From patchwork Fri Apr 12 10:05:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 42262 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12271C00A94 for ; Fri, 12 Apr 2024 10:05:43 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.43374.1712916337597033895 for ; Fri, 12 Apr 2024 03:05:37 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 868E71596; Fri, 12 Apr 2024 03:06:06 -0700 (PDT) Received: from e126835.arm.com (unknown [10.57.83.142]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 79B573F64C; Fri, 12 Apr 2024 03:05:36 -0700 (PDT) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org Cc: Emekcan Aras Subject: [PATCH 1/3] arm-bsp/u-boot: corstone1000: Change MMCOMM buffer location Date: Fri, 12 Apr 2024 11:05:25 +0100 Message-Id: <20240412100527.991610-2-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240412100527.991610-1-emekcan.aras@arm.com> References: <20240412100527.991610-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 12 Apr 2024 10:05:43 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5536 From: Emekcan Aras MM Communicate buffer is accessed by normal world but at the moment it's allocated in the secure ram. This moves mm communicate buffer to the DDR and also fixes the capsule buffer size since it cannot be more than the bank size. Signed-off-by: Emekcan Aras --- .../u-boot/u-boot-corstone1000.inc | 1 + ...ne1000-Change-MMCOMM-buffer-location.patch | 47 +++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0045-Corstone1000-Change-MMCOMM-buffer-location.patch diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc index c0a029e9..b5e53818 100644 --- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc @@ -60,6 +60,7 @@ SRC_URI:append = " \ file://0042-corstone1000-enable-virtio-net-support.patch \ file://0043-firmware-psci-Fix-bind_smccc_features-psci-check.patch \ file://0044-corstone1000-set-unique-GUID-for-fvp-and-mps3.patch \ + file://0045-Corstone1000-Change-MMCOMM-buffer-location.patch \ " do_configure:append() { diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0045-Corstone1000-Change-MMCOMM-buffer-location.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0045-Corstone1000-Change-MMCOMM-buffer-location.patch new file mode 100644 index 00000000..500db81e --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0045-Corstone1000-Change-MMCOMM-buffer-location.patch @@ -0,0 +1,47 @@ +From 7721d33dfc87b40db72cefa399c46b25b1255247 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras +Date: Wed, 3 Apr 2024 14:02:42 +0100 +Subject: [PATCH] Corstone1000: Change MMCOMM buffer location + +MM Communicate buffer is accessed by normal world but at the moment +it's allocated in the secure ram. This moves mm communicate buffer +to the DDR and also fixes the capsule buffer size since it cannot be +more than the bank size. + +Signed-off-by: Emekcan Aras +Upstream-Status: Pending [Not submitted to upstream yet] +--- + configs/corstone1000_defconfig | 2 +- + include/configs/corstone1000.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig +index 8770b474e2..ae164be030 100644 +--- a/configs/corstone1000_defconfig ++++ b/configs/corstone1000_defconfig +@@ -62,7 +62,7 @@ CONFIG_NVMXIP_QSPI=y + CONFIG_EFI_MM_COMM_TEE=y + CONFIG_FFA_SHARED_MM_BUF_SIZE=4096 + CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 +-CONFIG_FFA_SHARED_MM_BUF_ADDR=0x02000000 ++CONFIG_FFA_SHARED_MM_BUF_ADDR=0x81FFF000 + CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y + CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y + CONFIG_FWU_NUM_IMAGES_PER_BANK=4 +diff --git a/include/configs/corstone1000.h b/include/configs/corstone1000.h +index 8622565a87..fe5b064c85 100644 +--- a/include/configs/corstone1000.h ++++ b/include/configs/corstone1000.h +@@ -31,7 +31,7 @@ + #define PREP_SEPROXY_EVT(x) (FIELD_PREP(PREP_SEPROXY_EVT_MASK, (x))) + + /* Size in 4KB pages of the EFI capsule buffer */ +-#define CORSTONE1000_CAPSULE_BUFFER_SIZE (8192) /* 32 MB */ ++#define CORSTONE1000_CAPSULE_BUFFER_SIZE (4096) /* 16 MB */ + + /* Capsule GUID */ + #define EFI_CORSTONE1000_CAPSULE_ID_GUID \ +-- +2.25.1 + + From patchwork Fri Apr 12 10:05:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 42261 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FD64C04FFE for ; Fri, 12 Apr 2024 10:05:43 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.43375.1712916338554153639 for ; Fri, 12 Apr 2024 03:05:38 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6F2EF113E; Fri, 12 Apr 2024 03:06:07 -0700 (PDT) Received: from e126835.arm.com (unknown [10.57.83.142]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 889C43F7C5; Fri, 12 Apr 2024 03:05:37 -0700 (PDT) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org Cc: Emekcan Aras Subject: [PATCH 2/3] arm-bsp/trusted-services: corstone1000: Change MM comm buffer location Date: Fri, 12 Apr 2024 11:05:26 +0100 Message-Id: <20240412100527.991610-3-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240412100527.991610-1-emekcan.aras@arm.com> References: <20240412100527.991610-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 12 Apr 2024 10:05:43 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5537 From: Emekcan Aras MM Communicate buffer is accessed by normal world but at the moment so it should be located in DDR instead of secure-ram. This moves mm communicate buffer to the DDR for trusted-service components. Signed-off-by: Emekcan Aras --- meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend | 2 +- .../recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend | 2 +- .../trusted-services/ts-sp-smm-gateway_%.bbappend | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend b/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend index 99c03f69..450cfc58 100644 --- a/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend +++ b/meta-arm-bsp/recipes-security/trusted-services/libts_%.bbappend @@ -1,5 +1,5 @@ require ts-arm-platforms.inc -EXTRA_OECMAKE:append:corstone1000 = "-DMM_COMM_BUFFER_ADDRESS=0x02000000 \ +EXTRA_OECMAKE:append:corstone1000 = "-DMM_COMM_BUFFER_ADDRESS=0x81FFF000 \ -DMM_COMM_BUFFER_PAGE_COUNT=1 \ " diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend b/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend index eba15532..3a1b2d81 100644 --- a/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend +++ b/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend @@ -1,5 +1,5 @@ require ts-arm-platforms.inc -EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x81FFF000" \ -DMM_COMM_BUFFER_PAGE_COUNT="1" \ " diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend b/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend index eba15532..3a1b2d81 100644 --- a/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend +++ b/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend @@ -1,5 +1,5 @@ require ts-arm-platforms.inc -EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x81FFF000" \ -DMM_COMM_BUFFER_PAGE_COUNT="1" \ " From patchwork Fri Apr 12 10:05:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emekcan Aras X-Patchwork-Id: 42263 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2F117C41513 for ; Fri, 12 Apr 2024 10:05:43 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.42914.1712916339508374448 for ; Fri, 12 Apr 2024 03:05:39 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: emekcan.aras@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 793BA1596; Fri, 12 Apr 2024 03:06:08 -0700 (PDT) Received: from e126835.arm.com (unknown [10.57.83.142]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 728D23F64C; Fri, 12 Apr 2024 03:05:38 -0700 (PDT) From: emekcan.aras@arm.com To: meta-arm@lists.yoctoproject.org Cc: Emekcan Aras Subject: [PATCH 3/3] arm-bsp/trusted-firmware-m: corstone1000: Enable host firewall in FVP Date: Fri, 12 Apr 2024 11:05:27 +0100 Message-Id: <20240412100527.991610-4-emekcan.aras@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240412100527.991610-1-emekcan.aras@arm.com> References: <20240412100527.991610-1-emekcan.aras@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 12 Apr 2024 10:05:43 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5538 From: Emekcan Aras Enables host firewall and mpu setup for FVP. It also fixes secure-ram configuration and disable access rights to secure ram from both normal world for both mps3 and fvp. Signed-off-by: Emekcan Aras --- ...tone1000-Enable-host-firewall-in-FVP.patch | 177 ++++++++++++++++++ .../trusted-firmware-m-corstone1000.inc | 1 + 2 files changed, 178 insertions(+) create mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch new file mode 100644 index 00000000..4f15da22 --- /dev/null +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0008-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch @@ -0,0 +1,177 @@ +From 1410dc5504d60219279581b1cf6442f81551cfe7 Mon Sep 17 00:00:00 2001 +From: Emekcan Aras +Date: Wed, 3 Apr 2024 13:37:40 +0100 +Subject: [PATCH] Platform: Corstone1000: Enable host firewall in FVP + +Enables host firewall and mpu setup for FVP. It also fixes secure-ram +configuration and disable access rights to secure ram from both normal world +for both mps3 and fvp. + +Signed-off-by: Emekcan Aras +Upstream-Status: Pending [Not submitted to upstream yet] +--- + .../Device/Include/platform_base_address.h | 2 +- + .../arm/corstone1000/bl1/boot_hal_bl1_1.c | 42 ++++--------------- + .../arm/corstone1000/bl2/flash_map_bl2.c | 2 +- + 3 files changed, 11 insertions(+), 35 deletions(-) + +diff --git a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h +index 416f0ebcd..101cad9e7 100644 +--- a/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h ++++ b/platform/ext/target/arm/corstone1000/Device/Include/platform_base_address.h +@@ -67,7 +67,7 @@ + * required by the SE are defined here */ + #define CORSTONE1000_HOST_ADDRESS_SPACE_BASE (0x60000000U) /* Host Address Space */ + #define CORSTONE1000_HOST_BIR_BASE (0x60000000U) /* Boot Instruction Register */ +-#define CORSTONE1000_HOST_SHARED_RAM_BASE (0x62000000U) /* Shared RAM */ ++#define CORSTONE1000_HOST_TRUSTED_RAM_BASE (0x62000000U) /* Secure RAM */ + #define CORSTONE1000_HOST_XNVM_BASE (0x68000000U) /* XNVM */ + #define CORSTONE1000_HOST_BASE_SYSTEM_CONTROL_BASE (0x7A010000U) /* Host SCB */ + #define CORSTONE1000_EXT_SYS_RESET_REG (0x7A010310U) /* external system (cortex-M3) */ +diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c +index a5fee66af..7988c2392 100644 +--- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c ++++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_1.c +@@ -35,7 +35,7 @@ REGION_DECLARE(Image$$, ER_DATA, $$Base)[]; + REGION_DECLARE(Image$$, ARM_LIB_HEAP, $$ZI$$Limit)[]; + + #define HOST_ADDRESS_SPACE_BASE 0x00000000 +-#define HOST_SHARED_RAM_BASE 0x02000000 ++#define HOST_TRUSTED_RAM_BASE 0x02000000 + #define HOST_XNVM_BASE 0x08000000 + #define HOST_BASE_SYSTEM_CONTROL_BASE 0x1A010000 + #define HOST_FIREWALL_BASE 0x1A800000 +@@ -347,7 +347,7 @@ static void setup_host_firewall(void) + + fc_pe_enable(); + +- /* CVM - Shared RAM */ ++ /* CVM - Secure RAM */ + fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_CVM); + fc_disable_bypass(); + fc_pe_disable(); +@@ -355,15 +355,12 @@ static void setup_host_firewall(void) + fc_select_region(1); + fc_disable_regions(); + fc_disable_mpe(RGN_MPE0); +- fc_prog_rgn(RGN_SIZE_4MB, HOST_SHARED_RAM_BASE); ++ fc_prog_rgn(RGN_SIZE_4MB, HOST_TRUSTED_RAM_BASE); + fc_init_mpl(RGN_MPE0); + + mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK | + RGN_MPL_SECURE_WRITE_MASK | +- RGN_MPL_SECURE_EXECUTE_MASK | +- RGN_MPL_NONSECURE_READ_MASK | +- RGN_MPL_NONSECURE_WRITE_MASK | +- RGN_MPL_NONSECURE_EXECUTE_MASK); ++ RGN_MPL_SECURE_EXECUTE_MASK); + + fc_enable_mpl(RGN_MPE0, mpl_rights); + fc_disable_mpl(RGN_MPE0, ~mpl_rights); +@@ -398,7 +395,9 @@ static void setup_host_firewall(void) + + fc_pe_enable(); + +- /* Host Expansion Master 0 */ ++#if !(PLATFORM_IS_FVP) ++ /* Host Expansion Master 0 (Due to the difference in the models only ++ * programming this for MPS3) */ + fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST0); + fc_disable_bypass(); + fc_pe_disable(); +@@ -433,7 +432,6 @@ static void setup_host_firewall(void) + fc_enable_regions(); + fc_rgn_lock(); + +-#if !(PLATFORM_IS_FVP) + fc_select_region(3); + fc_disable_regions(); + fc_disable_mpe(RGN_MPE0); +@@ -461,16 +459,14 @@ static void setup_host_firewall(void) + fc_enable_mpe(RGN_MPE0); + fc_enable_regions(); + fc_rgn_lock(); +-#endif + + fc_pe_enable(); + +- /* Host Expansion Master 0 */ ++ /* Host Expansion Master 1*/ + fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_EXPMST1); + fc_disable_bypass(); + fc_pe_disable(); + +-#if !(PLATFORM_IS_FVP) + fc_select_region(1); + fc_disable_regions(); + fc_disable_mpe(RGN_MPE0); +@@ -484,22 +480,6 @@ static void setup_host_firewall(void) + fc_enable_mpe(RGN_MPE0); + fc_enable_regions(); + fc_rgn_lock(); +-#else +- fc_select_region(1); +- fc_disable_regions(); +- fc_disable_mpe(RGN_MPE0); +- fc_prog_rgn(RGN_SIZE_8MB, HOST_SE_SECURE_FLASH_BASE_FVP); +- fc_init_mpl(RGN_MPE0); +- +- mpl_rights = (RGN_MPL_ANY_MST_MASK | RGN_MPL_SECURE_READ_MASK | +- RGN_MPL_SECURE_WRITE_MASK); +- +- fc_enable_mpl(RGN_MPE0, mpl_rights); +- fc_enable_mpe(RGN_MPE0); +- fc_enable_regions(); +- fc_rgn_lock(); +-#endif +- + fc_pe_enable(); + + /* Always ON Host Peripherals */ +@@ -527,7 +507,6 @@ static void setup_host_firewall(void) + } + + fc_pe_enable(); +- + /* Host System Peripherals */ + fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_SYSPERIPH); + fc_disable_bypass(); +@@ -553,6 +532,7 @@ static void setup_host_firewall(void) + } + + fc_pe_enable(); ++#endif + + /* Host System Peripherals */ + fc_select((void *)CORSTONE1000_HOST_FIREWALL_BASE, COMP_DBGPERIPH); +@@ -592,13 +572,9 @@ int32_t boot_platform_init(void) + if (result != ARM_DRIVER_OK) { + return 1; + } +-#if !(PLATFORM_IS_FVP) + setup_mpu(); +-#endif + setup_se_firewall(); +-#if !(PLATFORM_IS_FVP) + setup_host_firewall(); +-#endif + + #if defined(TFM_BL1_LOGGING) || defined(TEST_BL1_1) || defined(TEST_BL1_2) + stdio_init(); +diff --git a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c +index 2b1cdfa19..06cc3f0f5 100644 +--- a/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c ++++ b/platform/ext/target/arm/corstone1000/bl2/flash_map_bl2.c +@@ -70,7 +70,7 @@ int boot_get_image_exec_ram_info(uint32_t image_id, + rc = 0; + } + else if (image_id == 1 || image_id == 2) { +- (*exec_ram_start) = CORSTONE1000_HOST_SHARED_RAM_BASE; ++ (*exec_ram_start) = CORSTONE1000_HOST_TRUSTED_RAM_BASE; + (*exec_ram_size) = 0x20000000U; + rc = 0; + } +-- +2.25.1 + + diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc index e098da72..72aea36f 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc @@ -40,6 +40,7 @@ SRC_URI:append:corstone1000 = " \ file://0005-platform-corstone1000-fix-synchronization-issue-on-o.patch \ file://0006-Platform-Corstone1000-skip-the-first-nv-counter.patch \ file://0007-platform-corstone1000-add-unique-guid-for-mps3.patch \ + file://0008-Platform-Corstone1000-Enable-host-firewall-in-FVP.patch \ " # TF-M ships patches for external dependencies that needs to be applied