Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 8e7b46e2350c3689938f309eaca929aada20b5a0 / . / meta-arm / meta-arm-bsp / recipes-bsp / trusted-firmware-m / files / corstone1000 / 0004-Platform-corstone1000-Replace-MCUBOOT-BL1-by-TFM-s.patch
blob: 0ad44947f096c5317fa1f1c5569c82d9bad5e3e4 [file] [log] [blame]
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame^]1From e46fd33355b54c08d1764c2a8e7b553960d61157 Mon Sep 17 00:00:00 2001
2From: Emekcan Aras <emekcan.aras@arm.com>
3Date: Sat, 25 Feb 2023 10:29:55 +0000
4Subject: [PATCH 1/6] Platform: corstone1000: Replace MCUBOOT BL1 by TFM's
5
6From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
7
8Replace The current BL1 (MCUBOOT) with the TFM BL1
9by enabling
10- PLATFORM_DEFAULT_BL1
11- Update linkerscripts
12- Update CMakeFile
13- Adapt boot_hal
14- Adapt provisioning (to use the provision bundle)
15- Adapt flash_layout and region_defs
16- Update documentation of corstone1000 build and run sections
17
18Upstream-Status: Submitted [https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20553]
19Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
20Change-Id: I224b24d0f4423e62468e609c11a239a4575cdae4
21---
22 .../target/arm/corstone1000/CMakeLists.txt | 70 +++++-
23 .../Device/Include/boot_measurement.h | 24 +++
24 .../Device/Include/platform_base_address.h | 3 +
25 .../Device/Source/gcc/corstone1000_bl1_1.ld | 203 ++++++++++++++++++
26 ...stone1000_bl1.ld => corstone1000_bl1_2.ld} | 8 +-
27 .../target/arm/corstone1000/bl1/bl1_rotpk.c | 48 -----
28 .../bl1/{bl1_boot_hal.c => boot_hal_bl1.c} | 102 ++++-----
29 .../arm/corstone1000/bl1/flash_map_extended.c | 103 ---------
30 .../arm/corstone1000/bl1/provisioning.c | 109 +++++-----
31 .../ext/target/arm/corstone1000/config.cmake | 18 +-
32 .../arm/corstone1000/partition/flash_layout.h | 10 -
33 .../arm/corstone1000/partition/region_defs.h | 37 +++-
34 12 files changed, 434 insertions(+), 301 deletions(-)
35 create mode 100644 platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
36 create mode 100644 platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
37 rename platform/ext/target/arm/corstone1000/Device/Source/gcc/{corstone1000_bl1.ld => corstone1000_bl1_2.ld} (95%)
38 delete mode 100644 platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
39 rename platform/ext/target/arm/corstone1000/bl1/{bl1_boot_hal.c => boot_hal_bl1.c} (90%)
40 delete mode 100644 platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
41
42diff --git a/platform/ext/target/arm/corstone1000/CMakeLists.txt b/platform/ext/target/arm/corstone1000/CMakeLists.txt
43index 19863bcdb..a4fe28c08 100644
44--- a/platform/ext/target/arm/corstone1000/CMakeLists.txt
45+++ b/platform/ext/target/arm/corstone1000/CMakeLists.txt
46@@ -41,6 +41,23 @@ target_add_scatter_file(bl2
47 $<$<C_COMPILER_ID:GNU>:${PLATFORM_DIR}/ext/common/gcc/tfm_common_bl2.ld>
48 )
49
50+target_sources(bl1_1
51+PRIVATE
52+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c>
53+)
54+
55+target_add_scatter_file(bl1_1
56+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_1.ld>
57+)
58+
59+target_sources(bl1_2
60+PRIVATE
61+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/startup_corstone1000.c>
62+)
63+target_add_scatter_file(bl1_2
64+ $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/Device/Source/gcc/corstone1000_bl1_2.ld>
65+)
66+
67 #========================= Platform Secure ====================================#
68
69 add_subdirectory(openamp)
70@@ -115,6 +132,55 @@ if (TFM_PARTITION_CRYPTO)
71 )
72 endif()
73
74+#========================= Platform BL1 =======================================#
75+
76+target_sources(platform_bl1
77+ PRIVATE
78+ ./Device/Source/system_core_init.c
79+ ./Device/Source/device_definition.c
80+ ./bl1/boot_hal_bl1.c
81+ ./Native_Driver/firewall.c
82+ ./CMSIS_Driver/Driver_Flash.c
83+ ./CMSIS_Driver/Driver_USART.c
84+ ./Native_Driver/uart_pl011_drv.c
85+ $<$<BOOL:${PLATFORM_IS_FVP}>:${CMAKE_CURRENT_SOURCE_DIR}/Native_Driver/cfi_drv.c>
86+ $<$<BOOL:${PLATFORM_IS_FVP}>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata/spi_strataflashj3_flash_lib.c>
87+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/xilinx_pg153_axi_qspi_controller_drv.c>
88+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/spi_n25q256a_flash_lib.c>
89+ $<$<NOT:$<BOOL:${PLATFORM_IS_FVP}>>:${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/spi_sst26vf064b_flash_lib.c>
90+ ./fw_update_agent/uefi_capsule_parser.c
91+ ./fw_update_agent/fwu_agent.c
92+ ./fw_update_agent/uefi_fmp.c
93+ ./soft_crc/soft_crc.c
94+ ./Native_Driver/arm_watchdog_drv.c
95+ ./Native_Driver/watchdog.c
96+ ./bl1/provisioning.c
97+ $<$<NOT:$<BOOL:${PLATFORM_DEFAULT_OTP}>>:${PLATFORM_DIR}/ext/accelerator/cc312/otp_cc312.c>
98+)
99+
100+target_compile_definitions(platform_bl1
101+ PUBLIC
102+ $<$<BOOL:${PLATFORM_IS_FVP}>:PLATFORM_IS_FVP>
103+ $<$<AND:$<BOOL:${CONFIG_TFM_BOOT_STORE_MEASUREMENTS}>,$<BOOL:${TFM_PARTITION_MEASURED_BOOT}>>:MEASURED_BOOT_API>
104+ $<$<BOOL:${PLATFORM_DEFAULT_OTP_WRITEABLE}>:OTP_WRITEABLE>
105+)
106+
107+target_include_directories(platform_bl1_interface
108+ INTERFACE
109+ .
110+ ./Device/Include
111+ ./Device/Config
112+ ./Native_Driver
113+ ./CMSIS_Driver/Config
114+ ./fw_update_agent
115+ ./soft_crc
116+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/common
117+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/strata
118+ ${PLATFORM_DIR}/ext/target/arm/drivers/qspi/xilinx_pg153_axi/
119+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/n25q256a/
120+ ${PLATFORM_DIR}/ext/target/arm/drivers/flash/sst26vf064b/
121+)
122+
123 #========================= Platform BL2 =======================================#
124
125 set(BL2_SOURCE ${CMAKE_SOURCE_DIR}/bl2)
126@@ -214,10 +280,6 @@ target_include_directories(platform_bl2
127 $<BUILD_INTERFACE:${BL2_SOURCE}/ext/mcuboot/include>
128 )
129
130-#========================= BL1 component =======================================#
131-
132-add_subdirectory(bl1)
133-
134 #========================= ns_agent_mailbox ===================================#
135
136 target_sources(tfm_psa_rot_partition_ns_agent_mailbox
137diff --git a/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
138new file mode 100644
139index 000000000..a47bdb148
140--- /dev/null
141+++ b/platform/ext/target/arm/corstone1000/Device/Include/boot_measurement.h
142@@ -0,0 +1,24 @@
143+/*
144+ * Copyright (c) 2023, Arm Limited. All rights reserved.
145+ *
146+ * SPDX-License-Identifier: BSD-3-Clause
147+ *
148+ */
149+
150+#ifndef __BOOT_MEASUREMENT_H__
151+#define __BOOT_MEASUREMENT_H__
152+
153+enum boot_measurement_slot_t {
154+ BOOT_MEASUREMENT_SLOT_BL1_2 = 0,
155+ BOOT_MEASUREMENT_SLOT_BL2,
156+ BOOT_MEASUREMENT_SLOT_RT_0,
157+ BOOT_MEASUREMENT_SLOT_RT_1,
158+ BOOT_MEASUREMENT_SLOT_RT_2,
159+ BOOT_MEASUREMENT_SLOT_MAX = 32,
160+ BOOT_MEASUREMENT_SLOT_MAX_THEORETICAL = 63 /* Slot index is stored in
161+ * 6 bits in the shared
162+ * memory area.
163+ */
164+};
165+
166+#endif /* __BOOT_MEASUREMENT_H__ */
167diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
168index 5cca4c4a1..416f0ebcd 100644
169--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
170+++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h
171@@ -79,4 +79,7 @@
172 #define CORSTONE1000_HOST_AXI_QSPI_CTRL_REG_BASE_SE_SECURE_FLASH (0x90010000U) /* AXI QSPI Controller for SE FLash */
173 #define CORSTONE1000_HOST_DRAM_UEFI_CAPSULE (0xA0000000U) /* 1.5 GB DDR */
174
175+/* Map Component definitions to Corstone definitions */
176+#define CC3XX_BASE_S CORSTONE1000_CRYPTO_ACCELERATOR_BASE
177+
178 #endif /* __PLATFORM_BASE_ADDRESS_H__ */
179diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
180new file mode 100644
181index 000000000..d4eca2841
182--- /dev/null
183+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_1.ld
184@@ -0,0 +1,203 @@
185+;/*
186+; * Copyright (c) 2009-2022, Arm Limited. All rights reserved.
187+; *
188+; * Licensed under the Apache License, Version 2.0 (the "License");
189+; * you may not use this file except in compliance with the License.
190+; * You may obtain a copy of the License at
191+; *
192+; * http://www.apache.org/licenses/LICENSE-2.0
193+; *
194+; * Unless required by applicable law or agreed to in writing, software
195+; * distributed under the License is distributed on an "AS IS" BASIS,
196+; * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
197+; * See the License for the specific language governing permissions and
198+; * limitations under the License.
199+; *
200+; *
201+; * This file is derivative of CMSIS V5.00 gcc_arm.ld
202+; */
203+
204+/* Linker script to configure memory regions. */
205+/* This file will be run trough the pre-processor. */
206+
207+#include "region_defs.h"
208+
209+MEMORY
210+{
211+ FLASH (rx) : ORIGIN = BL1_1_CODE_START, LENGTH = BL1_1_CODE_SIZE
212+ RAM (rwx) : ORIGIN = BL1_1_DATA_START, LENGTH = BL1_1_DATA_SIZE
213+}
214+
215+__heap_size__ = BL1_1_HEAP_SIZE;
216+__msp_stack_size__ = BL1_1_MSP_STACK_SIZE;
217+
218+/* Library configurations */
219+GROUP(libgcc.a libc.a libm.a libnosys.a)
220+
221+ENTRY(Reset_Handler)
222+
223+SECTIONS
224+{
225+ .text :
226+ {
227+ KEEP(*(.vectors))
228+ __Vectors_End = .;
229+ __Vectors_Size = __Vectors_End - __Vectors;
230+ __end__ = .;
231+
232+ *(.text*)
233+
234+ KEEP(*shared_lib*:*(.text*))
235+ KEEP(*bl1_tests_shared*:*(.text*))
236+ KEEP(*bl1_crypto_hw*:*(.text*))
237+ KEEP(*boot_hal_bl1*(.text*))
238+
239+ KEEP(*(.init))
240+ KEEP(*(.fini))
241+
242+
243+ /* .ctors */
244+ *crtbegin.o(.ctors)
245+ *crtbegin?.o(.ctors)
246+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
247+ *(SORT(.ctors.*))
248+ *(.ctors)
249+
250+ /* .dtors */
251+ *crtbegin.o(.dtors)
252+ *crtbegin?.o(.dtors)
253+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
254+ *(SORT(.dtors.*))
255+ *(.dtors)
256+
257+ *(.rodata*)
258+
259+ KEEP(*(.eh_frame*))
260+ } > FLASH
261+
262+ .ARM.extab :
263+ {
264+ *(.ARM.extab* .gnu.linkonce.armextab.*)
265+ } > FLASH
266+
267+ __exidx_start = .;
268+ .ARM.exidx :
269+ {
270+ *(.ARM.exidx* .gnu.linkonce.armexidx.*)
271+ } > FLASH
272+ __exidx_end = .;
273+
274+ /* To copy multiple ROM to RAM sections,
275+ * define etext2/data2_start/data2_end and
276+ * define __STARTUP_COPY_MULTIPLE in startup_corstone700_bl2.S */
277+ .copy.table :
278+ {
279+ . = ALIGN(4);
280+ __copy_table_start__ = .;
281+ LONG (__etext)
282+ LONG (__data_start__)
283+ LONG ((__data_end__ - __data_start__) / 4)
284+ LONG (DEFINED(__etext2) ? __etext2 : 0)
285+ LONG (DEFINED(__data2_start__) ? __data2_start__ : 0)
286+ LONG (DEFINED(__data2_start__) ? ((__data2_end__ - __data2_start__) / 4) : 0)
287+ __copy_table_end__ = .;
288+ } > FLASH
289+
290+ /* To clear multiple BSS sections,
291+ * uncomment .zero.table section and,
292+ * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_cmsdk_musca_bl2.S */
293+ .zero.table :
294+ {
295+ . = ALIGN(4);
296+ __zero_table_start__ = .;
297+ LONG (__bss_start__)
298+ LONG ((__bss_end__ - __bss_start__) / 4)
299+ LONG (DEFINED(__bss2_start__) ? __bss2_start__ : 0)
300+ LONG (DEFINED(__bss2_start__) ? ((__bss2_end__ - __bss2_start__) / 4) : 0)
301+ __zero_table_end__ = .;
302+ } > FLASH
303+
304+ __etext = ALIGN (4);
305+
306+ .tfm_bl2_shared_data : ALIGN(32)
307+ {
308+ . += BOOT_TFM_SHARED_DATA_SIZE;
309+ } > RAM
310+ Image$$SHARED_DATA$$RW$$Base = ADDR(.tfm_bl2_shared_data);
311+ Image$$SHARED_DATA$$RW$$Limit = ADDR(.tfm_bl2_shared_data) + SIZEOF(.tfm_bl2_shared_data);
312+
313+ . = BL1_1_DATA_START;
314+ Image$$BL1_1_ER_DATA_START$$Base = .;
315+ .data : AT (__etext)
316+ {
317+ __data_start__ = .;
318+ *(vtable)
319+ *(.data*)
320+
321+ . = ALIGN(4);
322+ /* preinit data */
323+ PROVIDE_HIDDEN (__preinit_array_start = .);
324+ KEEP(*(.preinit_array))
325+ PROVIDE_HIDDEN (__preinit_array_end = .);
326+
327+ . = ALIGN(4);
328+ /* init data */
329+ PROVIDE_HIDDEN (__init_array_start = .);
330+ KEEP(*(SORT(.init_array.*)))
331+ KEEP(*(.init_array))
332+ PROVIDE_HIDDEN (__init_array_end = .);
333+
334+
335+ . = ALIGN(4);
336+ /* finit data */
337+ PROVIDE_HIDDEN (__fini_array_start = .);
338+ KEEP(*(SORT(.fini_array.*)))
339+ KEEP(*(.fini_array))
340+ PROVIDE_HIDDEN (__fini_array_end = .);
341+
342+ KEEP(*(.jcr*))
343+ . = ALIGN(4);
344+ /* All data end */
345+ __data_end__ = .;
346+
347+ } > RAM
348+ Image$$ER_DATA$$Base = ADDR(.data);
349+
350+ .bss :
351+ {
352+ . = ALIGN(4);
353+ __bss_start__ = .;
354+ *(.bss*)
355+ *(COMMON)
356+ . = ALIGN(4);
357+ __bss_end__ = .;
358+ } > RAM
359+
360+ bss_size = __bss_end__ - __bss_start__;
361+
362+ .msp_stack (NOLOAD) : ALIGN(32)
363+ {
364+ . += __msp_stack_size__;
365+ } > RAM
366+ Image$$ARM_LIB_STACK$$ZI$$Base = ADDR(.msp_stack);
367+ Image$$ARM_LIB_STACK$$ZI$$Limit = ADDR(.msp_stack) + SIZEOF(.msp_stack);
368+
369+ .heap (NOLOAD): ALIGN(8)
370+ {
371+ . = ALIGN(8);
372+ __end__ = .;
373+ PROVIDE(end = .);
374+ __HeapBase = .;
375+ . += __heap_size__;
376+ __HeapLimit = .;
377+ __heap_limit = .; /* Add for _sbrk */
378+ } > RAM
379+ Image$$ARM_LIB_HEAP$$ZI$$Limit = ADDR(.heap) + SIZEOF(.heap);
380+
381+ PROVIDE(__stack = Image$$ARM_LIB_STACK$$ZI$$Limit);
382+
383+ Image$$BL1_1_ER_DATA_LIMIT$$Base = .;
384+
385+ Image$$BL1_2_ER_DATA_START$$Base = BL1_2_DATA_START;
386+ Image$$BL1_2_ER_DATA_LIMIT$$Base = BL1_2_DATA_START + BL1_2_DATA_SIZE;
387+}
388diff --git a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
389similarity index 95%
390rename from platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld
391rename to platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
392index 73be37d7c..6cd806378 100644
393--- a/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1.ld
394+++ b/platform/ext/target/arm/corstone1000/Device/Source/gcc/corstone1000_bl1_2.ld
395@@ -24,12 +24,12 @@
396
397 MEMORY
398 {
399- FLASH (rx) : ORIGIN = BL1_CODE_START, LENGTH = BL1_CODE_SIZE
400- RAM (rwx) : ORIGIN = BL1_DATA_START, LENGTH = BL1_DATA_SIZE
401+ FLASH (rx) : ORIGIN = BL1_2_CODE_START, LENGTH = BL1_2_CODE_SIZE
402+ RAM (rwx) : ORIGIN = BL1_2_DATA_START, LENGTH = BL1_2_DATA_SIZE
403 }
404
405-__heap_size__ = BL1_HEAP_SIZE;
406-__msp_stack_size__ = BL1_MSP_STACK_SIZE;
407+__heap_size__ = BL1_2_HEAP_SIZE;
408+__msp_stack_size__ = BL1_2_MSP_STACK_SIZE;
409
410 /* Library configurations */
411 GROUP(libgcc.a libc.a libm.a libnosys.a)
412diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c b/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
413deleted file mode 100644
414index d8cfe3759..000000000
415--- a/platform/ext/target/arm/corstone1000/bl1/bl1_rotpk.c
416+++ /dev/null
417@@ -1,48 +0,0 @@
418-/*
419- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
420- *
421- * SPDX-License-Identifier: BSD-3-Clause
422- *
423- */
424-
425-#include <stdint.h>
426-#include "tfm_plat_otp.h"
427-
428-static enum tfm_plat_err_t get_rotpk_hash(enum tfm_otp_element_id_t id,
429- uint8_t* rotpk_hash,
430- uint32_t* rotpk_hash_size)
431-{
432- enum tfm_plat_err_t err;
433- size_t otp_size;
434-
435- err = tfm_plat_otp_read(id, *rotpk_hash_size, rotpk_hash);
436- if (err != TFM_PLAT_ERR_SUCCESS) {
437- return err;
438- }
439-
440- err = tfm_plat_otp_get_size(id, &otp_size);
441- if (err != TFM_PLAT_ERR_SUCCESS) {
442- return err;
443- }
444-
445- *rotpk_hash_size = otp_size;
446-
447- return TFM_PLAT_ERR_SUCCESS;
448-}
449-
450-enum tfm_plat_err_t
451-tfm_plat_get_rotpk_hash(uint8_t image_id,
452- uint8_t *rotpk_hash,
453- uint32_t *rotpk_hash_size)
454-{
455- switch(image_id) {
456- case 0:
457- return get_rotpk_hash(PLAT_OTP_ID_BL1_ROTPK_0, rotpk_hash,
458- rotpk_hash_size);
459-
460- default:
461- return TFM_PLAT_ERR_INVALID_INPUT;
462- }
463-
464- return TFM_PLAT_ERR_SYSTEM_ERR;
465-}
466diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
467similarity index 90%
468rename from platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
469rename to platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
470index a5fe0f7da..678342443 100644
471--- a/platform/ext/target/arm/corstone1000/bl1/bl1_boot_hal.c
472+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1.c
473@@ -12,13 +12,16 @@
474 #include "Driver_Flash.h"
475 #include "flash_layout.h"
476 #include "fih.h"
477-#include "bootutil/bootutil_log.h"
478 #include "firewall.h"
479 #include "watchdog.h"
480 #include "mpu_config.h"
481 #include "tfm_plat_otp.h"
482 #include "tfm_plat_provisioning.h"
483 #include "fwu_agent.h"
484+#include "uart_stdout.h"
485+#include "region_defs.h"
486+#include "log.h"
487+
488
489 #if defined(CRYPTO_HW_ACCELERATOR) || \
490 defined(CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING)
491@@ -81,6 +84,9 @@ enum host_firewall_host_comp_id_t {
492 COMP_DEBUG,
493 };
494
495+extern uint32_t platform_code_is_bl1_2;
496+
497+
498 static void setup_mpu(void)
499 {
500 uint32_t size; /* region size */
501@@ -581,56 +587,44 @@ static void setup_host_firewall(void)
502 fw_lockdown(FW_FULL_LOCKDOWN);
503 }
504
505-
506-__attribute__((naked)) void boot_clear_bl2_ram_area(void)
507+uint32_t bl1_image_get_flash_offset(uint32_t image_id)
508 {
509- __ASM volatile(
510- ".syntax unified \n"
511- "movs r0, #0 \n"
512- "ldr r1, =Image$$ER_DATA$$Base \n"
513- "ldr r2, =Image$$ARM_LIB_HEAP$$ZI$$Limit \n"
514- "subs r2, r2, r1 \n"
515- "Loop: \n"
516- "subs r2, #4 \n"
517- "blt Clear_done \n"
518- "str r0, [r1, r2] \n"
519- "b Loop \n"
520- "Clear_done: \n"
521- "bx lr \n"
522- : : : "r0" , "r1" , "r2" , "memory"
523- );
524+ /* SE BL2 Offset is equal to bank offset as it is the first think in the Bank */
525+ uint32_t se_bl2_offset = 0;
526+ bl1_get_active_bl2_image(&se_bl2_offset);
527+ switch (image_id) {
528+ case 0:
529+ return se_bl2_offset;
530+ case 1:
531+ return se_bl2_offset + SE_BL2_PARTITION_SIZE;
532+ default:
533+ FIH_PANIC;
534+ }
535 }
536
537-extern void set_flash_area_image_offset(uint32_t offset);
538-
539 int32_t boot_platform_init(void)
540 {
541 int32_t result;
542 uint32_t image_offset;
543
544- result = corstone1000_watchdog_init();
545- if (result != ARM_DRIVER_OK) {
546- return 1;
547- }
548-
549+ if (!platform_code_is_bl1_2) {
550+ result = corstone1000_watchdog_init();
551+ if (result != ARM_DRIVER_OK) {
552+ return 1;
553+ }
554 #if !(PLATFORM_IS_FVP)
555- setup_mpu();
556+ setup_mpu();
557 #endif
558- setup_se_firewall();
559+ setup_se_firewall();
560 #if !(PLATFORM_IS_FVP)
561- setup_host_firewall();
562+ setup_host_firewall();
563 #endif
564-
565- result = FLASH_DEV_NAME.Initialize(NULL);
566- if (result != ARM_DRIVER_OK) {
567- return 1;
568 }
569-#if PLATFORM_DEFAULT_OTP
570- result = FLASH_DEV_NAME_SE_SECURE_FLASH.Initialize(NULL);
571- if (result != ARM_DRIVER_OK) {
572- return 1;
573- }
574-#endif
575+
576+#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
577+ stdio_init();
578+#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */
579+
580
581 #ifdef CRYPTO_HW_ACCELERATOR
582 result = crypto_hw_accelerator_init();
583@@ -639,23 +633,11 @@ int32_t boot_platform_init(void)
584 }
585 #endif /* CRYPTO_HW_ACCELERATOR */
586
587- result = tfm_plat_otp_init();
588- if (result != TFM_PLAT_ERR_SUCCESS) {
589- BOOT_LOG_ERR("OTP system initialization failed");
590- FIH_PANIC;
591- }
592-
593- if (tfm_plat_provisioning_is_required()) {
594- result = fwu_metadata_provision();
595- if (result != FWU_AGENT_SUCCESS) {
596- BOOT_LOG_ERR("Provisioning FWU Metadata failed");
597- FIH_PANIC;
598- }
599- }
600-
601- bl1_get_active_bl2_image(&image_offset);
602- set_flash_area_image_offset(image_offset);
603+ return 0;
604+}
605
606+int32_t boot_platform_post_init(void)
607+{
608 return 0;
609 }
610
611@@ -678,17 +660,15 @@ void boot_platform_quit(struct boot_arm_vector_table *vt)
612 (void)fih_delay_init();
613 #endif /* CRYPTO_HW_ACCELERATOR */
614
615- result = FLASH_DEV_NAME.Uninitialize();
616- if (result != ARM_DRIVER_OK) {
617- while (1);
618- }
619
620-#if PLATFORM_DEFAULT_OTP
621- result = FLASH_DEV_NAME_SE_SECURE_FLASH.Uninitialize();
622+#if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2)
623+ stdio_uninit();
624+#endif /* defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) */
625+
626+ result = corstone1000_watchdog_reset_timer();
627 if (result != ARM_DRIVER_OK) {
628 while (1);
629 }
630-#endif
631
632 vt_cpy = vt;
633
634diff --git a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c b/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
635deleted file mode 100644
636index b6632b6c2..000000000
637--- a/platform/ext/target/arm/corstone1000/bl1/flash_map_extended.c
638+++ /dev/null
639@@ -1,103 +0,0 @@
640-/*
641- * Copyright (c) 2018 Nordic Semiconductor ASA
642- * Copyright (c) 2015 Runtime Inc
643- * Copyright (c) 2019-2021 Arm Limited.
644- *
645- * SPDX-License-Identifier: Apache-2.0
646- */
647-
648-/*
649- * Original code taken from mcuboot project at:
650- * https://github.com/mcu-tools/mcuboot
651- * Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a
652- */
653-
654-#include <errno.h>
655-#include "target.h"
656-#include "cmsis.h"
657-#include "Driver_Flash.h"
658-#include "sysflash/sysflash.h"
659-#include "flash_map/flash_map.h"
660-#include "flash_map_backend/flash_map_backend.h"
661-#include "bootutil/bootutil_log.h"
662-
663-__WEAK int flash_device_base(uint8_t fd_id, uintptr_t *ret)
664-{
665- if (fd_id != FLASH_DEVICE_ID) {
666- BOOT_LOG_ERR("invalid flash ID %d; expected %d",
667- fd_id, FLASH_DEVICE_ID);
668- return -1;
669- }
670- *ret = FLASH_DEVICE_BASE;
671- return 0;
672-}
673-
674-/*
675- * This depends on the mappings defined in flash_map.h.
676- * MCUBoot uses continuous numbering for the primary slot, the secondary slot,
677- * and the scratch while TF-M might number it differently.
678- */
679-int flash_area_id_from_multi_image_slot(int image_index, int slot)
680-{
681- switch (slot) {
682- case 0: return BL1_FLASH_AREA_IMAGE_PRIMARY(image_index);
683- case 1: return BL1_FLASH_AREA_IMAGE_SECONDARY(image_index);
684- case 2: return BL1_FLASH_AREA_IMAGE_SCRATCH;
685- }
686-
687- return -1; /* flash_area_open will fail on that */
688-}
689-
690-int flash_area_id_from_image_slot(int slot)
691-{
692- return flash_area_id_from_multi_image_slot(0, slot);
693-}
694-
695-int flash_area_id_to_multi_image_slot(int image_index, int area_id)
696-{
697- if (area_id == BL1_FLASH_AREA_IMAGE_PRIMARY(image_index)) {
698- return 0;
699- }
700- if (area_id == BL1_FLASH_AREA_IMAGE_SECONDARY(image_index)) {
701- return 1;
702- }
703-
704- BOOT_LOG_ERR("invalid flash area ID");
705- return -1;
706-}
707-
708-int flash_area_id_to_image_slot(int area_id)
709-{
710- return flash_area_id_to_multi_image_slot(0, area_id);
711-}
712-
713-uint8_t flash_area_erased_val(const struct flash_area *fap)
714-{
715- return DRV_FLASH_AREA(fap)->GetInfo()->erased_value;
716-}
717-
718-int flash_area_read_is_empty(const struct flash_area *fa, uint32_t off,
719- void *dst, uint32_t len)
720-{
721- uint32_t i;
722- uint8_t *u8dst;
723- int rc;
724-
725- BOOT_LOG_DBG("read_is_empty area=%d, off=%#x, len=%#x",
726- fa->fa_id, off, len);
727-
728- rc = DRV_FLASH_AREA(fa)->ReadData(fa->fa_off + off, dst, len);
729- if (rc) {
730- return -1;
731- }
732-
733- u8dst = (uint8_t*)dst;
734-
735- for (i = 0; i < len; i++) {
736- if (u8dst[i] != flash_area_erased_val(fa)) {
737- return 0;
738- }
739- }
740-
741- return 1;
742-}
743diff --git a/platform/ext/target/arm/corstone1000/bl1/provisioning.c b/platform/ext/target/arm/corstone1000/bl1/provisioning.c
744index 832fcea89..683bc45ea 100644
745--- a/platform/ext/target/arm/corstone1000/bl1/provisioning.c
746+++ b/platform/ext/target/arm/corstone1000/bl1/provisioning.c
747@@ -1,5 +1,5 @@
748 /*
749- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
750+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
751 *
752 * SPDX-License-Identifier: BSD-3-Clause
753 *
754@@ -11,7 +11,9 @@
755 #include "tfm_plat_otp.h"
756 #include "tfm_attest_hal.h"
757 #include "psa/crypto.h"
758-#include "bootutil/bootutil_log.h"
759+#include "region_defs.h"
760+#include "log.h"
761+#include "fwu_agent.h"
762
763 #include <string.h>
764
765@@ -19,51 +21,20 @@
766
767 __PACKED_STRUCT bl1_assembly_and_test_provisioning_data_t {
768 uint32_t magic;
769- uint8_t bl1_rotpk_0[32];
770+ uint8_t bl2_encryption_key[32];
771+ uint8_t guk[32];
772+ uint8_t bl1_2_image_hash[32];
773+ uint8_t bl2_image_hash[32];
774+ uint8_t bl1_2_image[BL1_2_CODE_SIZE];
775+ uint8_t bl1_rotpk_0[56];
776 };
777
778-#ifdef TFM_DUMMY_PROVISIONING
779-static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data = {
780- ASSEMBLY_AND_TEST_PROV_DATA_MAGIC,
781-#if (MCUBOOT_SIGN_RSA_LEN == 2048)
782- /* bl1 rotpk 0 */
783- {
784- 0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32,
785- 0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5,
786- 0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93,
787- 0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94,
788- },
789-#elif (MCUBOOT_SIGN_RSA_LEN == 3072)
790- /* bl1 rotpk 0 */
791- {
792- 0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff,
793- 0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99,
794- 0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a,
795- 0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38,
796- },
797-#else
798-#error "No public key available for given signing algorithm."
799-#endif /* MCUBOOT_SIGN_RSA_LEN */
800-};
801-#else
802-static const struct bl1_assembly_and_test_provisioning_data_t bl1_assembly_and_test_prov_data;
803-#endif /* TFM_DUMMY_PROVISIONING */
804+static const struct bl1_assembly_and_test_provisioning_data_t *bl1_assembly_and_test_prov_data =
805+ (struct bl1_assembly_and_test_provisioning_data_t *)PROVISIONING_DATA_START;
806+
807
808 void tfm_plat_provisioning_check_for_dummy_keys(void)
809 {
810- uint64_t iak_start;
811-
812- tfm_plat_otp_read(PLAT_OTP_ID_IAK, sizeof(iak_start), (uint8_t*)&iak_start);
813-
814- if(iak_start == 0xA4906F6DB254B4A9) {
815- BOOT_LOG_WRN("%s%s%s%s",
816- "\033[1;31m",
817- "This device was provisioned with dummy keys. ",
818- "This device is \033[1;1mNOT SECURE",
819- "\033[0m");
820- }
821-
822- memset(&iak_start, 0, sizeof(iak_start));
823 }
824
825 int tfm_plat_provisioning_is_required(void)
826@@ -85,12 +56,47 @@ enum tfm_plat_err_t provision_assembly_and_test(void)
827 enum tfm_plat_err_t err;
828
829 err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_ROTPK_0,
830- sizeof(bl1_assembly_and_test_prov_data.bl1_rotpk_0),
831- bl1_assembly_and_test_prov_data.bl1_rotpk_0);
832+ sizeof(bl1_assembly_and_test_prov_data->bl1_rotpk_0),
833+ bl1_assembly_and_test_prov_data->bl1_rotpk_0);
834+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
835+ return err;
836+ }
837+
838+
839+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE_HASH,
840+ sizeof(bl1_assembly_and_test_prov_data->bl1_2_image_hash),
841+ bl1_assembly_and_test_prov_data->bl1_2_image_hash);
842+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
843+ return err;
844+ }
845+
846+
847+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL1_2_IMAGE,
848+ sizeof(bl1_assembly_and_test_prov_data->bl1_2_image),
849+ bl1_assembly_and_test_prov_data->bl1_2_image);
850+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
851+ return err;
852+ }
853+
854+ err = tfm_plat_otp_write(PLAT_OTP_ID_KEY_BL2_ENCRYPTION,
855+ sizeof(bl1_assembly_and_test_prov_data->bl2_encryption_key),
856+ bl1_assembly_and_test_prov_data->bl2_encryption_key);
857 if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
858 return err;
859 }
860
861+ err = tfm_plat_otp_write(PLAT_OTP_ID_BL2_IMAGE_HASH,
862+ sizeof(bl1_assembly_and_test_prov_data->bl2_image_hash),
863+ bl1_assembly_and_test_prov_data->bl2_image_hash);
864+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
865+ return err;
866+ }
867+
868+ err = fwu_metadata_provision();
869+ if (err != FWU_AGENT_SUCCESS) {
870+ return 1;
871+ }
872+
873 return err;
874 }
875
876@@ -104,19 +110,18 @@ enum tfm_plat_err_t tfm_plat_provisioning_perform(void)
877 return err;
878 }
879
880- BOOT_LOG_INF("Beginning BL1 provisioning");
881+ BL1_LOG("[INF] Beginning BL1 provisioning\r\n");
882
883 #ifdef TFM_DUMMY_PROVISIONING
884- BOOT_LOG_WRN("%s%s%s%s",
885- "\033[1;31m",
886- "TFM_DUMMY_PROVISIONING is not suitable for production! ",
887- "This device is \033[1;1mNOT SECURE",
888- "\033[0m");
889+ BL1_LOG("\033[1;31m[WRN]");
890+ BL1_LOG("TFM_DUMMY_PROVISIONING is not suitable for production! ");
891+ BL1_LOG("This device is \033[1;1mNOT SECURE");
892+ BL1_LOG("\033[0m\r\n");
893 #endif /* TFM_DUMMY_PROVISIONING */
894
895 if (lcs == PLAT_OTP_LCS_ASSEMBLY_AND_TEST) {
896- if (bl1_assembly_and_test_prov_data.magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) {
897- BOOT_LOG_ERR("No valid ASSEMBLY_AND_TEST provisioning data found");
898+ if (bl1_assembly_and_test_prov_data->magic != ASSEMBLY_AND_TEST_PROV_DATA_MAGIC) {
899+ BL1_LOG("[ERR] No valid ASSEMBLY_AND_TEST provisioning data found\r\n");
900 return TFM_PLAT_ERR_INVALID_INPUT;
901 }
902
903diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
904index aca75394d..1b0675404 100644
905--- a/platform/ext/target/arm/corstone1000/config.cmake
906+++ b/platform/ext/target/arm/corstone1000/config.cmake
907@@ -8,7 +8,14 @@
908 #-------------------------------------------------------------------------------
909
910 set(BL1 ON CACHE BOOL "Whether to build BL1")
911-set(PLATFORM_DEFAULT_BL1 OFF CACHE STRING "Whether to use default BL1 or platform-specific one")
912+set(PLATFORM_DEFAULT_BL1 ON CACHE STRING "Whether to use default BL1 or platform-specific one")
913+set(PLATFORM_DEFAULT_OTP OFF CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
914+
915+set(TFM_BL1_DEFAULT_PROVISIONING OFF CACHE BOOL "Whether BL1_1 will use default provisioning")
916+set(TFM_BL1_SOFTWARE_CRYPTO OFF CACHE BOOL "Whether BL1_1 will use software crypto")
917+set(TFM_BL1_MEMORY_MAPPED_FLASH OFF CACHE BOOL "Whether BL1 can directly access flash content")
918+set(TFM_BL1_PQ_CRYPTO OFF CACHE BOOL "Enable LMS PQ crypto for BL2 verification. This is experimental and should not yet be used in production")
919+
920 set(BL2 ON CACHE BOOL "Whether to build BL2")
921 set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
922 set(DEFAULT_MCUBOOT_FLASH_MAP OFF CACHE BOOL "Whether to use the default flash map defined by TF-M project")
923@@ -26,13 +33,6 @@ set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryp
924 set(NS FALSE CACHE BOOL "Whether to build NS app")
925 set(EXTERNAL_SYSTEM_SUPPORT OFF CACHE BOOL "Whether to include external system support.")
926
927-# FVP is not integrated/tested with CC312.
928-if (${PLATFORM_IS_FVP})
929- set(PLATFORM_DEFAULT_OTP TRUE CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
930-else()
931- set(PLATFORM_DEFAULT_OTP FALSE CACHE BOOL "Use trusted on-chip flash to implement OTP memory")
932-endif()
933-
934 # External dependency on OpenAMP and Libmetal
935 set(LIBMETAL_SRC_PATH "DOWNLOAD" CACHE PATH "Path to Libmetal (or DOWNLOAD to fetch automatically")
936 set(LIBMETAL_VERSION "f252f0e007fbfb8b3a52b1d5901250ddac96baad" CACHE STRING "The version of libmetal to use")
937@@ -59,6 +59,8 @@ set(TFM_PARTITION_PROTECTED_STORAGE ON CACHE BOOL "Enable Prot
938 set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition")
939 set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition")
940 set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition")
941+set(TFM_PARTITION_MEASURED_BOOT ON CACHE BOOL "Enable Measured boot partition")
942+
943
944 if (${CMAKE_BUILD_TYPE} STREQUAL Debug OR ${CMAKE_BUILD_TYPE} STREQUAL RelWithDebInfo)
945 set(ENABLE_FWU_AGENT_DEBUG_LOGS TRUE CACHE BOOL "Enable Firmware update agent debug logs.")
946diff --git a/platform/ext/target/arm/corstone1000/partition/flash_layout.h b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
947index b01a3621b..a95ff63ef 100644
948--- a/platform/ext/target/arm/corstone1000/partition/flash_layout.h
949+++ b/platform/ext/target/arm/corstone1000/partition/flash_layout.h
950@@ -34,16 +34,6 @@
951
952 #define BL2_DATA_GAP_SIZE (0x09800) /* 38 KB */
953
954-#define BL1_DATA_START (SRAM_BASE)
955-#define BL1_DATA_SIZE (0x10000) /* 64 KiB*/
956-#define BL1_DATA_LIMIT (BL1_DATA_START + BL1_DATA_SIZE - 1)
957-
958-#ifdef BL1
959-
960-#define IMAGE_EXECUTABLE_RAM_START (SRAM_BASE + BL1_DATA_SIZE)
961-#define IMAGE_EXECUTABLE_RAM_SIZE (SRAM_SIZE - BL1_DATA_SIZE)
962-
963-#endif /* BL1 */
964
965 /*****************/
966 /***** Flash *****/
967diff --git a/platform/ext/target/arm/corstone1000/partition/region_defs.h b/platform/ext/target/arm/corstone1000/partition/region_defs.h
968index 35055fe9c..8157c36bf 100644
969--- a/platform/ext/target/arm/corstone1000/partition/region_defs.h
970+++ b/platform/ext/target/arm/corstone1000/partition/region_defs.h
971@@ -20,12 +20,17 @@
972
973 #include "flash_layout.h"
974
975+/* BL1_1 */
976+#define BL1_1_HEAP_SIZE (0x0001000) /* 4KiB */
977+#define BL1_1_MSP_STACK_SIZE (0x0001800) /* 6KiB */
978+
979+/* BL1_2 */
980+#define BL1_2_HEAP_SIZE (0x0001000) /* 4KiB */
981+#define BL1_2_MSP_STACK_SIZE (0x0001800) /* 6KiB */
982+
983 #define BL2_HEAP_SIZE (0x0001000)
984 #define BL2_MSP_STACK_SIZE (0x0001E00)
985
986-#define BL1_HEAP_SIZE (0x0001000)
987-#define BL1_MSP_STACK_SIZE (0x0001800)
988-
989 #ifdef ENABLE_HEAP
990 #define S_HEAP_SIZE (0x0000200)
991 #endif
992@@ -80,8 +85,8 @@
993
994
995 /* SE BL2 regions */
996-#define BL2_CODE_START (SRAM_BASE + TFM_PARTITION_SIZE + \
997- BL2_DATA_GAP_SIZE + BL2_HEADER_SIZE)
998+#define BL2_IMAGE_START (SRAM_BASE + SRAM_SIZE - SE_BL2_PARTITION_SIZE)
999+#define BL2_CODE_START (BL2_IMAGE_START + BL2_HEADER_SIZE)
1000 #define BL2_CODE_SIZE (IMAGE_BL2_CODE_SIZE)
1001 #define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
1002
1003@@ -91,9 +96,25 @@
1004 #define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1)
1005
1006 /* SE BL1 regions */
1007-#define BL1_CODE_START (0)
1008-#define BL1_CODE_SIZE (0x00020000) /* Whole SE ROM, 128 KiB */
1009-#define BL1_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1)
1010+#define BL1_1_CODE_START (0)
1011+#define BL1_1_CODE_SIZE (0x0000A000) /* 40 KiB */
1012+#define BL1_1_CODE_LIMIT (BL1_1_CODE_START + BL1_1_CODE_SIZE - 1)
1013+
1014+#define PROVISIONING_DATA_START (BL1_1_CODE_START + BL1_1_CODE_SIZE)
1015+#define PROVISIONING_DATA_SIZE (0x00002000) /* 8 KiB */
1016+#define PROVISIONING_DATA_LIMIT (PROVISIONING_DATA_START + PROVISIONING_DATA_SIZE - 1)
1017+
1018+#define BL1_1_DATA_START (SRAM_BASE)
1019+#define BL1_1_DATA_SIZE (0x8000) /* 32 KiB*/
1020+#define BL1_1_DATA_LIMIT (BL1_1_DATA_START + BL1_1_DATA_SIZE - 1)
1021+
1022+#define BL1_2_CODE_START (BL1_1_DATA_START + BL1_1_DATA_SIZE)
1023+#define BL1_2_CODE_SIZE (0x00001000) /* 4 KiB */
1024+#define BL1_2_CODE_LIMIT (BL1_2_CODE_START + BL1_2_CODE_SIZE - 1)
1025+
1026+#define BL1_2_DATA_START (BL1_2_CODE_START+BL1_2_CODE_SIZE)
1027+#define BL1_2_DATA_SIZE (0x8000) /* 32 KiB*/
1028+#define BL1_2_DATA_LIMIT (BL1_2_DATA_START + BL1_2_DATA_SIZE - 1)
1029
1030 #define BOOT_TFM_SHARED_DATA_BASE (S_DATA_PRIV_START)
1031
1032--
10332.17.1
1034