From patchwork Mon Nov 29 12:49:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 978 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41448C433EF for ; Mon, 29 Nov 2021 12:49:31 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.60001.1638190170791445784 for ; Mon, 29 Nov 2021 04:49:31 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1C8B8113E; Mon, 29 Nov 2021 04:49:30 -0800 (PST) Received: from e121910.arm.com (unknown [10.57.2.170]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BC2403F766; Mon, 29 Nov 2021 04:49:28 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, "Arpita S.K" , Abdellatif El Khlifi Subject: [PATCH][HONISTER 1/5] arm-bsp/machine: introducing corstone1000 MPS3 machine Date: Mon, 29 Nov 2021 12:49:11 +0000 Message-Id: <20211129124915.23058-2-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> References: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 29 Nov 2021 12:49:31 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/2466 From: "Arpita S.K" This commit adds the corstone1000-mps3 machine. Change-Id: I99f657574a693527d7763cb4cc9b0b05218bb316 Signed-off-by: Arpita S.K Signed-off-by: Abdellatif El Khlifi --- .gitlab-ci.yml | 3 +++ ci/corstone1000-mps3.yml | 12 ++++++++++++ kas/corstone1000-mps3.yml | 6 ++++++ meta-arm-bsp/conf/layer.conf | 2 +- meta-arm-bsp/conf/machine/corstone1000-mps3.conf | 9 +++++++++ 5 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 ci/corstone1000-mps3.yml create mode 100644 kas/corstone1000-mps3.yml create mode 100644 meta-arm-bsp/conf/machine/corstone1000-mps3.conf diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 78f3373..dde03ac 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -112,6 +112,9 @@ corstone700-mps3: corstone1000-fvp: extends: .build +corstone1000-mps3: + extends: .build + fvp-base/testimage: extends: .build tags: diff --git a/ci/corstone1000-mps3.yml b/ci/corstone1000-mps3.yml new file mode 100644 index 0000000..fc06440 --- /dev/null +++ b/ci/corstone1000-mps3.yml @@ -0,0 +1,12 @@ +header: + version: 9 + includes: + - base.yml + - meta-openembedded.yml + +local_conf_header: + custom-local-conf: | + INITRAMFS_IMAGE_BUNDLE = "0" + INITRAMFS_IMAGE:remove = "corstone1000-initramfs-image" + +machine: corstone1000-mps3 diff --git a/kas/corstone1000-mps3.yml b/kas/corstone1000-mps3.yml new file mode 100644 index 0000000..06e5962 --- /dev/null +++ b/kas/corstone1000-mps3.yml @@ -0,0 +1,6 @@ +header: + version: 9 + includes: + - corstone1000-base.yml + +machine: corstone1000-mps3 diff --git a/meta-arm-bsp/conf/layer.conf b/meta-arm-bsp/conf/layer.conf index 954e5d8..7af156e 100644 --- a/meta-arm-bsp/conf/layer.conf +++ b/meta-arm-bsp/conf/layer.conf @@ -13,7 +13,7 @@ LAYERSERIES_COMPAT_meta-arm-bsp = "honister" LAYERDEPENDS_meta-arm-bsp = "core meta-arm" # This won't be used by layerindex-fetch, but works everywhere else -LAYERDEPENDS_meta-arm-bsp:append:corstone1000 = " meta-python" +LAYERDEPENDS_meta-arm-bsp:append:corstone1000 = " meta-python openembedded-layer" LAYERDEPENDS_meta-arm-bsp:append:musca-b1 = " meta-python" LAYERDEPENDS_meta-arm-bsp:append:musca-s1 = " meta-python" diff --git a/meta-arm-bsp/conf/machine/corstone1000-mps3.conf b/meta-arm-bsp/conf/machine/corstone1000-mps3.conf new file mode 100644 index 0000000..88f3d9d --- /dev/null +++ b/meta-arm-bsp/conf/machine/corstone1000-mps3.conf @@ -0,0 +1,9 @@ +#@TYPE: Machine +#@NAME: corstone1000-mps3 machine +#@DESCRIPTION: Machine configuration for Corstone1000 64-bit MPS3 FPGA board + +require conf/machine/include/corstone1000.inc + +TFA_TARGET_PLATFORM = "fpga" + +PLATFORM_IS_FVP = "FALSE" From patchwork Mon Nov 29 12:49:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 979 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46D3CC433F5 for ; Mon, 29 Nov 2021 12:49:33 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web12.60332.1638190172393977531 for ; Mon, 29 Nov 2021 04:49:32 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0F2CA1042; Mon, 29 Nov 2021 04:49:32 -0800 (PST) Received: from e121910.arm.com (unknown [10.57.2.170]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7C9703F766; Mon, 29 Nov 2021 04:49:30 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, "Arpita S.K" , Vishnu Banavath , Abdellatif El Khlifi Subject: [PATCH][HONISTER 2/5] arm-bsp/u-boot: introducing corstone1000 MPS3 machine Date: Mon, 29 Nov 2021 12:49:12 +0000 Message-Id: <20211129124915.23058-3-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> References: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 29 Nov 2021 12:49:33 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/2467 From: "Arpita S.K" Add support for corstone1000-mps3 machine which have a cortex-a35 aarch64, this will boot till u-boot prompt. Change-Id: Ifdd81d35a5409cdd1563388a841885c14b748cad Signed-off-by: Arpita S.K Signed-off-by: Vishnu Banavath Signed-off-by: Abdellatif El Khlifi --- ...initial-devicetree-corstone1000-mps3.patch | 64 +++++++++++++++++++ ...one1000-adding-PSCI-device-tree-node.patch | 34 ++++++++++ ...-amend-kernel-bootargs-with-ip-dhcp-.patch | 32 ++++++++++ .../recipes-bsp/u-boot/u-boot_%.bbappend | 5 +- 4 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-arm-dts-add-initial-devicetree-corstone1000-mps3.patch create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-arm-corstone1000-adding-PSCI-device-tree-node.patch create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-amend-kernel-bootargs-with-ip-dhcp-.patch diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-arm-dts-add-initial-devicetree-corstone1000-mps3.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-arm-dts-add-initial-devicetree-corstone1000-mps3.patch new file mode 100644 index 0000000..cb48478 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0015-arm-dts-add-initial-devicetree-corstone1000-mps3.patch @@ -0,0 +1,64 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Arpita S.K + +From a3b3ff8fc2d4e52748989aa61f155fc92a63261a Mon Sep 17 00:00:00 2001 +From: Rui Miguel Silva +Date: Tue, 22 Jun 2021 11:35:10 +0100 +Subject: [PATCH 15/16] arm: dts: add initial devicetree corstone1000 mps3 + +Corstone1000 is a platform enabled on MPS3 FPGA Arm board. It is a cortex-a35 +with with 8MB of CVM and 32MB of QSPI, with the peripherals USB, +ethernet and others available on the MPS3 board. + +Signed-off-by: Rui Miguel Silva +--- + arch/arm/dts/corstone1000-mps3.dts | 37 ++++++++++++++++++++++++++++++ + 1 file changed, 37 insertions(+) + create mode 100644 arch/arm/dts/corstone1000-mps3.dts + +diff --git a/arch/arm/dts/corstone1000-mps3.dts b/arch/arm/dts/corstone1000-mps3.dts +new file mode 100644 +index 0000000000..d93915dbb7 +--- /dev/null ++++ b/arch/arm/dts/corstone1000-mps3.dts +@@ -0,0 +1,37 @@ ++/* ++ * Copyright (c) 2021, Arm Limited. All rights reserved. ++ * ++ * SPDX-License-Identifier: BSD-3-Clause ++ */ ++ ++/dts-v1/; ++ ++#include "corstone1000.dtsi" ++ ++/ { ++ model = "corstone1000-mps3"; ++ ++ ethernet: eth@4010000 { ++ compatible = "smsc,lan9220", "smsc,lan9115"; ++ reg = <0x40100000 0x10000>; ++ phy-mode = "mii"; ++ interrupt-parent = <&gic>; ++ interrupts = ; ++ reg-io-width = <2>; ++ smsc,irq-push-pull; ++ }; ++ ++ usb: usb@40200000 { ++ compatible = "nxp,usb-isp1763"; ++ reg = <0x40200000 0x100000>; ++ interrupts-parent = <&gic>; ++ interrupts = ; ++ bus-width = <16>; ++ dr_mode = "host"; ++ }; ++ ++}; ++ ++&refclk { ++ clock-frequency = <50000000>; ++}; +-- +2.33.0 + diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-arm-corstone1000-adding-PSCI-device-tree-node.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-arm-corstone1000-adding-PSCI-device-tree-node.patch new file mode 100644 index 0000000..4faa883 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-arm-corstone1000-adding-PSCI-device-tree-node.patch @@ -0,0 +1,34 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Arpita S.K + +From b5ec956659c3e419fd2e95431d9359db497e4afb Mon Sep 17 00:00:00 2001 +From: Abdellatif El Khlifi +Date: Thu, 22 Jul 2021 18:11:33 +0100 +Subject: [PATCH 16/16] arm: corstone1000: adding PSCI device tree node + +At this level of development PSCI is needed to initialize the SMCCC. + +Signed-off-by: Abdellatif El Khlifi +--- + arch/arm/dts/corstone1000-mps3.dts | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/arch/arm/dts/corstone1000-mps3.dts b/arch/arm/dts/corstone1000-mps3.dts +index d93915dbb7..a3726f1e1f 100644 +--- a/arch/arm/dts/corstone1000-mps3.dts ++++ b/arch/arm/dts/corstone1000-mps3.dts +@@ -30,6 +30,11 @@ + dr_mode = "host"; + }; + ++ psci { ++ compatible = "arm,psci-1.0", "arm,psci-0.2"; ++ method = "smc"; ++ }; ++ + }; + + &refclk { +-- +2.33.0 + diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-amend-kernel-bootargs-with-ip-dhcp-.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-amend-kernel-bootargs-with-ip-dhcp-.patch new file mode 100644 index 0000000..022fee9 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0017-arm-corstone1000-amend-kernel-bootargs-with-ip-dhcp-.patch @@ -0,0 +1,32 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Abdellatif El Khlifi + +From 3ee38ef07bd82c843497dc4e69a4d4c5f21dbbf7 Mon Sep 17 00:00:00 2001 +From: Vishnu Banavath +Date: Tue, 26 Oct 2021 18:29:05 +0100 +Subject: [PATCH] arm: corstone1000: amend kernel bootargs with ip=dhcp + earlyprintk + +This change is to +* pass ip=dhcp required for ethernet to get and ip +* enable earlyprintk to print kernel logs before the actual +kernel driver comes up + +Signed-off-by: Vishnu Banavath + +diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig +index cfe80cf5f4..7574553e83 100644 +--- a/configs/corstone1000_defconfig ++++ b/configs/corstone1000_defconfig +@@ -8,7 +8,7 @@ CONFIG_IDENT_STRING=" corstone1000 aarch64 " + CONFIG_FIT=y + CONFIG_BOOTDELAY=3 + CONFIG_USE_BOOTARGS=y +-CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9" ++CONFIG_BOOTARGS="console=ttyAMA0 loglevel=9 ip=dhcp earlyprintk" + # CONFIG_DISPLAY_CPUINFO is not set + # CONFIG_DISPLAY_BOARDINFO is not set + CONFIG_HUSH_PARSER=y +-- +2.17.1 + diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend index b73e6f7..31fbf88 100644 --- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend @@ -5,7 +5,7 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" # # Corstone1000 64-bit machines # - +CORSTONE1000_DEVICE_TREE:corstone1000-mps3 = "corstone1000-mps3" CORSTONE1000_DEVICE_TREE:corstone1000-fvp = "corstone1000-fvp" EXTRA_OEMAKE:append:corstone1000 = ' DEVICE_TREE=${CORSTONE1000_DEVICE_TREE}' @@ -26,6 +26,9 @@ SRC_URI:append:corstone1000 = " \ file://0012-arm-corstone1000-enable-uefi-secure-boot.patch \ file://0013-arm-corstone1000-enable-handlers-for-uefi-variables.patch \ file://0014-arm-corstone1000-enable-efi-capsule-options.patch \ + file://0015-arm-dts-add-initial-devicetree-corstone1000-mps3.patch \ + file://0016-arm-corstone1000-adding-PSCI-device-tree-node.patch \ + file://0017-arm-corstone1000-amend-kernel-bootargs-with-ip-dhcp-.patch \ " # From patchwork Mon Nov 29 12:49:13 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 980 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41850C433FE for ; Mon, 29 Nov 2021 12:49:35 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web08.60522.1638190173975488920 for ; Mon, 29 Nov 2021 04:49:34 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9288D113E; Mon, 29 Nov 2021 04:49:33 -0800 (PST) Received: from e121910.arm.com (unknown [10.57.2.170]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6001D3F766; Mon, 29 Nov 2021 04:49:32 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, Abdellatif El Khlifi , Vishnu Banavath Subject: [PATCH][HONISTER 3/5] arm/optee-spdevkit: introducing the recipe Date: Mon, 29 Nov 2021 12:49:13 +0000 Message-Id: <20211129124915.23058-4-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> References: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 29 Nov 2021 12:49:35 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/2468 From: Abdellatif El Khlifi Adding optee-spdevkit recipe. Change-Id: Ib31d7f0a9fa2f72b71c2057f2752b1c52be6f890 Signed-off-by: Vishnu Banavath Signed-off-by: Abdellatif El Khlifi --- .../optee/optee-spdevkit_git.bb | 111 ++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 meta-arm/recipes-security/optee/optee-spdevkit_git.bb diff --git a/meta-arm/recipes-security/optee/optee-spdevkit_git.bb b/meta-arm/recipes-security/optee/optee-spdevkit_git.bb new file mode 100644 index 0000000..a9c696d --- /dev/null +++ b/meta-arm/recipes-security/optee/optee-spdevkit_git.bb @@ -0,0 +1,111 @@ +SUMMARY = "OP-TEE Secure Partion Development Kit" +DESCRIPTION = "Open Portable Trusted Execution Environment - Development Kit to run secure partitions" +HOMEPAGE = "https://www.op-tee.org/" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" + +inherit deploy python3native +require optee.inc + +CVE_PRODUCT = "linaro:op-tee op-tee:op-tee_os" + +DEPENDS = "python3-pycryptodome-native python3-pycryptodomex-native python3-pyelftools-native" + +DEPENDS:append:toolchain-clang = " compiler-rt" + +SRC_URI = "git://github.com/OP-TEE/optee_os.git;branch=master;protocol=https" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +EXTRA_OEMAKE += " \ + PLATFORM=${OPTEEMACHINE} \ + CFG_${OPTEE_CORE}_core=y \ + CROSS_COMPILE_core=${HOST_PREFIX} \ + CROSS_COMPILE_sp_${OPTEE_ARCH}=${HOST_PREFIX} \ + CFG_CORE_FFA=y \ + CFG_WITH_SP=y \ + O=${B} \ +" + +CFLAGS[unexport] = "1" +LDFLAGS[unexport] = "1" +CPPFLAGS[unexport] = "1" +AS[unexport] = "1" +LD[unexport] = "1" + +do_configure[noexec] = "1" + +do_compile() { + oe_runmake -C ${S} sp_dev_kit +} +do_compile[cleandirs] = "${B}" + +do_install() { + #install SP devkit + install -d ${D}${includedir}/optee/export-user_sp/ + for f in ${B}/export-sp_${OPTEE_ARCH}/* ; do + cp -aR $f ${D}${includedir}/optee/export-user_sp/ + done + cat > ${D}${includedir}/optee/export-user_sp/include/stddef.h <<'EOF' +#ifndef STDDEF_H +#define STDDEF_H + +#include + +#ifndef _PTRDIFF_T +typedef long ptrdiff_t; +#define _PTRDIFF_T +#endif + +#ifndef NULL +#define NULL ((void *) 0) +#endif + +#define offsetof(st, m) __builtin_offsetof(st, m) + +#endif /* STDDEF_H */ +EOF + cat > ${D}${includedir}/optee/export-user_sp/include/stddef_.h <<'EOF' +#ifndef STDDEF__H +#define STDDEF__H + +#ifndef SIZET_ +typedef unsigned long size_t; +#define SIZET_ +#endif + +#endif /* STDDEF__H */ +EOF + cat > ${D}${includedir}/optee/export-user_sp/include/stdarg.h <<'EOF' +#ifndef STDARG_H +#define STDARG_H + +#define va_list __builtin_va_list +#define va_start(ap, last) __builtin_va_start(ap, last) +#define va_end(ap) __builtin_va_end(ap) +#define va_copy(to, from) __builtin_va_copy(to, from) +#define va_arg(to, type) __builtin_va_arg(to, type) + +#endif /* STDARG_H */ +EOF + cat > ${D}${includedir}/optee/export-user_sp/include/stdbool.h <<'EOF' +#ifndef STDBOOL_H +#define STDBOOL_H + +#define bool _Bool + +#define true 1 +#define false 0 + +#define __bool_true_false_are_defined 1 + +#endif /* STDBOOL_H */ +EOF +} + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +# optee-spdevkit static library is part of optee-os image. No need to package this library in a staticdev package +INSANE_SKIP:${PN}-dev = "staticdev" From patchwork Mon Nov 29 12:49:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 981 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4622EC433F5 for ; Mon, 29 Nov 2021 12:49:36 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web09.60590.1638190175674172385 for ; Mon, 29 Nov 2021 04:49:35 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 533151042; Mon, 29 Nov 2021 04:49:35 -0800 (PST) Received: from e121910.arm.com (unknown [10.57.2.170]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E3E153F766; Mon, 29 Nov 2021 04:49:33 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, Abdellatif El Khlifi , Vishnu Banavath Subject: [PATCH][HONISTER 4/5] arm/secure-partitions: introducing the recipe Date: Mon, 29 Nov 2021 12:49:14 +0000 Message-Id: <20211129124915.23058-5-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> References: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 29 Nov 2021 12:49:36 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/2469 From: Abdellatif El Khlifi Adding secure-partitions recipe. Change-Id: I4320fb7087157a7c0f9305ce1d8f8574d4500fd0 Signed-off-by: Vishnu Banavath Signed-off-by: Abdellatif El Khlifi --- .../trusted-services/secure-partitions_git.bb | 91 +++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 meta-arm/recipes-security/trusted-services/secure-partitions_git.bb diff --git a/meta-arm/recipes-security/trusted-services/secure-partitions_git.bb b/meta-arm/recipes-security/trusted-services/secure-partitions_git.bb new file mode 100644 index 0000000..0c825e6 --- /dev/null +++ b/meta-arm/recipes-security/trusted-services/secure-partitions_git.bb @@ -0,0 +1,91 @@ +SUMMARY = "Trusted Services secure partitions" +HOMEPAGE = "https://trusted-services.readthedocs.io/en/latest/index.html" + +COMPATIBLE_MACHINE ?= "invalid" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +LICENSE = "Apache-2.0 & BSD-3-Clause & Zlib" +LIC_FILES_CHKSUM = "file://license.rst;md5=ea160bac7f690a069c608516b17997f4 \ + file://../mbedcrypto/LICENSE;md5=302d50a6369f5f22efdb674db908167a \ + file://../nanopb/LICENSE.txt;md5=9db4b73a55a3994384112efcdb37c01f" + +SRC_URI = "git://git.trustedfirmware.org/TS/trusted-services.git;protocol=https;branch=integration;name=ts;destsuffix=git/ts ${SRC_URI_MBED} ${SRC_URI_NANOPB}" + +SRC_URI_MBED = "git://github.com/ARMmbed/mbed-crypto.git;protocol=https;branch=development;name=mbed;destsuffix=git/mbedcrypto" +SRC_URI_NANOPB = "git://github.com/nanopb/nanopb.git;name=nanopb;protocol=https;branch=master;destsuffix=git/nanopb" + +SRCREV_FORMAT = "ts" +SRCREV_ts = "c52807cfea6edab5d5c9cc0cfdb18ffe12cfdb0c" +SRCREV_mbed = "cf4a40ba0a3086cabb5a8227245191161fd26383" +SRCREV_nanopb = "df0e92f474f9cca704fe2b31483f0b4d1b1715a4" +PV = "0.0+git${SRCPV}" + +# Which environment to create the secure partions for (opteesp or shim) +TS_ENVIRONMENT ?= "opteesp" +S = "${WORKDIR}/git/ts" +B = "${WORKDIR}/build" + +inherit deploy python3native + +DEPENDS = "python3-pycryptodome-native python3-pycryptodomex-native \ + python3-pyelftools-native python3-grpcio-tools-native \ + python3-protobuf-native protobuf-native cmake-native \ + " + +DEPENDS:append = " ${@bb.utils.contains('TS_ENVIRONMENT', 'opteesp', 'optee-spdevkit', '', d)}" + +EXTRA_OEMAKE += "HOST_PREFIX=${HOST_PREFIX}" +EXTRA_OEMAKE += "CROSS_COMPILE64=${HOST_PREFIX}" + +export CROSS_COMPILE="${TARGET_PREFIX}" + +CFLAGS[unexport] = "1" +CPPFLAGS[unexport] = "1" +AS[unexport] = "1" +LD[unexport] = "1" + +# setting the linker options used to build the secure partitions +SECURITY_LDFLAGS = "" +TARGET_LDFLAGS = "-Wl,--build-id=none -Wl,--hash-style=both" + +# only used if TS_ENVIRONMENT is opteesp +SP_DEV_KIT_DIR = "${@bb.utils.contains('TS_ENVIRONMENT', 'opteesp', '${STAGING_INCDIR}/optee/export-user_sp', '', d)}" + +# SP images are embedded into optee os image +SP_PACKAGING_METHOD ?= "embedded" + +do_configure[cleandirs] = "${B}" + +do_configure() { + for TS_DEPLOYMENT in ${TS_DEPLOYMENTS}; do + cmake \ + -DCMAKE_INSTALL_PREFIX=${D}/firmware/sp \ + -DSP_DEV_KIT_DIR=${SP_DEV_KIT_DIR} \ + -DSP_PACKAGING_METHOD=${SP_PACKAGING_METHOD} \ + -S ${S}/$TS_DEPLOYMENT -B "${B}/$TS_DEPLOYMENT" + done +} + +do_compile() { + for TS_DEPLOYMENT in ${TS_DEPLOYMENTS}; do + cmake --build "${B}/$TS_DEPLOYMENT" + done +} + +do_install () { + if [ "${TS_ENVIRONMENT}" = "opteesp" ]; then + for TS_DEPLOYMENT in ${TS_DEPLOYMENTS}; do + cmake --install "${B}/$TS_DEPLOYMENT" + done + fi +} + +SYSROOT_DIRS = "/firmware" + +do_deploy() { + cp -rf ${D}/firmware/* ${DEPLOYDIR}/ +} +addtask deploy after do_install + +FILES:${PN} = "/firmware/*" From patchwork Mon Nov 29 12:49:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 982 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47DF7C433FE for ; Mon, 29 Nov 2021 12:49:38 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web12.60334.1638190177604385576 for ; Mon, 29 Nov 2021 04:49:37 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 2E6571042; Mon, 29 Nov 2021 04:49:37 -0800 (PST) Received: from e121910.arm.com (unknown [10.57.2.170]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B30463F766; Mon, 29 Nov 2021 04:49:35 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, Abdellatif El Khlifi , Vishnu Banavath Subject: [PATCH][HONISTER 5/5] meta-arm-bsp/security: corstone1000: add trusted services support Date: Mon, 29 Nov 2021 12:49:15 +0000 Message-Id: <20211129124915.23058-6-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> References: <20211129124915.23058-1-abdellatif.elkhlifi@arm.com> List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 29 Nov 2021 12:49:38 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/2470 From: Abdellatif El Khlifi These changes are to add support to build TrustedServices. corstone1000 platfrom uses optee-sp option which will include secure partitions into optee Image Following changes are made to trusted-services code * TS_PLATFORM should be set at the external build system level. * fix EARLY_TA_PATHS environment variable * se-proxy string and make it as child node Change-Id: I58d76b5e25e7f285794c93dc92c1b93fdd77cfb9 Signed-off-by: Vishnu Banavath Signed-off-by: Abdellatif El Khlifi --- .../conf/machine/include/corstone1000.inc | 3 ++ .../trusted-firmware-m-corstone1000.inc | 9 +--- .../optee/optee-os_corstone1000.inc | 32 ++++--------- .../optee/optee-os_corstone1000_common.inc | 27 +++++++++++ .../optee/optee-spdevkit_corstone1000.inc | 1 + .../optee/optee-spdevkit_git.bbappend | 6 +++ ...pplying-lowercase-project-convention.patch | 33 ++++++++++++++ ...0002-fix-EARLY_TA_PATHS-env-variable.patch | 31 +++++++++++++ ...proxy-dts-add-se-proxy-as-child-node.patch | 45 +++++++++++++++++++ .../secure-partitions_%.bbappend | 4 ++ .../trusted-services/ts-corstone1000.inc | 17 +++++++ 11 files changed, 178 insertions(+), 30 deletions(-) create mode 100644 meta-arm-bsp/recipes-security/optee/optee-os_corstone1000_common.inc create mode 100644 meta-arm-bsp/recipes-security/optee/optee-spdevkit_corstone1000.inc create mode 100644 meta-arm-bsp/recipes-security/optee/optee-spdevkit_git.bbappend create mode 100644 meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0001-tools-cmake-common-applying-lowercase-project-convention.patch create mode 100644 meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0002-fix-EARLY_TA_PATHS-env-variable.patch create mode 100644 meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0003-se-proxy-dts-add-se-proxy-as-child-node.patch create mode 100644 meta-arm-bsp/recipes-security/trusted-services/secure-partitions_%.bbappend create mode 100644 meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc diff --git a/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm-bsp/conf/machine/include/corstone1000.inc index 753347d..9e36b4f 100644 --- a/meta-arm-bsp/conf/machine/include/corstone1000.inc +++ b/meta-arm-bsp/conf/machine/include/corstone1000.inc @@ -41,6 +41,9 @@ EXTRA_IMAGEDEPENDS += "optee-os" OPTEE_ARCH = "arm64" OPTEE_BINARY = "tee-pager_v2.bin" +# Trusted Services(TS) +EXTRA_IMAGEDEPENDS += "secure-partitions" + # Linux kernel PREFERRED_PROVIDER_virtual/kernel:forcevariable = "linux-yocto" PREFERRED_VERSION_linux-yocto = "5.10%" diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index 997859c..d936309 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -4,13 +4,8 @@ COMPATIBLE_MACHINE = "(corstone1000)" TFM_DEBUG = "1" -PACKAGECONFIG[test-secure] = "-DTEST_S=OFF,-DTEST_S=OFF" -PACKAGECONFIG[test-nonsecure] = "-DTEST_NS=OFF,-DTEST_NS=OFF" - -INSANE_SKIP:${PN} = "arch" - -## Default is the FVP ## -TFM_PLATFORM_IS_FVP ?= "TRUE" +## Default is the MPS3 board +TFM_PLATFORM_IS_FVP ?= "FALSE" EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}" SRCREV_tfm = "ccd82e35f539c0d7261b2935d6d30c550cfc6736" diff --git a/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000.inc b/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000.inc index e2cc7d6..eb4d6af 100644 --- a/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000.inc +++ b/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000.inc @@ -1,27 +1,13 @@ -SRC_URI = "git://git.trustedfirmware.org/OP-TEE/optee_os.git;protocol=https;branch=psa-development" -SRCREV = "f9de2c9520ed97b89760cc4c99424aae440b63f4" -PV .= "+git${SRCREV}" +require optee-os_corstone1000_common.inc -DEPENDS += "python3-pycryptodomex-native" +DEPENDS += " secure-partitions" +EXTRA_OEMAKE +="'SP_PACKAGING_METHOD=embedded'" -FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/corstone1000:" +TS_INSTALL_PREFIX_PATH="${RECIPE_SYSROOT}/firmware/sp/opteesp" +EXTRA_OEMAKE += "'TS_INSTALL_PREFIX=${TS_INSTALL_PREFIX_PATH}'" -SRC_URI:append = " \ - file://0001-plat-corstone1000-add-corstone1000-platform.patch \ - file://0002-plat-corstone1000-reserve-3MB-CVM-memory-for-optee.patch" +# se-proxy secure partition +SP_MKFILE_PATH="${TS_INSTALL_PREFIX}/lib/make/se-proxy.mk" -COMPATIBLE_MACHINE = "corstone1000" - -OPTEEMACHINE = "corstone1000" -# Enable optee memory layout and boot logs -EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=4" - -# default disable latency benchmarks (over all OP-TEE layers) -EXTRA_OEMAKE += " CFG_TEE_BENCHMARK=n" - -EXTRA_OEMAKE += " CFG_CORE_SEL1_SPMC=y CFG_CORE_FFA=y" - -EXTRA_OEMAKE += " CFG_WITH_SP=y" - -EXTRA_OEMAKE += " HOST_PREFIX=${HOST_PREFIX}" -EXTRA_OEMAKE += " CROSS_COMPILE64=${HOST_PREFIX}" +EXTRA_OEMAKE += "'CFG_SP_MKFILE_PATH=${SP_MKFILE_PATH}'" +EXTRA_OEMAKE += "'CFG_EMBED_DTB_SOURCE_FILE=${TS_INSTALL_PREFIX_PATH}/manifest/46bb39d1-b4d9-45b5-88ff-040027dab249.dts'" diff --git a/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000_common.inc b/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000_common.inc new file mode 100644 index 0000000..423e968 --- /dev/null +++ b/meta-arm-bsp/recipes-security/optee/optee-os_corstone1000_common.inc @@ -0,0 +1,27 @@ +SRC_URI = "git://git.trustedfirmware.org/OP-TEE/optee_os.git;protocol=https;branch=psa-development" +SRCREV = "f9de2c9520ed97b89760cc4c99424aae440b63f4" +PV .= "+git${SRCREV}" + +DEPENDS += "python3-pycryptodomex-native dtc-native" + +FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/corstone1000:" + +SRC_URI:append = " \ + file://0001-plat-corstone1000-add-corstone1000-platform.patch \ + file://0002-plat-corstone1000-reserve-3MB-CVM-memory-for-optee.patch" + +COMPATIBLE_MACHINE = "corstone1000" + +OPTEEMACHINE = "corstone1000" +# Enable optee memory layout and boot logs +EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=4" + +# default disable latency benchmarks (over all OP-TEE layers) +EXTRA_OEMAKE += " CFG_TEE_BENCHMARK=n" + +EXTRA_OEMAKE += " CFG_CORE_SEL1_SPMC=y CFG_CORE_FFA=y" + +EXTRA_OEMAKE += " CFG_WITH_SP=y" + +EXTRA_OEMAKE += " HOST_PREFIX=${HOST_PREFIX}" +EXTRA_OEMAKE += " CROSS_COMPILE64=${HOST_PREFIX}" diff --git a/meta-arm-bsp/recipes-security/optee/optee-spdevkit_corstone1000.inc b/meta-arm-bsp/recipes-security/optee/optee-spdevkit_corstone1000.inc new file mode 100644 index 0000000..363b0ed --- /dev/null +++ b/meta-arm-bsp/recipes-security/optee/optee-spdevkit_corstone1000.inc @@ -0,0 +1 @@ +require optee-os_corstone1000_common.inc diff --git a/meta-arm-bsp/recipes-security/optee/optee-spdevkit_git.bbappend b/meta-arm-bsp/recipes-security/optee/optee-spdevkit_git.bbappend new file mode 100644 index 0000000..13e109c --- /dev/null +++ b/meta-arm-bsp/recipes-security/optee/optee-spdevkit_git.bbappend @@ -0,0 +1,6 @@ +# Machine specific configurations + +MACHINE_OPTEE_SPDEVKIT_REQUIRE ?= "" +MACHINE_OPTEE_SPDEVKIT_REQUIRE:corstone1000 = "optee-spdevkit_corstone1000.inc" + +require ${MACHINE_OPTEE_SPDEVKIT_REQUIRE} diff --git a/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0001-tools-cmake-common-applying-lowercase-project-convention.patch b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0001-tools-cmake-common-applying-lowercase-project-convention.patch new file mode 100644 index 0000000..1de064b --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0001-tools-cmake-common-applying-lowercase-project-convention.patch @@ -0,0 +1,33 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Abdellatif El Khlifi + +From 0bdafbd98ffd25a09822a560435ee9719e9bc0e4 Mon Sep 17 00:00:00 2001 +From: Vishnu Banavath +Date: Sat, 13 Nov 2021 07:47:44 +0000 +Subject: [PATCH] tools/cmake/common: applying lowercase project convention + +Lowercase convention should only apply on the paths inside TS +source-code. +Host build paths should not be lowercased. Otherwise, builds +with uppercase paths will break. + +Signed-off-by: Abdellatif El Khlifi + +diff --git a/tools/cmake/common/AddPlatform.cmake b/tools/cmake/common/AddPlatform.cmake +index ae34c6e..31bcd8c 100644 +--- a/tools/cmake/common/AddPlatform.cmake ++++ b/tools/cmake/common/AddPlatform.cmake +@@ -37,8 +37,8 @@ function(add_platform) + set(TGT ${MY_PARAMS_TARGET} CACHE STRING "") + + # Ensure file path conforms to lowercase project convention +- string(TOLOWER "${TS_PLATFORM_ROOT}/${TS_PLATFORM}/platform.cmake" _platdef) +- include(${_platdef}) ++ string(TOLOWER "${TS_PLATFORM}/platform.cmake" _platdef) ++ include(${TS_PLATFORM_ROOT}/${_platdef}) + set(CMAKE_CONFIGURE_DEPENDS ${_platdef}) + + unset(TGT CACHE) +-- +2.17.1 + diff --git a/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0002-fix-EARLY_TA_PATHS-env-variable.patch b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0002-fix-EARLY_TA_PATHS-env-variable.patch new file mode 100644 index 0000000..e404e6f --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0002-fix-EARLY_TA_PATHS-env-variable.patch @@ -0,0 +1,31 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Abdellatif El Khlifi + +From 28f3e8d68996ad2e3ccca45d2435b3b524daef48 Mon Sep 17 00:00:00 2001 +From: Vishnu Banavath +Date: Sat, 13 Nov 2021 07:51:53 +0000 +Subject: [PATCH] fix EARLY_TA_PATHS env variable + +Yocto cleans up environment varaibles at build time. +EARLY_TA_PATHS should be set a separate rule for securepartitions +to be included into optee-os image + +Signed-off-by: Vishnu Banavath + +diff --git a/environments/opteesp/sp.mk.in b/environments/opteesp/sp.mk.in +index c44ad59..d67e2dc 100644 +--- a/environments/opteesp/sp.mk.in ++++ b/environments/opteesp/sp.mk.in +@@ -14,7 +14,8 @@ ifeq (,${@EXPORT_SP_UUID@-included}) + endif + + ifeq (embedded,${SP_PACKAGING_METHOD}) +-OPTEE_OS_COMMON_EXTRA_FLAGS+=EARLY_TA_PATHS+=${TS_INSTALL_PREFIX}/opteesp/bin/@EXPORT_SP_UUID@.stripped.elf ++EARLY_TA_PATHS+=${TS_INSTALL_PREFIX}/bin/@EXPORT_SP_UUID@.stripped.elf ++OPTEE_OS_COMMON_EXTRA_FLAGS+=${EARLY_TA_PATHS} + TS_SP_DTSI_LIST+="\\n\#include \"${TS_INSTALL_PREFIX}/opteesp/manifest/@EXPORT_SP_UUID@.dtsi\"" + else ifeq (fip,${SP_PACKAGING_METHOD}) + TS_SP_JSON_LIST+=${TS_INSTALL_PREFIX}/opteesp/json/@EXPORT_SP_NAME@.json +-- +2.17.1 + diff --git a/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0003-se-proxy-dts-add-se-proxy-as-child-node.patch b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0003-se-proxy-dts-add-se-proxy-as-child-node.patch new file mode 100644 index 0000000..5d64949 --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/0003-se-proxy-dts-add-se-proxy-as-child-node.patch @@ -0,0 +1,45 @@ +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Abdellatif El Khlifi + +From 446155031c5a37c3a9771f0215d9fb23d59648d6 Mon Sep 17 00:00:00 2001 +From: Vishnu Banavath +Date: Sat, 13 Nov 2021 08:34:42 +0000 +Subject: [PATCH] se-proxy:dts: add se-proxy as child node + +se-proxy sp string should be added for se-proxy node to be +read properly. + +Signed-off-by: Vishnu Banavath + +diff --git a/deployments/se-proxy/opteesp/default_se-proxy.dts.in b/deployments/se-proxy/opteesp/default_se-proxy.dts.in +index 961071a..9f5cf71 100644 +--- a/deployments/se-proxy/opteesp/default_se-proxy.dts.in ++++ b/deployments/se-proxy/opteesp/default_se-proxy.dts.in +@@ -7,13 +7,15 @@ + @DTS_TAG@ + + @DTS_NODE@ { +- compatible = "arm,ffa-manifest-1.0"; +- ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */ +- uuid = <@EXPORT_SP_UUID_DT@>; +- description = "SE Proxy"; +- execution-ctx-count = <1>; +- exception-level = <1>; /* S-EL0 */ +- execution-state = <0>; /* AArch64 */ +- xlat-granule = <0>; /* 4KiB */ +- messaging-method = <0>; /* Direct messaging only */ ++ se-proxy { ++ compatible = "arm,ffa-manifest-1.0"; ++ ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */ ++ uuid = <@EXPORT_SP_UUID_DT@>; ++ description = "SE Proxy"; ++ execution-ctx-count = <1>; ++ exception-level = <1>; /* S-EL0 */ ++ execution-state = <0>; /* AArch64 */ ++ xlat-granule = <0>; /* 4KiB */ ++ messaging-method = <0>; /* Direct messaging only */ ++ }; + }; +-- +2.17.1 + diff --git a/meta-arm-bsp/recipes-security/trusted-services/secure-partitions_%.bbappend b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions_%.bbappend new file mode 100644 index 0000000..8a37a28 --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/secure-partitions_%.bbappend @@ -0,0 +1,4 @@ +MACHINE_TS_REQUIRE ?= "" +MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" + +require ${MACHINE_TS_REQUIRE} diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc new file mode 100644 index 0000000..d574fbe --- /dev/null +++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc @@ -0,0 +1,17 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/secure-partitions:" + +COMPATIBLE_MACHINE = "corstone1000" + +SRC_URI:append = " file://0001-tools-cmake-common-applying-lowercase-project-convention.patch \ + file://0002-fix-EARLY_TA_PATHS-env-variable.patch \ + file://0003-se-proxy-dts-add-se-proxy-as-child-node.patch \ + " + +TS_PLATFORM = "arm/fvp/fvp_base_revc-2xaemv8a" +TS_ENVIRONMENT = "opteesp" +SP_PACKAGING_METHOD = "embedded" + +EXTRA_OEMAKE += "TS_PLATFORM=${TS_PLATFORM}" + +# Secure Enclave proxy secure partition +TS_DEPLOYMENTS += "'deployments/se-proxy/${TS_ENVIRONMENT}'"