subtree updates
meta-openembedded: 0782ea454a..ce0b93fc12:
Alex Kiernan (5):
faad2: Upgrade 2.8.8 -> 2.10.0
onig: Upgrade 6.9.4 -> 6.9.8
jansson: Honour multilib paths
jansson: Backport linker flag fixes
jansson: Default to shared builds
Beniamin Sandu (1):
libnet: update to v1.2 release
Daniel Gomez (4):
gst-instruments: Update 0.2.3 -> 0.3.1+cb8977a
libftdi: Add ftdi-eeprom support
xf86-video-ati: Update 19.1.0 -> 19.1.0+7a6a34af
v4l-utils: Update 1.22.1 -> 1.23.0+fd544473
Gianluigi Spagnuolo (1):
bpftool: add aarch64 to COMPATIBLE_HOST
Hitomi Hasegawa (1):
libsdl: add CVE-2019-14906 to allowlist
Khem Raj (2):
python3-gevent: Avoid building internal version of libev
xterm: Add _GNU_SOURCE via CFLAGS
Lukas Rusak (2):
libwebsockets: add optional support for sd-event loop
libwebsockets: add error check if PACKAGECONFIG contains systemd but DISTRO_FEATURES doesn't
Ming Liu (1):
plymouth: uprev to 22.02.122
William A. Kennington III (2):
gerbera: upgrade 1.9.2 -> 1.11.0
fmt: upgrade 8.1.1 -> 9.1.0
Yi Zhao (4):
freeradius: fix daemon startup warnings
frr: upgrade 8.2.2 -> 8.3.1
libnftnl: upgrade 1.2.2 -> 1.2.3
nftables: upgrade 1.0.4 -> 1.0.5
onkelpit (1):
tio: added tio version 2.0 and 1.47
wangmy (1):
xterm: upgrade 372 -> 373
meta-arm: 52f07a4b0b..0164b4ca7a:
Abdellatif El Khlifi (12):
arm-bsp/u-boot: corstone1000: update initramfs bundle size
arm-bsp/u-boot: corstone1000: upgrade FF-A support
arm-bsp/optee-os: corstone1000: upgrade to v3.18
arm-bsp/optee-spdevkit: corstone1000: drop the support
arm-bsp/corstone1000-initramfs-image: remove obsolete packages
arm-bsp/trusted-services: corstone1000: add secure partitions support
arm-bsp/machine: corstone1000: disable pulling the kernel into the initramfs
arm-bsp/trusted-services: corstone1000: add MHU-driver
arm-bsp/corstone1000-initramfs-image: add TS PSA API tests packages
arm-bsp/linux: corstone1000: use arm-ffa machine feature
arm/secure-partitions: drop use of the recipe
arm/ffa-debugfs: drop use of the kernel module
Adam Johnston (3):
arm-bsp/edk2-firmware: Update edk2/edk2-platforms versions for N1SDP
arm-bsp/edk2-firmware: Add edk2-platforms patches for N1SDP
arm-bsp/trusted-firmware-a: Update TF-A version for N1SDP
Andrei Gherzan (1):
edk2-firmware: Fix configure sed typo
Anton Antonov (1):
Temporary use qemu 7.0.0 for TS CI pipelines
Davidson K (6):
arm-bsp/tc: upgrade version of trusted-firmware-a
arm-bsp/tc: upgrade version of hafnium
arm-bsp/tc: upgrade version of optee
arm-bsp/u-boot: add gnutls-native as dependency
arm-bsp/trusted-firmware-a: add firmware update support for TC
arm-bsp/hafnium: enable Virtual Host Extension for TC
Denys Dmytriyenko (1):
arm-toolchain/gcc,external-arm-toolchain: resolve conflict with gcc headers
Emekcan (8):
arm-bsp/u-boot: Add external system driver to u-boot device tree
arm-bsp/kernel: Add external device driver
arm-bsp/u-boot: Add external system MHUs to u-boot device tree
arm-bsp/kernel: Add rpmsg_arm_mailbox to corstone1000
arm-bsp/test: Adding a test app for external system
arm-bsp/images: Adding external system test to initramfs image
arm-bsp/test: Changing the test app repository
arm-bsp/external-system: Changing the RTX repo
Jiacheng Tang (1):
arm/fvp-base-r-aem: upgrade to version 11.19.14
Joe Slater (1):
arm/packagegroup-ts-tests: fix parse error
Jon Mason (17):
arm-bsp/optee-os: add 3.10 recipe for corstone1000
arm-bsp/optee: rename corstone1000 files
arm/optee-spdevkit: add version to file name
arm/optee-os: add ARMv7 changes to clang patch and update patches
arm/qemuarm-secureboot: remove optee-os version pin
arm/optee: remove old versions
arm/optee-client: move the 3.14 recipe to meta-arm-bsp
arm/hafnium: update to 2.7
arm-bsp/n1sdp: update linux-yocto patches
arm/edk2-firmware: Work around clang issue
arm-bsp/tc: remove hafnium clang patch
layers: convert to langdale compatibility
CI: Remove uniquely zephyr machines
arm-bsp/fvp: move the fvp include file to the include directory
ci: move features only needed by testimage from base
CI: apply a patch so that meta-zephyr is compatible with langdale
Revert "CI: apply a patch so that meta-zephyr is compatible with langdale"
Khem Raj (6):
optee-os: Extend clang pragma fixes to core_mmu_v7.c for 3.18
trusted-services: Pin to use gcc
ffa-debugfs-mod: Exclude from world builds
linux-yocto: Add bbappend for 5.19
hafnium: Add a fix for clang-15 errors
hafnium: Exclude from world builds
Mohamed Omar Asaker (1):
arm-bsp/n1sdp-board-firmware: upgrade to N1SDP-2022.06.22
Peter Hoyes (4):
arm/lib: Specify the FVP environment variables explicitly
arm-bsp/trusted-firmware-m: Make branch names configurable
arm/classes: Migrate TF-M image signing to bbclass
arm-bsp/corstone1000: Refactor image signing to use new bbclass
Ross Burton (3):
gem5/linux-yocto: upgrade to 5.4.205 and fix buildpaths in binaries
Revert "Temporary use qemu 7.0.0 for TS CI pipelines"
runfvp: pass-through environment variables need for GUI applications
Rui Miguel Silva (1):
arm-bsp: trusted-services: fix openamp build
Vishnu Banavath (2):
arm-bsp/ffa-debugfs: update git SHA for v2.1.0
arm-bsp/external-system:corstone1000: build and install external-system
Xueliang Zhong (1):
arm-bsp/n1sdp: upgrade scp-firmware version
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I7a07eab9e4aa0bdbdb50602050c3c4caf062acbf
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi-corstone1000-introduce-EFI-capsule-update.patch b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi-corstone1000-introduce-EFI-capsule-update.patch
new file mode 100644
index 0000000..291d15d
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0016-efi-corstone1000-introduce-EFI-capsule-update.patch
@@ -0,0 +1,338 @@
+From 10e155a677192731481ebe7f302e2d9ad790346a Mon Sep 17 00:00:00 2001
+From: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+Date: Thu, 28 Jul 2022 15:01:55 +0100
+Subject: [PATCH 16/26] efi: corstone1000: introduce EFI capsule update
+
+This commit provides capsule update feature for Corstone1000.
+
+This feature is available before and after ExitBootServices().
+
+A platform specific capsule buffer is allocated. This buffer
+is physically contiguous and allocated at the start of the DDR
+memory after u-boot relocation to the end of DDR.
+
+The capsule buffer is shared between u-boot and the secure world.
+On UpdateCapsule() , capsule data is copied to the buffer
+and a buffer ready event is generated using FF-A transport.
+
+On ExitBootServices() a kernel started event is sent to the
+SE Proxy FW update service. This event is generated on each boot.
+
+Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ include/configs/corstone1000.h | 18 +++++
+ include/efi_loader.h | 4 +-
+ lib/efi_loader/efi_boottime.c | 36 ++++++++++
+ lib/efi_loader/efi_capsule.c | 124 ++++++++++++++++++++++++++++++++-
+ lib/efi_loader/efi_setup.c | 15 ++++
+ 5 files changed, 193 insertions(+), 4 deletions(-)
+
+diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h
+index 5960c6b4be..fe5ec0adcd 100644
+--- a/include/configs/corstone1000.h
++++ b/include/configs/corstone1000.h
+@@ -14,6 +14,24 @@
+
+ #include <linux/sizes.h>
+
++/* The SE Proxy partition ID*/
++#define CORSTONE1000_SEPROXY_PART_ID (0x8002)
++
++/* Update service ID provided by the SE Proxy secure partition*/
++#define CORSTONE1000_SEPROXY_UPDATE_SVC_ID (0x4)
++
++/* Notification events used with SE Proxy update service */
++#define CORSTONE1000_BUFFER_READY_EVT (0x1)
++#define CORSTONE1000_KERNEL_STARTED_EVT (0x2)
++
++/* Size in 4KB pages of the EFI capsule buffer */
++#define CORSTONE1000_CAPSULE_BUFFER_SIZE (8192) /* 32 MB */
++
++/* Capsule GUID */
++#define EFI_CORSTONE1000_CAPSULE_ID_GUID \
++ EFI_GUID(0x3a770ddc, 0x409b, 0x48b2, 0x81, 0x41, \
++ 0x93, 0xb7, 0xc6, 0x0b, 0x20, 0x9e)
++
+ #define FFA_SHARED_MM_BUFFER_SIZE SZ_4K /* 4 KB */
+
+ /*
+diff --git a/include/efi_loader.h b/include/efi_loader.h
+index 5b41985244..796419b69b 100644
+--- a/include/efi_loader.h
++++ b/include/efi_loader.h
+@@ -984,11 +984,11 @@ extern const struct efi_firmware_management_protocol efi_fmp_fit;
+ extern const struct efi_firmware_management_protocol efi_fmp_raw;
+
+ /* Capsule update */
+-efi_status_t EFIAPI efi_update_capsule(
++efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+ struct efi_capsule_header **capsule_header_array,
+ efi_uintn_t capsule_count,
+ u64 scatter_gather_list);
+-efi_status_t EFIAPI efi_query_capsule_caps(
++efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
+ struct efi_capsule_header **capsule_header_array,
+ efi_uintn_t capsule_count,
+ u64 *maximum_capsule_size,
+diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
+index cede7826bd..9bf2596597 100644
+--- a/lib/efi_loader/efi_boottime.c
++++ b/lib/efi_loader/efi_boottime.c
+@@ -2095,6 +2095,33 @@ static void efi_exit_caches(void)
+ #endif
+ }
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++/**
++ * efi_corstone1000_kernel_started_event - notifies SE Proxy FW update service
++ *
++ * This function notifies the SE Proxy update service that the kernel has already started
++ *
++ * Return:
++ *
++ * 0: on success, otherwise failure
++ */
++static int efi_corstone1000_kernel_started_event(void)
++{
++ struct ffa_send_direct_data msg = {0};
++
++ log_debug("[%s]\n", __func__);
++
++ /*
++ * setting the kernel started event arguments
++ */
++ msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
++ msg.data2 = CORSTONE1000_KERNEL_STARTED_EVT; /* x5 */
++
++ return ffa_bus_ops_get()->sync_send_receive(CORSTONE1000_SEPROXY_PART_ID, &msg);
++}
++
++#endif
++
+ /**
+ * efi_exit_boot_services() - stop all boot services
+ * @image_handle: handle of the loaded image
+@@ -2210,6 +2237,15 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
+ /* Recalculate CRC32 */
+ efi_update_table_header_crc32(&systab.hdr);
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++ /* Notifying SE Proxy FW update service */
++ ffa_ret = efi_corstone1000_kernel_started_event();
++ if (ffa_ret)
++ debug("[efi_boottime][ERROR]: Failure to notify SE Proxy FW update service\n");
++ else
++ debug("[efi_boottime][INFO]: SE Proxy FW update service notified\n");
++#endif
++
+ /* Give the payload some time to boot */
+ efi_set_watchdog(0);
+ WATCHDOG_RESET();
+diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
+index a6b98f066a..c0f3427a60 100644
+--- a/lib/efi_loader/efi_capsule.c
++++ b/lib/efi_loader/efi_capsule.c
+@@ -25,6 +25,14 @@
+ #include <crypto/pkcs7_parser.h>
+ #include <linux/err.h>
+
++#ifdef CONFIG_TARGET_CORSTONE1000
++#include <arm_ffa.h>
++#include <cpu_func.h>
++
++void *__efi_runtime_data corstone1000_capsule_buf; /* capsule shared buffer virtual address */
++efi_guid_t corstone1000_capsule_guid = EFI_CORSTONE1000_CAPSULE_ID_GUID;
++#endif
++
+ DECLARE_GLOBAL_DATA_PTR;
+
+ const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
+@@ -512,6 +520,78 @@ static efi_status_t efi_capsule_update_firmware(
+ }
+ #endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++
++/**
++ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
++ * @capsule_image_size: The capsule data (header + payload)
++ *
++ * This function allocates the physically contiguous buffer shared between u-boot
++ * and the secure world. On UpdateCapsule() capsule data is copied to the buffer
++ * and a door bell event is generated.
++ * The buffer is allocated at the start of the DDR memory after u-boot has been relocated
++ * to the end of DDR.
++ *
++ * Return:
++ *
++ * 0: on success, otherwise failure
++ */
++efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void)
++{
++ efi_status_t efi_ret;
++ u64 ram_base = CONFIG_SYS_SDRAM_BASE;
++
++ log_debug("[%s]\n", __func__);
++
++ efi_ret = efi_allocate_pages(EFI_ALLOCATE_ADDRESS,
++ EFI_RUNTIME_SERVICES_DATA,
++ CORSTONE1000_CAPSULE_BUFFER_SIZE,
++ &ram_base);
++
++ if (efi_ret != EFI_SUCCESS) {
++ corstone1000_capsule_buf = NULL;
++ log_err("EFI: Corstone1000: Allocating capsule shared buffer error (%d)\n"
++ , (int)efi_ret);
++ return efi_ret;
++ }
++
++ log_info("EFI: Corstone1000: Capsule shared buffer at 0x%x , size %d pages\n"
++ , (unsigned int)ram_base,
++ CORSTONE1000_CAPSULE_BUFFER_SIZE);
++
++ corstone1000_capsule_buf = (void *)map_sysmem((phys_addr_t)ram_base, 0);
++
++ return EFI_SUCCESS;
++}
++
++/**
++ * efi_corstone1000_buffer_ready_event - issue door bell event
++ * @capsule_image_size: The capsule data (header + payload)
++ *
++ * This function notifies the SE Proxy update service that capsule data is available
++ * in the capsule shared buffer.
++ *
++ * Return:
++ *
++ * 0: on success, otherwise failure
++ */
++static int __efi_runtime efi_corstone1000_buffer_ready_event(u32 capsule_image_size)
++{
++ struct ffa_send_direct_data msg = {0};
++
++ log_debug("[%s]\n", __func__);
++
++ /*
++ * setting the buffer ready event arguments
++ */
++ msg.data0 = CORSTONE1000_SEPROXY_UPDATE_SVC_ID; /* x3 */
++ msg.data1 = capsule_image_size; /* x4 */
++ msg.data2 = CORSTONE1000_BUFFER_READY_EVT; /* x5 */
++
++ return ffa_bus_ops_get()->sync_send_receive(CORSTONE1000_SEPROXY_PART_ID, &msg);
++}
++#endif
++
+ /**
+ * efi_update_capsule() - process information from operating system
+ * @capsule_header_array: Array of virtual address pointers
+@@ -525,7 +605,7 @@ static efi_status_t efi_capsule_update_firmware(
+ *
+ * Return: status code
+ */
+-efi_status_t EFIAPI efi_update_capsule(
++efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+ struct efi_capsule_header **capsule_header_array,
+ efi_uintn_t capsule_count,
+ u64 scatter_gather_list)
+@@ -542,6 +622,13 @@ efi_status_t EFIAPI efi_update_capsule(
+ goto out;
+ }
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++ if (capsule_count != 1 || !corstone1000_capsule_buf) {
++ ret = EFI_INVALID_PARAMETER;
++ goto out;
++ }
++#endif
++
+ ret = EFI_SUCCESS;
+ for (i = 0, capsule = *capsule_header_array; i < capsule_count;
+ i++, capsule = *(++capsule_header_array)) {
+@@ -554,6 +641,39 @@ efi_status_t EFIAPI efi_update_capsule(
+
+ log_debug("Capsule[%d] (guid:%pUs)\n",
+ i, &capsule->capsule_guid);
++
++#if CONFIG_IS_ENABLED(TARGET_CORSTONE1000)
++ if (guidcmp(&corstone1000_capsule_guid, &capsule->capsule_guid)) {
++ ret = EFI_INVALID_PARAMETER;
++ log_err("Corstone1000: Invalid capsule GUID\n");
++ goto out;
++ }
++
++ if (efi_size_in_pages(capsule->capsule_image_size) >
++ CORSTONE1000_CAPSULE_BUFFER_SIZE) {
++ log_err("Corstone1000: Capsule data size exceeds the shared buffer size\n");
++ ret = EFI_BUFFER_TOO_SMALL;
++ goto out;
++ }
++
++ /* copy the data to the contiguous buffer */
++ efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size);
++
++ /* invalidate the data cache */
++ invalidate_dcache_all();
++
++ /* issue buffer ready event */
++ ret = efi_corstone1000_buffer_ready_event(capsule->capsule_image_size);
++ if (ret) {
++ log_err("EFI: Corstone1000: Buffer ready event error (%d)\n", (int)ret);
++ ret = EFI_DEVICE_ERROR;
++ } else {
++ ret = EFI_SUCCESS;
++ }
++
++ goto out;
++#endif
++
+ if (!guidcmp(&capsule->capsule_guid,
+ &efi_guid_firmware_management_capsule_id)) {
+ ret = efi_capsule_update_firmware(capsule);
+@@ -592,7 +712,7 @@ out:
+ *
+ * Return: status code
+ */
+-efi_status_t EFIAPI efi_query_capsule_caps(
++efi_status_t __efi_runtime EFIAPI efi_query_capsule_caps(
+ struct efi_capsule_header **capsule_header_array,
+ efi_uintn_t capsule_count,
+ u64 *maximum_capsule_size,
+diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
+index 492ecf4cb1..bfd4687e10 100644
+--- a/lib/efi_loader/efi_setup.c
++++ b/lib/efi_loader/efi_setup.c
+@@ -16,6 +16,13 @@
+
+ efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED;
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++/**
++ * efi_corstone1000_alloc_capsule_shared_buf - allocate capsule shared buffer
++ */
++extern efi_status_t efi_corstone1000_alloc_capsule_shared_buf(void);
++#endif
++
+ /*
+ * Allow unaligned memory access.
+ *
+@@ -128,6 +135,14 @@ static efi_status_t efi_init_capsule(void)
+ {
+ efi_status_t ret = EFI_SUCCESS;
+
++#if IS_ENABLED(CONFIG_TARGET_CORSTONE1000)
++ ret = efi_corstone1000_alloc_capsule_shared_buf();
++ if (ret != EFI_SUCCESS) {
++ printf("EFI: Corstone-1000: cannot allocate caspsule shared buffer\n");
++ return ret;
++ }
++#endif
++
+ if (IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_UPDATE)) {
+ ret = efi_set_variable_int(u"CapsuleMax",
+ &efi_guid_capsule_report,
+--
+2.17.1
+