Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 8e7b46e2350c3689938f309eaca929aada20b5a0 / . / meta-arm / meta-arm-bsp / recipes-bsp / trusted-firmware-m / files / corstone1000 / 0004-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s.patch
blob: 0ad44947f096c5317fa1f1c5569c82d9bad5e3e4 [file] [log] [blame]
From e46fd33355b54c08d1764c2a8e7b553960d61157 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Sat, 25 Feb 2023 10:29:55 +0000
Subject: [PATCH 1/6] Platform: corstone1000: Replace MCUBOOT BL1 by TFM's
From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Replace The current BL1 (MCUBOOT) with the TFM BL1
by enabling
- PLATFORM_DEFAULT_BL1
- Update linkerscripts
- Update CMakeFile
- Adapt boot_hal
- Adapt provisioning (to use the provision bundle)
- Adapt flash_layout and region_defs
- Update documentation of corstone1000 build and run sections
Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20553]
Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
Change-Id: I224b24d0f4423e62468e609c11a239a4575cdae4
---
.../target/arm/corstone1000/CMakeLists.txt | 70 +++++-
.../Device/Include/boot_measurement.h | 24 +++
.../Device/Include/platform_base_address.h | 3 +
.../Device/Source/gcc/corstone1000_bl1_1.ld | 203 ++++++++++++++++++
...stone1000_bl1.ld => corstone1000_bl1_2.ld} | 8 +-
.../target/arm/corstone1000/bl1/bl1_rotpk.c | 48 -----
.../bl1/{bl1_boot_hal.c => boot_hal_bl1.c} | 102 ++++-----
.../arm/corstone1000/bl1/flash_map_extended.c | 103 ---------
.../arm/corstone1000/bl1/provisioning.c | 109 +++++-----
.../ext/target/arm/corstone1000/config.cmake | 18 +-
.../arm/corstone1000/partition/flash_layout.h | 10 -
.../arm/corstone1000/partition/region_defs.h | 37 +++-
12 files changed, 434 insertions(+), 301 deletions(-)
create mode 100644 platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
create mode 100644 platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
rename platform/ext/target/arm/corstone1000/Device/Source/gcc/{corstone1000_bl1.ld => corstone1000_bl1_2.ld} (95%)
delete mode 100644 platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
rename platform/ext/target/arm/corstone1000/bl1/{bl1_boot_hal.c => boot_hal_bl1.c} (90%)
delete mode 100644 platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
index 19863bcdb..a4fe28c08 100644
--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
@@ -41,6 +41,23 @@ target_add_scatter_file(bl2
$<$<C_COMPILER_ID:GNU>:${PLATFORM_DIR}/ext/common/gcc/tfm_common_bl2.ld>
)
+target_sources(bl1_1
+PRIVATE
+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c>
+)
+
+target_add_scatter_file(bl1_1
+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_1.ld>
+)
+
+target_sources(bl1_2
+PRIVATE
+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c>
+)
+target_add_scatter_file(bl1_2
+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_2.ld>
+)
+
#========================= Platform Secure ====================================#
add_subdirectory(openamp)
@@ -115,6 +132,55 @@ if (TFM_PARTITION_CRYPTO)
)
endif()
+#========================= Platform BL1 =======================================#
+
+target_sources(platform_bl1
+ PRIVATE
+ ./Device/Source/system_core_init.c
+ ./Device/Source/device_definition.c
+ ./bl1/boot_hal_bl1.c
+ ./Native_Driver/firewall.c
+ ./CMSIS_Driver/Driver_Flash.c
+ ./CMSIS_Driver/Driver_USART.c
+ ./Native_Driver/uart_pl011_drv.c
+ $<$<BOOL:${PLATFORM_IS_FVP}>:${CMAKE_CURRENT_SOURCE_DIR}/Native_Driver/cfi_drv.c>
+ $<$<BOOL:${PLATFORM_IS_FVP}>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata/spi_strataflashj3_flash_lib.c>
+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/xilinx_pg153_axi_qspi_controller_drv.c>
+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/spi_n25q256a_flash_lib.c>
+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/spi_sst26vf064b_flash_lib.c>
+ ./fw_update_agent/uefi_capsule_parser.c
+ ./fw_update_agent/fwu_agent.c
+ ./fw_update_agent/uefi_fmp.c
+ ./soft_crc/soft_crc.c
+ ./Native_Driver/arm_watchdog_drv.c
+ ./Native_Driver/watchdog.c
+ ./bl1/provisioning.c
+ $<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c>
+)
+
+target_compile_definitions(platform_bl1
+ PUBLIC
+ $<$<BOOL:${PLATFORM_IS_FVP}>:PLATFORM_IS_FVP>
+ $<$<AND:$<BOOL:${CONFIG_TFM_BOOT_STORE_MEASUREMENTS}>,$<BOOL:${TFM_PARTITION_MEASURED_BOOT}>>:MEASURED_BOOT_API>
+ $<$<BOOL:${PLATFORM_DEFAULT_OTP_WRITEABLE}>:OTP_WRITEABLE>
+)
+
+target_include_directories(platform_bl1_interface
+ INTERFACE
+ .
+ ./Device/Include
+ ./Device/Config
+ ./Native_Driver
+ ./CMSIS_Driver/Config
+ ./fw_update_agent
+ ./soft_crc
+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/common
+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata
+ ${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/
+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/
+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/
+)
+
#========================= Platform BL2 =======================================#
set(BL2_SOURCE ${CMAKE_SOURCE_DIR}/bl2)
@@ -214,10 +280,6 @@ target_include_directories(platform_bl2
$<BUILD_INTERFACE:${BL2_SOURCE}/ext/mcuboot/include>
)
-#========================= BL1 component =======================================#
-
-add_subdirectory(bl1)
-
#========================= ns_agent_mailbox ===================================#
target_sources(tfm_psa_rot_partition_ns_agent_mailbox
diff --git a/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
new file mode 100644
index 000000000..a47bdb148
--- /dev/null
+++ b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __BOOT_MEASUREMENT_H__
+#define __BOOT_MEASUREMENT_H__
+
+enum boot_measurement_slot_t {
+ BOOT_MEASUREMENT_SLOT_BL1_2 = 0,
+ BOOT_MEASUREMENT_SLOT_BL2,
+ BOOT_MEASUREMENT_SLOT_RT_0,
+ BOOT_MEASUREMENT_SLOT_RT_1,
+ BOOT_MEASUREMENT_SLOT_RT_2,
+ BOOT_MEASUREMENT_SLOT_MAX = 32,
+ BOOT_MEASUREMENT_SLOT_MAX_THEORETICAL = 63 /* Slot index is stored in
+ * 6 bits in the shared
+ * memory area.
+ */
+};
+
+#endif /* __BOOT_MEASUREMENT_H__ */
diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
index 5cca4c4a1..416f0ebcd 100644
--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
+++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
@@ -79,4 +79,7 @@
#define CORSTONE1000_HOST_AXI_QSPI_CTRL_REG_BASE_SE_SECURE_FLASH (0x90010000U) /* AXI QSPI Controller for SE FLash */
#define CORSTONE1000_HOST_DRAM_UEFI_CAPSULE (0xA0000000U) /* 1.5 GB DDR */
+/* Map Component definitions to Corstone definitions */
+#define CC3XX_BASE_S CORSTONE1000_CRYPTO_ACCELERATOR_BASE
+
#endif /* __PLATFORM_BASE_ADDRESS_H__ */
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
new file mode 100644
index 000000000..d4eca2841
--- /dev/null
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
@@ -0,0 +1,203 @@
+;/*
+; * Copyright (c) 2009-2022, Arm Limited. All rights reserved.
+; *
+; * Licensed under the Apache License, Version 2.0 (the "License");
+; * you may not use this file except in compliance with the License.
+; * You may obtain a copy of the License at
+; *
+; * http://www.apache.org/licenses/LICENSE-2.0
+; *
+; * Unless required by applicable law or agreed to in writing, software
+; * distributed under the License is distributed on an "AS IS" BASIS,
+; * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+; * See the License for the specific language governing permissions and
+; * limitations under the License.
+; *
+; *
+; * This file is derivative of CMSIS V5.00 gcc_arm.ld
+; */
+
+/* Linker script to configure memory regions. */
+/* This file will be run trough the pre-processor. */
+
+#include "region_defs.h"
+
+MEMORY
+{
+ FLASH (rx) : ORIGIN = BL1_1_CODE_START, LENGTH = BL1_1_CODE_SIZE
+ RAM (rwx) : ORIGIN = BL1_1_DATA_START, LENGTH = BL1_1_DATA_SIZE
+}
+
+__heap_size__ = BL1_1_HEAP_SIZE;
+__msp_stack_size__ = BL1_1_MSP_STACK_SIZE;
+
+/* Library configurations */
+GROUP(libgcc.a libc.a libm.a libnosys.a)
+
+ENTRY(Reset_Handler)
+
+SECTIONS
+{
+ .text :
+ {
+ KEEP(*(.vectors))
+ __Vectors_End = .;
+ __Vectors_Size = __Vectors_End - __Vectors;
+ __end__ = .;
+
+ *(.text*)
+
+ KEEP(*shared_lib*:*(.text*))
+ KEEP(*bl1_tests_shared*:*(.text*))
+ KEEP(*bl1_crypto_hw*:*(.text*))
+ KEEP(*boot_hal_bl1*(.text*))
+
+ KEEP(*(.init))
+ KEEP(*(.fini))
+
+
+ /* .ctors */
+ *crtbegin.o(.ctors)
+ *crtbegin?.o(.ctors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
+ *(SORT(.ctors.*))
+ *(.ctors)
+
+ /* .dtors */
+ *crtbegin.o(.dtors)
+ *crtbegin?.o(.dtors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
+ *(SORT(.dtors.*))
+ *(.dtors)
+
+ *(.rodata*)
+
+ KEEP(*(.eh_frame*))
+ } > FLASH
+
+ .ARM.extab :
+ {
+ *(.ARM.extab* .gnu.linkonce.armextab.*)
+ } > FLASH
+
+ __exidx_start = .;
+ .ARM.exidx :
+ {
+ *(.ARM.exidx* .gnu.linkonce.armexidx.*)
+ } > FLASH
+ __exidx_end = .;
+
+ /* To copy multiple ROM to RAM sections,
+ * define etext2/data2_start/data2_end and
+ * define __STARTUP_COPY_MULTIPLE in startup_corstone700_bl2.S */
+ .copy.table :
+ {
+ . = ALIGN(4);
+ __copy_table_start__ = .;
+ LONG (__etext)
+ LONG (__data_start__)
+ LONG ((__data_end__ - __data_start__) / 4)
+ LONG (DEFINED(__etext2) ? __etext2 : 0)
+ LONG (DEFINED(__data2_start__) ? __data2_start__ : 0)
+ LONG (DEFINED(__data2_start__) ? ((__data2_end__ - __data2_start__) / 4) : 0)
+ __copy_table_end__ = .;
+ } > FLASH
+
+ /* To clear multiple BSS sections,
+ * uncomment .zero.table section and,
+ * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_cmsdk_musca_bl2.S */
+ .zero.table :
+ {
+ . = ALIGN(4);
+ __zero_table_start__ = .;
+ LONG (__bss_start__)
+ LONG ((__bss_end__ - __bss_start__) / 4)
+ LONG (DEFINED(__bss2_start__) ? __bss2_start__ : 0)
+ LONG (DEFINED(__bss2_start__) ? ((__bss2_end__ - __bss2_start__) / 4) : 0)
+ __zero_table_end__ = .;
+ } > FLASH
+
+ __etext = ALIGN (4);
+
+ .tfm_bl2_shared_data : ALIGN(32)
+ {
+ . += BOOT_TFM_SHARED_DATA_SIZE;
+ } > RAM
+ Image$$SHARED_DATA$$RW$$Base = ADDR(.tfm_bl2_shared_data);
+ Image$$SHARED_DATA$$RW$$Limit = ADDR(.tfm_bl2_shared_data) + SIZEOF(.tfm_bl2_shared_data);
+
+ . = BL1_1_DATA_START;
+ Image$$BL1_1_ER_DATA_START$$Base = .;
+ .data : AT (__etext)
+ {
+ __data_start__ = .;
+ *(vtable)
+ *(.data*)
+
+ . = ALIGN(4);
+ /* preinit data */
+ PROVIDE_HIDDEN (__preinit_array_start = .);
+ KEEP(*(.preinit_array))
+ PROVIDE_HIDDEN (__preinit_array_end = .);
+
+ . = ALIGN(4);
+ /* init data */
+ PROVIDE_HIDDEN (__init_array_start = .);
+ KEEP(*(SORT(.init_array.*)))
+ KEEP(*(.init_array))
+ PROVIDE_HIDDEN (__init_array_end = .);
+
+
+ . = ALIGN(4);
+ /* finit data */
+ PROVIDE_HIDDEN (__fini_array_start = .);
+ KEEP(*(SORT(.fini_array.*)))
+ KEEP(*(.fini_array))
+ PROVIDE_HIDDEN (__fini_array_end = .);
+
+ KEEP(*(.jcr*))
+ . = ALIGN(4);
+ /* All data end */
+ __data_end__ = .;
+
+ } > RAM
+ Image$$ER_DATA$$Base = ADDR(.data);
+
+ .bss :
+ {
+ . = ALIGN(4);
+ __bss_start__ = .;
+ *(.bss*)
+ *(COMMON)
+ . = ALIGN(4);
+ __bss_end__ = .;
+ } > RAM
+
+ bss_size = __bss_end__ - __bss_start__;
+
+ .msp_stack (NOLOAD) : ALIGN(32)
+ {
+ . += __msp_stack_size__;
+ } > RAM
+ Image$$ARM_LIB_STACK$$ZI$$Base = ADDR(.msp_stack);
+ Image$$ARM_LIB_STACK$$ZI$$Limit = ADDR(.msp_stack) + SIZEOF(.msp_stack);
+
+ .heap (NOLOAD): ALIGN(8)
+ {
+ . = ALIGN(8);
+ __end__ = .;
+ PROVIDE(end = .);
+ __HeapBase = .;
+ . += __heap_size__;
+ __HeapLimit = .;
+ __heap_limit = .; /* Add for _sbrk */
+ } > RAM
+ Image$$ARM_LIB_HEAP$$ZI$$Limit = ADDR(.heap) + SIZEOF(.heap);
+
+ PROVIDE(__stack = Image$$ARM_LIB_STACK$$ZI$$Limit);
+
+ Image$$BL1_1_ER_DATA_LIMIT$$Base = .;
+
+ Image$$BL1_2_ER_DATA_START$$Base = BL1_2_DATA_START;
+ Image$$BL1_2_ER_DATA_LIMIT$$Base = BL1_2_DATA_START + BL1_2_DATA_SIZE;
+}
diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
similarity index 95%
rename from platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld
rename to platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
index 73be37d7c..6cd806378 100644
--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld
+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
@@ -24,12 +24,12 @@
MEMORY
{
- FLASH (rx) : ORIGIN = BL1_CODE_START, LENGTH = BL1_CODE_SIZE
- RAM (rwx) : ORIGIN = BL1_DATA_START, LENGTH = BL1_DATA_SIZE
+ FLASH (rx) : ORIGIN = BL1_2_CODE_START, LENGTH = BL1_2_CODE_SIZE
+ RAM (rwx) : ORIGIN = BL1_2_DATA_START, LENGTH = BL1_2_DATA_SIZE
}
-__heap_size__ = BL1_HEAP_SIZE;
-__msp_stack_size__ = BL1_MSP_STACK_SIZE;
+__heap_size__ = BL1_2_HEAP_SIZE;
+__msp_stack_size__ = BL1_2_MSP_STACK_SIZE;
/* Library configurations */
GROUP(libgcc.a libc.a libm.a libnosys.a)
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c b/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
deleted file mode 100644
index d8cfe3759..000000000
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include <stdint.h>
-#include "tfm_plat_otp.h"
-
-static enum tfm_plat_err_t get_rotpk_hash(enum tfm_otp_element_id_t id,
- uint8_t* rotpk_hash,
- uint32_t* rotpk_hash_size)
-{
- enum tfm_plat_err_t err;
- size_t otp_size;
-
- err = tfm_plat_otp_read(id, *rotpk_hash_size, rotpk_hash);
- if (err != TFM_PLAT_ERR_SUCCESS) {
- return err;
- }
-
- err = tfm_plat_otp_get_size(id, &otp_size);
- if (err != TFM_PLAT_ERR_SUCCESS) {
- return err;
- }
-
- *rotpk_hash_size = otp_size;
-
- return TFM_PLAT_ERR_SUCCESS;
-}
-
-enum tfm_plat_err_t
-tfm_plat_get_rotpk_hash(uint8_t image_id,
- uint8_t *rotpk_hash,
- uint32_t *rotpk_hash_size)
-{
- switch(image_id) {
- case 0:
- return get_rotpk_hash(PLAT_OTP_ID_BL1_ROTPK_0, rotpk_hash,
- rotpk_hash_size);
-
- default:
- return TFM_PLAT_ERR_INVALID_INPUT;
- }
-
- return TFM_PLAT_ERR_SYSTEM_ERR;
-}
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
similarity index 90%
rename from platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
rename to platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
index a5fe0f7da..678342443 100644
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
@@ -12,13 +12,16 @@
#include "Driver_Flash.h"
#include "flash_layout.h"
#include "fih.h"
-#include "bootutil/bootutil_log.h"
#include "firewall.h"
#include "watchdog.h"
#include "mpu_config.h"
#include "tfm_plat_otp.h"
#include "tfm_plat_provisioning.h"
#include "fwu_agent.h"
+#include "uart_stdout.h"
+#include "region_defs.h"
+#include "log.h"
+
#if defined(CRYPTO_HW_ACCELERATOR) || \
defined(CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING)
@@ -81,6 +84,9 @@ enum host_firewall_host_comp_id_t {
COMP_DEBUG,
};
+extern uint32_t platform_code_is_bl1_2;
+
+
static void setup_mpu(void)
{
uint32_t size; /* region size */
@@ -581,56 +587,44 @@ static void setup_host_firewall(void)
fw_lockdown(FW_FULL_LOCKDOWN);
}
-
-__attribute__((naked)) void boot_clear_bl2_ram_area(void)
+uint32_t bl1_image_get_flash_offset(uint32_t image_id)
{
- __ASM volatile(
- ".syntax unified \n"
- "movs r0, #0 \n"
- "ldr r1, =Image$$ER_DATA$$Base \n"
- "ldr r2, =Image$$ARM_LIB_HEAP$$ZI$$Limit \n"
- "subs r2, r2, r1 \n"
- "Loop: \n"
- "subs r2, #4 \n"
- "blt Clear_done \n"
- "str r0, [r1, r2] \n"
- "b Loop \n"
- "Clear_done: \n"
- "bx lr \n"
- : : : "r0" , "r1" , "r2" , "memory"
- );
+ /* SE BL2 Offset is equal to bank offset as it is the first think in the Bank */
+ uint32_t se_bl2_offset = 0;
+ bl1_get_active_bl2_image(&se_bl2_offset);
+ switch (image_id) {
+ case 0:
+ return se_bl2_offset;
+ case 1:
+ return se_bl2_offset + SE_BL2_PARTITION_SIZE;
+ default:
+ FIH_PANIC;
+ }
}
-extern void set_flash_area_image_offset(uint32_t offset);
-
int32_t boot_platform_init(void)
{
int32_t result;
uint32_t image_offset;
- result = corstone1000_watchdog_init();
- if (result != ARM_DRIVER_OK) {
- return 1;
- }
-
+ if (!platform_code_is_bl1_2) {
+ result = corstone1000_watchdog_init();
+ if (result != ARM_DRIVER_OK) {
+ return 1;
+ }
#if !(PLATFORM_IS_FVP)
- setup_mpu();
+ setup_mpu();
#endif
- setup_se_firewall();
+ setup_se_firewall();
#if !(PLATFORM_IS_FVP)
- setup_host_firewall();
+ setup_host_firewall();
#endif
-
- result = FLASH_DEV_NAME.Initialize(NULL);
- if (result != ARM_DRIVER_OK) {
- return 1;
}
-#if PLATFORM_DEFAULT_OTP
- result = FLASH_DEV_NAME_SE_SECURE_FLASH.Initialize(NULL);
- if (result != ARM_DRIVER_OK) {
- return 1;
- }
-#endif
+
+#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
+ stdio_init();
+#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */
+
#ifdef CRYPTO_HW_ACCELERATOR
result = crypto_hw_accelerator_init();
@@ -639,23 +633,11 @@ int32_t boot_platform_init(void)
}
#endif /* CRYPTO_HW_ACCELERATOR */
- result = tfm_plat_otp_init();
- if (result != TFM_PLAT_ERR_SUCCESS) {
- BOOT_LOG_ERR("OTP system initialization failed");
- FIH_PANIC;
- }
-
- if (tfm_plat_provisioning_is_required()) {
- result = fwu_metadata_provision();
- if (result != FWU_AGENT_SUCCESS) {
- BOOT_LOG_ERR("Provisioning FWU Metadata failed");
- FIH_PANIC;
- }
- }
-
- bl1_get_active_bl2_image(&image_offset);
- set_flash_area_image_offset(image_offset);
+ return 0;
+}
+int32_t boot_platform_post_init(void)
+{
return 0;
}
@@ -678,17 +660,15 @@ void boot_platform_quit(struct boot_arm_vector_table *vt)
(void)fih_delay_init();
#endif /* CRYPTO_HW_ACCELERATOR */
- result = FLASH_DEV_NAME.Uninitialize();
- if (result != ARM_DRIVER_OK) {
- while (1);
- }
-#if PLATFORM_DEFAULT_OTP
- result = FLASH_DEV_NAME_SE_SECURE_FLASH.Uninitialize();
+#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
+ stdio_uninit();
+#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */
+
+ result = corstone1000_watchdog_reset_timer();
if (result != ARM_DRIVER_OK) {
while (1);
}
-#endif
vt_cpy = vt;
diff --git a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c b/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
deleted file mode 100644
index b6632b6c2..000000000
--- a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Copyright (c) 2018 Nordic Semiconductor ASA
- * Copyright (c) 2015 Runtime Inc
- * Copyright (c) 2019-2021 Arm Limited.
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-
-/*
- * Original code taken from mcuboot project at:
- * https://github.com/mcu-tools/mcuboot
- * Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a
- */
-
-#include <errno.h>
-#include "target.h"
-#include "cmsis.h"
-#include "Driver_Flash.h"
-#include "sysflash/sysflash.h"
-#include "flash_map/flash_map.h"
-#include "flash_map_backend/flash_map_backend.h"
-#include "bootutil/bootutil_log.h"
-
-__WEAK int flash_device_base(uint8_t fd_id, uintptr_t *ret)
-{
- if (fd_id != FLASH_DEVICE_ID) {
- BOOT_LOG_ERR("invalid flash ID %d; expected %d",
- fd_id, FLASH_DEVICE_ID);
- return -1;
- }
- *ret = FLASH_DEVICE_BASE;
- return 0;
-}
-
-/*
- * This depends on the mappings defined in flash_map.h.
- * MCUBoot uses continuous numbering for the primary slot, the secondary slot,
- * and the scratch while TF-M might number it differently.
- */
-int flash_area_id_from_multi_image_slot(int image_index, int slot)
-{
- switch (slot) {
- case 0: return BL1_FLASH_AREA_IMAGE_PRIMARY(image_index);
- case 1: return BL1_FLASH_AREA_IMAGE_SECONDARY(image_index);
- case 2: return BL1_FLASH_AREA_IMAGE_SCRATCH;
- }
-
- return -1; /* flash_area_open will fail on that */
-}
-
-int flash_area_id_from_image_slot(int slot)
-{
- return flash_area_id_from_multi_image_slot(0, slot);
-}
-
-int flash_area_id_to_multi_image_slot(int image_index, int area_id)
-{
- if (area_id == BL1_FLASH_AREA_IMAGE_PRIMARY(image_index)) {
- return 0;
- }
- if (area_id == BL1_FLASH_AREA_IMAGE_SECONDARY(image_index)) {
- return 1;
- }
-
- BOOT_LOG_ERR("invalid flash area ID");
- return -1;
-}
-
-int flash_area_id_to_image_slot(int area_id)
-{
- return flash_area_id_to_multi_image_slot(0, area_id);
-}
-
-uint8_t flash_area_erased_val(const struct flash_area *fap)
-{
- return DRV_FLASH_AREA(fap)->GetInfo()->erased_value;
-}
-
-int flash_area_read_is_empty(const struct flash_area *fa, uint32_t off,
- void *dst, uint32_t len)
-{
- uint32_t i;
- uint8_t *u8dst;
- int rc;
-
- BOOT_LOG_DBG("read_is_empty area=%d, off=%#x, len=%#x",
- fa->fa_id, off, len);
-
- rc = DRV_FLASH_AREA(fa)->ReadData(fa->fa_off + off, dst, len);
- if (rc) {
- return -1;
- }
-
- u8dst = (uint8_t*)dst;
-
- for (i = 0; i < len; i++) {
- if (u8dst[i] != flash_area_erased_val(fa)) {
- return 0;
- }
- }
-
- return 1;
-}
diff --git a/platform/ext/target/arm/corstone1000/bl1/provisioning.c b/platform/ext/target/arm/corstone1000/bl1/provisioning.c
index 832fcea89..683bc45ea 100644
--- a/platform/ext/target/arm/corstone1000/bl1/provisioning.c
+++ b/platform/ext/target/arm/corstone1000/bl1/provisioning.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -11,7 +11,9 @@
#include "tfm_plat_otp.h"
#include "tfm_attest_hal.h"
#include "psa/crypto.h"
-#include "bootutil/bootutil_log.h"
+#include "region_defs.h"
+#include "log.h"
+#include "fwu_agent.h"
#include <string.h>
@@ -19,51 +21,20 @@
__PACKED_STRUCT bl1_assembly_and_test_provisioning_data_t {
uint32_t magic;
- uint8_t bl1_rotpk_0[32];
+ uint8_t bl2_encryption_key[32];
+ uint8_t guk[32];
+ uint8_t bl1_2_image_hash[32];
+ uint8_t bl2_image_hash[32];
+ uint8_t bl1_2_image[BL1_2_CODE_SIZE];
+ uint8_t bl1_rotpk_0[56];
};
-#ifdef TFM_DUMMY_PROVISIONING
-static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data = {
- ASSEMBLY_AND_TEST_PROV_DATA_MAGIC,
-#if (MCUBOOT_SIGN_RSA_LEN == 2048)
- /* bl1 rotpk 0 */
- {
- 0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32,
- 0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5,
- 0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93,
- 0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94,
- },
-#elif (MCUBOOT_SIGN_RSA_LEN == 3072)
- /* bl1 rotpk 0 */
- {
- 0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff,
- 0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99,
- 0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a,
- 0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38,
- },
-#else
-#error "No public key available for given signing algorithm."
-#endif /* MCUBOOT_SIGN_RSA_LEN */
-};
-#else
-static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data;
-#endif /* TFM_DUMMY_PROVISIONING */
+static const struct bl1_assembly_and_test_provisioning_data_t *bl1_assembly_and_test_prov_data =
+ (struct bl1_assembly_and_test_provisioning_data_t *)PROVISIONING_DATA_START;
+
void tfm_plat_provisioning_check_for_dummy_keys(void)
{
- uint64_t iak_start;
-
- tfm_plat_otp_read(PLAT_OTP_ID_IAK, sizeof(iak_start), (uint8_t*)&iak_start);
-
- if(iak_start == 0xA4906F6DB254B4A9) {
- BOOT_LOG_WRN("%s%s%s%s",
- "\033[1;31m",
- "This device was provisioned with dummy keys. ",
- "This device is \033[1;1mNOT SECURE",
- "\033[0m");
- }
-
- memset(&iak_start, 0, sizeof(iak_start));
}
int tfm_plat_provisioning_is_required(void)
@@ -85,12 +56,47 @@ enum tfm_plat_err_t provision_assembly_and_test(void)
enum tfm_plat_err_t err;
err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_ROTPK_0,
- sizeof(bl1_assembly_and_test_prov_data.bl1_rotpk_0),
- bl1_assembly_and_test_prov_data.bl1_rotpk_0);
+ sizeof(bl1_assembly_and_test_prov_data->bl1_rotpk_0),
+ bl1_assembly_and_test_prov_data->bl1_rotpk_0);
+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
+ return err;
+ }
+
+
+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE_HASH,
+ sizeof(bl1_assembly_and_test_prov_data->bl1_2_image_hash),
+ bl1_assembly_and_test_prov_data->bl1_2_image_hash);
+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
+ return err;
+ }
+
+
+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE,
+ sizeof(bl1_assembly_and_test_prov_data->bl1_2_image),
+ bl1_assembly_and_test_prov_data->bl1_2_image);
+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
+ return err;
+ }
+
+ err = tfm_plat_otp_write(PLAT_OTP_ID_KEY_BL2_ENCRYPTION,
+ sizeof(bl1_assembly_and_test_prov_data->bl2_encryption_key),
+ bl1_assembly_and_test_prov_data->bl2_encryption_key);
if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
return err;
}
+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL2_IMAGE_HASH,
+ sizeof(bl1_assembly_and_test_prov_data->bl2_image_hash),
+ bl1_assembly_and_test_prov_data->bl2_image_hash);
+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
+ return err;
+ }
+
+ err = fwu_metadata_provision();
+ if (err != FWU_AGENT_SUCCESS) {
+ return 1;
+ }
+
return err;
}
@@ -104,19 +110,18 @@ enum tfm_plat_err_t tfm_plat_provisioning_perform(void)
return err;
}
- BOOT_LOG_INF("Beginning BL1 provisioning");
+ BL1_LOG("[INF] Beginning BL1 provisioning\r\n");
#ifdef TFM_DUMMY_PROVISIONING
- BOOT_LOG_WRN("%s%s%s%s",
- "\033[1;31m",
- "TFM_DUMMY_PROVISIONING is not suitable for production! ",
- "This device is \033[1;1mNOT SECURE",
- "\033[0m");
+ BL1_LOG("\033[1;31m[WRN]");
+ BL1_LOG("TFM_DUMMY_PROVISIONING is not suitable for production! ");
+ BL1_LOG("This device is \033[1;1mNOT SECURE");
+ BL1_LOG("\033[0m\r\n");
#endif /* TFM_DUMMY_PROVISIONING */
if (lcs == PLAT_OTP_LCS_ASSEMBLY_AND_TEST) {
- if (bl1_assembly_and_test_prov_data.magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) {
- BOOT_LOG_ERR("No valid ASSEMBLY_AND_TEST provisioning data found");
+ if (bl1_assembly_and_test_prov_data->magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) {
+ BL1_LOG("[ERR] No valid ASSEMBLY_AND_TEST provisioning data found\r\n");
return TFM_PLAT_ERR_INVALID_INPUT;
}
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
index aca75394d..1b0675404 100644
--- a/platform/ext/target/arm/corstone1000/config.cmake
+++ b/platform/ext/target/arm/corstone1000/config.cmake
@@ -8,7 +8,14 @@
#-------------------------------------------------------------------------------
set(BL1 ON CACHE BOOL "Whether to build BL1")
-set(PLATFORM_DEFAULT_BL1 OFF CACHE STRING "Whether to use default BL1 or platform-specific one")
+set(PLATFORM_DEFAULT_BL1 ON CACHE STRING "Whether to use default BL1 or platform-specific one")
+set(PLATFORM_DEFAULT_OTP OFF CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
+
+set(TFM_BL1_DEFAULT_PROVISIONING OFF CACHE BOOL "Whether BL1_1 will use default provisioning")
+set(TFM_BL1_SOFTWARE_CRYPTO OFF CACHE BOOL "Whether BL1_1 will use software crypto")
+set(TFM_BL1_MEMORY_MAPPED_FLASH OFF CACHE BOOL "Whether BL1 can directly access flash content")
+set(TFM_BL1_PQ_CRYPTO OFF CACHE BOOL "Enable LMS PQ crypto for BL2 verification. This is experimental and should not yet be used in production")
+
set(BL2 ON CACHE BOOL "Whether to build BL2")
set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
set(DEFAULT_MCUBOOT_FLASH_MAP OFF CACHE BOOL "Whether to use the default flash map defined by TF-M project")
@@ -26,13 +33,6 @@ set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryp
set(NS FALSE CACHE BOOL "Whether to build NS app")
set(EXTERNAL_SYSTEM_SUPPORT OFF CACHE BOOL "Whether to include external system support.")
-# FVP is not integrated/tested with CC312.
-if (${PLATFORM_IS_FVP})
- set(PLATFORM_DEFAULT_OTP TRUE CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
-else()
- set(PLATFORM_DEFAULT_OTP FALSE CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
-endif()
-
# External dependency on OpenAMP and Libmetal
set(LIBMETAL_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libmetal (or DOWNLOAD to fetch automatically")
set(LIBMETAL_VERSION "f252f0e007fbfb8b3a52b1d5901250ddac96baad" CACHE STRING "The version of libmetal to use")
@@ -59,6 +59,8 @@ set(TFM_PARTITION_PROTECTED_STORAGE ON CACHE BOOL "Enable Prot
set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition")
set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition")
set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition")
+set(TFM_PARTITION_MEASURED_BOOT ON CACHE BOOL "Enable Measured boot partition")
+
if (${CMAKE_BUILD_TYPE} STREQUAL Debug OR ${CMAKE_BUILD_TYPE} STREQUAL RelWithDebInfo)
set(ENABLE_FWU_AGENT_DEBUG_LOGS TRUE CACHE BOOL "Enable Firmware update agent debug logs.")
diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
index b01a3621b..a95ff63ef 100644
--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
@@ -34,16 +34,6 @@
#define BL2_DATA_GAP_SIZE (0x09800) /* 38 KB */
-#define BL1_DATA_START (SRAM_BASE)
-#define BL1_DATA_SIZE (0x10000) /* 64 KiB*/
-#define BL1_DATA_LIMIT (BL1_DATA_START + BL1_DATA_SIZE - 1)
-
-#ifdef BL1
-
-#define IMAGE_EXECUTABLE_RAM_START (SRAM_BASE + BL1_DATA_SIZE)
-#define IMAGE_EXECUTABLE_RAM_SIZE (SRAM_SIZE - BL1_DATA_SIZE)
-
-#endif /* BL1 */
/*****************/
/***** Flash *****/
diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
index 35055fe9c..8157c36bf 100644
--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
@@ -20,12 +20,17 @@
#include "flash_layout.h"
+/* BL1_1 */
+#define BL1_1_HEAP_SIZE (0x0001000) /* 4KiB */
+#define BL1_1_MSP_STACK_SIZE (0x0001800) /* 6KiB */
+
+/* BL1_2 */
+#define BL1_2_HEAP_SIZE (0x0001000) /* 4KiB */
+#define BL1_2_MSP_STACK_SIZE (0x0001800) /* 6KiB */
+
#define BL2_HEAP_SIZE (0x0001000)
#define BL2_MSP_STACK_SIZE (0x0001E00)
-#define BL1_HEAP_SIZE (0x0001000)
-#define BL1_MSP_STACK_SIZE (0x0001800)
-
#ifdef ENABLE_HEAP
#define S_HEAP_SIZE (0x0000200)
#endif
@@ -80,8 +85,8 @@
/* SE BL2 regions */
-#define BL2_CODE_START (SRAM_BASE + TFM_PARTITION_SIZE + \
- BL2_DATA_GAP_SIZE + BL2_HEADER_SIZE)
+#define BL2_IMAGE_START (SRAM_BASE + SRAM_SIZE - SE_BL2_PARTITION_SIZE)
+#define BL2_CODE_START (BL2_IMAGE_START + BL2_HEADER_SIZE)
#define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE)
#define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
@@ -91,9 +96,25 @@
#define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1)
/* SE BL1 regions */
-#define BL1_CODE_START (0)
-#define BL1_CODE_SIZE (0x00020000) /* Whole SE ROM, 128 KiB */
-#define BL1_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
+#define BL1_1_CODE_START (0)
+#define BL1_1_CODE_SIZE (0x0000A000) /* 40 KiB */
+#define BL1_1_CODE_LIMIT (BL1_1_CODE_START + BL1_1_CODE_SIZE - 1)
+
+#define PROVISIONING_DATA_START (BL1_1_CODE_START + BL1_1_CODE_SIZE)
+#define PROVISIONING_DATA_SIZE (0x00002000) /* 8 KiB */
+#define PROVISIONING_DATA_LIMIT (PROVISIONING_DATA_START + PROVISIONING_DATA_SIZE - 1)
+
+#define BL1_1_DATA_START (SRAM_BASE)
+#define BL1_1_DATA_SIZE (0x8000) /* 32 KiB*/
+#define BL1_1_DATA_LIMIT (BL1_1_DATA_START + BL1_1_DATA_SIZE - 1)
+
+#define BL1_2_CODE_START (BL1_1_DATA_START + BL1_1_DATA_SIZE)
+#define BL1_2_CODE_SIZE (0x00001000) /* 4 KiB */
+#define BL1_2_CODE_LIMIT (BL1_2_CODE_START + BL1_2_CODE_SIZE - 1)
+
+#define BL1_2_DATA_START (BL1_2_CODE_START+BL1_2_CODE_SIZE)
+#define BL1_2_DATA_SIZE (0x8000) /* 32 KiB*/
+#define BL1_2_DATA_LIMIT (BL1_2_DATA_START + BL1_2_DATA_SIZE - 1)
#define BOOT_TFM_SHARED_DATA_BASE (S_DATA_PRIV_START)
--
2.17.1