From 2c9f6920d390f8888e4bd44b281bd74e614fc804 Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Fri, 10 May 2024 14:52:54 +0000 Subject: [PATCH 01/21] ci: Add new trigger rules * Manual trigger option for meta-cassini pipeline if any different branch is specified. * Trigger meta-cassini pipeline with `none` platform if any CI files have changed on meta-cassini-bsp Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 2 ++ .gitlab/ci/rules.yml | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 67857c5..7a0d0d9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -47,6 +47,8 @@ trigger-meta-cassini: - !reference [".build-image:rules:common", rules] - !reference [".build-image:rules:n1sdp", rules] - !reference [".build-image:rules:corstone1000", rules] + - !reference [".build-image:rules:manual", rules] + - !reference [".build-image:rules:ci-patterns", rules] trigger: project: $META_CASSINI_PROJECT branch: $META_CASSINI_TARGET_BRANCH diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index 5420160..637fdfc 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -7,10 +7,17 @@ .if-merge-request-or-push: &if-merge-request-or-push if: '$CI_MERGE_REQUEST_IID || $CI_PIPELINE_SOURCE == "push"' +.if-manual: &if-manual + if: '$CI_PIPELINE_SOURCE == "web"' + .if-no-target-project: &if-no-target-project if: '$META_CASSINI_PROJECT == "" || $META_CASSINI_PROJECT == null' # Changes patterns +.ci-patterns: &ci-patterns + - ".gitlab-ci.yml" + - ".gitlab/ci/rules.yml" + .build-common: &build-common - "grub/**/*" - "meta-security/**/*" @@ -50,6 +57,17 @@ variables: META_CASSINI_BUILD_PLATFORM: 'n1sdp, corstone1000-fvp' +.build-image:rules:ci-patterns: + rules: + - <<: *if-merge-request-or-push + changes: *ci-patterns + variables: + META_CASSINI_BUILD_PLATFORM: 'none' + +.build-image:rules:manual: + rules: + - <<: *if-manual + .build-image:rules:set-target-branch: rules: - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main"' -- GitLab From 04a77fd9baa3e88cb1ce7decb9bc690ff1fa2adf Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Fri, 10 May 2024 15:35:30 +0000 Subject: [PATCH 02/21] ci: Add trigger rule for `scarthgap` release Automatically trigger pipeline for the target branch on meta-cassini. Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 3 ++- .gitlab/ci/rules.yml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7a0d0d9..0443690 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -13,7 +13,8 @@ variables: META_CASSINI_TARGET_BRANCH: value: none description: Comma separated list of meta-cassini branch to trigger - (none, main, nanbield-dev, mickledore-dev, kirkstone-dev) + (none, main, scarthgap-dev, nanbield-dev, + mickledore-dev, kirkstone-dev) META_CASSINI_BUILD_IMAGE: value: all-images description: Comma separated list of images to build diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index 637fdfc..a7fc0e9 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -73,6 +73,9 @@ - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main"' variables: META_CASSINI_TARGET_BRANCH: 'main' + - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "scarthgap"' + variables: + META_CASSINI_TARGET_BRANCH: 'scarthgap-dev' - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "nanbield"' variables: META_CASSINI_TARGET_BRANCH: 'nanbield-dev' -- GitLab From 8d4e4948f2b9a6838d7468f05a38f7f5bff4fd7c Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Mon, 13 May 2024 16:05:15 +0000 Subject: [PATCH 03/21] ci: Add variables to the inheritance list Extend the scope of variables for the trigger job which creates a child pipeline. Signed-off-by: Ali Can Ozaslan --- .gitlab-ci.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0443690..9b34184 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -40,7 +40,11 @@ include: trigger-meta-cassini: inherit: - variables: false + variables: + - META_CASSINI_TARGET_BRANCH + - META_CASSINI_BUILD_IMAGE + - META_CASSINI_BUILD_PLATFORM + - META_CASSINI_FORCE_TESTS stage: Build rules: - !reference [".build-image:rules:skip-target-build", rules] -- GitLab From 98fa2dccc6bb83268a8fc339f0c4bf0fa21ff6af Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Tue, 14 May 2024 15:33:32 +0000 Subject: [PATCH 04/21] ci: Remove obsolete ci rules Remove obsolete file path under build-common rule. Signed-off-by: Ali Can Ozaslan --- .gitlab/ci/rules.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index a7fc0e9..ca95fab 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -20,7 +20,6 @@ .build-common: &build-common - "grub/**/*" - - "meta-security/**/*" - "conf/layer.conf" .build-n1sdp: &build-n1sdp -- GitLab From d740672460df61b13d532cb554cdde572c89814e Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Tue, 14 May 2024 17:11:02 +0000 Subject: [PATCH 05/21] ci: Fix file path The grub folder exists in `meta-arm/meta-arm-bsp` and only relates to Corstone-1000 changes, therefore correct the path. Signed-off-by: Ali Can Ozaslan --- .gitlab/ci/rules.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index ca95fab..e9cea56 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -19,7 +19,6 @@ - ".gitlab/ci/rules.yml" .build-common: &build-common - - "grub/**/*" - "conf/layer.conf" .build-n1sdp: &build-n1sdp @@ -29,7 +28,7 @@ .build-corstone1000: &build-corstone1000 - "conf/machine/include/corstone1000-*-cassini-extra-settings.inc" - "conf/multiconfig/firmware.conf" - - "meta-arm/meta-arm-bsp/recipes-bsp/u-boot/**/*" + - "meta-arm/meta-arm-bsp/recipes-bsp/**/*" - "meta-arm/meta-arm-bsp/recipes-core/**/*" - "meta-arm/meta-arm-bsp/recipes-kernel/**/*" - "meta-arm/meta-arm-bsp/wic/*" -- GitLab From 09f39a3cb45567aaeaabe561908dda9126d7fea1 Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Mon, 13 May 2024 10:14:15 +0100 Subject: [PATCH 06/21] bsp: Fix util image dependency The utils image only depends on TF-A and as this is common to all branches it should be used in place of the master specific firmware package. Signed-off-by: Emekcan Aras --- .../recipes-core/images/corstone1000-utils-overlay-image.bb | 2 +- qa-checks/cassini-bsp-dictionary | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb b/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb index 771e8b5..f4ec1ab 100644 --- a/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb +++ b/meta-arm/meta-arm-bsp/recipes-core/images/corstone1000-utils-overlay-image.bb @@ -9,7 +9,7 @@ DESCRIPTION = "Image used during testing of initramfs based platforms to \ tested" LICENSE = "MIT" -DEPENDS += "corstone1000-flash-firmware-image" +DEPENDS += "trusted-firmware-a" inherit image inherit nopackages diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index e99b969..fba8dc9 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -79,11 +79,14 @@ sourceparams srcurifile suggestedvar tarbz2 +TF-A THISDIR udev unitdir usbgadget usbhost +util +utils VIRT wchar WIDEC -- GitLab From 89a09a8bd45be1fef0cad4d00ad9d28081d7ff8d Mon Sep 17 00:00:00 2001 From: Emekcan Aras Date: Fri, 26 Apr 2024 10:25:11 +0100 Subject: [PATCH 07/21] bsp: Remove boot order patch Removes boot order patches since an equivalent patch merged upstream. Signed-off-by: Emekcan Aras --- ...0001-add-boot-order-into-SP-manifest.patch | 78 ------------------- .../trusted-services/ts-platforms.inc | 5 -- .../ts-sp-attestation_%.bbappend | 6 -- .../ts-sp-block-storage_%.bbappend | 6 -- .../trusted-services/ts-sp-crypto_%.bbappend | 6 -- .../trusted-services/ts-sp-its_%.bbappend | 2 - .../trusted-services/ts-sp-storage_%.bbappend | 2 - 7 files changed, 105 deletions(-) delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch deleted file mode 100644 index 8853dbf..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/files/n1sdp/0001-add-boot-order-into-SP-manifest.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 9cb4babc2e496a4028bcd75337ea4466563f73ca Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Wed, 13 Mar 2024 16:44:10 +0000 -Subject: [PATCH] add boot order into SP manifest - -The block storage SP should be loaded before the protected storage and ITS -SP due to block storage dependency. After OP-TEE v4.0, SPs can be loaded -in orderly fashion depending on the boot-order property in the SPs -manifest file. This patch loads SPs in a orderly fashion to make sure -there is no runtime dependency issues. - -Signed-off-by: Emekcan Aras -Upstream-Status: Pending ---- - .../config/default-opteesp/default_block-storage.dts.in | 1 + - deployments/crypto/config/default-opteesp/default_crypto.dts.in | 1 + - .../shared-flash-opteesp/default_internal-trusted-storage.dts.in | 1 + - .../config/shared-flash-opteesp/default_protected-storage.dts.in | 1 + - .../config/default-opteesp/default_smm-gateway.dts.in | 1 + - 5 files changed, 5 insertions(+) - -diff --git a/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in b/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -index 0a97cb5..4b408ca 100644 ---- a/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -+++ b/deployments/block-storage/config/default-opteesp/default_block-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <1>; - }; -diff --git a/deployments/crypto/config/default-opteesp/default_crypto.dts.in b/deployments/crypto/config/default-opteesp/default_crypto.dts.in -index c900636..7d90a88 100644 ---- a/deployments/crypto/config/default-opteesp/default_crypto.dts.in -+++ b/deployments/crypto/config/default-opteesp/default_crypto.dts.in -@@ -18,6 +18,7 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <4>; - - device-regions { - compatible = "arm,ffa-manifest-device-regions"; -diff --git a/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in b/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -index 77d0805..a6ac644 100644 ---- a/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -+++ b/deployments/internal-trusted-storage/config/shared-flash-opteesp/default_internal-trusted-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <3>; - }; -diff --git a/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in b/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -index b305fbb..95bd537 100644 ---- a/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -+++ b/deployments/protected-storage/config/shared-flash-opteesp/default_protected-storage.dts.in -@@ -18,4 +18,5 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <2>; - }; -diff --git a/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in b/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -index d74c2f3..4803de1 100644 ---- a/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -+++ b/deployments/smm-gateway/config/default-opteesp/default_smm-gateway.dts.in -@@ -18,6 +18,7 @@ - messaging-method = <3>; /* Direct messaging only */ - ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */ - elf-format = <1>; -+ boot-order = /bits/ 16 <5>; - - memory-regions { - compatible = "arm,ffa-manifest-memory-regions"; --- -2.25.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc deleted file mode 100644 index 789311e..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-platforms.inc +++ /dev/null @@ -1,5 +0,0 @@ -FILESEXTRAPATHS:prepend:n1sdp := "${THISDIR}/files/n1sdp:" - -SRC_URI:append:n1sdp = " \ - file://0001-add-boot-order-into-SP-manifest.patch \ - " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend deleted file mode 100644 index 48d83d7..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-attestation_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend deleted file mode 100644 index 48d83d7..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-block-storage_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend deleted file mode 100644 index 48d83d7..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-crypto_%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -require ts-platforms.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend index 7794851..c2f96cf 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend @@ -3,7 +3,5 @@ # # SPDX-License-Identifier: MIT -require ts-platforms.inc - # Override configuration to use block storage service OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/internal-trusted-storage/config/shared-flash-${TS_ENV}" diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend index edde7ed..6b514a0 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend @@ -3,7 +3,5 @@ # # SPDX-License-Identifier: MIT -require ts-platforms.inc - # Override configuration to use block storage service OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/protected-storage/config/shared-flash-${TS_ENV}" -- GitLab From 7283bb67027f1e7831a34d8a077e59306213d761 Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Wed, 29 May 2024 10:24:34 +0000 Subject: [PATCH 08/21] doc: Initialize the repository documentation Before slicing this repository from meta-cassini, the LICENSE and README were provided by the parent folder (the root of meta-cassini) Create new LICENSE and README for this repository Signed-off-by: Adam Johnston --- LICENSE.rst | 45 +++++++++++++++++++++++++ README | 5 --- README.md | 57 ++++++++++++++++++++++++++++++++ qa-checks/cassini-bsp-dictionary | 2 ++ 4 files changed, 104 insertions(+), 5 deletions(-) create mode 100644 LICENSE.rst delete mode 100644 README create mode 100644 README.md diff --git a/LICENSE.rst b/LICENSE.rst new file mode 100644 index 0000000..fcd3a4d --- /dev/null +++ b/LICENSE.rst @@ -0,0 +1,45 @@ +####### +License +####### + +The software is provided under the MIT license (below). + +:: + + Copyright 2024 Arm Limited and/or its affiliates + + open-source-office@arm.com + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to + deal in the Software without restriction, including without limitation the + rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + sell copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice (including the next + paragraph) shall be included in all copies or substantial portions of the + Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + IN THE SOFTWARE. + +**************** +SPDX Identifiers +**************** + +Individual files contain the following tags instead of the full license text. + +:: + + SPDX-FileCopyrightText: Copyright + + SPDX-License-Identifier: MIT + +This enables machine processing of license information based on the SPDX +License Identifiers that are here available: http://spdx.org/licenses/ diff --git a/README b/README deleted file mode 100644 index 42a870a..0000000 --- a/README +++ /dev/null @@ -1,5 +0,0 @@ -# Copyright (c) 2022 Arm Limited or its affiliates. All rights reserved. -# -# SPDX-License-Identifier: MIT - -See ../README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..820fa77 --- /dev/null +++ b/README.md @@ -0,0 +1,57 @@ + + +# Cassini BSP + +## Introduction + +This Yocto layer is used by +[meta-cassini](https://gitlab.com/Linaro/cassini/meta-cassini). + +It modifies some Arm-maintained machine definitions and recipes from +[meta-arm-bsp](https://git.yoctoproject.org/meta-arm/tree/meta-arm-bsp) so that +they can be used to build and boot Cassini distro images. + +At any given point in time, this repository may hold recipes, append-files, +config fragments, and/or out-of-tree patches which either: +- have not been upstreamed yet +- cannot be upstreamed (they are Cassini specific or otherwise inappropriate) + +For more details, see the Cassini documentation +[here](https://cassini.readthedocs.io/en/latest/index.html) + +Contributions to this repository are not accepted at this time + +## Repository License + +The repository's standard license is the MIT license, under which most of the +repository's content is provided. Exceptions to this standard license relate to +files that represent modifications to externally licensed works (for example, +patch files). These files may therefore be included in the repository under +alternative licenses in order to be compliant with the licensing requirements of +the associated external works. + +License details may be found in the [local license file](LICENSE.rst), or as +part of the project documentation. + +## Reporting Issues + +Please report problems using GitLab's "Issues" feature. + +## Reporting Security Issues + +If you find any security vulnerabilities, please do not report them via GitLab +Instead, send an email to the security team at psirt@arm.com stating that you +may have found a security vulnerability in meta-cassini-bsp. + +## Disclaimer + +Arm reference solutions are Arm public example software projects that track and +pull upstream components, incorporating their respective security fixes +published over time. Arm partners are responsible for ensuring that the +components they use contain all the required security fixes, if and when they +deploy a product derived from Arm reference solutions. diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index fba8dc9..43ee843 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -69,6 +69,7 @@ packagegroup posix ptable readlink +README requireinclude requirenotfound RPROVIDER @@ -83,6 +84,7 @@ TF-A THISDIR udev unitdir +upstreamed usbgadget usbhost util -- GitLab From 395beb6c985602af51243f646721a60cccf24746 Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Wed, 29 May 2024 13:01:46 +0000 Subject: [PATCH 09/21] doc: Add Corstone-1000 to list of supported platforms Add `Corstone-1000 FVP` and `Corstone-1000 for MPS3 to list of supported platforms. Signed-off-by: Adam Johnston --- README.md | 4 ++++ qa-checks/cassini-bsp-dictionary | 1 + 2 files changed, 5 insertions(+) diff --git a/README.md b/README.md index 820fa77..4b32924 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,10 @@ It modifies some Arm-maintained machine definitions and recipes from [meta-arm-bsp](https://git.yoctoproject.org/meta-arm/tree/meta-arm-bsp) so that they can be used to build and boot Cassini distro images. +Currently supported platforms include: +* Corstone-1000 FVP (corstone1000-fvp) +* Corstone-1000 for MPS3 (corstone1000-mps3) + At any given point in time, this repository may hold recipes, append-files, config fragments, and/or out-of-tree patches which either: - have not been upstreamed yet diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index 43ee843..6f57c8a 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -51,6 +51,7 @@ mdev meta-cassini-bsp mickledore modutils +MPS3 msdos mtrace multiconfig -- GitLab From 246322ab470d9c958d5b396288ec768d9d562ad7 Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Wed, 29 May 2024 10:26:12 +0000 Subject: [PATCH 10/21] doc: Add N1SDP to list of supported platforms Add `Neoverse N1 System Development Platform` to list of supported platforms. Signed-off-by: Adam Johnston --- README.md | 1 + qa-checks/cassini-bsp-dictionary | 1 + 2 files changed, 2 insertions(+) diff --git a/README.md b/README.md index 4b32924..70f26ba 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ they can be used to build and boot Cassini distro images. Currently supported platforms include: * Corstone-1000 FVP (corstone1000-fvp) * Corstone-1000 for MPS3 (corstone1000-mps3) +* Neoverse N1 System Development Platform (n1sdp) At any given point in time, this repository may hold recipes, append-files, config fragments, and/or out-of-tree patches which either: diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index 6f57c8a..80f9e21 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -60,6 +60,7 @@ multilineident N1SDP nanbield nativesdk +Neoverse netbase networkd no_cloud -- GitLab From 92b8d2e686f181bfef49933fb7e1eca4b33b45cc Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Thu, 30 May 2024 07:45:23 +0000 Subject: [PATCH 11/21] doc: Copy Corstone-1000 documentation from meta-cassini The platform documentation will not be built here. It is intended that, when building the documentation for meta-cassini, the build process will fetch or otherwise link-to the sources maintained here, rather than maintaining platform documentation in meta-cassini. The build changes to meta-cassini will be done later - for now we just copy the sources here. Changelog: other Signed-off-by: Adam Johnston --- .../developer_manual/corstone1000.rst | 22 +++ .../developer_manual/corstone1000fvp.rst | 25 +++ documentation/user_manual/corstone1000.rst | 184 ++++++++++++++++++ documentation/user_manual/corstone1000fvp.rst | 124 ++++++++++++ documentation/variables.py | 83 ++++++++ qa-checks/cassini-bsp-dictionary | 13 +- 6 files changed, 450 insertions(+), 1 deletion(-) create mode 100644 documentation/developer_manual/corstone1000.rst create mode 100644 documentation/developer_manual/corstone1000fvp.rst create mode 100644 documentation/user_manual/corstone1000.rst create mode 100644 documentation/user_manual/corstone1000fvp.rst create mode 100644 documentation/variables.py diff --git a/documentation/developer_manual/corstone1000.rst b/documentation/developer_manual/corstone1000.rst new file mode 100644 index 0000000..d584610 --- /dev/null +++ b/documentation/developer_manual/corstone1000.rst @@ -0,0 +1,22 @@ +.. + # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. + # + # SPDX-FileCopyrightText: Copyright 2022-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +Corstone-1000 for MPS3 +====================== + + * **Corresponding value for** ``MACHINE`` **variable**: ``corstone1000-mps3`` + * **Target Platform Config**: ``kas/corstone1000-mps3.yml`` + + This supported target platform is the Corstone-1000 for MPS3, implemented in + |meta-arm-bsp|_. + + To read documentation about the Corstone-1000, see the + |Arm Corstone-1000 Technical Overview|_. + + For more information about the software stack for the Corstone-1000, see + |Arm Corstone-1000 Software| diff --git a/documentation/developer_manual/corstone1000fvp.rst b/documentation/developer_manual/corstone1000fvp.rst new file mode 100644 index 0000000..10ab71b --- /dev/null +++ b/documentation/developer_manual/corstone1000fvp.rst @@ -0,0 +1,25 @@ +.. + # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. + # + # SPDX-FileCopyrightText: Copyright 2022-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +Corstone-1000 FVP +================= + + * **Corresponding value for** ``MACHINE`` **variable**: ``corstone1000-fvp`` + * **Target Platform Config**: ``kas/corstone1000-fvp.yml`` + + This supported target platforms is the Corstone-1000 FVP, implemented in + |meta-arm-bsp|_. + + To read documentation about the Corstone-1000, see the + |Arm Corstone-1000 Technical Overview|_. + + For more information about the software stack for the Corstone-1000, see + |Arm Corstone-1000 Software| + + To read documentation about the Corstone-1000 FVP, see the + |Fast Models Fixed Virtual Platforms (FVP) Reference Guide|_. diff --git a/documentation/user_manual/corstone1000.rst b/documentation/user_manual/corstone1000.rst new file mode 100644 index 0000000..b6e66d8 --- /dev/null +++ b/documentation/user_manual/corstone1000.rst @@ -0,0 +1,184 @@ +.. + # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. + # + # SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +############################################### +Getting Started with Arm Corstone-1000 for MPS3 +############################################### + +This document explains how to build, deploy, and boot the Cassini distro on the +Arm Corstone-1000 for MPS3. + +**NOTE:** Requires a micro SD card (at least 4 GB) and a USB drive (at +least 16 GB) + +.. note:: + Due to performance limitations, K3S is not currently supported on + the Arm Corstone-1000 for MPS3. + +***** +Build +***** + +The kas configuration file ``kas/corstone1000-mps3.yml`` +can be used to build images which target the Corstone-1000 for MPS3. + +******************** +Building MPS3 images +******************** + +To build Corstone-1000 MPS3 images: + + .. code-block:: console + + kas build --update kas/cassini.yml:kas/corstone1000-mps3.yml + +This will produce a Corstone-1000 firmware image here: + + ``build/tmp/deploy/images/corstone1000-mps3/corstone1000-flash-firmware-image-corstone1000-mps3.wic`` + +And a Cassini distribution image here: + + ``build/tmp/deploy/images/corstone1000-mps3/cassini-image-base-corstone1000-mps3.rootfs.wic.gz`` + + ``build/tmp/deploy/images/corstone1000-mps3/cassini-image-base-corstone1000-mps3.rootfs.wic.bmap`` + +*************************************************** +Prepare the firmware image for FPGA (Micro SD card) +*************************************************** + +The user should download the FPGA bit file image from `this link `__ +and under the section ``AN550: Arm® Corstone™-1000 for MPS3 Version 2.0``. + +Only copy the current directory structure shown below on to the Micro SD Card. + +.. code-block:: console + + config.txt + MB + ├── BRD_LOG.TXT + ├── HBI0309B + │ ├── AN550 + │ │ ├── AN550_v2.bit + │ │ ├── an550_v2.txt + │ │ └── images.txt + │ ├── board.txt + │ └── mbb_v210.ebf + └── HBI0309C + ├── AN550 + │ ├── AN550_v2.bit + │ ├── an550_v2.txt + │ └── images.txt + ├── board.txt + └── mbb_v210.ebf + SOFTWARE + ├── an550_st.axf + ├── bl1.bin + ├── cs1000.bin + └── ES0.bin + +To configure the board to boot automatically when powered on, edit +``./config.txt`` and change the value of ``AUTORUN`` from ``FALSE`` +to ``TRUE``. + +Depending upon the MPS3 board version (printed on the MPS3 board HBI0309B or HBI0309C) you should +update the ``./AN550/images.txt`` file so that the file points to the images under SOFTWARE directory. + +Here is an example + +.. code-block:: console + + ;************************************************ + ; Preload port mapping * + ;************************************************ + ; PORT 0 & ADDRESS: 0x00_0000_0000 QSPI Flash (XNVM) (32MB) + ; PORT 0 & ADDRESS: 0x00_8000_0000 OCVM (DDR4 2GB) + ; PORT 1 Secure Enclave (M0+) ROM (64KB) + ; PORT 2 External System 0 (M3) Code RAM (256KB) + ; PORT 3 Secure Enclave OTP memory (8KB) + ; PORT 4 CVM (4MB) + ;************************************************ + + [IMAGES] + TOTALIMAGES: 3 ;Number of Images (Max: 32) + + IMAGE0PORT: 1 + IMAGE0ADDRESS: 0x00_0000_0000 + IMAGE0UPDATE: RAM + IMAGE0FILE: \SOFTWARE\bl1.bin + + IMAGE1PORT: 0 + IMAGE1ADDRESS: 0x00_0000_0000 + IMAGE1UPDATE: AUTOQSPI + IMAGE1FILE: \SOFTWARE\cs1000.bin + + IMAGE2PORT: 2 + IMAGE2ADDRESS: 0x00_0000_0000 + IMAGE2UPDATE: RAM + IMAGE2FILE: \SOFTWARE\es0.bin + +The binaries are present in OUTPUT_DIR = ``<_workspace>/build/tmp/deploy/images/corstone1000-mps3`` directory. + +1. Copy ``bl1.bin`` from OUTPUT_DIR to SOFTWARE directory of the Micro SD card. +2. Copy ``corstone1000-flash-firmware-image-corstone1000-mps3.wic`` from OUTPUT_DIR directory to SOFTWARE + directory of the Micro SD card and rename the wic image to ``cs1000.bin``. +3. Copy ``es_flashfw.bin`` from OUTPUT_DIR directory to SOFTWARE directory of the Micro SD + card and rename to ``es0.bin``. + +**NOTE:** Renaming of the images are required because MCC firmware has +limitation of 8 characters before .(dot) and 3 characters after .(dot). + +********************************************* +Prepare the distro image for FPGA (USB image) +********************************************* + +Use the ``lsblk`` command to determine USB drive and bmap tool to copy the cassini distro to it. + +.. code-block:: console + + lsblk + sudo bmaptool copy --bmap cassini-image-base-corstone1000-mps3.rootfs.wic.bmap cassini-image-base-corstone1000-mps3.rootfs.wic.gz /dev/ + + +**************************** +Running the software on FPGA +**************************** + +Insert SD card and USB drive before switching ON the device. + +On the host machine, connect the board via USB. + +If there are no other TTY USB devices, then the three ports from the MPS3 +will be connected as follows: + + - ttyUSB0 for MCC, OP-TEE and Secure Partition + - ttyUSB1 for Boot Processor (Cortex-M0+) + - ttyUSB2 for Host Processor (Cortex-A35) + +The rest of this guide assumes there are no other TTY USB devices on the +host machine. + +Connect to the serial console(s) using any terminal client (``picocom``, +``minicom``, or ``screen`` should all work). + +For example, run the following commands to open new picocom sessions for +each port: + +.. code-block:: console + + sudo picocom -b 115200 /dev/ttyUSB0 + sudo picocom -b 115200 /dev/ttyUSB1 + sudo picocom -b 115200 /dev/ttyUSB2 + +.. note:: + + ``sudo`` should not be required if the current user is in the + ``dialout`` group + +.. note:: + See notes under :ref:`run-time_integration_tests_label` before running + validation steps. diff --git a/documentation/user_manual/corstone1000fvp.rst b/documentation/user_manual/corstone1000fvp.rst new file mode 100644 index 0000000..5bf6bf6 --- /dev/null +++ b/documentation/user_manual/corstone1000fvp.rst @@ -0,0 +1,124 @@ +.. + # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. + # + # SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +########################################## +Getting Started with Arm Corstone-1000 FVP +########################################## + +This document explains how to build and boot the Cassini distro on the Arm +Corstone-1000 FVP (Fast Model Fixed Virtual Platform). + +.. note:: + Due to performance limitations, K3S is not currently supported on + the Arm Corstone-1000 FVP. + +***** +Build +***** + +The provided kas configuration file kas/corstone1000-fvp.yml can be used to build images +that are targeting the Corstone-1000 FVP. + +.. note:: + To build and run any image for the Corstone-1000 FVP the user has to + accept its |EULA|_, which can be done by executing + the following command in the build environment: + + .. code-block:: console + + export FVP_CORSTONE1000_EULA_ACCEPT=True + +******************* +Building FVP images +******************* + +To build Corstone-1000 FVP images: + + .. code-block:: console + + kas build --update kas/cassini.yml:kas/corstone1000-fvp.yml + +Or if using kas-container: + + .. code-block:: console + + kas-container --runtime-args "-e FVP_CORSTONE1000_EULA_ACCEPT=True" build \ + kas/cassini.yml:kas/corstone1000-fvp.yml + +This will produce a Corstone-1000 firmware image here: + + ``build/tmp/deploy/images/corstone1000-fvp/corstone1000-flash-firmware-image-corstone1000-fvp.wic`` + +And a Cassini distribution image here: + + ``build/tmp/deploy/images/corstone1000-fvp/cassini-image-base-corstone1000-fvp.rootfs.wic`` + +*************** +Running the FVP +*************** + +To start the FVP and get the console: + + .. code-block:: console + + kas shell -c "../layers/meta-arm/scripts/runfvp --console" \ + kas/cassini.yml:kas/corstone1000-fvp.yml + +Or if using kas-container: + + .. code-block:: console + + kas-container --runtime-args "-e FVP_CORSTONE1000_EULA_ACCEPT=True" \ + shell -c "/work/layers/meta-arm/scripts/runfvp --console" \ + kas/cassini.yml:kas/corstone1000-fvp.yml + +By default, the Corstone-1000 FVP is configured for user mode networking. For more +information and instructions on how to configure networking with Fixed Virtual Platforms, +refer to the |Fast Models Reference Guide|_. + +.. note:: + See notes under :ref:`run-time_integration_tests_label` before running + validation steps. + +.. _reproduce_run-time_integration_tests: + +********** +Validation +********** + +The following validation tests can be performed on the Cassini Reference Stack: + + * System Integration Tests: + + * Cassini Architecture Stack: + + .. code-block:: console + + TESTIMAGE_AUTO=1 kas build kas/cassini.yml:kas/corstone1000-fvp.yml + + Or if using kas-container: + + .. code-block:: console + + kas-container --runtime-args "-e FVP_CORSTONE1000_EULA_ACCEPT=True -e TESTIMAGE_AUTO=1" build \ + kas/cassini.yml:kas/corstone1000-fvp.yml + + The previous test takes around 2 minutes to complete. + + A similar output should be printed out: + + .. code-block:: console + + NOTE: Executing Tasks + Creating terminal default on host_terminal_0 + default: Waiting for login prompt + RESULTS: + RESULTS - linuxboot.LinuxBootTest.test_linux_boot: PASSED (23.70s) + SUMMARY: + cassini-image-base () - Ran 1 test in 23.704s + cassini-image-base - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0) diff --git a/documentation/variables.py b/documentation/variables.py new file mode 100644 index 0000000..3aadbcc --- /dev/null +++ b/documentation/variables.py @@ -0,0 +1,83 @@ +# SPDX-FileCopyrightText: Copyright (c) 2023-2024, Linaro Limited. +# +# SPDX-FileCopyrightText: Copyright 2022-2024 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT + +# This file centralizes the variables and links used throughout the +# documentation. The dictionaries are converted to a single string that is used +# as the rst_prolog (see the Sphinx Configuration documentation at +# https://www.sphinx-doc.org/en/master/usage/configuration.html for more info). + +# There are two types of key-value substitutions: +# 1. simple string replacements +# 2. replacement with a rendered hyperlink, where the key defines what the +# rendered hyperlink text will be + +# Prepend the key with "link:" to identify it as a Sphinx target name for use +# as a hyperlink. The "link:" prefix is dropped from the substitution name. +# +# For example: +# "link:This URL": "www.arm.com" +# "company name": "arm" +# Can be used as: +# The |company name| website can be found at |This URL|_. +# +# Note the "_" which renders the substitution as a hyperlink is only possible +# because the variable is defined as a link, to be resolved as a Sphinx target. + +""" Called from the parent (Cassini) documentation build to initialise +variables which are referenced from documentation sources in this repository +""" + +YOCTO_RELEASE = "scarthgap" + + +general_links = { + "link:meta-arm-bsp": + "https://git.yoctoproject.org/meta-arm/tree/meta-arm-bsp/" + f"documentation/n1sdp.md?h={YOCTO_RELEASE}", + "link:Arm Corstone-1000 Technical Overview": + "https://developer.arm.com/documentation/102360/0000", + "link:Arm Corstone-1000 Software": + "https://corstone1000.docs.arm.com/en/latest/", + "link:Fast Models Fixed Virtual Platforms (FVP) Reference Guide": + "https://developer.arm.com/documentation/100966/1119", + "link:Fast Models Reference Guide": + "https://developer.arm.com/documentation/100964/1119/" + "Introduction-to-Fast-Models/User-mode-networking", + "link:EULA": "https://developer.arm.com/downloads/" + "-/arm-ecosystem-fvps/eula", +} + + +def generate_replacement(key, value): + """ Generate simple string substitution """ + + replacement = f".. |{key}| replace:: {value}" + return f"{replacement}" + + +def generate_link(key, link): + """ Generate link substitution """ + + definition = f".. _{key}: {link}" + key_mapping = f".. |{key}| replace:: {key}" + return f"{definition}\n{key_mapping}" + + +def generate_rst_prolog(): + """ Generate all substitutions that should be available in every file """ + + rst_prolog = "" + + for variables_group in [general_links]: + for key, value in variables_group.items(): + if key.startswith("link:"): + rst_prolog += generate_link(key.split("link:") + [1], value) + "\n" + else: + rst_prolog += generate_replacement(key, value) + "\n" + + return rst_prolog diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index 80f9e21..0823a61 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -5,6 +5,8 @@ alsa AUTOFS AUTOFS4 +AUTOQSPI +AUTORUN backend bmap bmaptool @@ -22,6 +24,7 @@ configfile corstone cpio crypto +dialout distro DISTROOVERRIDES efidisk @@ -32,6 +35,7 @@ FILESEXTRAPATHS flashfw fstype FSTYPES +fvps gcsections gettext gitlab @@ -46,10 +50,12 @@ LAYERSERIES LAYERSERIES_COMPAT LIBC Linaro +linuxboot mandatoryvar mdev meta-cassini-bsp mickledore +minicom modutils MPS3 msdos @@ -65,11 +71,14 @@ netbase networkd no_cloud nooelint +OCVM opkg optee packagegroup +picocom posix ptable +QSPI readlink README requireinclude @@ -84,6 +93,7 @@ suggestedvar tarbz2 TF-A THISDIR +TOTALIMAGES udev unitdir upstreamed @@ -94,5 +104,6 @@ utils VIRT wchar WIDEC +XNVM xtests -zeroconf \ No newline at end of file +zeroconf -- GitLab From 1eef7358ebb2fa6fdaa2925734df8472a9231c0e Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Wed, 29 May 2024 17:11:19 +0000 Subject: [PATCH 12/21] doc: Copy N1SDP documentation from meta-cassini The platform documentation will not be built here. It is intended that, when building the documentation for meta-cassini, the build process will fetch or otherwise link-to the sources maintained here, rather than maintaining platform documentation in meta-cassini. The build changes to meta-cassini will be done later - for now we just copy the sources here. Changelog: other Signed-off-by: Adam Johnston --- documentation/developer_manual/n1sdp.rst | 42 ++++ documentation/user_manual/n1sdp.rst | 275 +++++++++++++++++++++++ documentation/variables.py | 6 + qa-checks/cassini-bsp-dictionary | 6 + 4 files changed, 329 insertions(+) create mode 100644 documentation/developer_manual/n1sdp.rst create mode 100644 documentation/user_manual/n1sdp.rst diff --git a/documentation/developer_manual/n1sdp.rst b/documentation/developer_manual/n1sdp.rst new file mode 100644 index 0000000..92c43ac --- /dev/null +++ b/documentation/developer_manual/n1sdp.rst @@ -0,0 +1,42 @@ +.. + # SPDX-FileCopyrightText: Copyright 2022-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +Neoverse N1 System Development Platform (N1SDP) +=============================================== + + * **Corresponding value for** ``MACHINE`` **variable**: ``n1sdp``. + * **Target Platform Config**: ``kas/n1sdp.yml``. + + This supported target platform is the Neoverse N1 System Development Platform + (N1SDP), implemented in |meta-arm-bsp|_. + + To read documentation about the N1SDP, see the + |N1SDP Technical Reference Manual|_. + +.. note:: + Support for the N1SDP platform in Cassini is primarily intended for + development, test, and demonstration of features for infrastructure + platforms which typically use EDK2 and Trusted Services without a + secure enclave. + + Due to a limitation of the platform hardware (it does not have + enough Secure world RAM) Trusted Services is configured to run + from Normal world RAM. This configuration is not compliant with + the PSA specifications. + + Platforms intended for production should be configured by the + platform provider to be compliant with the PSA specifications. + +.. warning:: + To avoid system hangs under testing, N1SDP firmware packages built in the + Cassini CI pipeline now use the newer PMIC firmware image which is not + compatible with older boards (with serial numbers before ``36253xxx``). + + As programming older boards with the newer PMIC firmware image can cause + component damage, please ensure any devices used in CI have serial numbers + later than ``36253xxx``. + + See `Potential firmware damage notice`_ for details diff --git a/documentation/user_manual/n1sdp.rst b/documentation/user_manual/n1sdp.rst new file mode 100644 index 0000000..44e4fcb --- /dev/null +++ b/documentation/user_manual/n1sdp.rst @@ -0,0 +1,275 @@ +.. + # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. + # + # SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its + # affiliates + # + # SPDX-License-Identifier: MIT + +############################## +Getting Started with the N1SDP +############################## + +This document explains how to build, deploy, and boot the Cassini distro on the +Arm Neoverse N1 System Development Platform (N1SDP). + +**NOTE:** Requires a micro SD card (at least 2 GB) and a USB drive (at least 16 GB) + +********************* +Building N1SDP images +********************* + +The kas configuration file ``kas/n1sdp.yml`` can be used to +build images which target the N1SDP. To build N1SDP images: + +.. code-block:: console + + kas build --update kas/cassini.yml:kas/k3s.yml:kas/n1sdp.yml + +This will produce an N1SDP firmware image here: + + ``build/tmp/deploy/images/n1sdp/n1sdp-board-firmware_primary.tar.gz`` + +And a Cassini distribution image here: + + ``build/tmp/deploy/images/n1sdp/cassini-image-base-n1sdp.rootfs.wic.gz`` + + ``build/tmp/deploy/images/n1sdp/cassini-image-base-n1sdp.rootfs.wic.bmap`` + +*********************** +Connecting to the N1SDP +*********************** + +1. Connect a USB cable between the build host and the ``DBG USB`` port on the N1SDP back panel and power on the device + +2. Check four new TTY USB devices are seen by **the build host**, via: + + .. code-block:: shell + + ls /dev/ttyUSB* + + This will output, for example: + + .. code-block:: console + + /dev/ttyUSB0 + /dev/ttyUSB1 + /dev/ttyUSB2 + /dev/ttyUSB3 + + If there are no other TTY USB devices, then the four ports on the N1SDP will be + connected as follows: + + * ttyUSB0 Motherboard Configuration Controller (MCC) + + * ttyUSB1 Application processor (AP) + + * ttyUSB2 System Control Processor (SCP) + + * ttyUSB3 Manageability Control Processor (MCP) (or OP-TEE and Secure Partitions) + + The rest of this guide assumes there are no other TTY USB devices on the build host + +3. Connect to the serial console(s) using any terminal client (``picocom``, ``minicom``, or ``screen`` should all work). + + All ports are configured with: + + * 115200 Baud + + * 8 bits, No parity, 1 stop bit (8N1) + + * No hardware or software flow control + + For example, run the following command to open a new picocom session for + the AP console: + + .. code-block:: shell + + sudo picocom -b 115200 /dev/ttyUSB1 + + .. note:: + + ``sudo`` should not be required if the current user is in the ``dialout`` group + +****************************************** +Updating the MCC firmware (Micro SD image) +****************************************** + +1. Follow the instructions above and connect to the MCC console i.e. + + .. code-block:: shell + + sudo picocom -b 115200 /dev/ttyUSB0 + +2. In the MCC console, at the ``Cmd>`` prompt, type the following command to see MCC firmware version and a list of commands: + + .. code-block:: console + + ? + + This will output, for example: + + .. code-block:: console + + Arm N1SDP MCC Firmware v1.0.1 + Build Date: Sep 5 2019 + Build Time: 14:18:16 + + command ------------------+ function ---------------------------------+ + | CAP "fname" [/A] | captures serial data to a file | + | | [/A option appends data to a file] | + | FILL "fname" [nnnn] | create a file filled with text | + | | [nnnn - number of lines, default=1000] | + | TYPE "fname" | displays the content of a text file | + | REN "fname1" "fname2" | renames a file 'fname1' to 'fname2' | + | COPY "fin" ["fin2"] "fout"| copies a file 'fin' to 'fout' file | + | | ['fin2' option merges 'fin' and 'fin2'] | + | DEL "fname" | deletes a file | + | DIR "[mask]" | displays a list of files in the directory | + | FORMAT [label] | formats Flash Memory Card | + | USB_ON | Enable usb | + | USB_OFF | Disable usb | + | SHUTDOWN | Shutdown PSU (leave micro running) | + | REBOOT | Power cycle system and reboot | + | RESET | Reset Board using CB_nRST | + | DEBUG | Enters debug menu | + | EEPROM | Enters eeprom menu | + | HELP or ? | displays this help | + | | + | THE FOLLOWING COMMANDS ARE ONLY AVAILABLE IN RUN MODE | + | | + | CASE_FAN_SPEED "SPEED" | Choose from SLOW, MEDIUM, FAST | + | READ_AXI "fname" | Read system memory to file 'fname' | + | "address" | from address to end address | + | "end_address" | | + | WRITE_AXI "fname" | Write file 'fname' to system memory | + | "address" | at address | + +---------------------------+-------------------------------------------+ + +3. Type the following command to enable USB: + + .. code-block:: console + + USB_ON + +4. Check a new block device is seen by **the build host**, via: + + .. code-block:: shell + + lsblk + + This will output, for example: + + .. code-block:: console + + NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT + sdb 8:0 0 2G 0 disk + └─sdb1 8:1 0 2G 0 part + + If there are no similar block devices mounted on the build host, then it + should be possible to identify the Micro SD Card on the N1SDP by its' size. + In the output above, the Micro SD partition is clearly ``sdb1``. + +5. Mount the device and check its contents: + + .. code-block:: console + + sudo umount /dev/sdb1 && + sudo mkdir -p /tmp/sdcard && + sudo mount /dev/sdb1 /tmp/sdcard && + ls -l /tmp/sdcard + + This should output, for example: + + .. code-block:: console + + config.txt ee0316a.txt LIB LICENSES LOG.TXT MB + + .. warning:: + + In this example, the ``/dev/sdb1`` partition is being mounted. As this may + vary on different machines, care should be taken when copying and pasting + the following commands. Don't proceed unless the contents of the Micro SD + Card were as expected in the previous step. + +6. Wipe the mounted microSD card, then extract the contents of ``n1sdp-board-firmware_primary.tar.gz`` onto it: + + .. code-block:: console + + sudo rm -rf /tmp/sdcard/* && + sudo tar --no-same-owner -xf build/tmp/deploy/images/n1sdp/n1sdp-board-firmware_primary.tar.gz -C /tmp/sdcard/ && + sudo sync + + .. note:: + + If the N1SDP board was manufactured after November 2019 (Serial Number + greater than ``36253xxx``), a different PMIC firmware image should be used to + prevent system hangs. More details can be found in + `Potential firmware damage notice`_. The ``MB/HBI0316A/io_v123f.txt`` file + located in the microSD needs to be updated. To update it, set the PMIC image + (``300k_8c2.bin``) to be used in the newer models by running the following + commands on the Build Host: + + .. code-block:: console + + sudo sed -i '/^MBPMIC: pms_0V85.bin/s/^/;/g' /tmp/sdcard/MB/HBI0316A/io_v123f.txt + sudo sed -i '/^;MBPMIC: 300k_8c2.bin/s/^;//g' /tmp/sdcard/MB/HBI0316A/io_v123f.txt + sudo sync + +7. Unmount the device + + .. code-block:: console + + sudo umount /tmp/sdcard + sudo rmdir /tmp/sdcard + +************************************************** +Prepare the distro image for the N1SDP (USB image) +************************************************** + +1. Insert the USB storage device into the build host + +2. Check a new block device is seen by **the build host**, via: + + .. code-block:: shell + + lsblk + + This will output, for example: + + .. code-block:: console + + NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT + sdb 8:0 0 2G 0 disk + └─sdb1 8:1 0 2G 0 part + sdc 8:0 0 64G 0 disk + + If there are no similar block devices mounted on the build host, then it + should be possible to identify the USB storage device by its' size. In the + output above, the USB storage device is ``sdc``. + + .. warning:: + + The next step will result in all prior partitions and data on the USB + storage device being erased. Take care not to confuse your host PC's own + hard drive with the USB drive and backup any data on the USB storage device + before continuing. + +3. Flash the image onto the USB storage device using ``bmap-tools``: + + .. code-block:: shell + + sudo bmaptool copy --bmap cassini-image-base-n1sdp.rootfs.wic.bmap cassini-image-base-n1sdp.rootfs.wic.gz /dev/ + + Or if deploying an SDK image + + .. code-block:: console + + sudo bmaptool copy --bmap cassini-image-sdk-n1sdp.rootfs.wic.bmap cassini-image-sdk-n1sdp.rootfs.wic.gz /dev/ + +4. Eject the USB storage device from the build host and plug it into one of the USB 3.0 ports on the N1SDP + +5. Reboot the N1SDP device by power cycling it or typing the following at the MCC console + + .. code-block:: console + + REBOOT diff --git a/documentation/variables.py b/documentation/variables.py index 3aadbcc..c5154ac 100644 --- a/documentation/variables.py +++ b/documentation/variables.py @@ -38,6 +38,12 @@ general_links = { "link:meta-arm-bsp": "https://git.yoctoproject.org/meta-arm/tree/meta-arm-bsp/" f"documentation/n1sdp.md?h={YOCTO_RELEASE}", + "link:N1SDP Technical Reference Manual": + "https://developer.arm.com/documentation/101489/0000", + "link:Potential firmware damage notice": + "https://community.arm.com/developer/tools-software/oss-platforms/" + "w/docs/604/notice-potential-damage-to-n1sdp-boards-" + "if-using-latest-firmware-release", "link:Arm Corstone-1000 Technical Overview": "https://developer.arm.com/documentation/102360/0000", "link:Arm Corstone-1000 Software": diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary index 0823a61..83312aa 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/qa-checks/cassini-bsp-dictionary @@ -27,12 +27,15 @@ crypto dialout distro DISTROOVERRIDES +EEPROM efidisk eglibc envparse extfs FILESEXTRAPATHS flashfw +fname +fout fstype FSTYPES fvps @@ -52,6 +55,7 @@ LIBC Linaro linuxboot mandatoryvar +MBPMIC mdev meta-cassini-bsp mickledore @@ -76,6 +80,7 @@ opkg optee packagegroup picocom +PMIC posix ptable QSPI @@ -86,6 +91,7 @@ requirenotfound RPROVIDER SAST scarthgap +sdcard SDHC sourceparams srcurifile -- GitLab From 9e4bb1608ff319c7b3ef403377ea51c8d6ad3532 Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Wed, 29 May 2024 13:03:07 +0000 Subject: [PATCH 13/21] ci: Move dictionary to align with meta-cassini Move dictionary from qa-checks/cassini-bsp-dictionary to .dictionary to align with meta-cassini and tidy up the repository structure. Changelog: other Signed-off-by: Adam Johnston --- .codeclimate.yml | 4 ++-- qa-checks/cassini-bsp-dictionary => .dictionary | 2 ++ Dangerfile | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) rename qa-checks/cassini-bsp-dictionary => .dictionary (99%) diff --git a/.codeclimate.yml b/.codeclimate.yml index 8261238..2439de4 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -1,4 +1,4 @@ -# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its # affiliates # # SPDX-License-Identifier: MIT @@ -28,7 +28,7 @@ plugins: - "**.cfg" - "documentation/Makefile" - "**.patch" - dict_path: "qa-checks/cassini-bsp-dictionary" + dict_path: ".dictionary" yamllint: enabled: true oelint-adv: diff --git a/qa-checks/cassini-bsp-dictionary b/.dictionary similarity index 99% rename from qa-checks/cassini-bsp-dictionary rename to .dictionary index 83312aa..8cb533b 100644 --- a/qa-checks/cassini-bsp-dictionary +++ b/.dictionary @@ -12,6 +12,7 @@ bmap bmaptool bootimg bootloader +bsp buildable BUILDIN cassini @@ -83,6 +84,7 @@ picocom PMIC posix ptable +qa QSPI readlink README diff --git a/Dangerfile b/Dangerfile index bd2dd49..6fda6d7 100644 --- a/Dangerfile +++ b/Dangerfile @@ -1,4 +1,4 @@ -# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its +# SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its # affiliates # # SPDX-License-Identifier: MIT @@ -10,7 +10,7 @@ require 'embed-a-dangerfiles' Embed_A::Dangerfiles.for_project(self) do |dangerfiles| # Import all plugins from the gem dangerfiles.import_plugins - helper.config.dict_path = "qa-checks/cassini-bsp-dictionary" + helper.config.dict_path = ".dictionary" # Import all rules from the gem dangerfiles.import_dangerfiles end -- GitLab From d4f3177d9bf6ddc3e64b6f729636ec53a6985bcf Mon Sep 17 00:00:00 2001 From: Ali Can Ozaslan Date: Fri, 31 May 2024 14:07:23 +0000 Subject: [PATCH 14/21] docs: Add missing maintainer's information The layer check on meta-cassini CI/CD requires maintainer information to be present. Signed-off-by: Ali Can Ozaslan --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 70f26ba..d2ab719 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,10 @@ If you find any security vulnerabilities, please do not report them via GitLab Instead, send an email to the security team at psirt@arm.com stating that you may have found a security vulnerability in meta-cassini-bsp. +## Maintainer(s) + +* Adam Johnston + ## Disclaimer Arm reference solutions are Arm public example software projects that track and -- GitLab From a863b6024abcc31f0da6b7673574ca4093aa4c15 Mon Sep 17 00:00:00 2001 From: Adam Johnston Date: Tue, 25 Jun 2024 08:25:27 +0000 Subject: [PATCH 15/21] bsp: Add protobuf interface to se-proxy-sp Adds protobuf interface to se-proxy-sp as the main crypto-sp uses it and parsec service 1.4 also switch using protobuf interface. Signed-off-by: Emekcan Aras Signed-off-by: Adam Johnston --- .dictionary | 3 + .../0019-se-proxy-protobuf-change.patch | 65 +++++++++++++++++++ .../ts-sp-se-proxy_%.bbappend | 11 ++++ 3 files changed, 79 insertions(+) create mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-se-proxy-protobuf-change.patch create mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend diff --git a/.dictionary b/.dictionary index 8cb533b..94cd492 100644 --- a/.dictionary +++ b/.dictionary @@ -83,6 +83,7 @@ packagegroup picocom PMIC posix +protobuf ptable qa QSPI @@ -95,7 +96,9 @@ SAST scarthgap sdcard SDHC +se sourceparams +sp srcurifile suggestedvar tarbz2 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-se-proxy-protobuf-change.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-se-proxy-protobuf-change.patch new file mode 100644 index 0000000..e4d0b97 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-se-proxy-protobuf-change.patch @@ -0,0 +1,65 @@ +From e5a4487e2b757d0063148691c7d06ae1c7e15b9a Mon Sep 17 00:00:00 2001 +From: Emekcan Aras +Date: Tue, 18 Jun 2024 11:52:43 +0100 +Subject: [PATCH] protobuf fix + +Upstream-Status: Pending (not yet submitted to upstream) +Signed-off-by: Emekcan Aras +--- + .../se-proxy/env/commonsp/se_proxy_sp.c | 25 ++++++++++++++++++- + 1 file changed, 24 insertions(+), 1 deletion(-) + +diff --git a/deployments/se-proxy/env/commonsp/se_proxy_sp.c b/deployments/se-proxy/env/commonsp/se_proxy_sp.c +index a0eb03b6f..e2774c135 100644 +--- a/deployments/se-proxy/env/commonsp/se_proxy_sp.c ++++ b/deployments/se-proxy/env/commonsp/se_proxy_sp.c +@@ -13,6 +13,7 @@ + #include "trace.h" + #include "deployments/se-proxy/infra/service_proxy_factory.h" + #include "deployments/se-proxy/se_proxy_interfaces.h" ++#include + + static bool sp_init(uint16_t *own_sp_id); + +@@ -39,7 +40,7 @@ void __noreturn sp_main(union ffa_boot_info *boot_info) + goto fatal_error; + } + +- rpc_status = ts_rpc_endpoint_sp_init(&rpc_endpoint, 5, 16); ++ rpc_status = ts_rpc_endpoint_sp_init(&rpc_endpoint, 6, 16); + if (rpc_status != RPC_SUCCESS) { + EMSG("Failed to initialize RPC endpoint: %d", rpc_status); + goto fatal_error; +@@ -82,6 +83,28 @@ void __noreturn sp_main(union ffa_boot_info *boot_info) + goto fatal_error; + } + ++ struct rpc_service_interface *crypto_iface_protobuf = NULL; ++ struct crypto_provider *crypto_protobuf_provider = NULL; ++ ++ crypto_protobuf_provider = crypto_protobuf_provider_factory_create(); ++ if (!crypto_protobuf_provider) { ++ EMSG("Failed to create crypto protobuf provider factory"); ++ goto fatal_error; ++ } ++ ++ crypto_iface_protobuf = service_provider_get_rpc_interface( ++ &crypto_protobuf_provider->base_provider); ++ if (!crypto_iface_protobuf) { ++ EMSG("Failed to create service provider RPC interface"); ++ goto fatal_error; ++ } ++ ++ rpc_status = ts_rpc_endpoint_sp_add_service(&rpc_endpoint, crypto_iface_protobuf); ++ if (rpc_status != RPC_SUCCESS) { ++ EMSG("Failed to add service to RPC endpoint: %d", rpc_status); ++ goto fatal_error; ++ } ++ + rpc_iface = attest_proxy_create(); + if (!rpc_iface) { + EMSG("Failed to create Attestation proxy"); +-- +2.25.1 + + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend new file mode 100644 index 0000000..13d0fc6 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend @@ -0,0 +1,11 @@ +# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its +# affiliates +# +# SPDX-License-Identifier: MIT + +FILESEXTRAPATHS:prepend:corstone1000 := "${THISDIR}/corstone1000:" + +COMPATIBLE_MACHINE:corstone1000 = "corstone1000" +SRC_URI:append:corstone1000 = " \ + file://0019-se-proxy-protobuf-change.patch \ + " -- GitLab From 545a61980c4c80267ec06bd9a11b01c27eaf59e3 Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Wed, 3 Jul 2024 09:36:43 +0100 Subject: [PATCH 16/21] docs: Fix syntax for docs rendering The rendering of url does not happen due to missing syntax for Corstone-1000 software stack. Signed-off-by: Vikas Katariya --- documentation/developer_manual/corstone1000.rst | 2 +- documentation/developer_manual/corstone1000fvp.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/documentation/developer_manual/corstone1000.rst b/documentation/developer_manual/corstone1000.rst index d584610..00e993a 100644 --- a/documentation/developer_manual/corstone1000.rst +++ b/documentation/developer_manual/corstone1000.rst @@ -19,4 +19,4 @@ Corstone-1000 for MPS3 |Arm Corstone-1000 Technical Overview|_. For more information about the software stack for the Corstone-1000, see - |Arm Corstone-1000 Software| + |Arm Corstone-1000 Software|_. diff --git a/documentation/developer_manual/corstone1000fvp.rst b/documentation/developer_manual/corstone1000fvp.rst index 10ab71b..0d26863 100644 --- a/documentation/developer_manual/corstone1000fvp.rst +++ b/documentation/developer_manual/corstone1000fvp.rst @@ -19,7 +19,7 @@ Corstone-1000 FVP |Arm Corstone-1000 Technical Overview|_. For more information about the software stack for the Corstone-1000, see - |Arm Corstone-1000 Software| + |Arm Corstone-1000 Software|_. To read documentation about the Corstone-1000 FVP, see the |Fast Models Fixed Virtual Platforms (FVP) Reference Guide|_. -- GitLab From aab3f0db90276aa3c362a29a43095fe2bed5c737 Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Wed, 3 Jul 2024 09:39:35 +0100 Subject: [PATCH 17/21] docs: Remove unwanted statement Since Corstone-1000 points all the required documentation, We do not need to point to a N1SDP documentation link. Signed-off-by: Vikas Katariya --- documentation/developer_manual/corstone1000.rst | 3 --- documentation/developer_manual/corstone1000fvp.rst | 3 --- 2 files changed, 6 deletions(-) diff --git a/documentation/developer_manual/corstone1000.rst b/documentation/developer_manual/corstone1000.rst index 00e993a..2e0884a 100644 --- a/documentation/developer_manual/corstone1000.rst +++ b/documentation/developer_manual/corstone1000.rst @@ -12,9 +12,6 @@ Corstone-1000 for MPS3 * **Corresponding value for** ``MACHINE`` **variable**: ``corstone1000-mps3`` * **Target Platform Config**: ``kas/corstone1000-mps3.yml`` - This supported target platform is the Corstone-1000 for MPS3, implemented in - |meta-arm-bsp|_. - To read documentation about the Corstone-1000, see the |Arm Corstone-1000 Technical Overview|_. diff --git a/documentation/developer_manual/corstone1000fvp.rst b/documentation/developer_manual/corstone1000fvp.rst index 0d26863..9fd4d58 100644 --- a/documentation/developer_manual/corstone1000fvp.rst +++ b/documentation/developer_manual/corstone1000fvp.rst @@ -12,9 +12,6 @@ Corstone-1000 FVP * **Corresponding value for** ``MACHINE`` **variable**: ``corstone1000-fvp`` * **Target Platform Config**: ``kas/corstone1000-fvp.yml`` - This supported target platforms is the Corstone-1000 FVP, implemented in - |meta-arm-bsp|_. - To read documentation about the Corstone-1000, see the |Arm Corstone-1000 Technical Overview|_. -- GitLab From 59ca33eacf5a33c29c60aaaadf5dc057c7a5f5eb Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Wed, 3 Jul 2024 09:46:35 +0100 Subject: [PATCH 18/21] docs: Fix the Corstone-1000 software stack link The Corstone-1000 software link needs to point to a release version instead of `latest`, as it relevant to particular release. Signed-off-by: Vikas Katariya --- documentation/variables.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/documentation/variables.py b/documentation/variables.py index c5154ac..c7c5944 100644 --- a/documentation/variables.py +++ b/documentation/variables.py @@ -32,7 +32,7 @@ variables which are referenced from documentation sources in this repository """ YOCTO_RELEASE = "scarthgap" - +DOCS_RELEASE = "scarthgap" general_links = { "link:meta-arm-bsp": @@ -47,7 +47,8 @@ general_links = { "link:Arm Corstone-1000 Technical Overview": "https://developer.arm.com/documentation/102360/0000", "link:Arm Corstone-1000 Software": - "https://corstone1000.docs.arm.com/en/latest/", + "https://corstone1000.docs.arm.com/en/" + f"{DOCS_RELEASE}", "link:Fast Models Fixed Virtual Platforms (FVP) Reference Guide": "https://developer.arm.com/documentation/100966/1119", "link:Fast Models Reference Guide": -- GitLab From a61b10603ba66d874c892336f9485c93f3e826a5 Mon Sep 17 00:00:00 2001 From: Anusmita Dutta Mazumder Date: Tue, 2 Jul 2024 16:16:34 +0000 Subject: [PATCH 19/21] bsp: Transition from WORKDIR Due to changes in oe-core setting S to WORKDIR is no longer supported When referenced in recipes, migrate from WORKDIR to UNPACKDIR UNPACKDIR is set when required See guidance here: https://lists.openembedded.org/g/openembedded-architecture/message/2007 Signed-off-by: Vikas Katariya Signed-off-by: Anusmita Dutta Mazumder --- .dictionary | 3 +++ .../meta-arm-bsp/recipes-core/systemd/systemd-conf_%.bbappend | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.dictionary b/.dictionary index 94cd492..7068267 100644 --- a/.dictionary +++ b/.dictionary @@ -77,6 +77,7 @@ networkd no_cloud nooelint OCVM +oe-core opkg optee packagegroup @@ -107,6 +108,7 @@ THISDIR TOTALIMAGES udev unitdir +unpackdir upstreamed usbgadget usbhost @@ -115,6 +117,7 @@ utils VIRT wchar WIDEC +workdir XNVM xtests zeroconf diff --git a/meta-arm/meta-arm-bsp/recipes-core/systemd/systemd-conf_%.bbappend b/meta-arm/meta-arm-bsp/recipes-core/systemd/systemd-conf_%.bbappend index 28399fb..fadcad7 100644 --- a/meta-arm/meta-arm-bsp/recipes-core/systemd/systemd-conf_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-core/systemd/systemd-conf_%.bbappend @@ -11,5 +11,5 @@ SRC_URI:append:corstone1000 = " \ # nooelint: oelint.func.specific - Common name set in Corstone-1000 definitions do_install:append:corstone1000() { - install -D -m0644 ${WORKDIR}/timeouts.conf ${D}${systemd_system_unitdir}.conf.d/01-${PN}.conf + install -D -m0644 ${UNPACKDIR}/timeouts.conf ${D}${systemd_system_unitdir}.conf.d/01-${PN}.conf } -- GitLab From bcf97bcc5b7d9d3c66c2282aadcd03e6df542a4a Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Thu, 16 May 2024 18:09:34 +0100 Subject: [PATCH 20/21] bsp: Remove N1SDP support meta-arm has removed support for EOL N1SDP on master: https://git.yoctoproject.org/meta-arm/commit/ci?id=6db139e1fd7b724c7a5caacb07a4151411be877f Therefore remove the platform from meta-cassini-bsp, update the CI files and documentation. Signed-off-by: Vikas Katariya --- .dictionary | 7 - .gitlab-ci.yml | 5 +- .gitlab/ci/rules.yml | 13 +- README.md | 1 - documentation/developer_manual/n1sdp.rst | 42 --- documentation/user_manual/n1sdp.rst | 275 ------------------ documentation/variables.py | 10 - .../trusted-services/ts-sp-its_%.bbappend | 7 - .../trusted-services/ts-sp-storage_%.bbappend | 7 - 9 files changed, 3 insertions(+), 364 deletions(-) delete mode 100644 documentation/developer_manual/n1sdp.rst delete mode 100644 documentation/user_manual/n1sdp.rst delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend diff --git a/.dictionary b/.dictionary index 7068267..8138390 100644 --- a/.dictionary +++ b/.dictionary @@ -28,15 +28,12 @@ crypto dialout distro DISTROOVERRIDES -EEPROM efidisk eglibc envparse extfs FILESEXTRAPATHS flashfw -fname -fout fstype FSTYPES fvps @@ -56,7 +53,6 @@ LIBC Linaro linuxboot mandatoryvar -MBPMIC mdev meta-cassini-bsp mickledore @@ -71,7 +67,6 @@ multilineident N1SDP nanbield nativesdk -Neoverse netbase networkd no_cloud @@ -82,7 +77,6 @@ opkg optee packagegroup picocom -PMIC posix protobuf ptable @@ -95,7 +89,6 @@ requirenotfound RPROVIDER SAST scarthgap -sdcard SDHC se sourceparams diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9b34184..ccb73af 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -20,9 +20,9 @@ variables: description: Comma separated list of images to build (none, all-images, greengrass, k3s) META_CASSINI_BUILD_PLATFORM: - value: corstone1000-fvp, n1sdp + value: corstone1000-fvp description: Comma separated list of platforms to build - (none, corstone1000-fvp, n1sdp) + (none, corstone1000-fvp) META_CASSINI_FORCE_TESTS: value: none description: Comma separated list of tests that must be run @@ -50,7 +50,6 @@ trigger-meta-cassini: - !reference [".build-image:rules:skip-target-build", rules] - !reference [".build-image:rules:set-target-branch", rules] - !reference [".build-image:rules:common", rules] - - !reference [".build-image:rules:n1sdp", rules] - !reference [".build-image:rules:corstone1000", rules] - !reference [".build-image:rules:manual", rules] - !reference [".build-image:rules:ci-patterns", rules] diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml index e9cea56..8da67b0 100644 --- a/.gitlab/ci/rules.yml +++ b/.gitlab/ci/rules.yml @@ -21,10 +21,6 @@ .build-common: &build-common - "conf/layer.conf" -.build-n1sdp: &build-n1sdp - - "conf/machine/include/n1sdp-cassini-extra-settings.inc" - - "meta-arm/meta-arm-bsp/recipes-security/**/*" - .build-corstone1000: &build-corstone1000 - "conf/machine/include/corstone1000-*-cassini-extra-settings.inc" - "conf/multiconfig/firmware.conf" @@ -34,13 +30,6 @@ - "meta-arm/meta-arm-bsp/wic/*" # Build rules -.build-image:rules:n1sdp: - rules: - - <<: *if-merge-request-or-push - changes: *build-n1sdp - variables: - META_CASSINI_BUILD_PLATFORM: 'n1sdp' - .build-image:rules:corstone1000: rules: - <<: *if-merge-request-or-push @@ -53,7 +42,7 @@ - <<: *if-merge-request-or-push changes: *build-common variables: - META_CASSINI_BUILD_PLATFORM: 'n1sdp, corstone1000-fvp' + META_CASSINI_BUILD_PLATFORM: 'corstone1000-fvp' .build-image:rules:ci-patterns: rules: diff --git a/README.md b/README.md index d2ab719..1722c6d 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,6 @@ they can be used to build and boot Cassini distro images. Currently supported platforms include: * Corstone-1000 FVP (corstone1000-fvp) * Corstone-1000 for MPS3 (corstone1000-mps3) -* Neoverse N1 System Development Platform (n1sdp) At any given point in time, this repository may hold recipes, append-files, config fragments, and/or out-of-tree patches which either: diff --git a/documentation/developer_manual/n1sdp.rst b/documentation/developer_manual/n1sdp.rst deleted file mode 100644 index 92c43ac..0000000 --- a/documentation/developer_manual/n1sdp.rst +++ /dev/null @@ -1,42 +0,0 @@ -.. - # SPDX-FileCopyrightText: Copyright 2022-2024 Arm Limited and/or its - # affiliates - # - # SPDX-License-Identifier: MIT - -Neoverse N1 System Development Platform (N1SDP) -=============================================== - - * **Corresponding value for** ``MACHINE`` **variable**: ``n1sdp``. - * **Target Platform Config**: ``kas/n1sdp.yml``. - - This supported target platform is the Neoverse N1 System Development Platform - (N1SDP), implemented in |meta-arm-bsp|_. - - To read documentation about the N1SDP, see the - |N1SDP Technical Reference Manual|_. - -.. note:: - Support for the N1SDP platform in Cassini is primarily intended for - development, test, and demonstration of features for infrastructure - platforms which typically use EDK2 and Trusted Services without a - secure enclave. - - Due to a limitation of the platform hardware (it does not have - enough Secure world RAM) Trusted Services is configured to run - from Normal world RAM. This configuration is not compliant with - the PSA specifications. - - Platforms intended for production should be configured by the - platform provider to be compliant with the PSA specifications. - -.. warning:: - To avoid system hangs under testing, N1SDP firmware packages built in the - Cassini CI pipeline now use the newer PMIC firmware image which is not - compatible with older boards (with serial numbers before ``36253xxx``). - - As programming older boards with the newer PMIC firmware image can cause - component damage, please ensure any devices used in CI have serial numbers - later than ``36253xxx``. - - See `Potential firmware damage notice`_ for details diff --git a/documentation/user_manual/n1sdp.rst b/documentation/user_manual/n1sdp.rst deleted file mode 100644 index 44e4fcb..0000000 --- a/documentation/user_manual/n1sdp.rst +++ /dev/null @@ -1,275 +0,0 @@ -.. - # SPDX-FileCopyrightText: Copyright (c) 2023, Linaro Limited. - # - # SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its - # affiliates - # - # SPDX-License-Identifier: MIT - -############################## -Getting Started with the N1SDP -############################## - -This document explains how to build, deploy, and boot the Cassini distro on the -Arm Neoverse N1 System Development Platform (N1SDP). - -**NOTE:** Requires a micro SD card (at least 2 GB) and a USB drive (at least 16 GB) - -********************* -Building N1SDP images -********************* - -The kas configuration file ``kas/n1sdp.yml`` can be used to -build images which target the N1SDP. To build N1SDP images: - -.. code-block:: console - - kas build --update kas/cassini.yml:kas/k3s.yml:kas/n1sdp.yml - -This will produce an N1SDP firmware image here: - - ``build/tmp/deploy/images/n1sdp/n1sdp-board-firmware_primary.tar.gz`` - -And a Cassini distribution image here: - - ``build/tmp/deploy/images/n1sdp/cassini-image-base-n1sdp.rootfs.wic.gz`` - - ``build/tmp/deploy/images/n1sdp/cassini-image-base-n1sdp.rootfs.wic.bmap`` - -*********************** -Connecting to the N1SDP -*********************** - -1. Connect a USB cable between the build host and the ``DBG USB`` port on the N1SDP back panel and power on the device - -2. Check four new TTY USB devices are seen by **the build host**, via: - - .. code-block:: shell - - ls /dev/ttyUSB* - - This will output, for example: - - .. code-block:: console - - /dev/ttyUSB0 - /dev/ttyUSB1 - /dev/ttyUSB2 - /dev/ttyUSB3 - - If there are no other TTY USB devices, then the four ports on the N1SDP will be - connected as follows: - - * ttyUSB0 Motherboard Configuration Controller (MCC) - - * ttyUSB1 Application processor (AP) - - * ttyUSB2 System Control Processor (SCP) - - * ttyUSB3 Manageability Control Processor (MCP) (or OP-TEE and Secure Partitions) - - The rest of this guide assumes there are no other TTY USB devices on the build host - -3. Connect to the serial console(s) using any terminal client (``picocom``, ``minicom``, or ``screen`` should all work). - - All ports are configured with: - - * 115200 Baud - - * 8 bits, No parity, 1 stop bit (8N1) - - * No hardware or software flow control - - For example, run the following command to open a new picocom session for - the AP console: - - .. code-block:: shell - - sudo picocom -b 115200 /dev/ttyUSB1 - - .. note:: - - ``sudo`` should not be required if the current user is in the ``dialout`` group - -****************************************** -Updating the MCC firmware (Micro SD image) -****************************************** - -1. Follow the instructions above and connect to the MCC console i.e. - - .. code-block:: shell - - sudo picocom -b 115200 /dev/ttyUSB0 - -2. In the MCC console, at the ``Cmd>`` prompt, type the following command to see MCC firmware version and a list of commands: - - .. code-block:: console - - ? - - This will output, for example: - - .. code-block:: console - - Arm N1SDP MCC Firmware v1.0.1 - Build Date: Sep 5 2019 - Build Time: 14:18:16 - + command ------------------+ function ---------------------------------+ - | CAP "fname" [/A] | captures serial data to a file | - | | [/A option appends data to a file] | - | FILL "fname" [nnnn] | create a file filled with text | - | | [nnnn - number of lines, default=1000] | - | TYPE "fname" | displays the content of a text file | - | REN "fname1" "fname2" | renames a file 'fname1' to 'fname2' | - | COPY "fin" ["fin2"] "fout"| copies a file 'fin' to 'fout' file | - | | ['fin2' option merges 'fin' and 'fin2'] | - | DEL "fname" | deletes a file | - | DIR "[mask]" | displays a list of files in the directory | - | FORMAT [label] | formats Flash Memory Card | - | USB_ON | Enable usb | - | USB_OFF | Disable usb | - | SHUTDOWN | Shutdown PSU (leave micro running) | - | REBOOT | Power cycle system and reboot | - | RESET | Reset Board using CB_nRST | - | DEBUG | Enters debug menu | - | EEPROM | Enters eeprom menu | - | HELP or ? | displays this help | - | | - | THE FOLLOWING COMMANDS ARE ONLY AVAILABLE IN RUN MODE | - | | - | CASE_FAN_SPEED "SPEED" | Choose from SLOW, MEDIUM, FAST | - | READ_AXI "fname" | Read system memory to file 'fname' | - | "address" | from address to end address | - | "end_address" | | - | WRITE_AXI "fname" | Write file 'fname' to system memory | - | "address" | at address | - +---------------------------+-------------------------------------------+ - -3. Type the following command to enable USB: - - .. code-block:: console - - USB_ON - -4. Check a new block device is seen by **the build host**, via: - - .. code-block:: shell - - lsblk - - This will output, for example: - - .. code-block:: console - - NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT - sdb 8:0 0 2G 0 disk - └─sdb1 8:1 0 2G 0 part - - If there are no similar block devices mounted on the build host, then it - should be possible to identify the Micro SD Card on the N1SDP by its' size. - In the output above, the Micro SD partition is clearly ``sdb1``. - -5. Mount the device and check its contents: - - .. code-block:: console - - sudo umount /dev/sdb1 && - sudo mkdir -p /tmp/sdcard && - sudo mount /dev/sdb1 /tmp/sdcard && - ls -l /tmp/sdcard - - This should output, for example: - - .. code-block:: console - - config.txt ee0316a.txt LIB LICENSES LOG.TXT MB - - .. warning:: - - In this example, the ``/dev/sdb1`` partition is being mounted. As this may - vary on different machines, care should be taken when copying and pasting - the following commands. Don't proceed unless the contents of the Micro SD - Card were as expected in the previous step. - -6. Wipe the mounted microSD card, then extract the contents of ``n1sdp-board-firmware_primary.tar.gz`` onto it: - - .. code-block:: console - - sudo rm -rf /tmp/sdcard/* && - sudo tar --no-same-owner -xf build/tmp/deploy/images/n1sdp/n1sdp-board-firmware_primary.tar.gz -C /tmp/sdcard/ && - sudo sync - - .. note:: - - If the N1SDP board was manufactured after November 2019 (Serial Number - greater than ``36253xxx``), a different PMIC firmware image should be used to - prevent system hangs. More details can be found in - `Potential firmware damage notice`_. The ``MB/HBI0316A/io_v123f.txt`` file - located in the microSD needs to be updated. To update it, set the PMIC image - (``300k_8c2.bin``) to be used in the newer models by running the following - commands on the Build Host: - - .. code-block:: console - - sudo sed -i '/^MBPMIC: pms_0V85.bin/s/^/;/g' /tmp/sdcard/MB/HBI0316A/io_v123f.txt - sudo sed -i '/^;MBPMIC: 300k_8c2.bin/s/^;//g' /tmp/sdcard/MB/HBI0316A/io_v123f.txt - sudo sync - -7. Unmount the device - - .. code-block:: console - - sudo umount /tmp/sdcard - sudo rmdir /tmp/sdcard - -************************************************** -Prepare the distro image for the N1SDP (USB image) -************************************************** - -1. Insert the USB storage device into the build host - -2. Check a new block device is seen by **the build host**, via: - - .. code-block:: shell - - lsblk - - This will output, for example: - - .. code-block:: console - - NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT - sdb 8:0 0 2G 0 disk - └─sdb1 8:1 0 2G 0 part - sdc 8:0 0 64G 0 disk - - If there are no similar block devices mounted on the build host, then it - should be possible to identify the USB storage device by its' size. In the - output above, the USB storage device is ``sdc``. - - .. warning:: - - The next step will result in all prior partitions and data on the USB - storage device being erased. Take care not to confuse your host PC's own - hard drive with the USB drive and backup any data on the USB storage device - before continuing. - -3. Flash the image onto the USB storage device using ``bmap-tools``: - - .. code-block:: shell - - sudo bmaptool copy --bmap cassini-image-base-n1sdp.rootfs.wic.bmap cassini-image-base-n1sdp.rootfs.wic.gz /dev/ - - Or if deploying an SDK image - - .. code-block:: console - - sudo bmaptool copy --bmap cassini-image-sdk-n1sdp.rootfs.wic.bmap cassini-image-sdk-n1sdp.rootfs.wic.gz /dev/ - -4. Eject the USB storage device from the build host and plug it into one of the USB 3.0 ports on the N1SDP - -5. Reboot the N1SDP device by power cycling it or typing the following at the MCC console - - .. code-block:: console - - REBOOT diff --git a/documentation/variables.py b/documentation/variables.py index c7c5944..8488439 100644 --- a/documentation/variables.py +++ b/documentation/variables.py @@ -31,19 +31,9 @@ variables which are referenced from documentation sources in this repository """ -YOCTO_RELEASE = "scarthgap" DOCS_RELEASE = "scarthgap" general_links = { - "link:meta-arm-bsp": - "https://git.yoctoproject.org/meta-arm/tree/meta-arm-bsp/" - f"documentation/n1sdp.md?h={YOCTO_RELEASE}", - "link:N1SDP Technical Reference Manual": - "https://developer.arm.com/documentation/101489/0000", - "link:Potential firmware damage notice": - "https://community.arm.com/developer/tools-software/oss-platforms/" - "w/docs/604/notice-potential-damage-to-n1sdp-boards-" - "if-using-latest-firmware-release", "link:Arm Corstone-1000 Technical Overview": "https://developer.arm.com/documentation/102360/0000", "link:Arm Corstone-1000 Software": diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend deleted file mode 100644 index c2f96cf..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-its_%.bbappend +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -# Override configuration to use block storage service -OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/internal-trusted-storage/config/shared-flash-${TS_ENV}" diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend deleted file mode 100644 index 6b514a0..0000000 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-storage_%.bbappend +++ /dev/null @@ -1,7 +0,0 @@ -# SPDX-FileCopyrightText: Copyright 2023-2024 Arm Limited and/or its -# affiliates -# -# SPDX-License-Identifier: MIT - -# Override configuration to use block storage service -OECMAKE_SOURCEPATH:n1sdp = "${S}/deployments/protected-storage/config/shared-flash-${TS_ENV}" -- GitLab From 671488a8203bee2703a4099de49fd55f5342a30a Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Wed, 3 Jul 2024 16:59:19 +0100 Subject: [PATCH 21/21] docs: Point to the latest documentation The ARM Corstone-1000 software url needs to point to the `latest` for `main` branch. Signed-off-by: Vikas Katariya --- documentation/variables.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/variables.py b/documentation/variables.py index 8488439..f7fcffe 100644 --- a/documentation/variables.py +++ b/documentation/variables.py @@ -31,7 +31,7 @@ variables which are referenced from documentation sources in this repository """ -DOCS_RELEASE = "scarthgap" +DOCS_RELEASE = "latest" general_links = { "link:Arm Corstone-1000 Technical Overview": -- GitLab