subtree updates: raspberrypi security arm
meta-raspberrypi: e43af1e3a6..e15b876155:
Florian Frank (1):
linux-firmware-rpidistro: Fix wireless on model 3B and Zero W
Khem Raj (1):
linux-raspberrypi_5.15.bb: Upgrade to 5.15.92
Martin Jansa (1):
gstreamer1.0-plugins-good: rename bbappend, drop version
meta-arm: dc10b73cc5..eb9c47a4e1:
Gowtham Suresh Kumar (6):
arm/edk2-basetools: Add edk2 base tool native recipe
arm-bsp/uefi_capsule: Add UEFI capsule generation class
arm-bsp/corstone1000-image: Generate UEFI capsule for corstone1000 platform
arm/edk2-basetools: Convert edk2 basetools recipes to native only
arm-bsp/uefi_capsule: Use json file to pass capsule config
arm/uefi_capsule: Move UEFI capsule to IMGDEPLOYDIR
Jon Mason (5):
arm/boot-wrapper-aarch64: update to a newer SHA
arm/gn: update to a more recent SHA
arm/opencsd: update to v1.4.0
arm/trusted-firmware-a: update version and relocate fiptool
arm/sbsa-acs: update to v6.1.0
Mohamed Omar Asaker (5):
arm-bsp/trusted-services: corstone1000:Align psa crypto client with TF-Mv1.7
arm-bsp/trusted-services:corstone1000: disable obsolete algorithms for crypto
arm-bsp/trusted-services: corstone1000: Disable SHA512/384
arm-bsp/trusted-firmware-m:corstone1000: Increase number of assets
arm-bsp/trusted-firmware-m:corstone1000: Set SPM backend to IPC
Peter Hoyes (11):
arm,arm-bsp/classes: Move wic_nopt to meta-arm
arm-bsp/classes: Use :append to add to IMAGE_TYPES in wic_nopt
CI: Factor out CACHE_DIR to improve mirror configurability
CI: Collect testimage logs on failure
arm/trusted-firmware-m: Synchronize with 1.7.0 release
arm/classes: Factor out image signing arguments in tfm_image_sign
arm/trusted-firmware-m: Create common inc file for src definitions
arm/trusted-firmware-m: Create inc file for common config
arm/trusted-firmware-m-scripts: Create inc file for common config
arm/classes: Add sstate support to tfm_sign_images
CI: Add BUILD_ENABLE_REGEX option to conditionally enable builds
Ross Burton (8):
arm-bsp/external-system: fix the gen_module race, again
arm-bsp/linux-yocto: add 5.19 kernel recipe for N1SDP
arm/linux-yocto: remove obsolete 5.19 bbappend
arm/trusted-firmware-m: Do not use release branches
arm/boot-wrapper-aarch64: tell upgrade checker to look for new SHAs
CI/machine-summary: add missing recipes
arm-toolchain/gcc-arm: add missing Signed-off-by tag
arm/optee-os: add missing patch header
meta-security: 3529cfb43e..c06b9a18a6:
Maciej Borzęcki (1):
dm-verity-img.bbclass: add squashfs images
Petr Gotthard (4):
tpm2-tss: upgrade 3.2.0 -> 4.0.1
tpm2-tools: upgrade 5.3 -> 5.5
tpm2-pkcs11: upgrade 1.8.0 -> 1.9.0
tpm2-abrmd: upgrade 2.4.1 -> 3.0.0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0e1629b2f70ad1e5f7b97f5ae6d768bde101cc6f
diff --git a/meta-arm/meta-arm-bsp/classes/wic_nopt.bbclass b/meta-arm/meta-arm-bsp/classes/wic_nopt.bbclass
deleted file mode 100644
index 322be49..0000000
--- a/meta-arm/meta-arm-bsp/classes/wic_nopt.bbclass
+++ /dev/null
@@ -1,9 +0,0 @@
-# This class removes the empty partition table header
-# in the WIC file when --no-table WKS option is used
-
-IMAGE_TYPES += "wic.nopt"
-
-CONVERSIONTYPES += "nopt"
-
-# 1024 bytes are skipped which corresponds to the size of the partition table header to remove
-CONVERSION_CMD:nopt = "tail -c +1025 ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type} > ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}.nopt"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch
index 566070a..31fd515 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0001-aarch64-Rename-labels-and-prepare-for-lower-EL-booti.patch
@@ -1,4 +1,4 @@
-From 3e7cfbe39a2a053d2a6b0d928cc172ed9d1c6da8 Mon Sep 17 00:00:00 2001
+From 545f6950ae4dc55b4974986aa9629adb16eaf4e1 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Rename labels and prepare for lower EL booting
@@ -18,10 +18,10 @@
3 files changed, 27 insertions(+), 14 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 27ba449..84e1646 100644
+index d682ba5..fab694e 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -21,18 +21,30 @@ ASM_FUNC(_start)
+@@ -34,18 +34,30 @@ ASM_FUNC(_start)
/*
* EL3 initialisation
@@ -56,7 +56,7 @@
orr x0, x0, #(1 << 0) // Non-secure EL1
orr x0, x0, #(1 << 8) // HVC enable
-@@ -124,7 +136,7 @@ ASM_FUNC(_start)
+@@ -145,7 +157,7 @@ ASM_FUNC(_start)
bl gic_secure_init
@@ -65,7 +65,7 @@
err_invalid_id:
b .
-@@ -151,7 +163,7 @@ ASM_FUNC(jump_kernel)
+@@ -172,7 +184,7 @@ ASM_FUNC(jump_kernel)
bl find_logical_id
bl setup_stack // Reset stack pointer
@@ -74,7 +74,7 @@
cmp w0, #0 // Prepare Z flag
mov x0, x20
-@@ -160,7 +172,7 @@ ASM_FUNC(jump_kernel)
+@@ -181,7 +193,7 @@ ASM_FUNC(jump_kernel)
mov x3, x23
b.eq 1f
@@ -83,7 +83,7 @@
1: mov x4, #SPSR_KERNEL
-@@ -178,5 +190,5 @@ ASM_FUNC(jump_kernel)
+@@ -199,5 +211,5 @@ ASM_FUNC(jump_kernel)
.data
.align 3
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0002-aarch64-Prepare-for-EL1-booting.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0002-aarch64-Prepare-for-EL1-booting.patch
index 46447b8..4ef4507 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0002-aarch64-Prepare-for-EL1-booting.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0002-aarch64-Prepare-for-EL1-booting.patch
@@ -1,4 +1,4 @@
-From 26f9b5354c2de9cc052531096ff92b04c3a3846f Mon Sep 17 00:00:00 2001
+From bad32d3fc127a421be416b17e4f7d6d514f06abb Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for EL1 booting
@@ -15,10 +15,10 @@
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 84e1646..b589744 100644
+index fab694e..5105b41 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -156,10 +156,14 @@ ASM_FUNC(jump_kernel)
+@@ -177,10 +177,14 @@ ASM_FUNC(jump_kernel)
ldr x0, =SCTLR_EL1_KERNEL
msr sctlr_el1, x0
@@ -35,7 +35,7 @@
bl setup_stack // Reset stack pointer
diff --git a/arch/aarch64/include/asm/cpu.h b/arch/aarch64/include/asm/cpu.h
-index 63eb1c3..b1003f4 100644
+index 49d3f86..3767da3 100644
--- a/arch/aarch64/include/asm/cpu.h
+++ b/arch/aarch64/include/asm/cpu.h
@@ -11,6 +11,7 @@
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0003-aarch64-Prepare-for-lower-EL-booting.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0003-aarch64-Prepare-for-lower-EL-booting.patch
index db81355..c621187 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0003-aarch64-Prepare-for-lower-EL-booting.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0003-aarch64-Prepare-for-lower-EL-booting.patch
@@ -1,4 +1,4 @@
-From ce628de7699dd6401ddf713efaa49872e2733619 Mon Sep 17 00:00:00 2001
+From 252cbd36e51414b60ab68306f9c38e358709494d Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for lower EL booting
@@ -17,11 +17,11 @@
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index b589744..6b45afc 100644
+index 5105b41..243198d 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -130,7 +130,16 @@ el3_init:
- mov x0, #ZCR_EL3_LEN_MASK // SVE: Enable full vector len
+@@ -151,7 +151,16 @@ el3_init:
+ mov x0, #ZCR_EL3_LEN_MAX // SVE: Enable full vector len
msr ZCR_EL3, x0 // for EL2.
-1:
@@ -38,7 +38,7 @@
ldr x0, =COUNTER_FREQ
msr cntfrq_el0, x0
-@@ -178,7 +187,7 @@ ASM_FUNC(jump_kernel)
+@@ -199,7 +208,7 @@ ASM_FUNC(jump_kernel)
b.eq 1f
br x19 // Keep current EL
@@ -47,7 +47,7 @@
/*
* If bit 0 of the kernel address is set, we're entering in AArch32
-@@ -196,3 +205,5 @@ ASM_FUNC(jump_kernel)
+@@ -217,3 +226,5 @@ ASM_FUNC(jump_kernel)
.align 3
flag_keep_el:
.long 0
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0004-gic-v3-Prepare-for-gicv3-with-EL2.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0004-gic-v3-Prepare-for-gicv3-with-EL2.patch
index e10182e..43885b9 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0004-gic-v3-Prepare-for-gicv3-with-EL2.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0004-gic-v3-Prepare-for-gicv3-with-EL2.patch
@@ -1,4 +1,4 @@
-From 483d363bf825082b6db6de3c57d169e741861891 Mon Sep 17 00:00:00 2001
+From bff110a95a5e4c9db2d61e629b4aa4b84530201e Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] gic-v3: Prepare for gicv3 with EL2
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0005-aarch64-Prepare-for-booting-with-EL2.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0005-aarch64-Prepare-for-booting-with-EL2.patch
index 3b6f78a..c634345 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0005-aarch64-Prepare-for-booting-with-EL2.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0005-aarch64-Prepare-for-booting-with-EL2.patch
@@ -1,4 +1,4 @@
-From be814863cdd5f61d9a16eec012d500550053c8c6 Mon Sep 17 00:00:00 2001
+From ba955efb35ce1d41b562190d7c2fbcbcf8ef97ff Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Prepare for booting with EL2
@@ -15,10 +15,10 @@
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 6b45afc..908764a 100644
+index 243198d..3593ca5 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -195,10 +195,18 @@ ASM_FUNC(jump_kernel)
+@@ -216,10 +216,18 @@ ASM_FUNC(jump_kernel)
*/
bfi x4, x19, #5, #1
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch
index aaacc72..18dc7ed 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0006-aarch64-Introduce-EL2-boot-code-for-Armv8-R-AArch64.patch
@@ -1,4 +1,4 @@
-From 81df76f8d94cb6c31c01739b078a72bdb8497441 Mon Sep 17 00:00:00 2001
+From 8e44fac113d935affed1550480631f3fe7f30584 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 May 2021 07:25:00 +0100
Subject: [PATCH] aarch64: Introduce EL2 boot code for Armv8-R AArch64
@@ -36,10 +36,10 @@
2 files changed, 92 insertions(+), 2 deletions(-)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 908764a..def9192 100644
+index 3593ca5..a219ea7 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -24,16 +24,24 @@ ASM_FUNC(_start)
+@@ -37,16 +37,24 @@ ASM_FUNC(_start)
* Boot sequence
* If CurrentEL == EL3, then goto EL3 initialisation and drop to
* lower EL before entering the kernel.
@@ -66,7 +66,7 @@
mov w0, #1
ldr x1, =flag_keep_el
str w0, [x1]
-@@ -139,6 +147,85 @@ el3_init:
+@@ -160,6 +168,85 @@ el3_init:
str w0, [x1]
b el_max_init
@@ -152,7 +152,7 @@
el_max_init:
ldr x0, =COUNTER_FREQ
msr cntfrq_el0, x0
-@@ -148,6 +235,7 @@ el_max_init:
+@@ -169,6 +256,7 @@ el_max_init:
b start_el_max
err_invalid_id:
@@ -161,7 +161,7 @@
/*
diff --git a/arch/aarch64/include/asm/cpu.h b/arch/aarch64/include/asm/cpu.h
-index b1003f4..91f803c 100644
+index 3767da3..3c0e00d 100644
--- a/arch/aarch64/include/asm/cpu.h
+++ b/arch/aarch64/include/asm/cpu.h
@@ -25,6 +25,7 @@
@@ -172,7 +172,7 @@
#define SPSR_EL2H (9 << 0) /* EL2 Handler mode */
#define SPSR_HYP (0x1a << 0) /* M[3:0] = hyp, M[4] = AArch32 */
-@@ -43,6 +44,7 @@
+@@ -50,6 +51,7 @@
#else
#define SCTLR_EL1_KERNEL SCTLR_EL1_RES1
#define SPSR_KERNEL (SPSR_A | SPSR_D | SPSR_I | SPSR_F | SPSR_EL2H)
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch
index b130854..131e271 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0007-Allow-enable-psci-to-choose-between-smc-and-hvc.patch
@@ -1,4 +1,4 @@
-From f5a31b4f4ea8daaa0d337d5a2322ddb1912083fc Mon Sep 17 00:00:00 2001
+From 0b9a966b8a28961b078215ee7169e32a976d5e7d Mon Sep 17 00:00:00 2001
From: Qi Feng <qi.feng@arm.com>
Date: Wed, 26 May 2021 17:52:01 +0800
Subject: [PATCH] Allow --enable-psci to choose between smc and hvc
@@ -40,7 +40,7 @@
2 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/Makefile.am b/Makefile.am
-index f941b07..88a27de 100644
+index 5731a19..fc66662 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -50,11 +50,11 @@ endif
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch
index 2ce28b7..d3ccb2e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0008-aarch64-Disable-CNTPCT_EL0-trap-for-v8-R64.patch
@@ -1,4 +1,4 @@
-From 3f4614e02f0f8d2522510578da2752f8e3511bb3 Mon Sep 17 00:00:00 2001
+From 521c121eccb386aca7c75d92528e495546adccec Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Mon, 25 Oct 2021 17:09:13 +0800
Subject: [PATCH] aarch64: Disable CNTPCT_EL0 trap for v8-R64
@@ -24,10 +24,10 @@
1 file changed, 12 insertions(+)
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index def9192..6dbd5cc 100644
+index a219ea7..27b1139 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -219,6 +219,18 @@ el2_init:
+@@ -240,6 +240,18 @@ el2_init:
orr x0, x0, #(1 << 41) // HCR_EL2.API
1: msr hcr_el2, x0
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0009-lds-Mark-the-mem-range.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0009-lds-Mark-the-mem-range.patch
index 0c310eb..c34d01c 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0009-lds-Mark-the-mem-range.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0009-lds-Mark-the-mem-range.patch
@@ -1,4 +1,4 @@
-From 2851f0e6c1216894b9498d7b91256bb1ef49e544 Mon Sep 17 00:00:00 2001
+From 780df234d98db81485b1f351f902a68def35c9d4 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 15:10:28 +0800
Subject: [PATCH] lds: Mark the mem range
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0010-common-Introduce-the-libfdt.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0010-common-Introduce-the-libfdt.patch
index 0305f8b..2d12db5 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0010-common-Introduce-the-libfdt.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0010-common-Introduce-the-libfdt.patch
@@ -1,4 +1,4 @@
-From fadf04f44b679d85e55b2e5f220fecbebb52ad03 Mon Sep 17 00:00:00 2001
+From b3762b6c5a56bf594bc5cb63d145e8efd86e106e Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 28 Dec 2021 17:02:17 +0800
Subject: [PATCH] common: Introduce the libfdt
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0011-common-Add-essential-libc-functions.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0011-common-Add-essential-libc-functions.patch
index 871a178..b7726f5 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0011-common-Add-essential-libc-functions.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0011-common-Add-essential-libc-functions.patch
@@ -1,4 +1,4 @@
-From 0f2c7ca446063be6b193fbf870d38c0af19e15c5 Mon Sep 17 00:00:00 2001
+From e2eff4f80e65cb3fcbe6345b5376a6bf7de7e2cc Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 28 Dec 2021 17:28:25 +0800
Subject: [PATCH] common: Add essential libc functions
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch
index 5917ef2..b77ab3e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0012-Makefile-Add-the-libfdt-to-the-Makefile-system.patch
@@ -1,4 +1,4 @@
-From de5d2b6c200ae5dd8113751e58bf7cf5844eec5a Mon Sep 17 00:00:00 2001
+From f4d5cf4c3424598a2b3bb391717313b70c79ea28 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 28 Dec 2021 17:42:48 +0800
Subject: [PATCH] Makefile: Add the libfdt to the Makefile system
@@ -17,7 +17,7 @@
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
-index 88a27de..5e8668a 100644
+index fc66662..ab2c3a9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -36,6 +36,9 @@ PSCI_CPU_OFF := 0x84000002
@@ -30,10 +30,10 @@
ARCH_OBJ := boot.o stack.o utils.o
if BOOTWRAPPER_32
-@@ -125,11 +128,12 @@ CHOSEN_NODE := chosen { \
- CPPFLAGS += $(INITRD_FLAGS)
- CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
+@@ -127,11 +130,12 @@ CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
CFLAGS += -Wall -fomit-frame-pointer
+ CFLAGS += -ffreestanding -nostdlib
+ CFLAGS += -fno-stack-protector
+CFLAGS += -fno-stack-protector
CFLAGS += -ffunction-sections -fdata-sections
CFLAGS += -fno-pic -fno-pie
@@ -44,7 +44,7 @@
# Don't lookup all prerequisites in $(top_srcdir), only the source files. When
# building outside the source tree $(ARCH_SRC) needs to be created.
-@@ -150,10 +154,13 @@ $(ARCH_SRC):
+@@ -152,10 +156,13 @@ $(ARCH_SRC):
$(COMMON_SRC):
$(MKDIR_P) $@
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0013-platform-Add-print_hex-func.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0013-platform-Add-print_hex-func.patch
index 136e18e..2346109 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0013-platform-Add-print_hex-func.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0013-platform-Add-print_hex-func.patch
@@ -1,4 +1,4 @@
-From 5b8cb5192dbd0332e027e8999c3afe4433983291 Mon Sep 17 00:00:00 2001
+From f0ece5e8cac761a76a86df7204bae7c6ef09215f Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 10:50:21 +0800
Subject: [PATCH] platform: Add print_hex func
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0014-common-Add-mem-usage-to-memreserve.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0014-common-Add-mem-usage-to-memreserve.patch
index ea51816..f4ea89c 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0014-common-Add-mem-usage-to-memreserve.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0014-common-Add-mem-usage-to-memreserve.patch
@@ -1,4 +1,4 @@
-From b447242cd2457bec20d47fe6a8a5758d97a3bde3 Mon Sep 17 00:00:00 2001
+From f4704146e1af9f6e0a2220db6b39a328c813fac1 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 19 Jan 2022 16:19:02 +0800
Subject: [PATCH] common: Add mem usage to /memreserve/
@@ -20,7 +20,7 @@
create mode 100644 common/device_tree.c
diff --git a/Makefile.am b/Makefile.am
-index 5e8668a..734de92 100644
+index ab2c3a9..e905602 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -34,7 +34,7 @@ endif
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0015-boot-Add-the-enable-keep-el-compile-option.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0015-boot-Add-the-enable-keep-el-compile-option.patch
index 0411ef0..7d59e5f 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0015-boot-Add-the-enable-keep-el-compile-option.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0015-boot-Add-the-enable-keep-el-compile-option.patch
@@ -1,4 +1,4 @@
-From 8271c21bcff260295203214b7b8c87cdb8236453 Mon Sep 17 00:00:00 2001
+From 5995f83592aea874f5b423538e36675e2204582b Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 4 Jan 2022 17:01:55 +0800
Subject: [PATCH] boot: Add the --enable-keep-el compile option
@@ -23,7 +23,7 @@
4 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
-index 734de92..054becd 100644
+index e905602..6604baa 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -33,6 +33,10 @@ PSCI_CPU_ON := 0xc4000003
@@ -38,10 +38,10 @@
COMMON_OBJ := boot.o bakery_lock.o platform.o lib.o device_tree.o
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 6dbd5cc..157c097 100644
+index 27b1139..c079d22 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -233,7 +233,11 @@ el2_init:
+@@ -254,7 +254,11 @@ el2_init:
msr cnthctl_el2, x0
isb
@@ -53,7 +53,7 @@
ldr x1, =spsr_to_elx
str w0, [x1]
// fall through
-@@ -313,5 +317,5 @@ ASM_FUNC(jump_kernel)
+@@ -334,5 +338,5 @@ ASM_FUNC(jump_kernel)
.align 3
flag_keep_el:
.long 0
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch
index a6b16e4..e93a300 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0016-Makefile-Change-COUNTER_FREQ-to-100-MHz.patch
@@ -1,4 +1,4 @@
-From dd3e3f414d0e6ed1643c2e2ccac676b7fc1dc7a9 Mon Sep 17 00:00:00 2001
+From 0c0695cd3160ccdb95bae29b7668918015c0b6aa Mon Sep 17 00:00:00 2001
From: Peter Hoyes <Peter.Hoyes@arm.com>
Date: Tue, 1 Feb 2022 11:28:46 +0000
Subject: [PATCH] Makefile: Change COUNTER_FREQ to 100 MHz
@@ -17,7 +17,7 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
-index 40bc5d6..b48173c 100644
+index 6604baa..cc6504e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -13,7 +13,7 @@ SCRIPT_DIR := $(top_srcdir)/scripts
@@ -29,6 +29,3 @@
CPU_IDS := $(shell perl -I $(SCRIPT_DIR) $(SCRIPT_DIR)/findcpuids.pl $(KERNEL_DTB))
NR_CPUS := $(shell echo $(CPU_IDS) | tr ',' ' ' | wc -w)
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch
index 8d981f5..b63d8d1 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0017-PSCI-Apply-flush-cache-after-setting-branch_data.patch
@@ -1,4 +1,4 @@
-From 6923f2a0c59cf92ba5ad50ec1d658a357b4ba5d7 Mon Sep 17 00:00:00 2001
+From fa73d885be85eee4369b292ec601e7b024a68807 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 10:48:39 +0800
Subject: [PATCH] PSCI: Apply flush cache after setting branch_data
@@ -47,6 +47,3 @@
return PSCI_RET_SUCCESS;
}
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0018-PSCI-Add-function-call-entry-point.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0018-PSCI-Add-function-call-entry-point.patch
index 97cd3cb..dd2b965 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0018-PSCI-Add-function-call-entry-point.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0018-PSCI-Add-function-call-entry-point.patch
@@ -1,4 +1,4 @@
-From ed46e83df2400b1b3f3364169aacf787bd91bd45 Mon Sep 17 00:00:00 2001
+From 9da48e3433b919868650cd60e28827273a42c63b Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 25 Jan 2022 14:56:36 +0800
Subject: [PATCH] PSCI: Add function call entry point
@@ -69,6 +69,3 @@
void __noreturn psci_first_spin(unsigned int cpu)
{
if (cpu == MPIDR_INVALID)
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0019-lds-Rearrange-and-mark-the-sections.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0019-lds-Rearrange-and-mark-the-sections.patch
index 1f10209..c0d1fcb 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0019-lds-Rearrange-and-mark-the-sections.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0019-lds-Rearrange-and-mark-the-sections.patch
@@ -1,4 +1,4 @@
-From 36b5fa3f4db49ac7aef42ff1d58a895226c7e96c Mon Sep 17 00:00:00 2001
+From 7c5e40d9f8699a55ac2187c035429c643e6d0ef0 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Tue, 2 Nov 2021 15:10:28 +0800
Subject: [PATCH] lds: Rearrange and mark the sections
@@ -56,6 +56,3 @@
PROVIDE(firmware_end = .);
ASSERT(etext <= (PHYS_OFFSET + TEXT_LIMIT), ".text overflow!")
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0020-common-Provide-firmware-info-using-libfdt.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0020-common-Provide-firmware-info-using-libfdt.patch
index cafcc09..1573be0 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0020-common-Provide-firmware-info-using-libfdt.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0020-common-Provide-firmware-info-using-libfdt.patch
@@ -1,4 +1,4 @@
-From 8bdbb64d13f14d40546b71dbcfee2b2a8ea002a5 Mon Sep 17 00:00:00 2001
+From 3c1140c29c39561848056fb4b9a03042b00279f3 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 15:17:38 +0800
Subject: [PATCH] common: Provide firmware info using libfdt
@@ -340,6 +340,3 @@
+
+ dt_dump_all(fw_node);
+}
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0021-boot-Enable-firmware-node-initialization.patch b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0021-boot-Enable-firmware-node-initialization.patch
index 943afde..9b367a7 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0021-boot-Enable-firmware-node-initialization.patch
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/boot-wrapper-aarch64/files/fvp-baser-aemv8r64/0021-boot-Enable-firmware-node-initialization.patch
@@ -1,4 +1,4 @@
-From 6dfc937d1ae54d2ae9f8c60ca29ba73ca14dc8c4 Mon Sep 17 00:00:00 2001
+From b1105e862e8f770fc195bc20e9c64d231dd32f66 Mon Sep 17 00:00:00 2001
From: Jaxson Han <jaxson.han@arm.com>
Date: Wed, 29 Dec 2021 15:33:17 +0800
Subject: [PATCH] boot: Enable firmware node initialization
@@ -29,7 +29,7 @@
3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
-index 054becd..b01809c 100644
+index cc6504e..fbe6b81 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,7 @@ DEFINES += -DCPU_IDS=$(CPU_IDS)
@@ -41,20 +41,20 @@
if KERNEL_32
DEFINES += -DKERNEL_32
-@@ -132,7 +132,7 @@ CHOSEN_NODE := chosen { \
- CPPFLAGS += $(INITRD_FLAGS)
- CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
+@@ -134,7 +134,7 @@ CFLAGS += -I$(top_srcdir)/include/ -I$(top_srcdir)/$(ARCH_SRC)/include/
CFLAGS += -Wall -fomit-frame-pointer
+ CFLAGS += -ffreestanding -nostdlib
+ CFLAGS += -fno-stack-protector
-CFLAGS += -fno-stack-protector
+CFLAGS += -fno-stack-protector -fno-builtin
CFLAGS += -ffunction-sections -fdata-sections
CFLAGS += -fno-pic -fno-pie
LDFLAGS += --gc-sections
diff --git a/arch/aarch64/boot.S b/arch/aarch64/boot.S
-index 157c097..f310387 100644
+index c079d22..daaa674 100644
--- a/arch/aarch64/boot.S
+++ b/arch/aarch64/boot.S
-@@ -240,6 +240,10 @@ el2_init:
+@@ -261,6 +261,10 @@ el2_init:
#endif
ldr x1, =spsr_to_elx
str w0, [x1]
@@ -65,7 +65,7 @@
// fall through
el_max_init:
-@@ -319,3 +323,5 @@ flag_keep_el:
+@@ -340,3 +344,5 @@ flag_keep_el:
.long 0
ASM_DATA(spsr_to_elx)
.long 0
@@ -93,6 +93,3 @@
*mbox = (unsigned long)&entrypoint;
sevl();
---
-2.25.1
-
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
index 5bb8c37..dce29a9 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/external-system_0.1.0.bb
@@ -8,7 +8,8 @@
LIC_FILES_CHKSUM = "file://license.md;md5=e44b2531cd6ffe9dece394dbe988d9a0 \
file://cmsis/LICENSE.txt;md5=e3fc50a88d0a364313df4b21ef20c29e"
-SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master"
+SRC_URI = "gitsm://git.gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx.git;protocol=https;branch=master \
+ file://race.patch"
SRCREV = "8c9dca74b104ff6c9722fb0738ba93dd3719c080"
PV .= "+git${SRCPV}"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch
new file mode 100644
index 0000000..c6bc4f2
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/external-system/files/race.patch
@@ -0,0 +1,66 @@
+Upstream-Status: Submitted [https://gitlab.arm.com/arm-reference-solutions/corstone1000/external_system/rtx/-/issues/1]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 34e1c04534607f5605255f39fb46e26261fc9c4e Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Tue, 8 Sep 2020 11:49:08 +0100
+Subject: [PATCH] tools/gen_module_code: atomically rewrite the generated files
+
+The gen_module rule in rules.mk is marked as .PHONY, so make will
+execute it whenever it is mentioned. This results in gen_module_code
+being executed 64 times for a Juno build.
+
+However in heavily parallel builds there's a good chance that
+gen_module_code is writing a file whilst the compiler is reading it
+because make also doesn't know what files are generated by
+gen_module_code.
+
+The correct fix is to adjust the Makefiles so that the dependencies are
+correct but this isn't trivial, so band-aid the problem by atomically
+writing the generated files.
+
+Change-Id: I82d44f9ea6537a91002e1f80de8861d208571630
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ tools/gen_module_code.py | 19 ++++++++++++++-----
+ 1 file changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/tools/gen_module_code.py b/tools/gen_module_code.py
+index 7b3953845..ee099b713 100755
+--- a/tools/gen_module_code.py
++++ b/tools/gen_module_code.py
+@@ -17,6 +17,7 @@
+ import argparse
+ import os
+ import sys
++import tempfile
+
+ DEFAULT_PATH = 'build/'
+
+@@ -53,13 +54,21 @@
+
+ def generate_file(path, filename, content):
+ full_filename = os.path.join(path, filename)
+- with open(full_filename, 'a+') as f:
+- f.seek(0)
+- if f.read() != content:
++
++ try:
++ with open(full_filename) as f:
++ rewrite = f.read() != content
++ except FileNotFoundError:
++ rewrite = True
++
++ if rewrite:
++ with tempfile.NamedTemporaryFile(prefix="gen-module-code",
++ dir=path,
++ delete=False,
++ mode="wt") as f:
+ print("[GEN] {}...".format(full_filename))
+- f.seek(0)
+- f.truncate()
+ f.write(content)
++ os.replace(f.name, full_filename)
+
+
+ def generate_header(path, modules):
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb
index 76a7126..3a1639e 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/corstone1000-image.bb
@@ -7,10 +7,15 @@
inherit image
inherit wic_nopt tfm_sign_image
+inherit uefi_capsule
PACKAGE_INSTALL = ""
-IMAGE_FSTYPES += "wic wic.nopt"
+IMAGE_FSTYPES += "wic wic.nopt uefi_capsule"
+
+UEFI_FIRMWARE_BINARY = "${PN}-${MACHINE}.${CAPSULE_IMGTYPE}"
+UEFI_CAPSULE_CONFIG = "${THISDIR}/files/${PN}-capsule-update-image.json"
+CAPSULE_IMGTYPE = "wic.nopt"
do_sign_images() {
# Sign TF-A BL2
@@ -19,7 +24,8 @@
# Update BL2 in the FIP image
cp ${RECIPE_SYSROOT}/firmware/${TFA_FIP_BINARY} .
- fiptool update --tb-fw ${TFM_IMAGE_SIGN_DIR}/signed_${TFA_BL2_BINARY} \
+ fiptool update --tb-fw \
+ ${TFM_IMAGE_SIGN_DEPLOY_DIR}/signed_${TFA_BL2_BINARY} \
${TFM_IMAGE_SIGN_DIR}/${TFA_FIP_BINARY}
# Sign the FIP image
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json b/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json
new file mode 100644
index 0000000..0f011ff
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/images/files/corstone1000-image-capsule-update-image.json
@@ -0,0 +1,11 @@
+{
+ "Payloads": [
+ {
+ "FwVersion": "5",
+ "Guid": "e2bb9c06-70e9-4b14-97a3-5a7913176e3f",
+ "LowestSupportedVersion": "1",
+ "Payload": "$UEFI_FIRMWARE_BINARY",
+ "UpdateImageIndex": "0"
+ }
+ ]
+}
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.7.0.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.7.0.bbappend
deleted file mode 100644
index ff22ff1..0000000
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.7.0.bbappend
+++ /dev/null
@@ -1,3 +0,0 @@
-# Machine specific TFAs
-
-COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend
new file mode 100644
index 0000000..392c609
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/tf-a-tests_2.8.0.bbappend
@@ -0,0 +1,4 @@
+# Machine specific TFAs
+
+COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
+SRCREV:corstone1000 = "5f591f67738a1bbe6b262c53d9dad46ed8bbcd67"
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.%.bbappend b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend
similarity index 100%
rename from meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.%.bbappend
rename to meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.%.bbappend
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-number-of-assets.patch b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-number-of-assets.patch
new file mode 100644
index 0000000..f0368b8
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0001-Platform-corstone1000-Increase-number-of-assets.patch
@@ -0,0 +1,38 @@
+From decb355247c4ba4b876997f55c27ec3f55dbacd2 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Mon, 23 Jan 2023 13:25:28 +0000
+Subject: [PATCH] Platform: corstone1000: Increase number of assets
+
+As Corstone1000 stores at boot time few efi variables.
+Therefore, number of assets is increased to compansate this early usage.
+
+Note: Adding platform customized configs to config_tfm.h
+ More information see:
+https://tf-m-user-guide.trustedfirmware.org/configuration/header_file_system.html
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ platform/ext/target/arm/corstone1000/config_tfm_target.h | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/platform/ext/target/arm/corstone1000/config_tfm_target.h b/platform/ext/target/arm/corstone1000/config_tfm_target.h
+index bf8d2f95f7..e968366639 100644
+--- a/platform/ext/target/arm/corstone1000/config_tfm_target.h
++++ b/platform/ext/target/arm/corstone1000/config_tfm_target.h
+@@ -16,4 +16,12 @@
+ #undef PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE
+ #define PLATFORM_SERVICE_OUTPUT_BUFFER_SIZE 256
+
++/* The maximum number of assets to be stored in the Internal Trusted Storage. */
++#undef ITS_NUM_ASSETS
++#define ITS_NUM_ASSETS 20
++
++/* The maximum number of assets to be stored in the Protected Storage area. */
++#undef PS_NUM_ASSETS
++#define PS_NUM_ASSETS 20
++
+ #endif /* __CONFIG_TFM_TARGET_H__ */
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.7.0-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.7.0-corstone1000.inc
index 279109e..d89aca3 100644
--- a/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.7.0-corstone1000.inc
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-1.7.0-corstone1000.inc
@@ -11,6 +11,9 @@
EXTRA_OECMAKE += "-DPLATFORM_IS_FVP=${TFM_PLATFORM_IS_FVP}"
EXTRA_OECMAKE += "-DCC312_LEGACY_DRIVER_API_ENABLED=OFF"
+## Setting SPM backend to IPC
+EXTRA_OECMAKE += "-DCONFIG_TFM_SPM_BACKEND=IPC"
+
# libmetal
LICENSE += "& BSD-3-Clause"
LIC_FILES_CHKSUM += "file://../libmetal/LICENSE.md;md5=fe0b8a4beea8f0813b606d15a3df3d3c"
@@ -26,6 +29,11 @@
EXTRA_OECMAKE += "-DLIBOPENAMP_SRC_PATH=${S}/../openamp -DLIBOPENAMP_BIN_PATH=${B}/libopenamp-build"
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+SRC_URI:append= " \
+ file://0001-Platform-corstone1000-Increase-number-of-assets.patch \
+ "
+
do_install() {
install -D -p -m 0644 ${B}/install/outputs/tfm_s_signed.bin ${D}/firmware/tfm_s_signed.bin
install -D -p -m 0644 ${B}/install/outputs/bl2_signed.bin ${D}/firmware/bl2_signed.bin
diff --git a/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_5.19.bb b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_5.19.bb
new file mode 100644
index 0000000..3bd4c75
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-yocto_5.19.bb
@@ -0,0 +1,28 @@
+KBRANCH ?= "v5.19/standard/base"
+
+require recipes-kernel/linux/linux-yocto.inc
+
+SRCREV_machine ?= "84f2f8e7a625aae0fa9e7027a2e774b99b646cf7"
+SRCREV_meta ?= "239a6c0d3c3b046971909f1e066380465b0c331d"
+
+SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \
+ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.19;destsuffix=${KMETA}"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
+LINUX_VERSION ?= "5.19.17"
+
+DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
+DEPENDS += "openssl-native util-linux-native"
+DEPENDS += "gmp-native libmpc-native"
+
+PV = "${LINUX_VERSION}+git${SRCPV}"
+
+KMETA = "kernel-meta"
+KCONF_BSP_AUDIT_LEVEL = "1"
+
+# Functionality flags
+KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc"
+KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
new file mode 100644
index 0000000..7e65de8
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch
@@ -0,0 +1,413 @@
+From ca7d37502f9453125aead14c7ee5181336cbe8f4 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:22:40 +0000
+Subject: [PATCH 1/3] TF-Mv1.7 alignment: Align PSA Crypto SIDs
+
+This patch is to change the PSA Crypto SIDs to match the values of the
+PSA Crypto SID definitions in TF-M v1.7 running on the secure enclave
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../service/common/include/psa/crypto_sid.h | 241 ++++++++++++++++++
+ components/service/common/include/psa/sid.h | 78 +-----
+ .../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +-
+ .../psa_ipc/crypto_caller_verify_hash.h | 4 +-
+ 4 files changed, 249 insertions(+), 78 deletions(-)
+ create mode 100644 components/service/common/include/psa/crypto_sid.h
+
+diff --git a/components/service/common/include/psa/crypto_sid.h b/components/service/common/include/psa/crypto_sid.h
+new file mode 100644
+index 00000000..5b05f46d
+--- /dev/null
++++ b/components/service/common/include/psa/crypto_sid.h
+@@ -0,0 +1,241 @@
++/*
++ * Copyright (c) 2023, Arm Limited. All rights reserved.
++ *
++ * SPDX-License-Identifier: BSD-3-Clause
++ *
++ */
++
++#ifndef __PSA_CRYPTO_SID_H__
++#define __PSA_CRYPTO_SID_H__
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++#include <stdint.h>
++
++/**
++ * \brief Type associated to the group of a function encoding. There can be
++ * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
++ * Asym sign, Asym encrypt, Key derivation).
++ */
++enum tfm_crypto_group_id {
++ TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
++ TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
++ TFM_CRYPTO_GROUP_ID_HASH,
++ TFM_CRYPTO_GROUP_ID_MAC,
++ TFM_CRYPTO_GROUP_ID_CIPHER,
++ TFM_CRYPTO_GROUP_ID_AEAD,
++ TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
++ TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
++ TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
++};
++
++/* X macro describing each of the available PSA Crypto APIs */
++#define KEY_MANAGEMENT_FUNCS \
++ X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
++ X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
++ X(TFM_CRYPTO_OPEN_KEY) \
++ X(TFM_CRYPTO_CLOSE_KEY) \
++ X(TFM_CRYPTO_IMPORT_KEY) \
++ X(TFM_CRYPTO_DESTROY_KEY) \
++ X(TFM_CRYPTO_EXPORT_KEY) \
++ X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
++ X(TFM_CRYPTO_PURGE_KEY) \
++ X(TFM_CRYPTO_COPY_KEY) \
++ X(TFM_CRYPTO_GENERATE_KEY)
++
++#define HASH_FUNCS \
++ X(TFM_CRYPTO_HASH_COMPUTE) \
++ X(TFM_CRYPTO_HASH_COMPARE) \
++ X(TFM_CRYPTO_HASH_SETUP) \
++ X(TFM_CRYPTO_HASH_UPDATE) \
++ X(TFM_CRYPTO_HASH_CLONE) \
++ X(TFM_CRYPTO_HASH_FINISH) \
++ X(TFM_CRYPTO_HASH_VERIFY) \
++ X(TFM_CRYPTO_HASH_ABORT)
++
++#define MAC_FUNCS \
++ X(TFM_CRYPTO_MAC_COMPUTE) \
++ X(TFM_CRYPTO_MAC_VERIFY) \
++ X(TFM_CRYPTO_MAC_SIGN_SETUP) \
++ X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
++ X(TFM_CRYPTO_MAC_UPDATE) \
++ X(TFM_CRYPTO_MAC_SIGN_FINISH) \
++ X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
++ X(TFM_CRYPTO_MAC_ABORT)
++
++#define CIPHER_FUNCS \
++ X(TFM_CRYPTO_CIPHER_ENCRYPT) \
++ X(TFM_CRYPTO_CIPHER_DECRYPT) \
++ X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
++ X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
++ X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
++ X(TFM_CRYPTO_CIPHER_SET_IV) \
++ X(TFM_CRYPTO_CIPHER_UPDATE) \
++ X(TFM_CRYPTO_CIPHER_FINISH) \
++ X(TFM_CRYPTO_CIPHER_ABORT)
++
++#define AEAD_FUNCS \
++ X(TFM_CRYPTO_AEAD_ENCRYPT) \
++ X(TFM_CRYPTO_AEAD_DECRYPT) \
++ X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
++ X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
++ X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
++ X(TFM_CRYPTO_AEAD_SET_NONCE) \
++ X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
++ X(TFM_CRYPTO_AEAD_UPDATE_AD) \
++ X(TFM_CRYPTO_AEAD_UPDATE) \
++ X(TFM_CRYPTO_AEAD_FINISH) \
++ X(TFM_CRYPTO_AEAD_VERIFY) \
++ X(TFM_CRYPTO_AEAD_ABORT)
++
++#define ASYMMETRIC_SIGN_FUNCS \
++ X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
++ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
++ X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
++ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
++
++#define AYSMMETRIC_ENCRYPT_FUNCS \
++ X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
++ X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
++
++#define KEY_DERIVATION_FUNCS \
++ X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
++ X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
++ X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
++ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
++ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
++ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
++
++#define RANDOM_FUNCS \
++ X(TFM_CRYPTO_GENERATE_RANDOM)
++
++/*
++ * Define function IDs in each group. The function ID will be encoded into
++ * tfm_crypto_func_sid below.
++ * Each group is defined as a dedicated enum in case the total number of
++ * PSA Crypto APIs exceeds 256.
++ */
++#define X(func_id) func_id,
++enum tfm_crypto_key_management_func_id {
++ KEY_MANAGEMENT_FUNCS
++};
++enum tfm_crypto_hash_func_id {
++ HASH_FUNCS
++};
++enum tfm_crypto_mac_func_id {
++ MAC_FUNCS
++};
++enum tfm_crypto_cipher_func_id {
++ CIPHER_FUNCS
++};
++enum tfm_crypto_aead_func_id {
++ AEAD_FUNCS
++};
++enum tfm_crypto_asym_sign_func_id {
++ ASYMMETRIC_SIGN_FUNCS
++};
++enum tfm_crypto_asym_encrypt_func_id {
++ AYSMMETRIC_ENCRYPT_FUNCS
++};
++enum tfm_crypto_key_derivation_func_id {
++ KEY_DERIVATION_FUNCS
++};
++enum tfm_crypto_random_func_id {
++ RANDOM_FUNCS
++};
++#undef X
++
++#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
++
++/*
++ * Numerical progressive value identifying a function API exposed through
++ * the interfaces (S or NS). It's used to dispatch the requests from S/NS
++ * to the corresponding API implementation in the Crypto service backend.
++ *
++ * Each function SID is encoded as uint16_t.
++ * | Func ID | Group ID |
++ * 15 8 7 0
++ * Func ID is defined in each group func_id enum above
++ * Group ID is defined in tfm_crypto_group_id.
++ */
++enum tfm_crypto_func_sid {
++
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
++
++ KEY_MANAGEMENT_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
++ HASH_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
++ MAC_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
++ CIPHER_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
++ AEAD_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
++ ASYMMETRIC_SIGN_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
++ AYSMMETRIC_ENCRYPT_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
++ KEY_DERIVATION_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
++ RANDOM_FUNCS
++
++};
++#undef X
++
++/**
++ * \brief Define an invalid value for an SID
++ *
++ */
++#define TFM_CRYPTO_SID_INVALID (~0x0u)
++
++/**
++ * \brief This value is used to mark an handle as invalid.
++ *
++ */
++#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
++
++/**
++ * \brief Define miscellaneous literal constants that are used in the service
++ *
++ */
++enum {
++ TFM_CRYPTO_NOT_IN_USE = 0,
++ TFM_CRYPTO_IN_USE = 1
++};
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* __PSA_CRYPTO_SID_H__ */
+diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
+index 8103a9af..50ad070e 100644
+--- a/components/service/common/include/psa/sid.h
++++ b/components/service/common/include/psa/sid.h
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
++ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+@@ -12,6 +12,9 @@
+ extern "C" {
+ #endif
+
++/******** PSA Crypto SIDs ********/
++#include "crypto_sid.h"
++
+ /******** TFM_SP_PS ********/
+ #define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
+ #define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
+@@ -43,79 +46,6 @@ extern "C" {
+ #define TFM_PLATFORM_SERVICE_HANDLE (0x40000105U)
+
+
+-/**
+- * \brief Define a progressive numerical value for each SID which can be used
+- * when dispatching the requests to the service
+- */
+-enum {
+- TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u),
+- TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
+- TFM_CRYPTO_OPEN_KEY_SID,
+- TFM_CRYPTO_CLOSE_KEY_SID,
+- TFM_CRYPTO_IMPORT_KEY_SID,
+- TFM_CRYPTO_DESTROY_KEY_SID,
+- TFM_CRYPTO_EXPORT_KEY_SID,
+- TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
+- TFM_CRYPTO_PURGE_KEY_SID,
+- TFM_CRYPTO_COPY_KEY_SID,
+- TFM_CRYPTO_HASH_COMPUTE_SID,
+- TFM_CRYPTO_HASH_COMPARE_SID,
+- TFM_CRYPTO_HASH_SETUP_SID,
+- TFM_CRYPTO_HASH_UPDATE_SID,
+- TFM_CRYPTO_HASH_FINISH_SID,
+- TFM_CRYPTO_HASH_VERIFY_SID,
+- TFM_CRYPTO_HASH_ABORT_SID,
+- TFM_CRYPTO_HASH_CLONE_SID,
+- TFM_CRYPTO_MAC_COMPUTE_SID,
+- TFM_CRYPTO_MAC_VERIFY_SID,
+- TFM_CRYPTO_MAC_SIGN_SETUP_SID,
+- TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
+- TFM_CRYPTO_MAC_UPDATE_SID,
+- TFM_CRYPTO_MAC_SIGN_FINISH_SID,
+- TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
+- TFM_CRYPTO_MAC_ABORT_SID,
+- TFM_CRYPTO_CIPHER_ENCRYPT_SID,
+- TFM_CRYPTO_CIPHER_DECRYPT_SID,
+- TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+- TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+- TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+- TFM_CRYPTO_CIPHER_SET_IV_SID,
+- TFM_CRYPTO_CIPHER_UPDATE_SID,
+- TFM_CRYPTO_CIPHER_FINISH_SID,
+- TFM_CRYPTO_CIPHER_ABORT_SID,
+- TFM_CRYPTO_AEAD_ENCRYPT_SID,
+- TFM_CRYPTO_AEAD_DECRYPT_SID,
+- TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+- TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+- TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+- TFM_CRYPTO_AEAD_SET_NONCE_SID,
+- TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+- TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+- TFM_CRYPTO_AEAD_UPDATE_SID,
+- TFM_CRYPTO_AEAD_FINISH_SID,
+- TFM_CRYPTO_AEAD_VERIFY_SID,
+- TFM_CRYPTO_AEAD_ABORT_SID,
+- TFM_CRYPTO_SIGN_MESSAGE_SID,
+- TFM_CRYPTO_VERIFY_MESSAGE_SID,
+- TFM_CRYPTO_SIGN_HASH_SID,
+- TFM_CRYPTO_VERIFY_HASH_SID,
+- TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
+- TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
+- TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
+- TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
+- TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
+- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
+- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
+- TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
+- TFM_CRYPTO_GENERATE_RANDOM_SID,
+- TFM_CRYPTO_GENERATE_KEY_SID,
+- TFM_CRYPTO_SID_MAX,
+-};
+-
+ /******** TFM_SP_PLATFORM ********/
+ #define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
+ #define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+index e4a2b167..9276748d 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_SIGN_HASH_SID,
++ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+@@ -70,7 +70,7 @@ static inline psa_status_t crypto_caller_sign_message(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
++ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+index cc9279ee..bcd8e0e4 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+@@ -63,7 +63,7 @@ static inline psa_status_t crypto_caller_verify_hash(struct service_client *cont
+ {
+
+ return crypto_caller_common(context,id,alg,hash,hash_length,
+- signature,signature_length, TFM_CRYPTO_VERIFY_HASH_SID);
++ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID);
+ }
+
+ static inline psa_status_t crypto_caller_verify_message(struct service_client *context,
+@@ -76,7 +76,7 @@ static inline psa_status_t crypto_caller_verify_message(struct service_client *c
+ {
+
+ return crypto_caller_common(context,id,alg,hash,hash_length,
+- signature,signature_length, TFM_CRYPTO_VERIFY_MESSAGE_SID);
++ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID);
+ }
+
+ #ifdef __cplusplus
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch
new file mode 100644
index 0000000..ecea236
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch
@@ -0,0 +1,655 @@
+From a3e203136e7c552069ae582273e0540a219c105f Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:01:06 +0000
+Subject: [PATCH 2/3] TF-Mv1.7 alignment: Align crypto iovec definition
+
+This patch is to align psa_ipc_crypto_pack_iovec with TF-M v1.7
+And propagate changes accross psa_ipc functions
+More accuratly change sfn_id to function_id
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../backend/psa_ipc/crypto_ipc_backend.h | 34 +++++++++----------
+ .../caller/psa_ipc/crypto_caller_aead.h | 24 ++++++-------
+ .../crypto_caller_asymmetric_decrypt.h | 2 +-
+ .../crypto_caller_asymmetric_encrypt.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_cipher.h | 14 ++++----
+ .../caller/psa_ipc/crypto_caller_copy_key.h | 2 +-
+ .../psa_ipc/crypto_caller_destroy_key.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_export_key.h | 2 +-
+ .../psa_ipc/crypto_caller_export_public_key.h | 2 +-
+ .../psa_ipc/crypto_caller_generate_key.h | 2 +-
+ .../psa_ipc/crypto_caller_generate_random.h | 2 +-
+ .../crypto_caller_get_key_attributes.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_hash.h | 12 +++----
+ .../caller/psa_ipc/crypto_caller_import_key.h | 2 +-
+ .../psa_ipc/crypto_caller_key_derivation.h | 20 +++++------
+ .../client/caller/psa_ipc/crypto_caller_mac.h | 12 +++----
+ .../caller/psa_ipc/crypto_caller_purge_key.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +--
+ .../psa_ipc/crypto_caller_verify_hash.h | 4 +--
+ 19 files changed, 73 insertions(+), 73 deletions(-)
+
+diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
+index ec25eaf8..aacd3fcc 100644
+--- a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
++++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
+@@ -28,23 +28,23 @@ struct psa_ipc_crypto_aead_pack_input {
+ };
+
+ struct psa_ipc_crypto_pack_iovec {
+- uint32_t sfn_id; /*!< Secure function ID used to dispatch the
+- * request
+- */
+- uint16_t step; /*!< Key derivation step */
+- psa_key_id_t key_id; /*!< Key id */
+- psa_algorithm_t alg; /*!< Algorithm */
+- uint32_t op_handle; /*!< Frontend context handle associated to a
+- * multipart operation
+- */
+- uint32_t capacity; /*!< Key derivation capacity */
+- uint32_t ad_length; /*!< Additional Data length for multipart AEAD */
+- uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */
+- struct psa_ipc_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for
+- * AEAD until the API is
+- * restructured
+- */
+-};
++ psa_key_id_t key_id; /*!< Key id */
++ psa_algorithm_t alg; /*!< Algorithm */
++ uint32_t op_handle; /*!< Frontend context handle associated to a
++ * multipart operation
++ */
++ uint32_t capacity; /*!< Key derivation capacity */
++ uint32_t ad_length; /*!< Additional Data length for multipart AEAD */
++ uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */
++
++ struct psa_ipc_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */
++
++ uint16_t function_id; /*!< Used to identify the function in the
++ * API dispatcher to the service backend
++ * See tfm_crypto_func_sid for detail
++ */
++ uint16_t step; /*!< Key derivation step */
++}__packed;
+
+ #define iov_size sizeof(struct psa_ipc_crypto_pack_iovec)
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+index f6aadd8b..efdffdf7 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+@@ -44,7 +44,7 @@ static inline psa_status_t crypto_caller_aead_encrypt(
+ size_t in_len;
+ int i;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
++ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
+ .key_id = key,
+ .alg = alg,
+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
+@@ -105,7 +105,7 @@ static inline psa_status_t crypto_caller_aead_decrypt(
+ size_t in_len;
+ int i;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
++ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
+ .key_id = key,
+ .alg = alg,
+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
+@@ -156,7 +156,7 @@ static inline psa_status_t crypto_caller_aead_encrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -185,7 +185,7 @@ static inline psa_status_t crypto_caller_aead_decrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -214,7 +214,7 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -243,7 +243,7 @@ static inline psa_status_t crypto_caller_aead_set_nonce(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -270,7 +270,7 @@ static inline psa_status_t crypto_caller_aead_set_lengths(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+ .ad_length = ad_length,
+ .plaintext_length = plaintext_length,
+ .op_handle = op_handle,
+@@ -299,7 +299,7 @@ static inline psa_status_t crypto_caller_aead_update_ad(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -339,7 +339,7 @@ static inline psa_status_t crypto_caller_aead_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -383,7 +383,7 @@ static inline psa_status_t crypto_caller_aead_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_FINISH_SID,
++ .function_id = TFM_CRYPTO_AEAD_FINISH_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -436,7 +436,7 @@ static inline psa_status_t crypto_caller_aead_verify(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_VERIFY_SID,
++ .function_id = TFM_CRYPTO_AEAD_VERIFY_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -482,7 +482,7 @@ static inline psa_status_t crypto_caller_aead_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ABORT_SID,
++ .function_id = TFM_CRYPTO_AEAD_ABORT_SID,
+ .op_handle = op_handle,
+ };
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
+index ff01815c..c387eb55 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
+@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_decrypt(
+ psa_status_t status;
+ size_t in_len;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
+index 1daf1689..8eb3de45 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
+@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_encrypt(
+ psa_status_t status;
+ size_t in_len;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+index fbefb28d..20aa46a5 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_cipher_encrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -62,7 +62,7 @@ static inline psa_status_t crypto_caller_cipher_decrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -91,7 +91,7 @@ static inline psa_status_t crypto_caller_cipher_generate_iv(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
++ .function_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -120,7 +120,7 @@ static inline psa_status_t crypto_caller_cipher_set_iv(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
++ .function_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -150,7 +150,7 @@ static inline psa_status_t crypto_caller_cipher_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
++ .function_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -181,7 +181,7 @@ static inline psa_status_t crypto_caller_cipher_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID,
++ .function_id = TFM_CRYPTO_CIPHER_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -208,7 +208,7 @@ static inline psa_status_t crypto_caller_cipher_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID,
++ .function_id = TFM_CRYPTO_CIPHER_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
+index 9a988171..48157d7e 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_copy_key(struct service_client *context
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_COPY_KEY_SID,
++ .function_id = TFM_CRYPTO_COPY_KEY_SID,
+ .key_id = source_key,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
+index d00f4faa..6d0a05e6 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
+@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_destroy_key(struct service_client *cont
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID,
++ .function_id = TFM_CRYPTO_DESTROY_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
+index 8ac5477f..9a6b7013 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_key(struct service_client *conte
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID,
++ .function_id = TFM_CRYPTO_EXPORT_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
+index b24c47f1..52bdd757 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_public_key(struct service_client
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
++ .function_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
+index 1b66ed40..7ed1673b 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
+@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_key(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID,
++ .function_id = TFM_CRYPTO_GENERATE_KEY_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
+index 7c538237..4fb87aa8 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
+@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_random(struct service_client *
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
++ .function_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
+index 22f1d18f..2caa3bd3 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_get_key_attributes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
++ .function_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
+ .key_id = key,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+index 9f37908a..4fb60d44 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_hash_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_SETUP_SID,
++ .function_id = TFM_CRYPTO_HASH_SETUP_SID,
+ .alg = alg,
+ .op_handle = *op_handle,
+ };
+@@ -60,7 +60,7 @@ static inline psa_status_t crypto_caller_hash_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID,
++ .function_id = TFM_CRYPTO_HASH_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -88,7 +88,7 @@ static inline psa_status_t crypto_caller_hash_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_FINISH_SID,
++ .function_id = TFM_CRYPTO_HASH_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -115,7 +115,7 @@ static inline psa_status_t crypto_caller_hash_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_ABORT_SID,
++ .function_id = TFM_CRYPTO_HASH_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -141,7 +141,7 @@ static inline psa_status_t crypto_caller_hash_verify(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID,
++ .function_id = TFM_CRYPTO_HASH_VERIFY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -167,7 +167,7 @@ static inline psa_status_t crypto_caller_hash_clone(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_CLONE_SID,
++ .function_id = TFM_CRYPTO_HASH_CLONE_SID,
+ .op_handle = source_op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
+index d4703366..1458163c 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_import_key(struct service_client *conte
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID,
++ .function_id = TFM_CRYPTO_IMPORT_KEY_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
+index 5ce4fb6c..16be9916 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_key_derivation_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
+ .alg = alg,
+ .op_handle = *op_handle,
+ };
+@@ -59,7 +59,7 @@ static inline psa_status_t crypto_caller_key_derivation_get_capacity(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -84,7 +84,7 @@ static inline psa_status_t crypto_caller_key_derivation_set_capacity(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
+ .capacity = capacity,
+ .op_handle = op_handle,
+ };
+@@ -109,7 +109,7 @@ static inline psa_status_t crypto_caller_key_derivation_input_bytes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
+ .step = step,
+ .op_handle = op_handle,
+ };
+@@ -134,7 +134,7 @@ static inline psa_status_t crypto_caller_key_derivation_input_key(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
+ .key_id = key,
+ .step = step,
+ .op_handle = op_handle,
+@@ -159,7 +159,7 @@ static inline psa_status_t crypto_caller_key_derivation_output_bytes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -185,7 +185,7 @@ static inline psa_status_t crypto_caller_key_derivation_output_key(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -211,7 +211,7 @@ static inline psa_status_t crypto_caller_key_derivation_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -239,7 +239,7 @@ static inline psa_status_t crypto_caller_key_derivation_key_agreement(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
+ .key_id = private_key,
+ .step = step,
+ .op_handle = op_handle,
+@@ -270,7 +270,7 @@ static inline psa_status_t crypto_caller_raw_key_agreement(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
++ .function_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
+ .alg = alg,
+ .key_id = private_key,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
+index 3a820192..30222800 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_mac_sign_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
++ .function_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -62,7 +62,7 @@ static inline psa_status_t crypto_caller_mac_verify_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
++ .function_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -90,7 +90,7 @@ static inline psa_status_t crypto_caller_mac_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID,
++ .function_id = TFM_CRYPTO_MAC_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -118,7 +118,7 @@ static inline psa_status_t crypto_caller_mac_sign_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
++ .function_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -147,7 +147,7 @@ static inline psa_status_t crypto_caller_mac_verify_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
++ .function_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -172,7 +172,7 @@ static inline psa_status_t crypto_caller_mac_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_ABORT_SID,
++ .function_id = TFM_CRYPTO_MAC_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
+index a3a796e2..f6ab0978 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
+@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_purge_key(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_PURGE_KEY_SID,
++ .function_id = TFM_CRYPTO_PURGE_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+index 9276748d..8b53e3dc 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+@@ -70,7 +70,7 @@ static inline psa_status_t crypto_caller_sign_message(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+index bcd8e0e4..c9ed865b 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+@@ -31,13 +31,13 @@ static inline psa_status_t crypto_caller_common(struct service_client *context,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length,
+- uint32_t sfn_id)
++ uint32_t function_id)
+ {
+ struct service_client *ipc = context;
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = sfn_id,
++ .function_id = function_id,
+ .key_id = id,
+ .alg = alg,
+ };
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch
new file mode 100644
index 0000000..0dcdd5d
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch
@@ -0,0 +1,117 @@
+From ee7e13dcc14110aa16f7c6453cfe72f088857ed2 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:34:23 +0000
+Subject: [PATCH 3/3] TF-Mv1.7 alignment: PSA crypto client in/out_vec
+
+Few psa crypto operations have different in/out_vec expectations
+This patch is fixing the differences between psa crypto client in TS
+and psa crypto service in TF-M running on the secure enclave
+
+operations:
+- aead_generate_nonce: TFM service doesn't expect op_handle in in_vec
+- aead_update: TFM service doesn't expect op_handle in in_vec
+- cipher_generate_iv: TFM service doesn't expect op_handle in in_vec
+- cipher_update: TFM service doesn't expect op_handle in in_vec
+- hash_clone: TFM service expects target_op_handle in the in_vec
+ rationale is target_op_handle according to the spec
+ must be initialized and not active. and since hash_clone
+ manipulates it. hence, target_op_handle should be passed
+ as input and output.
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../crypto/client/caller/psa_ipc/crypto_caller_aead.h | 6 ++----
+ .../crypto/client/caller/psa_ipc/crypto_caller_cipher.h | 6 ++----
+ .../crypto/client/caller/psa_ipc/crypto_caller_hash.h | 2 ++
+ 3 files changed, 6 insertions(+), 8 deletions(-)
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+index efdffdf7..e862c2de 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+@@ -222,14 +222,13 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
+ };
+ struct psa_outvec out_vec[] = {
+- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
+ {.base = psa_ptr_to_u32(nonce), .len = nonce_size}
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *nonce_length = out_vec[1].len;
++ *nonce_length = out_vec[0].len;
+ return status;
+ }
+
+@@ -353,7 +352,6 @@ static inline psa_status_t crypto_caller_aead_update(
+ {.base = psa_ptr_const_to_u32(input), .len = input_length}
+ };
+ struct psa_outvec out_vec[] = {
+- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
+ {.base = psa_ptr_const_to_u32(output), .len = output_size},
+ };
+
+@@ -365,7 +363,7 @@ static inline psa_status_t crypto_caller_aead_update(
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ in_len, out_vec, IOVEC_LEN(out_vec));
+
+- *output_length = out_vec[1].len;
++ *output_length = out_vec[0].len;
+ return status;
+ }
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+index 20aa46a5..948865e4 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+@@ -98,14 +98,13 @@ static inline psa_status_t crypto_caller_cipher_generate_iv(
+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
+ };
+ struct psa_outvec out_vec[] = {
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_to_u32(iv), .len = iv_size },
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *iv_length = out_vec[1].len;
++ *iv_length = out_vec[0].len;
+
+ return status;
+ }
+@@ -158,14 +157,13 @@ static inline psa_status_t crypto_caller_cipher_update(
+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
+ };
+ struct psa_outvec out_vec[] = {
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_to_u32(output), .len = output_size },
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *output_length = out_vec[1].len;
++ *output_length = out_vec[0].len;
+
+ return status;
+ }
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+index 4fb60d44..1e422130 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+@@ -172,6 +172,8 @@ static inline psa_status_t crypto_caller_hash_clone(
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
++ { .base = psa_ptr_to_u32(target_op_handle),
++ .len = sizeof(uint32_t) },
+ };
+ struct psa_outvec out_vec[] = {
+ { .base = psa_ptr_to_u32(target_op_handle),
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0002-corstone1000-Disable-obsolete-algorithms.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0002-corstone1000-Disable-obsolete-algorithms.patch
new file mode 100644
index 0000000..d13e167
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0002-corstone1000-Disable-obsolete-algorithms.patch
@@ -0,0 +1,32 @@
+From 1bc041813df89a1be953d0ba3471e608f6fa7ed8 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 20:54:40 +0000
+Subject: [PATCH] corstone1000: Disable obsolete algorithms
+
+curves of size <255 are obsolete algorithms
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Inappropriate [Discussions of having these configs
+ in a separate target is ongoing]
+---
+ .../targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
+index c6d4aad..1d9b356 100755
+--- a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
++++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
+@@ -66,6 +66,10 @@
+ #endif
+ #endif
+
++/* curves of size <255 are obsolete algorithms, should be disabled. */
++#undef ARCH_TEST_ECC_CURVE_SECP192R1
++#undef ARCH_TEST_ECC_CURVE_SECP224R1
++
+ /**
+ * \def ARCH_TEST_AES
+ *
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0003-corstone1000-Disable-SHA512-384.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0003-corstone1000-Disable-SHA512-384.patch
new file mode 100644
index 0000000..a16bf3e
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0003-corstone1000-Disable-SHA512-384.patch
@@ -0,0 +1,32 @@
+From abdea43f1de61a0e76b13890cb403f7955998b02 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 21:06:22 +0000
+Subject: [PATCH] corstone1000: Disable SHA512/384
+
+SHA512 and SHA384 is not available on Cryptocell (hardware accelerator)
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Inappropriate [Discussions of having these configs
+ in a separate target is ongoing]
+---
+ .../targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
+index 1d9b356..d6d552a 100755
+--- a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
++++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
+@@ -272,8 +272,8 @@
+ #define ARCH_TEST_SHA256
+ #ifndef TF_M_PROFILE_SMALL
+ #ifndef TF_M_PROFILE_MEDIUM
+-#define ARCH_TEST_SHA384
+-#define ARCH_TEST_SHA512
++// #define ARCH_TEST_SHA384
++// #define ARCH_TEST_SHA512
+ #endif
+ #endif
+ //#define ARCH_TEST_SHA512_224
+--
+2.25.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc
index 5900955..867bd66 100644
--- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-arm-platforms.inc
@@ -25,6 +25,10 @@
file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
file://0023-Use-the-stateless-platform-service.patch;patchdir=../trusted-services \
+ file://0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch;patchdir=../trusted-services \
+ file://0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch;patchdir=../trusted-services \
+ file://0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch;patchdir=../trusted-services \
"
+
COMPATIBLE_MACHINE:n1sdp = "n1sdp"
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc
index a1f43d4..c9b1c78 100644
--- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc
+++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc
@@ -4,4 +4,6 @@
SRC_URI:append:corstone1000 = " \
file://0001-corstone1000-port-crypto-config.patch;patchdir=../psatest \
+ file://0002-corstone1000-Disable-obsolete-algorithms.patch;patchdir=../psatest \
+ file://0003-corstone1000-Disable-SHA512-384.patch;patchdir=../psatest \
"