From patchwork Fri Nov 24 15:07:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 35183 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 791E8C636D0 for ; Fri, 24 Nov 2023 15:08:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.138980.1700838481748449015 for ; Fri, 24 Nov 2023 07:08:01 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C880C1BA8; Fri, 24 Nov 2023 07:08:47 -0800 (PST) Received: from e126835.cambridge.arm.com (e126835.cambridge.arm.com [10.1.35.144]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4DA3F3F73F; Fri, 24 Nov 2023 07:08:00 -0800 (PST) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com, Jon.Mason@arm.com Cc: nd@arm.com, Emekcan Aras Subject: [PATCH 1/3] arm-bsp/documentation: corstone1000: Add EFI system partition section Date: Fri, 24 Nov 2023 15:07:48 +0000 Message-Id: <20231124150750.81497-2-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231124150750.81497-1-emekcan.aras@arm.com> References: <20231124150750.81497-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 24 Nov 2023 15:08:08 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5276 From: Emekcan Aras Adds creating an EFI System Partition for Corstone-1000. Signed-off-by: Emekcan Aras --- .../documentation/corstone1000/user-guide.rst | 109 +++++++++++++++++- 1 file changed, 105 insertions(+), 4 deletions(-) diff --git a/meta-arm-bsp/documentation/corstone1000/user-guide.rst b/meta-arm-bsp/documentation/corstone1000/user-guide.rst index ad1b0c99..f07b971c 100644 --- a/meta-arm-bsp/documentation/corstone1000/user-guide.rst +++ b/meta-arm-bsp/documentation/corstone1000/user-guide.rst @@ -386,6 +386,107 @@ steps described in following section "Clean Secure Flash Before Testing" to erase the SecureEnclave flash cleanly and prepare a clean board environment for the testing. +Prepare EFI System Partition +=========================================================== +Corstone-1000 FVP and MPS3 do not have enough on-chip nonvolatile memory to host +an EFI System Partition (ESP). Thus, Corstone-1000 uses mass storage device for +ESP. The instructions below should be followed for both FVP and FPGA before +running the ACS tests. + +**Common to FVP and FPGA:** + +#. Create an empty 100 MB partition: + :: + + dd if=/dev/zero of=corstone1000-efi-partition.img iflag=fullblock bs=512 count=204800 && sync + +#. Use OpenSuse Raw image to copy the contents of EFI partition. + + To download OpenSUSE Tumbleweed raw image: + - Under `OpenSUSE Tumbleweed appliances `__ + - The user should look for a Tumbleweed-ARM-JeOS-efi.aarch64-* Snapshot, for example, + ``openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw.xz`` + + Once the .raw.xz file is downloaded, the raw image file needs to be extracted: + + :: + + unxz + + + The above command will generate a file ending with extension .raw image. Use the + following command to get address of the first partition + + :: + + fdisk -lu /openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw + -> Device Start End Sectors Size Type + /openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw1 8192 40959 32768 16M EFI System + /openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw2 40960 1064959 1024000 500M Linux swap + /openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw3 1064960 5369822 4304863 2.1G Linux filesystem + + -> = 8192 + -> = 32768 + +#. Copy the ESP from opensuse image to empty image: + + :: + + dd conv=notrunc if=openSUSE-Tumbleweed-ARM-JeOS-efi.aarch64--Snapshot.raw skip= of=corstone1000-efi-partition.img seek= iflag=fullblock seek= bs=512 count= && sync + + +#. Use the provided disk-layout below to label the ESP correctly. + + efi_disk.layout + :: + + label: gpt + label-id: AC53D121-B818-4515-9031-BE02CCEB8701 + device: corstone1000-efi-partition.img + unit: sectors + first-lba: 34 + last-lba: 204766 + + corstone1000-efi-partition.img : start=8192, size=32768, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=792D821F-98AE-46E3-BABD-948003A650F8, name="p.UEFI" + + And use the following command the label the newly created ESP. + + :: + + sfdisk corstone1000-efi-partition.img < efi_disk.layout + + To test the image, you can now mount the disk image + + :: + + fdisk -lu corstone1000-efi-partition.img + -> Device Start End Sectors Size Type + corstone1000-efi-partition.img1 8192 40959 32768 16M EFI System + + = 8192 * 512 (sector size) = 4194304 + + sudo mount -o loop,offset=4194304 corstone1000-efi-partition.img /mount_point + +**Using ESP in FPGA:** + +Once the ESP is created, it needs to be flashed to a second USB drive different than ACS image. +This can be done with the development machine. + +:: + + sudo dd if=corstone1000-efi-partition.img of=/dev/sdb iflag=direct oflag=direct status=progress bs=512; sync; + +Now you can plug this USB stick to the board together with ACS test USB stick. + +**Using ESP in FVP:** + +The ESP disk image can directly be used in Corstone-1000 FVP by simply passing it as +the 2nd MMC card image. + +:: + + <_workspace>/meta-arm/scripts/runfvp <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="${/ir_acs_live_image.img}" -C board.msd_mmc_2.p_mmc_file="${/corstone1000-efi-partition.img}" + Clean Secure Flash Before Testing (applicable to FPGA only) =========================================================== @@ -498,7 +599,7 @@ USB drive. Run the following commands to prepare the ACS image in USB stick: sudo dd if=ir-acs-live-image-generic-arm64.wic of=/dev/sdb iflag=direct oflag=direct bs=1M status=progress; sync Once the USB stick with ACS image is prepared, the user should make sure that -ensure that only the USB stick with the ACS image is connected to the board, +ensure that both USB sticks (ESP and ACS image) are connected to the board, and then boot the board. The FPGA will reset multiple times during the test, and it might take approx. 24-36 hours to finish the test. @@ -510,14 +611,14 @@ FVP instructions for ACS image and run Download ACS image from: - ``https://gitlab.arm.com/systemready/acs/arm-systemready/-/tree/main/IR/prebuilt_images/v23.03_2.0.0`` -Use the below command to run the FVP with ACS image support in the -SD card. +Use the below command to run the FVP with EFI and ACS image support in the +SD cards. :: unxz ${/ir-acs-live-image-generic-arm64.wic.xz} - <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file=/ir-acs-live-image-generic-arm64.wic + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file=/ir-acs-live-image-generic-arm64.wic -C board.msd_mmc_2.p_mmc_file="${/corstone1000-efi-partition.img}" The test results can be fetched using following commands: From patchwork Fri Nov 24 15:07:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 35182 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CEDDC624B4 for ; Fri, 24 Nov 2023 15:08:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.138899.1700838483551345686 for ; Fri, 24 Nov 2023 07:08:03 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A21B91063; Fri, 24 Nov 2023 07:08:49 -0800 (PST) Received: from e126835.cambridge.arm.com (e126835.cambridge.arm.com [10.1.35.144]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 9EE063F73F; Fri, 24 Nov 2023 07:08:01 -0800 (PST) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com, Jon.Mason@arm.com Cc: nd@arm.com, Emekcan Aras , Delane Brandy Subject: [PATCH 2/3] arm-bsp/documentation: corstone1000: add a note and fix instructions Date: Fri, 24 Nov 2023 15:07:49 +0000 Message-Id: <20231124150750.81497-3-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231124150750.81497-1-emekcan.aras@arm.com> References: <20231124150750.81497-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 24 Nov 2023 15:08:08 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5277 From: Emekcan Aras Add a note for Capsule update negative test scenario and fixes instructions regarding distro-boot in Corstone-1000 user guide. Signed-off-by: Emekcan Aras Signed-off-by: Delane Brandy --- .../documentation/corstone1000/user-guide.rst | 41 +++++++++++-------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/meta-arm-bsp/documentation/corstone1000/user-guide.rst b/meta-arm-bsp/documentation/corstone1000/user-guide.rst index f07b971c..134ed41d 100644 --- a/meta-arm-bsp/documentation/corstone1000/user-guide.rst +++ b/meta-arm-bsp/documentation/corstone1000/user-guide.rst @@ -388,7 +388,7 @@ the testing. Prepare EFI System Partition =========================================================== -Corstone-1000 FVP and MPS3 do not have enough on-chip nonvolatile memory to host +Corstone-1000 FVP and FPGA do not have enough on-chip nonvolatile memory to host an EFI System Partition (ESP). Thus, Corstone-1000 uses mass storage device for ESP. The instructions below should be followed for both FVP and FPGA before running the ACS tests. @@ -948,8 +948,8 @@ In the Linux command-line run the following: lowest_supported_fw_ver: 0 -Negative scenario -================= +Negative scenario (Applicable to FPGA only) +=========================================== In the negative case scenario (rollback the capsule version), the user should see appropriate logs in the secure enclave terminal. @@ -1012,6 +1012,12 @@ In the Linux command-line run the following: last_attempt_version: 5 lowest_supported_fw_ver: 0 +**Note**: This test is currently not working properly in Corstone-1000 FVP. +However, it is not part of the System-Ready IR tests, and it won't affect the +SR-IR certification. All the compulsory `capsule update tests for SR-IR +`__ +works on both Corstone-1000 FVP and FPGA. + Linux distros tests ------------------- @@ -1041,8 +1047,17 @@ documentation. cd meta-arm git am 0001-arm-bsp-u-boot-corstone1000-Skip-the-shim-by-booting.patch cd .. + +**On FPGA** +:: + kas shell meta-arm/kas/corstone1000-mps3.yml:meta-arm/ci/debug.yml -c="bitbake u-boot trusted-firmware-a corstone1000-image -c cleansstate; bitbake corstone1000-image" +**On FVP** +:: + + kas shell meta-arm/kas/corstone1000-fvp.yml:meta-arm/ci/debug.yml -c="bitbake u-boot trusted-firmware-a corstone1000-image -c cleansstate; bitbake corstone1000-image" + On FPGA, please update the cs1000.bin on the SD card with the newly generated wic file. ************************************************* @@ -1051,12 +1066,11 @@ Preparing the Installation Media Download one of following Linux distro images: - `Debian installer image `__ (Tested on: debian-12.2.0-arm64-DVD-1.iso) - - `OpenSUSE Tumbleweed installer image `__ (Tested on: openSUSE-Tumbleweed-DVD-aarch64-Snapshot20231105-Media.iso) + - `OpenSUSE Tumbleweed installer image `__ (Tested on: openSUSE-Tumbleweed-DVD-aarch64-Snapshot20231120-Media.iso) **NOTE:** For OpenSUSE Tumbleweed, the user should look for a DVD Snapshot like openSUSE-Tumbleweed-DVD-aarch64-Snapshot-Media.iso -Once the iso file is downloaded, it needs to be flashed to your drive as explained in the next paragraphs. FPGA ================================================== @@ -1082,17 +1096,10 @@ following command in the development machine: FVP ================================================== -To test Linux distro install and boot on FVP, the user should prepare two mmc images. -One containing the OS-DVD image and another with a minimum size of 8GB formatted with gpt. - -The downloaded iso file needs to be flashed to one of your mmc images. - +To test Linux distro install and boot on FVP, the user should prepare an mmc image. +With a minimum size of 8GB formatted with gpt. :: - - #Generating mmc1 - sudo dd if= of=<_workspace>/mmc1.iso iflag=direct oflag=direct status=progress bs=1M; sync; - #Generating mmc2 dd if=/dev/zero of=<_workspace>/mmc2_file.img bs=1 count=0 seek=8G; sync; parted -s mmc2_file.img mklabel gpt @@ -1127,7 +1134,7 @@ FVP :: - <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="<_workspace>/mmc1.iso" -C board.msd_mmc_2.p_mmc_file="<_workspace>/mmc2_file.img" + <_workspace>/meta-arm/scripts/runfvp --terminals=xterm <_workspace>/build/tmp/deploy/images/corstone1000-fvp/corstone1000-image-corstone1000-fvp.fvpconf -- -C board.msd_mmc.p_mmc_file="" -C board.msd_mmc_2.p_mmc_file="<_workspace>/mmc2_file.img" The installer should now start. The os will be installed on the second mmc 'mmc2_file.img'. @@ -1205,7 +1212,9 @@ Proceed to edit the following files accordingly: :: - vi /etc/systemd/system.conf + vi /etc/systemd/system.conf #Only applicable to Debian + DefaultDeviceTimeoutSec=infinity + vi /usr/lib/systemd/system.conf # Only applicable to openSUSE DefaultDeviceTimeoutSec=infinity The file to be edited next is different depending on the installed distro: From patchwork Fri Nov 24 15:07:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 35181 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60465C61DF4 for ; Fri, 24 Nov 2023 15:08:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.138900.1700838484922083483 for ; Fri, 24 Nov 2023 07:08:05 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 15D791063; Fri, 24 Nov 2023 07:08:51 -0800 (PST) Received: from e126835.cambridge.arm.com (e126835.cambridge.arm.com [10.1.35.144]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 774A33F73F; Fri, 24 Nov 2023 07:08:03 -0800 (PST) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org, Ross.Burton@arm.com, Jon.Mason@arm.com Cc: nd@arm.com, Abdellatif El Khlifi Subject: [PATCH 3/3] kas: corstone1000: pin the SHAs Date: Fri, 24 Nov 2023 15:07:50 +0000 Message-Id: <20231124150750.81497-4-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231124150750.81497-1-emekcan.aras@arm.com> References: <20231124150750.81497-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 24 Nov 2023 15:08:08 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5278 From: Abdellatif El Khlifi Upgrade the Corstone-1000 YMLs as follows: - Set the layers SHAs - Align with Kas v4 - Update the layers list Signed-off-by: Abdellatif El Khlifi --- kas/corstone1000-base.yml | 11 ++++++----- kas/corstone1000-fvp.yml | 2 +- kas/corstone1000-mps3.yml | 2 +- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/kas/corstone1000-base.yml b/kas/corstone1000-base.yml index 5e4ae7e4..1ab65455 100644 --- a/kas/corstone1000-base.yml +++ b/kas/corstone1000-base.yml @@ -1,5 +1,5 @@ header: - version: 11 + version: 14 env: DISPLAY: "" @@ -8,7 +8,7 @@ distro: poky-tiny defaults: repos: - refspec: master + branch: nanbield repos: meta-arm: @@ -19,21 +19,22 @@ repos: poky: url: https://git.yoctoproject.org/git/poky - refspec: 31dd418207f6c95ef0aad589cd03cd2a4c9a8bf2 + commit: 2e9c2a2381105f1306bcbcb54816cbc5d8110eff layers: meta: meta-poky: - meta-yocto-bsp: meta-openembedded: url: https://git.openembedded.org/meta-openembedded - refspec: 5a01ab461c9bcabcbb2298236602373948f8f073 + commit: 1750c66ae8e4268c472c0b2b94748a59d6ef866d layers: meta-oe: meta-python: + meta-perl: meta-secure-core: url: https://github.com/wind-river/meta-secure-core.git + commit: e29165a1031dcf601edbed1733cedd64826672a5 layers: meta: meta-signing-key: diff --git a/kas/corstone1000-fvp.yml b/kas/corstone1000-fvp.yml index b3e21cd4..abf40703 100644 --- a/kas/corstone1000-fvp.yml +++ b/kas/corstone1000-fvp.yml @@ -1,5 +1,5 @@ header: - version: 11 + version: 14 includes: - kas/corstone1000-base.yml - kas/fvp-eula.yml diff --git a/kas/corstone1000-mps3.yml b/kas/corstone1000-mps3.yml index 53be4382..7d63a185 100644 --- a/kas/corstone1000-mps3.yml +++ b/kas/corstone1000-mps3.yml @@ -1,5 +1,5 @@ header: - version: 11 + version: 14 includes: - kas/corstone1000-base.yml