diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 67857c5af4b9dbc5b02f039a987ab7d8388b239b..9b341846161c9ca4435f596834fff4e7a5b41ab9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -13,7 +13,8 @@ variables: META_CASSINI_TARGET_BRANCH: value: none description: Comma separated list of meta-cassini branch to trigger - (none, main, nanbield-dev, mickledore-dev, kirkstone-dev) + (none, main, scarthgap-dev, nanbield-dev, + mickledore-dev, kirkstone-dev) META_CASSINI_BUILD_IMAGE: value: all-images description: Comma separated list of images to build @@ -39,7 +40,11 @@ include: trigger-meta-cassini: inherit: - variables: false + variables: + - META_CASSINI_TARGET_BRANCH + - META_CASSINI_BUILD_IMAGE + - META_CASSINI_BUILD_PLATFORM + - META_CASSINI_FORCE_TESTS stage: Build rules: - !reference [".build-image:rules:skip-target-build", rules] @@ -47,6 +52,8 @@ trigger-meta-cassini: - !reference [".build-image:rules:common", rules] - !reference [".build-image:rules:n1sdp", rules] - !reference [".build-image:rules:corstone1000", rules] + - !reference [".build-image:rules:manual", rules] + - !reference [".build-image:rules:ci-patterns", rules] trigger: project: $META_CASSINI_PROJECT branch: $META_CASSINI_TARGET_BRANCH diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index 54201604c0ade657f7b88374a128f0c5e5b51ea8..e9cea5685b3a300b5c32933611b459c68c7d783c 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -7,13 +7,18 @@ .if-merge-request-or-push: &if-merge-request-or-push if: '$CI_MERGE_REQUEST_IID || $CI_PIPELINE_SOURCE == "push"' +.if-manual: &if-manual + if: '$CI_PIPELINE_SOURCE == "web"' + .if-no-target-project: &if-no-target-project if: '$META_CASSINI_PROJECT == "" || $META_CASSINI_PROJECT == null' # Changes patterns +.ci-patterns: &ci-patterns + - ".gitlab-ci.yml" + - ".gitlab/ci/rules.yml" + .build-common: &build-common - - "grub/**/*" - - "meta-security/**/*" - "conf/layer.conf" .build-n1sdp: &build-n1sdp @@ -23,7 +28,7 @@ .build-corstone1000: &build-corstone1000 - "conf/machine/include/corstone1000-*-cassini-extra-settings.inc" - "conf/multiconfig/firmware.conf" - - "meta-arm/meta-arm-bsp/recipes-bsp/u-boot/**/*" + - "meta-arm/meta-arm-bsp/recipes-bsp/**/*" - "meta-arm/meta-arm-bsp/recipes-core/**/*" - "meta-arm/meta-arm-bsp/recipes-kernel/**/*" - "meta-arm/meta-arm-bsp/wic/*" @@ -50,11 +55,25 @@ variables: META_CASSINI_BUILD_PLATFORM: 'n1sdp, corstone1000-fvp' +.build-image:rules:ci-patterns: + rules: + - <<: *if-merge-request-or-push + changes: *ci-patterns + variables: + META_CASSINI_BUILD_PLATFORM: 'none' + +.build-image:rules:manual: + rules: + - <<: *if-manual + .build-image:rules:set-target-branch: rules: - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main"' variables: META_CASSINI_TARGET_BRANCH: 'main' + - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "scarthgap"' + variables: + META_CASSINI_TARGET_BRANCH: 'scarthgap-dev' - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "nanbield"' variables: META_CASSINI_TARGET_BRANCH: 'nanbield-dev' diff --git a/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb b/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb index 771e8b5a68811412149e044b1f6dfc593835616e..f4ec1ab0a97a99256c37f7bf6cb35219f8cf0bcf 100644 --- a/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb +++ b/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb @@ -9,7 +9,7 @@ DESCRIPTION = "Image used during testing of initramfs based platforms to \ tested" LICENSE = "MIT" -DEPENDS += "corstone1000-flash-firmware-image" +DEPENDS += "trusted-firmware-a" inherit image inherit nopackages diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch deleted file mode 100644 index 8853dbf8c632ba1f114c0f4589bb6677656ad613..0000000000000000000000000000000000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 9cb4babc2e496a4028bcd75337ea4466563f73ca Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Wed, 13 Mar 2024 16:44:10 +0000 -Subject: [PATCH] add boot order into SP manifest - -The block storage SP should be loaded before the protected storage and ITS -SP due to block storage dependency. After OP-TEE v4.0, SPs can be loaded -in orderly fashion depending on the boot-order property in the SPs -manifest file. This patch loads SPs in a orderly fashion to make sure -there is no runtime dependency issues. - -Signed-off-by: Emekcan Aras -Upstream-Status: Pending ---- - .../config/default-opteesp/default_block-storage.dts.in | 1 + - deployments/crypto/config/default-opteesp/default_crypto.dts.in | 1 + - .../shared-flash-opteesp/default_internal-trusted-storage.dts.in | 1 + - .../config/shared-flash-opteesp/default_protected-storage.dts.in | 1 + - .../config/default-opteesp/default_smm-gateway.dts.in | 1 + - 5 files changed, 5 insertions(+) - -diff --git a/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in b/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -index 0a97cb5..4b408ca 100644 ---- a/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -+++ b/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <1>; - }; -diff --git a/deployments/crypto/config/default-opteesp/default_crypto.dts.in b/deployments/crypto/config/default-opteesp/default_crypto.dts.in -index c900636..7d90a88 100644 ---- a/deployments/crypto/config/default-opteesp/default_crypto.dts.in -+++ b/deployments/crypto/config/default-opteesp/default_crypto.dts.in -@@ -18,6 +18,7 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <4>; - - device-regions { - compatible = "arm,ffa-manifest-device-regions"; -diff --git a/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in b/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -index 77d0805..a6ac644 100644 ---- a/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -+++ b/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <3>; - }; -diff --git a/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in b/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -index b305fbb..95bd537 100644 ---- a/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -+++ b/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <2>; - }; -diff --git a/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in b/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -index d74c2f3..4803de1 100644 ---- a/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -+++ b/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -@@ -18,6 +18,7 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <5>; - - memory-regions { - compatible = "arm,ffa-manifest-memory-regions"; --- -2.25.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc deleted file mode 100644 index 789311e42f1c84c5fd6b9f4eefd79d8df6a8f9af..0000000000000000000000000000000000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc +++ /dev/null @@ -1,5 +0,0 @@ -FILESEXTRAPATHS:prepend:n1sdp := "${THISDIR}/files/n1sdp:" - -SRC_URI:append:n1sdp = " \ - file://0001-add-boot-order-into-SP-manifest.patch \ - " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend deleted file mode 100644 index 48d83d79111f3b6abaf0deccf36f1de116ce48f0..0000000000000000000000000000000000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend deleted file mode 100644 index 48d83d79111f3b6abaf0deccf36f1de116ce48f0..0000000000000000000000000000000000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend deleted file mode 100644 index 48d83d79111f3b6abaf0deccf36f1de116ce48f0..0000000000000000000000000000000000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend index 7794851be537330a159459d7803a372803f05d7d..c2f96cfc294008a881d7e4a1eda2c874108d3419 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend @@ -3,7 +3,5 @@ # # SPDX-License-Identifier: MIT -require ts-platforms.inc - # Override configuration to use block storage service OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/internal-trusted-storage/config/shared-flash-${TS_ENV}" diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend index edde7ed562573d34070e7a80f0b03efd8be54d33..6b514a0430d0c32a505980e3e550fca6ed2e12b6 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend @@ -3,7 +3,5 @@ # # SPDX-License-Identifier: MIT -require ts-platforms.inc - # Override configuration to use block storage service OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/protected-storage/config/shared-flash-${TS_ENV}" diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index e99b969200f30d0355a899de464180e831a28b9a..fba8dc9da177e50266b66e2b8048493a13d84bc0 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -79,11 +79,14 @@ sourceparams srcurifile suggestedvar tarbz2 +TF-A THISDIR udev unitdir usbgadget usbhost +util +utils VIRT wchar WIDEC