocol_embed.h" -+ -+#include -+ -+#include "tfm_psa_call_pack.h" -+ -+enum tfm_plat_err_t rse_protocol_embed_deserialize_msg( -+ struct client_request_t *req, struct rse_embed_msg_t *msg, -+ size_t msg_len) -+{ -+ uint32_t payload_size = 0; -+ uint32_t i; -+ -+ if (msg_len < (sizeof(*msg) - sizeof(msg->payload))) { -+ return TFM_PLAT_ERR_INVALID_INPUT; -+ } -+ -+ req->in_len = PARAM_UNPACK_IN_LEN(msg->ctrl_param); -+ req->out_len = PARAM_UNPACK_OUT_LEN(msg->ctrl_param); -+ req->type = PARAM_UNPACK_TYPE(msg->ctrl_param); -+ req->handle = msg->handle; -+ -+ /* Only support 4 iovecs */ -+ if (req->in_len + req->out_len > 4) { -+ return TFM_PLAT_ERR_UNSUPPORTED; -+ } -+ -+ /* Invecs */ -+ for (i = 0; i < req->in_len; ++i) { -+ req->in_vec[i].base = req->param_copy_buf + payload_size; -+ req->in_vec[i].len = msg->io_size[i]; -+ payload_size += msg->io_size[i]; -+ } -+ -+ /* Check payload is not too big */ -+ if (payload_size > sizeof(req->param_copy_buf) -+ || payload_size > sizeof(msg->payload) -+ || sizeof(*msg) - sizeof(msg->payload) + payload_size > msg_len ) { -+ return TFM_PLAT_ERR_INVALID_INPUT; -+ } -+ -+ /* Copy payload into the buffer */ -+ memcpy(req->param_copy_buf, msg->payload, payload_size); -+ -+ /* Outvecs */ -+ for (i = 0; i < req->out_len; ++i) { -+ req->out_vec[i].base = req->param_copy_buf + payload_size; -+ req->out_vec[i].len = msg->io_size[req->in_len + i]; -+ payload_size += msg->io_size[req->in_len + i]; -+ } -+ -+ /* Check payload is not too big */ -+ if (payload_size > sizeof(req->param_copy_buf)) { -+ return TFM_PLAT_ERR_INVALID_INPUT; -+ } -+ -+ return TFM_PLAT_ERR_SUCCESS; -+} -+ -+enum tfm_plat_err_t rse_protocol_embed_serialize_reply( -+ struct client_request_t *req, struct rse_embed_reply_t *reply, -+ size_t *reply_size) -+{ -+ size_t payload_size = 0; -+ size_t len; -+ uint32_t i; -+ -+ reply->return_val = req->return_val; -+ -+ /* Outvecs */ -+ for (i = 0; i < req->out_len; ++i) { -+ len = req->out_vec[i].len; -+ -+ if (payload_size + len > sizeof(reply->payload)) { -+ return TFM_PLAT_ERR_UNSUPPORTED; -+ } -+ -+ memcpy(reply->payload + payload_size, req->out_vec[i].base, len); -+ reply->out_size[i] = len; -+ payload_size += len; -+ } -+ -+ *reply_size = sizeof(*reply) - sizeof(reply->payload) + payload_size; -+ -+ return TFM_PLAT_ERR_SUCCESS; -+} -+ -+enum tfm_plat_err_t rse_protocol_embed_serialize_error( -+ struct client_request_t *req, psa_status_t err, -+ struct rse_embed_reply_t *reply, size_t *reply_size) -+{ -+ reply->return_val = err; -+ -+ /* Return the minimum reply size, as the out_sizes are all zeroed */ -+ *reply_size = sizeof(*reply) - sizeof(reply->payload); -+ -+ return TFM_PLAT_ERR_SUCCESS; -+} -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.h -new file mode 100644 -index 000000000..e1ca1d0c9 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_protocol_embed.h -@@ -0,0 +1,50 @@ -+/* -+ * Copyright (c) 2022, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_PROTOCOL_EMBED_H__ -+#define __RSE_COMMS_PROTOCOL_EMBED_H__ -+ -+#include "psa/client.h" -+#include "cmsis_compiler.h" -+#include "rse_comms.h" -+#include "tfm_platform_system.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+__PACKED_STRUCT rse_embed_msg_t { -+ psa_handle_t handle; -+ uint32_t ctrl_param; /* type, in_len, out_len */ -+ uint16_t io_size[PSA_MAX_IOVEC]; -+ uint8_t payload[RSE_COMMS_PAYLOAD_MAX_SIZE]; -+}; -+ -+__PACKED_STRUCT rse_embed_reply_t { -+ int32_t return_val; -+ uint16_t out_size[PSA_MAX_IOVEC]; -+ uint8_t payload[RSE_COMMS_PAYLOAD_MAX_SIZE]; -+}; -+ -+enum tfm_plat_err_t rse_protocol_embed_deserialize_msg( -+ struct client_request_t *req, struct rse_embed_msg_t *msg, -+ size_t msg_len); -+ -+enum tfm_plat_err_t rse_protocol_embed_serialize_reply( -+ struct client_request_t *req, struct rse_embed_reply_t *reply, -+ size_t *reply_size); -+ -+enum tfm_plat_err_t rse_protocol_embed_serialize_error( -+ struct client_request_t *req, psa_status_t err, -+ struct rse_embed_reply_t *reply, size_t *reply_size); -+ -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_PROTOCOL_EMBED_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.c b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.c -new file mode 100644 -index 000000000..d7f244db6 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.c -@@ -0,0 +1,64 @@ -+/* -+ * Copyright (c) 2022, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms_queue.h" -+ -+#include -+#include -+ -+#define QUEUE_SIZE (RSE_COMMS_MAX_CONCURRENT_REQ + 1) -+ -+struct queue_t { -+ void *buf[QUEUE_SIZE]; -+ size_t head; -+ size_t tail; -+}; -+ -+static struct queue_t queue; -+ -+/* Advance head or tail */ -+static size_t advance(size_t index) -+{ -+ if (++index == QUEUE_SIZE) { -+ index = 0; -+ } -+ return index; -+} -+ -+static inline bool is_empty(void) -+{ -+ return queue.head == queue.tail; -+} -+ -+static inline bool is_full(void) -+{ -+ return advance(queue.head) == queue.tail; -+} -+ -+int32_t queue_enqueue(void *entry) -+{ -+ if (is_full()) { -+ return -1; -+ } -+ -+ queue.buf[queue.head] = entry; -+ queue.head = advance(queue.head); -+ -+ return 0; -+} -+ -+int32_t queue_dequeue(void **entry) -+{ -+ if (is_empty()) { -+ return -1; -+ } -+ -+ *entry = queue.buf[queue.tail]; -+ queue.tail = advance(queue.tail); -+ -+ return 0; -+} -diff --git a/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.h b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.h -new file mode 100644 -index 000000000..d3db1dd2e ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms/rse_comms_queue.h -@@ -0,0 +1,25 @@ -+/* -+ * Copyright (c) 2022, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#ifndef __RSE_COMMS_QUEUE_H__ -+#define __RSE_COMMS_QUEUE_H__ -+ -+#include -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+int32_t queue_enqueue(void *entry); -+ -+int32_t queue_dequeue(void **entry); -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* __RSE_COMMS_QUEUE_H__ */ -diff --git a/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c b/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c -new file mode 100644 -index 000000000..59724bc94 ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/rse_comms_permissions_hal.c -@@ -0,0 +1,177 @@ -+/* -+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "rse_comms_permissions_hal.h" -+ -+#include "device_definition.h" -+#include "psa_manifest/sid.h" -+#include "region_defs.h" -+#include "tfm_hal_platform.h" -+ -+#ifdef TFM_PARTITION_INITIAL_ATTESTATION -+#include "tfm_attest_defs.h" -+#endif /* TFM_PARTITION_INITIAL_ATTESTATION */ -+#ifdef TFM_PARTITION_MEASURED_BOOT -+#include "measured_boot_defs.h" -+#endif /* TFM_PARTITION_MEASURED_BOOT */ -+#ifdef TFM_PARTITION_DELEGATED_ATTESTATION -+#include "tfm_delegated_attest_defs.h" -+#endif /* TFM_PARTITION_DELEGATED_ATTESTATION */ -+#ifdef TFM_PARTITION_CRYPTO -+#include "tfm_crypto_defs.h" -+#endif /*TFM_PARTITION_CRYPTO */ -+#ifdef TFM_PARTITION_PLATFORM -+#include "tfm_platform_api.h" -+#endif /* TFM_PARTITION_PLATFORM */ -+#ifdef TFM_PARTITION_PROTECTED_STORAGE -+#include "tfm_ps_defs.h" -+#endif /* TFM_PARTITION_PROTECTED_STORAGE */ -+#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE -+#include "tfm_its_defs.h" -+#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ -+ -+#define INVALID_REGION_COUNTER_MAX 128 -+#define INVALID_SERVICE_COUNTER_MAX 64 -+ -+static uint32_t invalid_region_counter = 0; -+static uint32_t invalid_service_counter = 0; -+ -+/* Check if the interface is getting a lot of invalid requests, and shutdown -+ * the system if it exceeds the threshold. This is intended to make fuzzing the -+ * interface difficult. -+ */ -+static void counter_check(void) { -+ if (invalid_region_counter > INVALID_REGION_COUNTER_MAX) { -+#ifdef CONFIG_TFM_HALT_ON_CORE_PANIC -+ tfm_hal_system_halt(); -+#else -+ tfm_hal_system_reset(); -+#endif /* CONFIG_TFM_HALT_ON_CORE_PANIC */ -+ } -+ -+ if (invalid_service_counter > INVALID_SERVICE_COUNTER_MAX) { -+#ifdef CONFIG_TFM_HALT_ON_CORE_PANIC -+ tfm_hal_system_halt(); -+#else -+ tfm_hal_system_reset(); -+#endif /* CONFIG_TFM_HALT_ON_CORE_PANIC */ -+ } -+ -+ return; -+} -+ -+enum tfm_plat_err_t comms_permissions_memory_check(void *owner, -+ uint64_t host_ptr, -+ uint32_t size, -+ bool is_write) -+{ -+ /* Is fully within the shared memory */ -+ if ((host_ptr >= INTER_PROCESSOR_HOST_SHARED_MEMORY_START_ADDR) && -+ ((host_ptr + size) < (INTER_PROCESSOR_HOST_SHARED_MEMORY_START_ADDR + -+ INTER_PROCESSOR_SHARED_MEMORY_SIZE))) { -+ return TFM_PLAT_ERR_SUCCESS; -+ } -+ -+ invalid_region_counter++; -+ counter_check(); -+ -+ return TFM_PLAT_ERR_UNSUPPORTED; -+} -+ -+enum tfm_plat_err_t comms_permissions_service_check(psa_handle_t handle, -+ const psa_invec *in_vec, -+ size_t in_len, -+ int32_t type) -+{ -+ switch(handle) { -+#ifdef TFM_PARTITION_PROTECTED_STORAGE -+ case TFM_PROTECTED_STORAGE_SERVICE_HANDLE: -+ switch(type) { -+ case TFM_PS_SET: -+ case TFM_PS_GET: -+ case TFM_PS_GET_INFO: -+ case TFM_PS_REMOVE: -+ case TFM_PS_GET_SUPPORT: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ -+ -+#ifdef TFM_PARTITION_INITIAL_ATTESTATION -+ case TFM_ATTESTATION_SERVICE_HANDLE: -+ switch(type) { -+ case TFM_ATTEST_GET_TOKEN: -+ case TFM_ATTEST_GET_TOKEN_SIZE: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_INITIAL_ATTESTATION */ -+#ifdef TFM_PARTITION_DELEGATED_ATTESTATION -+ case TFM_DELEGATED_ATTESTATION_HANDLE: -+ switch(type) { -+ case DELEGATED_ATTEST_GET_DELEGATED_KEY: -+ case DELEGATED_ATTEST_GET_PLATFORM_TOKEN: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_DELEGATED_ATTESTATION */ -+#ifdef TFM_PARTITION_MEASURED_BOOT -+ case TFM_MEASURED_BOOT_HANDLE: -+ switch(type) { -+ case TFM_MEASURED_BOOT_EXTEND: -+ case TFM_MEASURED_BOOT_READ: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_MEASURED_BOOT */ -+#ifdef TFM_PARTITION_CRYPTO -+ case TFM_CRYPTO_HANDLE: -+ /* Every crypto operation is done by the SE */ -+ return TFM_PLAT_ERR_SUCCESS; -+#endif /* TFM_PARTITION_CRYPTO */ -+#ifdef TFM_PARTITION_PLATFORM -+ case TFM_PLATFORM_SERVICE_HANDLE: -+ switch(type) { -+ case TFM_PLATFORM_API_ID_NV_READ: -+ case TFM_PLATFORM_API_ID_NV_INCREMENT: -+ case TFM_PLATFORM_API_ID_SYSTEM_RESET: -+ case TFM_PLATFORM_API_ID_IOCTL: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_PLATFORM */ -+#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE -+ case TFM_INTERNAL_TRUSTED_STORAGE_SERVICE_HANDLE: -+ switch(type) { -+ case TFM_ITS_SET: -+ case TFM_ITS_GET: -+ case TFM_ITS_GET_INFO: -+ case TFM_ITS_REMOVE: -+ return TFM_PLAT_ERR_SUCCESS; -+ default: -+ goto out_err; -+ } -+#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ -+#ifdef TFM_PARTITION_DPE -+ case TFM_DPE_SERVICE_HANDLE: -+ return TFM_PLAT_ERR_SUCCESS; -+#endif /* TFM_PARTITION_DPE */ -+ default: -+ goto out_err; -+ } -+ -+out_err: -+ invalid_service_counter++; -+ counter_check(); -+ -+ return TFM_PLAT_ERR_UNSUPPORTED; -+} -diff --git a/platform/ext/target/arm/corstone1000/tfm_interrupts.c b/platform/ext/target/arm/corstone1000/tfm_interrupts.c -new file mode 100644 -index 000000000..47a6c9d7b ---- /dev/null -+++ b/platform/ext/target/arm/corstone1000/tfm_interrupts.c -@@ -0,0 +1,51 @@ -+/* -+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved. -+ * Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon -+ * company) or an affiliate of Cypress Semiconductor Corporation. All rights -+ * reserved. -+ * -+ * SPDX-License-Identifier: BSD-3-Clause -+ * -+ */ -+ -+#include "cmsis.h" -+#include "device_definition.h" -+#include "spm.h" -+#include "tfm_hal_interrupt.h" -+#include "tfm_peripherals_def.h" -+#include "interrupt.h" -+#include "load/interrupt_defs.h" -+#include "platform_irq.h" -+#include "rse_comms_hal.h" -+ -+static struct irq_t mbox_irq_info = {0}; -+ -+/* Platform specific inter-processor communication interrupt handler. */ -+void HSE1_RECEIVER_COMBINED_IRQHandler(void) -+{ -+ (void)tfm_multi_core_hal_receive(&MHU1_HOST_TO_SE_DEV, -+ &MHU1_SE_TO_HOST_DEV, -+ mbox_irq_info.p_ildi->source); -+ -+ /* -+ * SPM will send a MAILBOX_SIGNAL to the corresponding partition -+ * indicating that a message has arrived and can be processed. -+ */ -+ spm_handle_interrupt(mbox_irq_info.p_pt, mbox_irq_info.p_ildi); -+} -+ -+enum tfm_hal_status_t mailbox_irq_init(void *p_pt, -+ const struct irq_load_info_t *p_ildi) -+{ -+ mbox_irq_info.p_pt = p_pt; -+ mbox_irq_info.p_ildi = p_ildi; -+ -+ /* Set MHU interrupt priority to the same as PendSV (the lowest) -+ * TODO: Consider advantages/disadvantages of setting it one higher -+ */ -+ NVIC_SetPriority(HSE1_RECEIVER_COMBINED_IRQn, NVIC_GetPriority(PendSV_IRQn)); -+ -+ NVIC_DisableIRQ(HSE1_RECEIVER_COMBINED_IRQn); -+ -+ return TFM_HAL_SUCCESS; -+} --- -2.25.1 - diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch similarity index 91% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch index abf70389..1070afc0 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch @@ -1,7 +1,7 @@ -From d7725e629c9ba93523589cc9d8af3186db19d4e8 Mon Sep 17 00:00:00 2001 +From 9dd3287693c259a88d81140c26f9c792d808dd7c Mon Sep 17 00:00:00 2001 From: Bence Balogh Date: Wed, 15 May 2024 22:37:51 +0200 -Subject: [PATCH] Platform: corstone1000: Increase buffers for EFI vars +Subject: [PATCH 08/10] Platform: corstone1000: Increase buffers for EFI vars The UEFI variables are stored in the Protected Storage. The size of the variables metadata have been increased so the related buffer sizes diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-corstone1000-Remove-reset-after-capsule-update.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-corstone1000-Remove-reset-after-capsule-update.patch similarity index 88% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-corstone1000-Remove-reset-after-capsule-update.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-corstone1000-Remove-reset-after-capsule-update.patch index 8ffd567b..e3333c53 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-corstone1000-Remove-reset-after-capsule-update.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0009-corstone1000-Remove-reset-after-capsule-update.patch @@ -1,7 +1,7 @@ -From 78db43f80676f8038b35edd6674d22fb5ff85c12 Mon Sep 17 00:00:00 2001 +From 898d3c148521b331302c587e658d7e0a4f645c77 Mon Sep 17 00:00:00 2001 From: Bence Balogh Date: Mon, 27 May 2024 17:11:31 +0200 -Subject: [PATCH] corstone1000: Remove reset after capsule update +Subject: [PATCH 09/10] corstone1000: Remove reset after capsule update Signed-off-by: Bence Balogh Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/29065] diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-platform-CS1000-Add-multicore-support-for-FVP.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-platform-CS1000-Add-multicore-support-for-FVP.patch similarity index 93% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-platform-CS1000-Add-multicore-support-for-FVP.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-platform-CS1000-Add-multicore-support-for-FVP.patch index 9ede5341..28d81b8d 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-platform-CS1000-Add-multicore-support-for-FVP.patch +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0010-platform-CS1000-Add-multicore-support-for-FVP.patch @@ -1,7 +1,7 @@ -From 1120957e74a1a0727a215188813cab3e47602e71 Mon Sep 17 00:00:00 2001 +From 1eb9bc330bf387ff26a6df93d3b8c843174dc40b Mon Sep 17 00:00:00 2001 From: Harsimran Singh Tungal Date: Thu, 9 May 2024 13:20:57 +0000 -Subject: [PATCH] platform: CS1000: Add multicore support for FVP +Subject: [PATCH 10/10] platform: CS1000: Add multicore support for FVP This changeset adds the support to enable the secondary cores for the Corstone-1000 FVP @@ -15,10 +15,10 @@ Signed-off-by: Harsimran Singh Tungal 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt -index e2a7ac302..a269251aa 100644 +index 95e3f57b4f..e46123cc6f 100644 --- a/platform/ext/target/arm/corstone1000/CMakeLists.txt +++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt -@@ -374,6 +374,12 @@ target_sources(tfm_psa_rot_partition_ns_agent_mailbox +@@ -381,6 +381,12 @@ target_sources(tfm_psa_rot_partition_ns_agent_mailbox tfm_hal_multi_core.c ) @@ -32,7 +32,7 @@ index e2a7ac302..a269251aa 100644 target_sources(tfm_spm diff --git a/platform/ext/target/arm/corstone1000/Device/Config/device_cfg.h b/platform/ext/target/arm/corstone1000/Device/Config/device_cfg.h -index 222905d3d..9d48f119e 100644 +index 222905d3dd..9d48f119ed 100644 --- a/platform/ext/target/arm/corstone1000/Device/Config/device_cfg.h +++ b/platform/ext/target/arm/corstone1000/Device/Config/device_cfg.h @@ -45,5 +45,11 @@ @@ -48,7 +48,7 @@ index 222905d3d..9d48f119e 100644 #endif /* __DEVICE_CFG_H__ */ diff --git a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c -index f0e2bc333..ce72e50c9 100644 +index f0e2bc333a..ce72e50c9b 100644 --- a/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c +++ b/platform/ext/target/arm/corstone1000/tfm_hal_multi_core.c @@ -11,9 +11,14 @@ @@ -115,5 +115,5 @@ index f0e2bc333..ce72e50c9 100644 #ifdef EXTERNAL_SYSTEM_SUPPORT -- -2.34.1 +2.25.1 diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0014-Platform-Corstone1000-switch-to-metadata-v2.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-Corstone1000-switch-to-metadata-v2.patch similarity index 100% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0014-Platform-Corstone1000-switch-to-metadata-v2.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Platform-Corstone1000-switch-to-metadata-v2.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0015-platform-corstone1000-Increase-flash-PS-area-size.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-platform-corstone1000-Increase-flash-PS-area-size.patch similarity index 100% rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0015-platform-corstone1000-Increase-flash-PS-area-size.patch rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-platform-corstone1000-Increase-flash-PS-area-size.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index ffbd6657..dd0c7f3e 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -18,21 +18,18 @@ SRC_URI += " \ FILESEXTRAPATHS:prepend := "${THISDIR}/files:" SRC_URI:append:corstone1000 = " \ - file://0001-platform-corstone1000-Update-MPU-configuration.patch \ - file://0002-platform-corstone1000-Cover-S_DATA-with-MPU.patch \ - file://0003-platform-corstone1000-align-capsule-update-structs.patch \ - file://0004-Platform-Corstone1000-skip-the-first-nv-counter.patch \ - file://0005-platform-corstone1000-add-unique-guid-for-mps3.patch \ - file://0006-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch \ - file://0007-platform-corstone1000-Increase-ITS-max-asset-size.patch \ - file://0008-Platform-CS1000-Replace-OpenAMP-with-RSE_COMMS.patch \ - file://0009-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch \ - file://0010-CC312-alignment-of-cc312-differences-between-fvp-and.patch \ - file://0011-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch \ - file://0012-corstone1000-Remove-reset-after-capsule-update.patch \ - file://0013-platform-CS1000-Add-multicore-support-for-FVP.patch \ - file://0014-Platform-Corstone1000-switch-to-metadata-v2.patch \ - file://0015-platform-corstone1000-Increase-flash-PS-area-size.patch \ + file://0001-platform-corstone1000-align-capsule-update-structs.patch \ + file://0002-Platform-Corstone1000-skip-the-first-nv-counter.patch \ + file://0003-platform-corstone1000-add-unique-guid-for-mps3.patch \ + file://0004-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch \ + file://0005-platform-corstone1000-Increase-ITS-max-asset-size.patch \ + file://0006-platform-corstone1000-Increase-RSE_COMMS-buffer-size.patch \ + file://0007-CC312-alignment-of-cc312-differences-between-fvp-and.patch \ + file://0008-Platform-corstone1000-Increase-buffers-for-EFI-vars.patch \ + file://0009-corstone1000-Remove-reset-after-capsule-update.patch \ + file://0010-platform-CS1000-Add-multicore-support-for-FVP.patch \ + file://0011-Platform-Corstone1000-switch-to-metadata-v2.patch \ + file://0012-platform-corstone1000-Increase-flash-PS-area-size.patch \ " # TF-M ships patches for external dependencies that needs to be applied From patchwork Wed Aug 7 11:31:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: bence.balogh@arm.com X-Patchwork-Id: 47441 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B661EC52D7C for ; Wed, 7 Aug 2024 11:31:28 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.31104.1723030283515406585 for ; Wed, 07 Aug 2024 04:31:23 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: bence.balogh@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E5AA11063; Wed, 7 Aug 2024 04:31:48 -0700 (PDT) Received: from e126523.budapest.arm.com (e126523.budapest.arm.com [10.45.26.153]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7DAFB3F5A1; Wed, 7 Aug 2024 04:31:22 -0700 (PDT) From: bence.balogh@arm.com To: meta-arm@lists.yoctoproject.org Cc: Bence Balogh Subject: [PATCH 2/3] arm-bsp/trusted-services: corstone1000: align PSA crypto structs with TF-M Date: Wed, 7 Aug 2024 13:31:07 +0200 Message-Id: <20240807113108.58898-3-bence.balogh@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240807113108.58898-1-bence.balogh@arm.com> References: <20240807113108.58898-1-bence.balogh@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 07 Aug 2024 11:31:28 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5955 From: Bence Balogh The TF-M was upgraded to v2.1.0 for the Corstone-1000. The TS had to be aligned with it, to keep the Secure Enclave Proxy Secure Partition compatible with TF-M. Signed-off-by: Bence Balogh --- ...ign-PSA-Crypto-structs-with-TF-Mv2.1.patch | 300 ++++++++++++++++++ .../trusted-services/ts-arm-platforms.inc | 1 + 2 files changed, 301 insertions(+) create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-Align-PSA-Crypto-structs-with-TF-Mv2.1.patch diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-Align-PSA-Crypto-structs-with-TF-Mv2.1.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-Align-PSA-Crypto-structs-with-TF-Mv2.1.patch new file mode 100644 index 00000000..f02c7ea3 --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-Align-PSA-Crypto-structs-with-TF-Mv2.1.patch @@ -0,0 +1,300 @@ +From 3bb579379bcfe32ae0b81f721b370afcb58e9693 Mon Sep 17 00:00:00 2001 +From: Bence Balogh +Date: Wed, 10 Jul 2024 11:07:09 +0200 +Subject: [PATCH] Align PSA Crypto structs with TF-Mv2.1 + +The files were updated using the TF-Mv2.1 release (0c4c99b) commit. + +* crypto_sid.h +This is derived from TF-M's tfm_crypto_defs.h file. The crypto function +ID definitions were reworked. This change had to be done on the TS +side too to keep the compatibility. + +* crypto_ipc_backend.h +This file is also derived from the tfm_crypto_defs.h file. The +tfm_crypto_pack_iovec struct changed in TF-M so the +psa_ipc_crypto_pack_iovec struct had to be updated in TS to +keep the compatibility. + +* crypto_client_struct.h +The psa_client_key_attributes_s struct had to be aligned with the +psa_key_attributes_s struct in TF-M. (psa_crypto.c) + +Signed-off-by: Bence Balogh +Upstream-Status: Pending +--- + .../service/common/include/psa/crypto_sid.h | 168 +++++------------- + .../backend/psa_ipc/crypto_ipc_backend.h | 9 +- + .../crypto/include/psa/crypto_client_struct.h | 4 +- + 3 files changed, 55 insertions(+), 126 deletions(-) + +diff --git a/components/service/common/include/psa/crypto_sid.h b/components/service/common/include/psa/crypto_sid.h +index 5b05f46d7..fe057ce40 100644 +--- a/components/service/common/include/psa/crypto_sid.h ++++ b/components/service/common/include/psa/crypto_sid.h +@@ -18,22 +18,24 @@ extern "C" { + * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD, + * Asym sign, Asym encrypt, Key derivation). + */ +-enum tfm_crypto_group_id { +- TFM_CRYPTO_GROUP_ID_RANDOM = 0x0, +- TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT, +- TFM_CRYPTO_GROUP_ID_HASH, +- TFM_CRYPTO_GROUP_ID_MAC, +- TFM_CRYPTO_GROUP_ID_CIPHER, +- TFM_CRYPTO_GROUP_ID_AEAD, +- TFM_CRYPTO_GROUP_ID_ASYM_SIGN, +- TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT, +- TFM_CRYPTO_GROUP_ID_KEY_DERIVATION, ++enum tfm_crypto_group_id_t { ++ TFM_CRYPTO_GROUP_ID_RANDOM = UINT8_C(1), ++ TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT = UINT8_C(2), ++ TFM_CRYPTO_GROUP_ID_HASH = UINT8_C(3), ++ TFM_CRYPTO_GROUP_ID_MAC = UINT8_C(4), ++ TFM_CRYPTO_GROUP_ID_CIPHER = UINT8_C(5), ++ TFM_CRYPTO_GROUP_ID_AEAD = UINT8_C(6), ++ TFM_CRYPTO_GROUP_ID_ASYM_SIGN = UINT8_C(7), ++ TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT = UINT8_C(8), ++ TFM_CRYPTO_GROUP_ID_KEY_DERIVATION = UINT8_C(9) + }; + +-/* X macro describing each of the available PSA Crypto APIs */ ++/* Set of X macros describing each of the available PSA Crypto APIs */ ++#define RANDOM_FUNCS \ ++ X(TFM_CRYPTO_GENERATE_RANDOM) ++ + #define KEY_MANAGEMENT_FUNCS \ + X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \ +- X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \ + X(TFM_CRYPTO_OPEN_KEY) \ + X(TFM_CRYPTO_CLOSE_KEY) \ + X(TFM_CRYPTO_IMPORT_KEY) \ +@@ -89,13 +91,13 @@ enum tfm_crypto_group_id { + X(TFM_CRYPTO_AEAD_VERIFY) \ + X(TFM_CRYPTO_AEAD_ABORT) + +-#define ASYMMETRIC_SIGN_FUNCS \ ++#define ASYM_SIGN_FUNCS \ + X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \ + X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \ + X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \ + X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH) + +-#define AYSMMETRIC_ENCRYPT_FUNCS \ ++#define ASYM_ENCRYPT_FUNCS \ + X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \ + X(TFM_CRYPTO_ASYMMETRIC_DECRYPT) + +@@ -106,133 +108,55 @@ enum tfm_crypto_group_id { + X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \ + X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \ + X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \ ++ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_INTEGER) \ + X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \ + X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \ + X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \ + X(TFM_CRYPTO_KEY_DERIVATION_ABORT) + +-#define RANDOM_FUNCS \ +- X(TFM_CRYPTO_GENERATE_RANDOM) +- +-/* +- * Define function IDs in each group. The function ID will be encoded into +- * tfm_crypto_func_sid below. +- * Each group is defined as a dedicated enum in case the total number of +- * PSA Crypto APIs exceeds 256. +- */ +-#define X(func_id) func_id, +-enum tfm_crypto_key_management_func_id { +- KEY_MANAGEMENT_FUNCS +-}; +-enum tfm_crypto_hash_func_id { +- HASH_FUNCS +-}; +-enum tfm_crypto_mac_func_id { +- MAC_FUNCS +-}; +-enum tfm_crypto_cipher_func_id { +- CIPHER_FUNCS +-}; +-enum tfm_crypto_aead_func_id { +- AEAD_FUNCS +-}; +-enum tfm_crypto_asym_sign_func_id { +- ASYMMETRIC_SIGN_FUNCS +-}; +-enum tfm_crypto_asym_encrypt_func_id { +- AYSMMETRIC_ENCRYPT_FUNCS +-}; +-enum tfm_crypto_key_derivation_func_id { +- KEY_DERIVATION_FUNCS +-}; +-enum tfm_crypto_random_func_id { +- RANDOM_FUNCS +-}; +-#undef X +- +-#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8) ++#define BASE__VALUE(x) ((uint16_t)((((uint16_t)(x)) << 8) & 0xFF00)) + +-/* +- * Numerical progressive value identifying a function API exposed through +- * the interfaces (S or NS). It's used to dispatch the requests from S/NS +- * to the corresponding API implementation in the Crypto service backend. ++/** ++ * \brief This type defines numerical progressive values identifying a function API ++ * exposed through the interfaces (S or NS). It's used to dispatch the requests ++ * from S/NS to the corresponding API implementation in the Crypto service backend. ++ * ++ * \note Each function SID is encoded as uint16_t. ++ * +------------+------------+ ++ * | Group ID | Func ID | ++ * +------------+------------+ ++ * (MSB)15 8 7 0(LSB) + * +- * Each function SID is encoded as uint16_t. +- * | Func ID | Group ID | +- * 15 8 7 0 +- * Func ID is defined in each group func_id enum above +- * Group ID is defined in tfm_crypto_group_id. + */ +-enum tfm_crypto_func_sid { +- +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)), +- ++enum tfm_crypto_func_sid_t { ++#define X(FUNCTION_NAME) FUNCTION_NAME ## _SID, ++ BASE__RANDOM = BASE__VALUE(TFM_CRYPTO_GROUP_ID_RANDOM) - 1, ++ RANDOM_FUNCS ++ BASE__KEY_MANAGEMENT = BASE__VALUE(TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT) - 1, + KEY_MANAGEMENT_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)), ++ BASE__HASH = BASE__VALUE(TFM_CRYPTO_GROUP_ID_HASH) - 1, + HASH_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)), ++ BASE__MAC = BASE__VALUE(TFM_CRYPTO_GROUP_ID_MAC) - 1, + MAC_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)), ++ BASE__CIPHER = BASE__VALUE(TFM_CRYPTO_GROUP_ID_CIPHER) - 1, + CIPHER_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)), ++ BASE__AEAD = BASE__VALUE(TFM_CRYPTO_GROUP_ID_AEAD) - 1, + AEAD_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)), +- ASYMMETRIC_SIGN_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)), +- AYSMMETRIC_ENCRYPT_FUNCS +- +-#undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)), ++ BASE__ASYM_SIGN = BASE__VALUE(TFM_CRYPTO_GROUP_ID_ASYM_SIGN) - 1, ++ ASYM_SIGN_FUNCS ++ BASE__ASYM_ENCRYPT = BASE__VALUE(TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT) - 1, ++ ASYM_ENCRYPT_FUNCS ++ BASE__KEY_DERIVATION = BASE__VALUE(TFM_CRYPTO_GROUP_ID_KEY_DERIVATION) - 1, + KEY_DERIVATION_FUNCS +- + #undef X +-#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \ +- (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)), +- RANDOM_FUNCS +- + }; +-#undef X + + /** +- * \brief Define an invalid value for an SID +- * ++ * \brief This macro is used to extract the group_id from an encoded function id ++ * by accessing the upper 8 bits. A \a _function_id is uint16_t type + */ +-#define TFM_CRYPTO_SID_INVALID (~0x0u) +- +-/** +- * \brief This value is used to mark an handle as invalid. +- * +- */ +-#define TFM_CRYPTO_INVALID_HANDLE (0x0u) +- +-/** +- * \brief Define miscellaneous literal constants that are used in the service +- * +- */ +-enum { +- TFM_CRYPTO_NOT_IN_USE = 0, +- TFM_CRYPTO_IN_USE = 1 +-}; ++#define TFM_CRYPTO_GET_GROUP_ID(_function_id) \ ++ ((enum tfm_crypto_group_id_t)(((uint16_t)(_function_id) >> 8) & 0xFF)) + + #ifdef __cplusplus + } +diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h +index 27ac59837..d7e733b89 100644 +--- a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h ++++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h +@@ -30,10 +30,9 @@ struct psa_ipc_crypto_aead_pack_input { + struct psa_ipc_crypto_pack_iovec { + psa_key_id_t key_id; /*!< Key id */ + psa_algorithm_t alg; /*!< Algorithm */ +- uint32_t op_handle; /*!< Frontend context handle associated to a ++ uint32_t op_handle; /*!< Client context handle associated to a + * multipart operation + */ +- uint32_t capacity; /*!< Key derivation capacity */ + uint32_t ad_length; /*!< Additional Data length for multipart AEAD */ + uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */ + +@@ -44,7 +43,11 @@ struct psa_ipc_crypto_pack_iovec { + * See tfm_crypto_func_sid for detail + */ + uint16_t step; /*!< Key derivation step */ +-}__packed; ++ union { ++ size_t capacity; /*!< Key derivation capacity */ ++ uint64_t value; /*!< Key derivation integer for update*/ ++ }; ++}; + + #define iov_size sizeof(struct psa_ipc_crypto_pack_iovec) + +diff --git a/components/service/crypto/include/psa/crypto_client_struct.h b/components/service/crypto/include/psa/crypto_client_struct.h +index 1f68aba21..ebc400811 100644 +--- a/components/service/crypto/include/psa/crypto_client_struct.h ++++ b/components/service/crypto/include/psa/crypto_client_struct.h +@@ -34,9 +34,11 @@ struct psa_client_key_attributes_s + uint16_t type; + uint16_t bits; + uint32_t lifetime; +- psa_key_id_t id; + uint32_t usage; + uint32_t alg; ++ uint32_t alg2; ++ uint32_t id; ++ int32_t owner_id; + }; + + #define PSA_CLIENT_KEY_ATTRIBUTES_INIT {0, 0, 0, 0, 0, 0} +-- +2.25.1 + diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc index f67d5f62..2c34229e 100644 --- a/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc +++ b/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc @@ -20,6 +20,7 @@ SRC_URI:append:corstone1000 = " \ file://0016-Isolate-common-uefi-variable-authentication-steps.patch \ file://0017-Implement-Private-Authenticated-Variable-verificatio.patch \ file://0018-Change-RSS_COMMS-cmake-variables-to-cahce-vars.patch \ + file://0019-Align-PSA-Crypto-structs-with-TF-Mv2.1.patch \ " # The patches above introduce errors with GCC 14.1, silence them for now From patchwork Wed Aug 7 11:31:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: bence.balogh@arm.com X-Patchwork-Id: 47440 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6E8CC52D7D for ; Wed, 7 Aug 2024 11:31:28 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.31266.1723030284536495468 for ; Wed, 07 Aug 2024 04:31:24 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: bence.balogh@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0F174FEC; Wed, 7 Aug 2024 04:31:50 -0700 (PDT) Received: from e126523.budapest.arm.com (e126523.budapest.arm.com [10.45.26.153]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7B0693F5A1; Wed, 7 Aug 2024 04:31:23 -0700 (PDT) From: bence.balogh@arm.com To: meta-arm@lists.yoctoproject.org Cc: Bence Balogh Subject: [PATCH 3/3] arm-bsp/trusted-firmware-m: Remove TF-M v2.0 recipe Date: Wed, 7 Aug 2024 13:31:08 +0200 Message-Id: <20240807113108.58898-4-bence.balogh@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240807113108.58898-1-bence.balogh@arm.com> References: <20240807113108.58898-1-bence.balogh@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 07 Aug 2024 11:31:28 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5956 From: Bence Balogh There no longer is a platform in meta-arm that uses this version of TF-M. The last platform that did use it (Corstone-1000) now uses a later version. See meta-arm-bsp/conf/machine/include/corstone1000.inc for more info. Signed-off-by: Bence Balogh --- .../trusted-firmware-m-2.0.0-src.inc | 46 ------------------- ...trusted-firmware-m-scripts-native_2.0.0.bb | 2 - .../trusted-firmware-m_2.0.0.bb | 2 - 3 files changed, 50 deletions(-) delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.0.0-src.inc delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.0.0.bb delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.0.0.bb diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.0.0-src.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.0.0-src.inc deleted file mode 100644 index 82543258..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-2.0.0-src.inc +++ /dev/null @@ -1,46 +0,0 @@ -# Common src definitions for trusted-firmware-m and trusted-firmware-m-scripts - -LICENSE = "BSD-2-Clause & BSD-3-Clause & Apache-2.0" - -LIC_FILES_CHKSUM = "file://license.rst;md5=07f368487da347f3c7bd0fc3085f3afa \ - file://../tf-m-tests/license.rst;md5=4481bae2221b0cfca76a69fb3411f390 \ - file://../mbedtls/LICENSE;md5=379d5819937a6c2f1ef1630d341e026d \ - file://../mcuboot/LICENSE;md5=b6ee33f1d12a5e6ee3de1e82fb51eeb8" - -SRC_URI_TRUSTED_FIRMWARE_M ?= "git://git.trustedfirmware.org/TF-M/trusted-firmware-m.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS ?= "git://git.trustedfirmware.org/TF-M/tf-m-extras.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_TESTS ?= "git://git.trustedfirmware.org/TF-M/tf-m-tests.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS ?= "git://github.com/ARMmbed/mbedtls.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT ?= "git://github.com/mcu-tools/mcuboot.git;protocol=https" -SRC_URI_TRUSTED_FIRMWARE_M_QCBOR ?= "git://github.com/laurencelundblade/QCBOR.git;protocol=https" -SRC_URI = "${SRC_URI_TRUSTED_FIRMWARE_M};branch=${SRCBRANCH_tfm};name=tfm;destsuffix=git/tfm \ - ${SRC_URI_TRUSTED_FIRMWARE_M_EXTRAS};branch=${SRCBRANCH_tfm-extras};name=tfm-extras;destsuffix=git/tfm-extras \ - ${SRC_URI_TRUSTED_FIRMWARE_M_TESTS};branch=${SRCBRANCH_tfm-tests};name=tfm-tests;destsuffix=git/tf-m-tests \ - ${SRC_URI_TRUSTED_FIRMWARE_M_MBEDTLS};branch=${SRCBRANCH_mbedtls};name=mbedtls;destsuffix=git/mbedtls \ - ${SRC_URI_TRUSTED_FIRMWARE_M_MCUBOOT};branch=${SRCBRANCH_mcuboot};name=mcuboot;destsuffix=git/mcuboot \ - ${SRC_URI_TRUSTED_FIRMWARE_M_QCBOR};branch=${SRCBRANCH_qcbor};name=qcbor;destsuffix=git/qcbor \ - " - -# The required dependencies are documented in tf-m/config/config_default.cmake -# TF-Mv2.0.0 -SRCBRANCH_tfm ?= "release/2.0.x" -SRCREV_tfm = "9ca8a5eb3c85eecee1303dffa262800ea0385584" -# TF-Mv2.0.0 -SRCBRANCH_tfm-extras ?= "release/2.0.x" -SRCREV_tfm-extras = "676a1465f361439bc95f5a50ef71749f27caffc1" -# TF-Mv2.0.0 -SRCBRANCH_tfm-tests ?= "release/2.0.x" -SRCREV_tfm-tests = "69fbb233dc6e45f8306d98694ca5760559f9d2ef" -# mbedtls-3.5.1 -SRCBRANCH_mbedtls ?= "master" -SRCREV_mbedtls = "edb8fec9882084344a314368ac7fd957a187519c" -# mcuboot v2.0.0 -SRCBRANCH_mcuboot ?= "main" -SRCREV_mcuboot = "304fd41980ed929533b9f387dde1b463b0be5b90" -# QCBOR v1.2 -SRCBRANCH_qcbor ?= "master" -SRCREV_qcbor = "b0e7033268e88c9f27146fa9a1415ef4c19ebaff" - -SRCREV_FORMAT = "tfm" - -S = "${WORKDIR}/git/tfm" diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.0.0.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.0.0.bb deleted file mode 100644 index d50d886f..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native_2.0.0.bb +++ /dev/null @@ -1,2 +0,0 @@ -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-scripts-native.inc diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.0.0.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.0.0.bb deleted file mode 100644 index 3464f49d..00000000 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m_2.0.0.bb +++ /dev/null @@ -1,2 +0,0 @@ -require recipes-bsp/trusted-firmware-m/trusted-firmware-m-${PV}-src.inc -require recipes-bsp/trusted-firmware-m/trusted-firmware-m.inc