From patchwork Fri Nov 24 12:55:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abdellatif El Khlifi X-Patchwork-Id: 35171 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A72D8C61DF7 for ; Fri, 24 Nov 2023 12:55:37 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.134615.1700830536435787092 for ; Fri, 24 Nov 2023 04:55:36 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: abdellatif.elkhlifi@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 81ED71FB; Fri, 24 Nov 2023 04:56:22 -0800 (PST) Received: from e130802.arm.com (unknown [10.57.83.243]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E9D273F6C4; Fri, 24 Nov 2023 04:55:34 -0800 (PST) From: abdellatif.elkhlifi@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com Cc: nd@arm.com, Emekcan Aras , Abdellatif El Khlifi Subject: [PATCH v2 3/4] arm-bsp/documentation: corstone1000: update the architecture document Date: Fri, 24 Nov 2023 12:55:12 +0000 Message-Id: <20231124125513.358963-3-abdellatif.elkhlifi@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231124125513.358963-1-abdellatif.elkhlifi@arm.com> References: <20231124125513.358963-1-abdellatif.elkhlifi@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 24 Nov 2023 12:55:37 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5273 From: Emekcan Aras align the architecture document with the upcoming CORSTONE1000-2023.11 release Signed-off-by: Emekcan Aras Signed-off-by: Abdellatif El Khlifi --- .../corstone1000/software-architecture.rst | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/meta-arm-bsp/documentation/corstone1000/software-architecture.rst b/meta-arm-bsp/documentation/corstone1000/software-architecture.rst index bf3535b2..ce8bd7e0 100644 --- a/meta-arm-bsp/documentation/corstone1000/software-architecture.rst +++ b/meta-arm-bsp/documentation/corstone1000/software-architecture.rst @@ -72,8 +72,10 @@ non-secure and the secure world is performed via FF-A messages. An external system is intended to implement use-case specific functionality. The system is based on Cortex-M3 and run RTX RTOS. -Communictaion between external system and Host(cortex-A35) is performed -using MHU as transport mechanism and rpmsg messaging system. +Communication between the external system and Host (Cortex-A35) is performed +using MHU as transport mechanism and rpmsg messaging system (the external system +support in Linux is disabled in this release. More info about this change can be found in the +release-notes). Overall, the Corstone-1000 architecture is designed to cover a range of Power, Performance, and Area (PPA) applications, and enable extension @@ -157,9 +159,9 @@ Secure Firmware Update ********************** Apart from always booting the authorized images, it is also essential that -the device only accepts the authorized images in the firmware update +the device only accepts the authorized (signed) images in the firmware update process. Corstone-1000 supports OTA (Over the Air) firmware updates and -follows Platform Security Firmware Update sepcification (`FWU`_). +follows Platform Security Firmware Update specification (`FWU`_). As standardized into `FWU`_, the external flash is divided into two banks of which one bank has currently running images and the other bank is @@ -172,7 +174,10 @@ Image (the initramfs bundle). The new images are accepted in the form of a UEFI :width: 690 :alt: ExternalFlash - +When Firmware update is triggered, u-boot verifies the capsule by checking the +capsule signature, version number and size. Then it signals the Secure Enclave +that can start writing UEFI capsule into the flash. Once this operation finishes +,Secure Enclave resets the entire system. The Metadata Block in the flash has the below firmware update state machine. TF-M runs an OTA service that is responsible for accepting and updating the images in the flash. The communication between the UEFI Capsule update