Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 1 | # TC0 specific TFA configuration |
| 2 | |
| 3 | DEPENDS += "scp-firmware util-linux-native gptfdisk-native" |
| 4 | |
| 5 | FILESEXTRAPATHS:prepend := "${THISDIR}/files/tc:" |
| 6 | SRC_URI:append = " \ |
Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 7 | file://generate_metadata.py \ |
| 8 | " |
| 9 | |
| 10 | COMPATIBLE_MACHINE = "(tc?)" |
| 11 | |
| 12 | TFA_PLATFORM = "tc" |
| 13 | TFA_BUILD_TARGET = "all fip" |
| 14 | TFA_UBOOT = "1" |
| 15 | TFA_INSTALL_TARGET = "bl1 fip" |
| 16 | TFA_MBEDTLS = "1" |
| 17 | TFA_DEBUG = "1" |
| 18 | |
| 19 | TFA_SPD = "spmd" |
| 20 | TFA_SPMD_SPM_AT_SEL2 = "1" |
| 21 | |
| 22 | TFA_TARGET_PLATFORM:tc0 = "0" |
| 23 | TFA_TARGET_PLATFORM:tc1 = "1" |
| 24 | |
| 25 | EXTRA_OEMAKE += "TARGET_PLATFORM=${TFA_TARGET_PLATFORM}" |
| 26 | |
| 27 | # Set optee as SP. Set spmc manifest and sp layout file to optee |
| 28 | DEPENDS += "optee-os" |
| 29 | |
| 30 | TFA_SP_LAYOUT_FILE = "${RECIPE_SYSROOT}/lib/firmware/sp_layout.json" |
| 31 | TFA_ARM_SPMC_MANIFEST_DTS = "plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts" |
| 32 | |
| 33 | EXTRA_OEMAKE += "SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin" |
| 34 | EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \ |
| 35 | ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem" |
| 36 | EXTRA_OEMAKE += "PSA_FWU_SUPPORT=1 ARM_GPT_SUPPORT=1" |
Patrick Williams | 8dd6848 | 2022-10-04 07:57:18 -0500 | [diff] [blame] | 37 | EXTRA_OEMAKE += "CTX_INCLUDE_MTE_REGS=1" |
Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 38 | |
| 39 | do_generate_gpt() { |
| 40 | gpt_image="${BUILD_DIR}/fip_gpt.bin" |
| 41 | fip_bin="${BUILD_DIR}/fip.bin" |
| 42 | # the FIP partition type is not standardized, so generate one |
| 43 | fip_type_uuid=`uuidgen --sha1 --namespace @dns --name "fip_type_uuid"` |
| 44 | # metadata partition type UUID, specified by the document: |
| 45 | # Platform Security Firmware Update for the A-profile Arm Architecture |
| 46 | # version: 1.0BET0 |
| 47 | metadata_type_uuid="8a7a84a0-8387-40f6-ab41-a8b9a5a60d23" |
| 48 | location_uuid=`uuidgen` |
| 49 | FIP_A_uuid=`uuidgen` |
| 50 | FIP_B_uuid=`uuidgen` |
| 51 | |
| 52 | # maximum FIP size 4MB. This is the current size of the FIP rounded up to an integer number of MB. |
| 53 | fip_max_size=4194304 |
| 54 | fip_bin_size=$(stat -c %s $fip_bin) |
| 55 | if [ $fip_max_size -lt $fip_bin_size ]; then |
| 56 | bberror "FIP binary ($fip_bin_size bytes) is larger than the GPT partition ($fip_max_size bytes)" |
| 57 | fi |
| 58 | |
| 59 | # maximum metadata size 512B. This is the current size of the metadata rounded up to an integer number of sectors. |
| 60 | metadata_max_size=512 |
| 61 | metadata_file="${BUILD_DIR}/metadata.bin" |
| 62 | python3 ${WORKDIR}/generate_metadata.py --metadata_file $metadata_file \ |
| 63 | --img_type_uuids $fip_type_uuid \ |
| 64 | --location_uuids $location_uuid \ |
| 65 | --img_uuids $FIP_A_uuid $FIP_B_uuid |
| 66 | |
| 67 | # create GPT image. The GPT contains 2 FIP partitions: FIP_A and FIP_B, and 2 metadata partitions: FWU-Metadata and Bkup-FWU-Metadata. |
| 68 | # the GPT layout is the following: |
| 69 | # ----------------------- |
| 70 | # Protective MBR |
| 71 | # ----------------------- |
| 72 | # Primary GPT Header |
| 73 | # ----------------------- |
| 74 | # FIP_A |
| 75 | # ----------------------- |
| 76 | # FIP_B |
| 77 | # ----------------------- |
| 78 | # FWU-Metadata |
| 79 | # ----------------------- |
| 80 | # Bkup-FWU-Metadata |
| 81 | # ----------------------- |
| 82 | # Secondary GPT Header |
| 83 | # ----------------------- |
| 84 | |
| 85 | sector_size=512 |
| 86 | gpt_header_size=33 # valid only for 512-byte sectors |
| 87 | num_sectors_fip=`expr $fip_max_size / $sector_size` |
| 88 | num_sectors_metadata=`expr $metadata_max_size / $sector_size` |
| 89 | start_sector_1=`expr 1 + $gpt_header_size` # size of MBR is 1 sector |
| 90 | start_sector_2=`expr $start_sector_1 + $num_sectors_fip` |
| 91 | start_sector_3=`expr $start_sector_2 + $num_sectors_fip` |
| 92 | start_sector_4=`expr $start_sector_3 + $num_sectors_metadata` |
| 93 | num_sectors_gpt=`expr $start_sector_4 + $num_sectors_metadata + $gpt_header_size` |
| 94 | gpt_size=`expr $num_sectors_gpt \* $sector_size` |
| 95 | |
| 96 | # create raw image |
| 97 | dd if=/dev/zero of=$gpt_image bs=$gpt_size count=1 |
| 98 | |
| 99 | # create the GPT layout |
| 100 | sgdisk $gpt_image \ |
| 101 | --set-alignment 1 \ |
| 102 | --disk-guid $location_uuid \ |
| 103 | \ |
| 104 | --new 1:$start_sector_1:+$num_sectors_fip \ |
| 105 | --change-name 1:FIP_A \ |
| 106 | --typecode 1:$fip_type_uuid \ |
| 107 | --partition-guid 1:$FIP_A_uuid \ |
| 108 | \ |
| 109 | --new 2:$start_sector_2:+$num_sectors_fip \ |
| 110 | --change-name 2:FIP_B \ |
| 111 | --typecode 2:$fip_type_uuid \ |
| 112 | --partition-guid 2:$FIP_B_uuid \ |
| 113 | \ |
| 114 | --new 3:$start_sector_3:+$num_sectors_metadata \ |
| 115 | --change-name 3:FWU-Metadata \ |
| 116 | --typecode 3:$metadata_type_uuid \ |
| 117 | \ |
| 118 | --new 4:$start_sector_4:+$num_sectors_metadata \ |
| 119 | --change-name 4:Bkup-FWU-Metadata \ |
| 120 | --typecode 4:$metadata_type_uuid |
| 121 | |
| 122 | # populate the GPT partitions |
| 123 | dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_1 count=$num_sectors_fip conv=notrunc |
| 124 | dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_2 count=$num_sectors_fip conv=notrunc |
| 125 | dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_3 count=$num_sectors_metadata conv=notrunc |
| 126 | dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_4 count=$num_sectors_metadata conv=notrunc |
| 127 | } |
| 128 | |
| 129 | addtask do_generate_gpt after do_compile before do_install |
| 130 | |
| 131 | do_install:append() { |
| 132 | install -m 0644 ${BUILD_DIR}/fip_gpt.bin ${D}/firmware/fip_gpt-tc.bin |
| 133 | ln -sf fip_gpt-tc.bin ${D}/firmware/fip_gpt.bin |
| 134 | } |