| From e46fd33355b54c08d1764c2a8e7b553960d61157 Mon Sep 17 00:00:00 2001 |
| From: Emekcan Aras <emekcan.aras@arm.com> |
| Date: Sat, 25 Feb 2023 10:29:55 +0000 |
| Subject: [PATCH 1/6] Platform: corstone1000: Replace MCUBOOT BL1 by TFM's |
| |
| From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com> |
| |
| Replace The current BL1 (MCUBOOT) with the TFM BL1 |
| by enabling |
| - PLATFORM_DEFAULT_BL1 |
| - Update linkerscripts |
| - Update CMakeFile |
| - Adapt boot_hal |
| - Adapt provisioning (to use the provision bundle) |
| - Adapt flash_layout and region_defs |
| - Update documentation of corstone1000 build and run sections |
| |
| Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20553] |
| Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com> |
| Change-Id: I224b24d0f4423e62468e609c11a239a4575cdae4 |
| --- |
| .../target/arm/corstone1000/CMakeLists.txt | 70 +++++- |
| .../Device/Include/boot_measurement.h | 24 +++ |
| .../Device/Include/platform_base_address.h | 3 + |
| .../Device/Source/gcc/corstone1000_bl1_1.ld | 203 ++++++++++++++++++ |
| ...stone1000_bl1.ld => corstone1000_bl1_2.ld} | 8 +- |
| .../target/arm/corstone1000/bl1/bl1_rotpk.c | 48 ----- |
| .../bl1/{bl1_boot_hal.c => boot_hal_bl1.c} | 102 ++++----- |
| .../arm/corstone1000/bl1/flash_map_extended.c | 103 --------- |
| .../arm/corstone1000/bl1/provisioning.c | 109 +++++----- |
| .../ext/target/arm/corstone1000/config.cmake | 18 +- |
| .../arm/corstone1000/partition/flash_layout.h | 10 - |
| .../arm/corstone1000/partition/region_defs.h | 37 +++- |
| 12 files changed, 434 insertions(+), 301 deletions(-) |
| create mode 100644 platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h |
| create mode 100644 platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld |
| rename platform/ext/target/arm/corstone1000/Device/Source/gcc/{corstone1000_bl1.ld => corstone1000_bl1_2.ld} (95%) |
| delete mode 100644 platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c |
| rename platform/ext/target/arm/corstone1000/bl1/{bl1_boot_hal.c => boot_hal_bl1.c} (90%) |
| delete mode 100644 platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c |
| |
| diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt |
| index 19863bcdb..a4fe28c08 100644 |
| --- a/platform/ext/target/arm/corstone1000/CMakeLists.txt |
| +++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt |
| @@ -41,6 +41,23 @@ target_add_scatter_file(bl2 |
| $<$<C_COMPILER_ID:GNU>:${PLATFORM_DIR}/ext/common/gcc/tfm_common_bl2.ld> |
| ) |
| |
| +target_sources(bl1_1 |
| +PRIVATE |
| + $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c> |
| +) |
| + |
| +target_add_scatter_file(bl1_1 |
| + $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_1.ld> |
| +) |
| + |
| +target_sources(bl1_2 |
| +PRIVATE |
| + $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c> |
| +) |
| +target_add_scatter_file(bl1_2 |
| + $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_2.ld> |
| +) |
| + |
| #========================= Platform Secure ====================================# |
| |
| add_subdirectory(openamp) |
| @@ -115,6 +132,55 @@ if (TFM_PARTITION_CRYPTO) |
| ) |
| endif() |
| |
| +#========================= Platform BL1 =======================================# |
| + |
| +target_sources(platform_bl1 |
| + PRIVATE |
| + ./Device/Source/system_core_init.c |
| + ./Device/Source/device_definition.c |
| + ./bl1/boot_hal_bl1.c |
| + ./Native_Driver/firewall.c |
| + ./CMSIS_Driver/Driver_Flash.c |
| + ./CMSIS_Driver/Driver_USART.c |
| + ./Native_Driver/uart_pl011_drv.c |
| + $<$<BOOL:${PLATFORM_IS_FVP}>:${CMAKE_CURRENT_SOURCE_DIR}/Native_Driver/cfi_drv.c> |
| + $<$<BOOL:${PLATFORM_IS_FVP}>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata/spi_strataflashj3_flash_lib.c> |
| + $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/xilinx_pg153_axi_qspi_controller_drv.c> |
| + $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/spi_n25q256a_flash_lib.c> |
| + $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/spi_sst26vf064b_flash_lib.c> |
| + ./fw_update_agent/uefi_capsule_parser.c |
| + ./fw_update_agent/fwu_agent.c |
| + ./fw_update_agent/uefi_fmp.c |
| + ./soft_crc/soft_crc.c |
| + ./Native_Driver/arm_watchdog_drv.c |
| + ./Native_Driver/watchdog.c |
| + ./bl1/provisioning.c |
| + $<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c> |
| +) |
| + |
| +target_compile_definitions(platform_bl1 |
| + PUBLIC |
| + $<$<BOOL:${PLATFORM_IS_FVP}>:PLATFORM_IS_FVP> |
| + $<$<AND:$<BOOL:${CONFIG_TFM_BOOT_STORE_MEASUREMENTS}>,$<BOOL:${TFM_PARTITION_MEASURED_BOOT}>>:MEASURED_BOOT_API> |
| + $<$<BOOL:${PLATFORM_DEFAULT_OTP_WRITEABLE}>:OTP_WRITEABLE> |
| +) |
| + |
| +target_include_directories(platform_bl1_interface |
| + INTERFACE |
| + . |
| + ./Device/Include |
| + ./Device/Config |
| + ./Native_Driver |
| + ./CMSIS_Driver/Config |
| + ./fw_update_agent |
| + ./soft_crc |
| + ${PLATFORM_DIR}/ext/target/arm/drivers/flash/common |
| + ${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata |
| + ${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/ |
| + ${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/ |
| + ${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/ |
| +) |
| + |
| #========================= Platform BL2 =======================================# |
| |
| set(BL2_SOURCE ${CMAKE_SOURCE_DIR}/bl2) |
| @@ -214,10 +280,6 @@ target_include_directories(platform_bl2 |
| $<BUILD_INTERFACE:${BL2_SOURCE}/ext/mcuboot/include> |
| ) |
| |
| -#========================= BL1 component =======================================# |
| - |
| -add_subdirectory(bl1) |
| - |
| #========================= ns_agent_mailbox ===================================# |
| |
| target_sources(tfm_psa_rot_partition_ns_agent_mailbox |
| diff --git a/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h |
| new file mode 100644 |
| index 000000000..a47bdb148 |
| --- /dev/null |
| +++ b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h |
| @@ -0,0 +1,24 @@ |
| +/* |
| + * Copyright (c) 2023, Arm Limited. All rights reserved. |
| + * |
| + * SPDX-License-Identifier: BSD-3-Clause |
| + * |
| + */ |
| + |
| +#ifndef __BOOT_MEASUREMENT_H__ |
| +#define __BOOT_MEASUREMENT_H__ |
| + |
| +enum boot_measurement_slot_t { |
| + BOOT_MEASUREMENT_SLOT_BL1_2 = 0, |
| + BOOT_MEASUREMENT_SLOT_BL2, |
| + BOOT_MEASUREMENT_SLOT_RT_0, |
| + BOOT_MEASUREMENT_SLOT_RT_1, |
| + BOOT_MEASUREMENT_SLOT_RT_2, |
| + BOOT_MEASUREMENT_SLOT_MAX = 32, |
| + BOOT_MEASUREMENT_SLOT_MAX_THEORETICAL = 63 /* Slot index is stored in |
| + * 6 bits in the shared |
| + * memory area. |
| + */ |
| +}; |
| + |
| +#endif /* __BOOT_MEASUREMENT_H__ */ |
| diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h |
| index 5cca4c4a1..416f0ebcd 100644 |
| --- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h |
| +++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h |
| @@ -79,4 +79,7 @@ |
| #define CORSTONE1000_HOST_AXI_QSPI_CTRL_REG_BASE_SE_SECURE_FLASH (0x90010000U) /* AXI QSPI Controller for SE FLash */ |
| #define CORSTONE1000_HOST_DRAM_UEFI_CAPSULE (0xA0000000U) /* 1.5 GB DDR */ |
| |
| +/* Map Component definitions to Corstone definitions */ |
| +#define CC3XX_BASE_S CORSTONE1000_CRYPTO_ACCELERATOR_BASE |
| + |
| #endif /* __PLATFORM_BASE_ADDRESS_H__ */ |
| diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld |
| new file mode 100644 |
| index 000000000..d4eca2841 |
| --- /dev/null |
| +++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld |
| @@ -0,0 +1,203 @@ |
| +;/* |
| +; * Copyright (c) 2009-2022, Arm Limited. All rights reserved. |
| +; * |
| +; * Licensed under the Apache License, Version 2.0 (the "License"); |
| +; * you may not use this file except in compliance with the License. |
| +; * You may obtain a copy of the License at |
| +; * |
| +; * http://www.apache.org/licenses/LICENSE-2.0 |
| +; * |
| +; * Unless required by applicable law or agreed to in writing, software |
| +; * distributed under the License is distributed on an "AS IS" BASIS, |
| +; * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| +; * See the License for the specific language governing permissions and |
| +; * limitations under the License. |
| +; * |
| +; * |
| +; * This file is derivative of CMSIS V5.00 gcc_arm.ld |
| +; */ |
| + |
| +/* Linker script to configure memory regions. */ |
| +/* This file will be run trough the pre-processor. */ |
| + |
| +#include "region_defs.h" |
| + |
| +MEMORY |
| +{ |
| + FLASH (rx) : ORIGIN = BL1_1_CODE_START, LENGTH = BL1_1_CODE_SIZE |
| + RAM (rwx) : ORIGIN = BL1_1_DATA_START, LENGTH = BL1_1_DATA_SIZE |
| +} |
| + |
| +__heap_size__ = BL1_1_HEAP_SIZE; |
| +__msp_stack_size__ = BL1_1_MSP_STACK_SIZE; |
| + |
| +/* Library configurations */ |
| +GROUP(libgcc.a libc.a libm.a libnosys.a) |
| + |
| +ENTRY(Reset_Handler) |
| + |
| +SECTIONS |
| +{ |
| + .text : |
| + { |
| + KEEP(*(.vectors)) |
| + __Vectors_End = .; |
| + __Vectors_Size = __Vectors_End - __Vectors; |
| + __end__ = .; |
| + |
| + *(.text*) |
| + |
| + KEEP(*shared_lib*:*(.text*)) |
| + KEEP(*bl1_tests_shared*:*(.text*)) |
| + KEEP(*bl1_crypto_hw*:*(.text*)) |
| + KEEP(*boot_hal_bl1*(.text*)) |
| + |
| + KEEP(*(.init)) |
| + KEEP(*(.fini)) |
| + |
| + |
| + /* .ctors */ |
| + *crtbegin.o(.ctors) |
| + *crtbegin?.o(.ctors) |
| + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors) |
| + *(SORT(.ctors.*)) |
| + *(.ctors) |
| + |
| + /* .dtors */ |
| + *crtbegin.o(.dtors) |
| + *crtbegin?.o(.dtors) |
| + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors) |
| + *(SORT(.dtors.*)) |
| + *(.dtors) |
| + |
| + *(.rodata*) |
| + |
| + KEEP(*(.eh_frame*)) |
| + } > FLASH |
| + |
| + .ARM.extab : |
| + { |
| + *(.ARM.extab* .gnu.linkonce.armextab.*) |
| + } > FLASH |
| + |
| + __exidx_start = .; |
| + .ARM.exidx : |
| + { |
| + *(.ARM.exidx* .gnu.linkonce.armexidx.*) |
| + } > FLASH |
| + __exidx_end = .; |
| + |
| + /* To copy multiple ROM to RAM sections, |
| + * define etext2/data2_start/data2_end and |
| + * define __STARTUP_COPY_MULTIPLE in startup_corstone700_bl2.S */ |
| + .copy.table : |
| + { |
| + . = ALIGN(4); |
| + __copy_table_start__ = .; |
| + LONG (__etext) |
| + LONG (__data_start__) |
| + LONG ((__data_end__ - __data_start__) / 4) |
| + LONG (DEFINED(__etext2) ? __etext2 : 0) |
| + LONG (DEFINED(__data2_start__) ? __data2_start__ : 0) |
| + LONG (DEFINED(__data2_start__) ? ((__data2_end__ - __data2_start__) / 4) : 0) |
| + __copy_table_end__ = .; |
| + } > FLASH |
| + |
| + /* To clear multiple BSS sections, |
| + * uncomment .zero.table section and, |
| + * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_cmsdk_musca_bl2.S */ |
| + .zero.table : |
| + { |
| + . = ALIGN(4); |
| + __zero_table_start__ = .; |
| + LONG (__bss_start__) |
| + LONG ((__bss_end__ - __bss_start__) / 4) |
| + LONG (DEFINED(__bss2_start__) ? __bss2_start__ : 0) |
| + LONG (DEFINED(__bss2_start__) ? ((__bss2_end__ - __bss2_start__) / 4) : 0) |
| + __zero_table_end__ = .; |
| + } > FLASH |
| + |
| + __etext = ALIGN (4); |
| + |
| + .tfm_bl2_shared_data : ALIGN(32) |
| + { |
| + . += BOOT_TFM_SHARED_DATA_SIZE; |
| + } > RAM |
| + Image$$SHARED_DATA$$RW$$Base = ADDR(.tfm_bl2_shared_data); |
| + Image$$SHARED_DATA$$RW$$Limit = ADDR(.tfm_bl2_shared_data) + SIZEOF(.tfm_bl2_shared_data); |
| + |
| + . = BL1_1_DATA_START; |
| + Image$$BL1_1_ER_DATA_START$$Base = .; |
| + .data : AT (__etext) |
| + { |
| + __data_start__ = .; |
| + *(vtable) |
| + *(.data*) |
| + |
| + . = ALIGN(4); |
| + /* preinit data */ |
| + PROVIDE_HIDDEN (__preinit_array_start = .); |
| + KEEP(*(.preinit_array)) |
| + PROVIDE_HIDDEN (__preinit_array_end = .); |
| + |
| + . = ALIGN(4); |
| + /* init data */ |
| + PROVIDE_HIDDEN (__init_array_start = .); |
| + KEEP(*(SORT(.init_array.*))) |
| + KEEP(*(.init_array)) |
| + PROVIDE_HIDDEN (__init_array_end = .); |
| + |
| + |
| + . = ALIGN(4); |
| + /* finit data */ |
| + PROVIDE_HIDDEN (__fini_array_start = .); |
| + KEEP(*(SORT(.fini_array.*))) |
| + KEEP(*(.fini_array)) |
| + PROVIDE_HIDDEN (__fini_array_end = .); |
| + |
| + KEEP(*(.jcr*)) |
| + . = ALIGN(4); |
| + /* All data end */ |
| + __data_end__ = .; |
| + |
| + } > RAM |
| + Image$$ER_DATA$$Base = ADDR(.data); |
| + |
| + .bss : |
| + { |
| + . = ALIGN(4); |
| + __bss_start__ = .; |
| + *(.bss*) |
| + *(COMMON) |
| + . = ALIGN(4); |
| + __bss_end__ = .; |
| + } > RAM |
| + |
| + bss_size = __bss_end__ - __bss_start__; |
| + |
| + .msp_stack (NOLOAD) : ALIGN(32) |
| + { |
| + . += __msp_stack_size__; |
| + } > RAM |
| + Image$$ARM_LIB_STACK$$ZI$$Base = ADDR(.msp_stack); |
| + Image$$ARM_LIB_STACK$$ZI$$Limit = ADDR(.msp_stack) + SIZEOF(.msp_stack); |
| + |
| + .heap (NOLOAD): ALIGN(8) |
| + { |
| + . = ALIGN(8); |
| + __end__ = .; |
| + PROVIDE(end = .); |
| + __HeapBase = .; |
| + . += __heap_size__; |
| + __HeapLimit = .; |
| + __heap_limit = .; /* Add for _sbrk */ |
| + } > RAM |
| + Image$$ARM_LIB_HEAP$$ZI$$Limit = ADDR(.heap) + SIZEOF(.heap); |
| + |
| + PROVIDE(__stack = Image$$ARM_LIB_STACK$$ZI$$Limit); |
| + |
| + Image$$BL1_1_ER_DATA_LIMIT$$Base = .; |
| + |
| + Image$$BL1_2_ER_DATA_START$$Base = BL1_2_DATA_START; |
| + Image$$BL1_2_ER_DATA_LIMIT$$Base = BL1_2_DATA_START + BL1_2_DATA_SIZE; |
| +} |
| diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld |
| similarity index 95% |
| rename from platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld |
| rename to platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld |
| index 73be37d7c..6cd806378 100644 |
| --- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld |
| +++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld |
| @@ -24,12 +24,12 @@ |
| |
| MEMORY |
| { |
| - FLASH (rx) : ORIGIN = BL1_CODE_START, LENGTH = BL1_CODE_SIZE |
| - RAM (rwx) : ORIGIN = BL1_DATA_START, LENGTH = BL1_DATA_SIZE |
| + FLASH (rx) : ORIGIN = BL1_2_CODE_START, LENGTH = BL1_2_CODE_SIZE |
| + RAM (rwx) : ORIGIN = BL1_2_DATA_START, LENGTH = BL1_2_DATA_SIZE |
| } |
| |
| -__heap_size__ = BL1_HEAP_SIZE; |
| -__msp_stack_size__ = BL1_MSP_STACK_SIZE; |
| +__heap_size__ = BL1_2_HEAP_SIZE; |
| +__msp_stack_size__ = BL1_2_MSP_STACK_SIZE; |
| |
| /* Library configurations */ |
| GROUP(libgcc.a libc.a libm.a libnosys.a) |
| diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c b/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c |
| deleted file mode 100644 |
| index d8cfe3759..000000000 |
| --- a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c |
| +++ /dev/null |
| @@ -1,48 +0,0 @@ |
| -/* |
| - * Copyright (c) 2019-2021, Arm Limited. All rights reserved. |
| - * |
| - * SPDX-License-Identifier: BSD-3-Clause |
| - * |
| - */ |
| - |
| -#include <stdint.h> |
| -#include "tfm_plat_otp.h" |
| - |
| -static enum tfm_plat_err_t get_rotpk_hash(enum tfm_otp_element_id_t id, |
| - uint8_t* rotpk_hash, |
| - uint32_t* rotpk_hash_size) |
| -{ |
| - enum tfm_plat_err_t err; |
| - size_t otp_size; |
| - |
| - err = tfm_plat_otp_read(id, *rotpk_hash_size, rotpk_hash); |
| - if (err != TFM_PLAT_ERR_SUCCESS) { |
| - return err; |
| - } |
| - |
| - err = tfm_plat_otp_get_size(id, &otp_size); |
| - if (err != TFM_PLAT_ERR_SUCCESS) { |
| - return err; |
| - } |
| - |
| - *rotpk_hash_size = otp_size; |
| - |
| - return TFM_PLAT_ERR_SUCCESS; |
| -} |
| - |
| -enum tfm_plat_err_t |
| -tfm_plat_get_rotpk_hash(uint8_t image_id, |
| - uint8_t *rotpk_hash, |
| - uint32_t *rotpk_hash_size) |
| -{ |
| - switch(image_id) { |
| - case 0: |
| - return get_rotpk_hash(PLAT_OTP_ID_BL1_ROTPK_0, rotpk_hash, |
| - rotpk_hash_size); |
| - |
| - default: |
| - return TFM_PLAT_ERR_INVALID_INPUT; |
| - } |
| - |
| - return TFM_PLAT_ERR_SYSTEM_ERR; |
| -} |
| diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c |
| similarity index 90% |
| rename from platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c |
| rename to platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c |
| index a5fe0f7da..678342443 100644 |
| --- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c |
| +++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c |
| @@ -12,13 +12,16 @@ |
| #include "Driver_Flash.h" |
| #include "flash_layout.h" |
| #include "fih.h" |
| -#include "bootutil/bootutil_log.h" |
| #include "firewall.h" |
| #include "watchdog.h" |
| #include "mpu_config.h" |
| #include "tfm_plat_otp.h" |
| #include "tfm_plat_provisioning.h" |
| #include "fwu_agent.h" |
| +#include "uart_stdout.h" |
| +#include "region_defs.h" |
| +#include "log.h" |
| + |
| |
| #if defined(CRYPTO_HW_ACCELERATOR) || \ |
| defined(CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING) |
| @@ -81,6 +84,9 @@ enum host_firewall_host_comp_id_t { |
| COMP_DEBUG, |
| }; |
| |
| +extern uint32_t platform_code_is_bl1_2; |
| + |
| + |
| static void setup_mpu(void) |
| { |
| uint32_t size; /* region size */ |
| @@ -581,56 +587,44 @@ static void setup_host_firewall(void) |
| fw_lockdown(FW_FULL_LOCKDOWN); |
| } |
| |
| - |
| -__attribute__((naked)) void boot_clear_bl2_ram_area(void) |
| +uint32_t bl1_image_get_flash_offset(uint32_t image_id) |
| { |
| - __ASM volatile( |
| - ".syntax unified \n" |
| - "movs r0, #0 \n" |
| - "ldr r1, =Image$$ER_DATA$$Base \n" |
| - "ldr r2, =Image$$ARM_LIB_HEAP$$ZI$$Limit \n" |
| - "subs r2, r2, r1 \n" |
| - "Loop: \n" |
| - "subs r2, #4 \n" |
| - "blt Clear_done \n" |
| - "str r0, [r1, r2] \n" |
| - "b Loop \n" |
| - "Clear_done: \n" |
| - "bx lr \n" |
| - : : : "r0" , "r1" , "r2" , "memory" |
| - ); |
| + /* SE BL2 Offset is equal to bank offset as it is the first think in the Bank */ |
| + uint32_t se_bl2_offset = 0; |
| + bl1_get_active_bl2_image(&se_bl2_offset); |
| + switch (image_id) { |
| + case 0: |
| + return se_bl2_offset; |
| + case 1: |
| + return se_bl2_offset + SE_BL2_PARTITION_SIZE; |
| + default: |
| + FIH_PANIC; |
| + } |
| } |
| |
| -extern void set_flash_area_image_offset(uint32_t offset); |
| - |
| int32_t boot_platform_init(void) |
| { |
| int32_t result; |
| uint32_t image_offset; |
| |
| - result = corstone1000_watchdog_init(); |
| - if (result != ARM_DRIVER_OK) { |
| - return 1; |
| - } |
| - |
| + if (!platform_code_is_bl1_2) { |
| + result = corstone1000_watchdog_init(); |
| + if (result != ARM_DRIVER_OK) { |
| + return 1; |
| + } |
| #if !(PLATFORM_IS_FVP) |
| - setup_mpu(); |
| + setup_mpu(); |
| #endif |
| - setup_se_firewall(); |
| + setup_se_firewall(); |
| #if !(PLATFORM_IS_FVP) |
| - setup_host_firewall(); |
| + setup_host_firewall(); |
| #endif |
| - |
| - result = FLASH_DEV_NAME.Initialize(NULL); |
| - if (result != ARM_DRIVER_OK) { |
| - return 1; |
| } |
| -#if PLATFORM_DEFAULT_OTP |
| - result = FLASH_DEV_NAME_SE_SECURE_FLASH.Initialize(NULL); |
| - if (result != ARM_DRIVER_OK) { |
| - return 1; |
| - } |
| -#endif |
| + |
| +#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) |
| + stdio_init(); |
| +#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */ |
| + |
| |
| #ifdef CRYPTO_HW_ACCELERATOR |
| result = crypto_hw_accelerator_init(); |
| @@ -639,23 +633,11 @@ int32_t boot_platform_init(void) |
| } |
| #endif /* CRYPTO_HW_ACCELERATOR */ |
| |
| - result = tfm_plat_otp_init(); |
| - if (result != TFM_PLAT_ERR_SUCCESS) { |
| - BOOT_LOG_ERR("OTP system initialization failed"); |
| - FIH_PANIC; |
| - } |
| - |
| - if (tfm_plat_provisioning_is_required()) { |
| - result = fwu_metadata_provision(); |
| - if (result != FWU_AGENT_SUCCESS) { |
| - BOOT_LOG_ERR("Provisioning FWU Metadata failed"); |
| - FIH_PANIC; |
| - } |
| - } |
| - |
| - bl1_get_active_bl2_image(&image_offset); |
| - set_flash_area_image_offset(image_offset); |
| + return 0; |
| +} |
| |
| +int32_t boot_platform_post_init(void) |
| +{ |
| return 0; |
| } |
| |
| @@ -678,17 +660,15 @@ void boot_platform_quit(struct boot_arm_vector_table *vt) |
| (void)fih_delay_init(); |
| #endif /* CRYPTO_HW_ACCELERATOR */ |
| |
| - result = FLASH_DEV_NAME.Uninitialize(); |
| - if (result != ARM_DRIVER_OK) { |
| - while (1); |
| - } |
| |
| -#if PLATFORM_DEFAULT_OTP |
| - result = FLASH_DEV_NAME_SE_SECURE_FLASH.Uninitialize(); |
| +#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) |
| + stdio_uninit(); |
| +#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */ |
| + |
| + result = corstone1000_watchdog_reset_timer(); |
| if (result != ARM_DRIVER_OK) { |
| while (1); |
| } |
| -#endif |
| |
| vt_cpy = vt; |
| |
| diff --git a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c b/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c |
| deleted file mode 100644 |
| index b6632b6c2..000000000 |
| --- a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c |
| +++ /dev/null |
| @@ -1,103 +0,0 @@ |
| -/* |
| - * Copyright (c) 2018 Nordic Semiconductor ASA |
| - * Copyright (c) 2015 Runtime Inc |
| - * Copyright (c) 2019-2021 Arm Limited. |
| - * |
| - * SPDX-License-Identifier: Apache-2.0 |
| - */ |
| - |
| -/* |
| - * Original code taken from mcuboot project at: |
| - * https://github.com/mcu-tools/mcuboot |
| - * Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a |
| - */ |
| - |
| -#include <errno.h> |
| -#include "target.h" |
| -#include "cmsis.h" |
| -#include "Driver_Flash.h" |
| -#include "sysflash/sysflash.h" |
| -#include "flash_map/flash_map.h" |
| -#include "flash_map_backend/flash_map_backend.h" |
| -#include "bootutil/bootutil_log.h" |
| - |
| -__WEAK int flash_device_base(uint8_t fd_id, uintptr_t *ret) |
| -{ |
| - if (fd_id != FLASH_DEVICE_ID) { |
| - BOOT_LOG_ERR("invalid flash ID %d; expected %d", |
| - fd_id, FLASH_DEVICE_ID); |
| - return -1; |
| - } |
| - *ret = FLASH_DEVICE_BASE; |
| - return 0; |
| -} |
| - |
| -/* |
| - * This depends on the mappings defined in flash_map.h. |
| - * MCUBoot uses continuous numbering for the primary slot, the secondary slot, |
| - * and the scratch while TF-M might number it differently. |
| - */ |
| -int flash_area_id_from_multi_image_slot(int image_index, int slot) |
| -{ |
| - switch (slot) { |
| - case 0: return BL1_FLASH_AREA_IMAGE_PRIMARY(image_index); |
| - case 1: return BL1_FLASH_AREA_IMAGE_SECONDARY(image_index); |
| - case 2: return BL1_FLASH_AREA_IMAGE_SCRATCH; |
| - } |
| - |
| - return -1; /* flash_area_open will fail on that */ |
| -} |
| - |
| -int flash_area_id_from_image_slot(int slot) |
| -{ |
| - return flash_area_id_from_multi_image_slot(0, slot); |
| -} |
| - |
| -int flash_area_id_to_multi_image_slot(int image_index, int area_id) |
| -{ |
| - if (area_id == BL1_FLASH_AREA_IMAGE_PRIMARY(image_index)) { |
| - return 0; |
| - } |
| - if (area_id == BL1_FLASH_AREA_IMAGE_SECONDARY(image_index)) { |
| - return 1; |
| - } |
| - |
| - BOOT_LOG_ERR("invalid flash area ID"); |
| - return -1; |
| -} |
| - |
| -int flash_area_id_to_image_slot(int area_id) |
| -{ |
| - return flash_area_id_to_multi_image_slot(0, area_id); |
| -} |
| - |
| -uint8_t flash_area_erased_val(const struct flash_area *fap) |
| -{ |
| - return DRV_FLASH_AREA(fap)->GetInfo()->erased_value; |
| -} |
| - |
| -int flash_area_read_is_empty(const struct flash_area *fa, uint32_t off, |
| - void *dst, uint32_t len) |
| -{ |
| - uint32_t i; |
| - uint8_t *u8dst; |
| - int rc; |
| - |
| - BOOT_LOG_DBG("read_is_empty area=%d, off=%#x, len=%#x", |
| - fa->fa_id, off, len); |
| - |
| - rc = DRV_FLASH_AREA(fa)->ReadData(fa->fa_off + off, dst, len); |
| - if (rc) { |
| - return -1; |
| - } |
| - |
| - u8dst = (uint8_t*)dst; |
| - |
| - for (i = 0; i < len; i++) { |
| - if (u8dst[i] != flash_area_erased_val(fa)) { |
| - return 0; |
| - } |
| - } |
| - |
| - return 1; |
| -} |
| diff --git a/platform/ext/target/arm/corstone1000/bl1/provisioning.c b/platform/ext/target/arm/corstone1000/bl1/provisioning.c |
| index 832fcea89..683bc45ea 100644 |
| --- a/platform/ext/target/arm/corstone1000/bl1/provisioning.c |
| +++ b/platform/ext/target/arm/corstone1000/bl1/provisioning.c |
| @@ -1,5 +1,5 @@ |
| /* |
| - * Copyright (c) 2021-2022, Arm Limited. All rights reserved. |
| + * Copyright (c) 2021-2023, Arm Limited. All rights reserved. |
| * |
| * SPDX-License-Identifier: BSD-3-Clause |
| * |
| @@ -11,7 +11,9 @@ |
| #include "tfm_plat_otp.h" |
| #include "tfm_attest_hal.h" |
| #include "psa/crypto.h" |
| -#include "bootutil/bootutil_log.h" |
| +#include "region_defs.h" |
| +#include "log.h" |
| +#include "fwu_agent.h" |
| |
| #include <string.h> |
| |
| @@ -19,51 +21,20 @@ |
| |
| __PACKED_STRUCT bl1_assembly_and_test_provisioning_data_t { |
| uint32_t magic; |
| - uint8_t bl1_rotpk_0[32]; |
| + uint8_t bl2_encryption_key[32]; |
| + uint8_t guk[32]; |
| + uint8_t bl1_2_image_hash[32]; |
| + uint8_t bl2_image_hash[32]; |
| + uint8_t bl1_2_image[BL1_2_CODE_SIZE]; |
| + uint8_t bl1_rotpk_0[56]; |
| }; |
| |
| -#ifdef TFM_DUMMY_PROVISIONING |
| -static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data = { |
| - ASSEMBLY_AND_TEST_PROV_DATA_MAGIC, |
| -#if (MCUBOOT_SIGN_RSA_LEN == 2048) |
| - /* bl1 rotpk 0 */ |
| - { |
| - 0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32, |
| - 0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5, |
| - 0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93, |
| - 0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94, |
| - }, |
| -#elif (MCUBOOT_SIGN_RSA_LEN == 3072) |
| - /* bl1 rotpk 0 */ |
| - { |
| - 0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff, |
| - 0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99, |
| - 0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a, |
| - 0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38, |
| - }, |
| -#else |
| -#error "No public key available for given signing algorithm." |
| -#endif /* MCUBOOT_SIGN_RSA_LEN */ |
| -}; |
| -#else |
| -static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data; |
| -#endif /* TFM_DUMMY_PROVISIONING */ |
| +static const struct bl1_assembly_and_test_provisioning_data_t *bl1_assembly_and_test_prov_data = |
| + (struct bl1_assembly_and_test_provisioning_data_t *)PROVISIONING_DATA_START; |
| + |
| |
| void tfm_plat_provisioning_check_for_dummy_keys(void) |
| { |
| - uint64_t iak_start; |
| - |
| - tfm_plat_otp_read(PLAT_OTP_ID_IAK, sizeof(iak_start), (uint8_t*)&iak_start); |
| - |
| - if(iak_start == 0xA4906F6DB254B4A9) { |
| - BOOT_LOG_WRN("%s%s%s%s", |
| - "\033[1;31m", |
| - "This device was provisioned with dummy keys. ", |
| - "This device is \033[1;1mNOT SECURE", |
| - "\033[0m"); |
| - } |
| - |
| - memset(&iak_start, 0, sizeof(iak_start)); |
| } |
| |
| int tfm_plat_provisioning_is_required(void) |
| @@ -85,12 +56,47 @@ enum tfm_plat_err_t provision_assembly_and_test(void) |
| enum tfm_plat_err_t err; |
| |
| err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_ROTPK_0, |
| - sizeof(bl1_assembly_and_test_prov_data.bl1_rotpk_0), |
| - bl1_assembly_and_test_prov_data.bl1_rotpk_0); |
| + sizeof(bl1_assembly_and_test_prov_data->bl1_rotpk_0), |
| + bl1_assembly_and_test_prov_data->bl1_rotpk_0); |
| + if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { |
| + return err; |
| + } |
| + |
| + |
| + err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE_HASH, |
| + sizeof(bl1_assembly_and_test_prov_data->bl1_2_image_hash), |
| + bl1_assembly_and_test_prov_data->bl1_2_image_hash); |
| + if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { |
| + return err; |
| + } |
| + |
| + |
| + err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE, |
| + sizeof(bl1_assembly_and_test_prov_data->bl1_2_image), |
| + bl1_assembly_and_test_prov_data->bl1_2_image); |
| + if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { |
| + return err; |
| + } |
| + |
| + err = tfm_plat_otp_write(PLAT_OTP_ID_KEY_BL2_ENCRYPTION, |
| + sizeof(bl1_assembly_and_test_prov_data->bl2_encryption_key), |
| + bl1_assembly_and_test_prov_data->bl2_encryption_key); |
| if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { |
| return err; |
| } |
| |
| + err = tfm_plat_otp_write(PLAT_OTP_ID_BL2_IMAGE_HASH, |
| + sizeof(bl1_assembly_and_test_prov_data->bl2_image_hash), |
| + bl1_assembly_and_test_prov_data->bl2_image_hash); |
| + if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { |
| + return err; |
| + } |
| + |
| + err = fwu_metadata_provision(); |
| + if (err != FWU_AGENT_SUCCESS) { |
| + return 1; |
| + } |
| + |
| return err; |
| } |
| |
| @@ -104,19 +110,18 @@ enum tfm_plat_err_t tfm_plat_provisioning_perform(void) |
| return err; |
| } |
| |
| - BOOT_LOG_INF("Beginning BL1 provisioning"); |
| + BL1_LOG("[INF] Beginning BL1 provisioning\r\n"); |
| |
| #ifdef TFM_DUMMY_PROVISIONING |
| - BOOT_LOG_WRN("%s%s%s%s", |
| - "\033[1;31m", |
| - "TFM_DUMMY_PROVISIONING is not suitable for production! ", |
| - "This device is \033[1;1mNOT SECURE", |
| - "\033[0m"); |
| + BL1_LOG("\033[1;31m[WRN]"); |
| + BL1_LOG("TFM_DUMMY_PROVISIONING is not suitable for production! "); |
| + BL1_LOG("This device is \033[1;1mNOT SECURE"); |
| + BL1_LOG("\033[0m\r\n"); |
| #endif /* TFM_DUMMY_PROVISIONING */ |
| |
| if (lcs == PLAT_OTP_LCS_ASSEMBLY_AND_TEST) { |
| - if (bl1_assembly_and_test_prov_data.magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) { |
| - BOOT_LOG_ERR("No valid ASSEMBLY_AND_TEST provisioning data found"); |
| + if (bl1_assembly_and_test_prov_data->magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) { |
| + BL1_LOG("[ERR] No valid ASSEMBLY_AND_TEST provisioning data found\r\n"); |
| return TFM_PLAT_ERR_INVALID_INPUT; |
| } |
| |
| diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake |
| index aca75394d..1b0675404 100644 |
| --- a/platform/ext/target/arm/corstone1000/config.cmake |
| +++ b/platform/ext/target/arm/corstone1000/config.cmake |
| @@ -8,7 +8,14 @@ |
| #------------------------------------------------------------------------------- |
| |
| set(BL1 ON CACHE BOOL "Whether to build BL1") |
| -set(PLATFORM_DEFAULT_BL1 OFF CACHE STRING "Whether to use default BL1 or platform-specific one") |
| +set(PLATFORM_DEFAULT_BL1 ON CACHE STRING "Whether to use default BL1 or platform-specific one") |
| +set(PLATFORM_DEFAULT_OTP OFF CACHE BOOL "Use trusted on-chip flash to implement OTP memory") |
| + |
| +set(TFM_BL1_DEFAULT_PROVISIONING OFF CACHE BOOL "Whether BL1_1 will use default provisioning") |
| +set(TFM_BL1_SOFTWARE_CRYPTO OFF CACHE BOOL "Whether BL1_1 will use software crypto") |
| +set(TFM_BL1_MEMORY_MAPPED_FLASH OFF CACHE BOOL "Whether BL1 can directly access flash content") |
| +set(TFM_BL1_PQ_CRYPTO OFF CACHE BOOL "Enable LMS PQ crypto for BL2 verification. This is experimental and should not yet be used in production") |
| + |
| set(BL2 ON CACHE BOOL "Whether to build BL2") |
| set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size") |
| set(DEFAULT_MCUBOOT_FLASH_MAP OFF CACHE BOOL "Whether to use the default flash map defined by TF-M project") |
| @@ -26,13 +33,6 @@ set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryp |
| set(NS FALSE CACHE BOOL "Whether to build NS app") |
| set(EXTERNAL_SYSTEM_SUPPORT OFF CACHE BOOL "Whether to include external system support.") |
| |
| -# FVP is not integrated/tested with CC312. |
| -if (${PLATFORM_IS_FVP}) |
| - set(PLATFORM_DEFAULT_OTP TRUE CACHE BOOL "Use trusted on-chip flash to implement OTP memory") |
| -else() |
| - set(PLATFORM_DEFAULT_OTP FALSE CACHE BOOL "Use trusted on-chip flash to implement OTP memory") |
| -endif() |
| - |
| # External dependency on OpenAMP and Libmetal |
| set(LIBMETAL_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libmetal (or DOWNLOAD to fetch automatically") |
| set(LIBMETAL_VERSION "f252f0e007fbfb8b3a52b1d5901250ddac96baad" CACHE STRING "The version of libmetal to use") |
| @@ -59,6 +59,8 @@ set(TFM_PARTITION_PROTECTED_STORAGE ON CACHE BOOL "Enable Prot |
| set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition") |
| set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition") |
| set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition") |
| +set(TFM_PARTITION_MEASURED_BOOT ON CACHE BOOL "Enable Measured boot partition") |
| + |
| |
| if (${CMAKE_BUILD_TYPE} STREQUAL Debug OR ${CMAKE_BUILD_TYPE} STREQUAL RelWithDebInfo) |
| set(ENABLE_FWU_AGENT_DEBUG_LOGS TRUE CACHE BOOL "Enable Firmware update agent debug logs.") |
| diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h |
| index b01a3621b..a95ff63ef 100644 |
| --- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h |
| +++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h |
| @@ -34,16 +34,6 @@ |
| |
| #define BL2_DATA_GAP_SIZE (0x09800) /* 38 KB */ |
| |
| -#define BL1_DATA_START (SRAM_BASE) |
| -#define BL1_DATA_SIZE (0x10000) /* 64 KiB*/ |
| -#define BL1_DATA_LIMIT (BL1_DATA_START + BL1_DATA_SIZE - 1) |
| - |
| -#ifdef BL1 |
| - |
| -#define IMAGE_EXECUTABLE_RAM_START (SRAM_BASE + BL1_DATA_SIZE) |
| -#define IMAGE_EXECUTABLE_RAM_SIZE (SRAM_SIZE - BL1_DATA_SIZE) |
| - |
| -#endif /* BL1 */ |
| |
| /*****************/ |
| /***** Flash *****/ |
| diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h |
| index 35055fe9c..8157c36bf 100644 |
| --- a/platform/ext/target/arm/corstone1000/partition/region_defs.h |
| +++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h |
| @@ -20,12 +20,17 @@ |
| |
| #include "flash_layout.h" |
| |
| +/* BL1_1 */ |
| +#define BL1_1_HEAP_SIZE (0x0001000) /* 4KiB */ |
| +#define BL1_1_MSP_STACK_SIZE (0x0001800) /* 6KiB */ |
| + |
| +/* BL1_2 */ |
| +#define BL1_2_HEAP_SIZE (0x0001000) /* 4KiB */ |
| +#define BL1_2_MSP_STACK_SIZE (0x0001800) /* 6KiB */ |
| + |
| #define BL2_HEAP_SIZE (0x0001000) |
| #define BL2_MSP_STACK_SIZE (0x0001E00) |
| |
| -#define BL1_HEAP_SIZE (0x0001000) |
| -#define BL1_MSP_STACK_SIZE (0x0001800) |
| - |
| #ifdef ENABLE_HEAP |
| #define S_HEAP_SIZE (0x0000200) |
| #endif |
| @@ -80,8 +85,8 @@ |
| |
| |
| /* SE BL2 regions */ |
| -#define BL2_CODE_START (SRAM_BASE + TFM_PARTITION_SIZE + \ |
| - BL2_DATA_GAP_SIZE + BL2_HEADER_SIZE) |
| +#define BL2_IMAGE_START (SRAM_BASE + SRAM_SIZE - SE_BL2_PARTITION_SIZE) |
| +#define BL2_CODE_START (BL2_IMAGE_START + BL2_HEADER_SIZE) |
| #define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE) |
| #define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1) |
| |
| @@ -91,9 +96,25 @@ |
| #define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1) |
| |
| /* SE BL1 regions */ |
| -#define BL1_CODE_START (0) |
| -#define BL1_CODE_SIZE (0x00020000) /* Whole SE ROM, 128 KiB */ |
| -#define BL1_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1) |
| +#define BL1_1_CODE_START (0) |
| +#define BL1_1_CODE_SIZE (0x0000A000) /* 40 KiB */ |
| +#define BL1_1_CODE_LIMIT (BL1_1_CODE_START + BL1_1_CODE_SIZE - 1) |
| + |
| +#define PROVISIONING_DATA_START (BL1_1_CODE_START + BL1_1_CODE_SIZE) |
| +#define PROVISIONING_DATA_SIZE (0x00002000) /* 8 KiB */ |
| +#define PROVISIONING_DATA_LIMIT (PROVISIONING_DATA_START + PROVISIONING_DATA_SIZE - 1) |
| + |
| +#define BL1_1_DATA_START (SRAM_BASE) |
| +#define BL1_1_DATA_SIZE (0x8000) /* 32 KiB*/ |
| +#define BL1_1_DATA_LIMIT (BL1_1_DATA_START + BL1_1_DATA_SIZE - 1) |
| + |
| +#define BL1_2_CODE_START (BL1_1_DATA_START + BL1_1_DATA_SIZE) |
| +#define BL1_2_CODE_SIZE (0x00001000) /* 4 KiB */ |
| +#define BL1_2_CODE_LIMIT (BL1_2_CODE_START + BL1_2_CODE_SIZE - 1) |
| + |
| +#define BL1_2_DATA_START (BL1_2_CODE_START+BL1_2_CODE_SIZE) |
| +#define BL1_2_DATA_SIZE (0x8000) /* 32 KiB*/ |
| +#define BL1_2_DATA_LIMIT (BL1_2_DATA_START + BL1_2_DATA_SIZE - 1) |
| |
| #define BOOT_TFM_SHARED_DATA_BASE (S_DATA_PRIV_START) |
| |
| -- |
| 2.17.1 |
| |