Commit Graph

65 Commits

Author SHA1 Message Date
Brandon Maier
ad20908243 boot/arm-trusted-firmware: enable verbose output
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a8c7a53985)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-05-22 08:11:55 +02:00
Thomas Petazzoni
de964d7b78 boot/arm-trusted-firmware: fix hash checking
Commit
c6ab9328e1 ("boot/arm-trusted-firmware:
change BR_NO_CHECK_HASH_FOR logic") was written too hastily, and is
actually broken as it does the reverse of what it should do. It really
should disable the check when we're using a custom version/git/tarball
of TF-A, not the opposite.

Thanks to Romain for pointing out the problem, and providing an IRL
patch to solve the issue.

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-02-07 10:09:14 +01:00
Marleen Vos
2a310666e0 boot/arm-trusted-firmware: add config option to use latest lts-v2.8.13
Patch 0001-feat-build-add-support-for-new-binutils-versions.patch as
found in v2.8 patch dir has already been applied in lts-v2.8.13
Patch 0002-build-tools-avoid-unnecessary-link.patch from v2.8 has
been included as 0001-build-tools-avoid-unnecessary-link.patch for
lts-v2.8.13

Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-02-06 17:31:44 +01:00
Thomas Petazzoni
c6ab9328e1 boot/arm-trusted-firmware: change BR_NO_CHECK_HASH_FOR logic
Currently, arm-trusted-firmware checks the hash only if
BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION=y. As we're about to
introduce other version options for which the hash checking is needed,
let's reverse the logic, and instead ignore hash checking if we're
using a custom version or custom git or custom tarball.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-02-06 17:31:43 +01:00
Marleen Vos
47647814f5 boot/arm-trusted-firmware: bump latest version to v2.10
Patch 0001-build-tools-avoid-unnecessary-link.patch that was applied to
v2.9 is already in v2.10, so no new patch dir for v2.10 is added

Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-02-06 14:28:02 +01:00
Peter Korsgaard
e6ef64d955 boot/arm-trusted-firmware: fix fiptool linking issue on hosts without openssl
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/5834758777

Commit e7d16c35a (boot/arm-trusted-firmware: fix the RPATH of fiptool) tried
to fix the build of host-fiptool, but forgot to pass HOST_CFLAGS.

On hosts without (compatible) openssl development headers, this breaks
the build when it cannot find the openssl headers:

fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-01-04 22:42:42 +01:00
Louis Chauvet
e7d16c35ae boot/arm-trusted-firmware: fix the RPATH of fiptool
The arm-trusted-firmware package builds a host tool called "fiptool",
which is used during the build process of arm-trusted-firmware
itself. This tool links against the OpenSSL host library, and
therefore needs to be built with the correct RPATH pointing to
$HOST_DIR/lib.

This is why commit a957d9a90a
("boot/arm-trusted-firmware: build fiptool separately with dependency
o n host-openssl") added the ARM_TRUSTED_FIRMWARE_BUILD_FIPTOOL
variable, which builds the fiptool tool first, with the right
variables set, before invoking the full build of TF-A. This ensured
that fiptool was built with the correct RPATH.

However, more recent versions of TF-A have modified their Makefile
machinery, and fiptool is being rebuilt even if it was built
before. Unfortunately, this rebuild is no longer done with the right
flags, so we end up with a fiptool binary that no longer has the right
RPATH, and fiptool fails to find the OpenSSL libraries from
$HOST_DIR/lib.

In order to fix this, we take a different approach: we do not build
fiptool separately first, but we inject the necessary flags through
the HOSTCC variable. Indeed, there's no HOST_LDFLAGS or HOST_LDLIBS
variable or similar that would allow us to pass the -Wl,-rpath flag
that is needed. Shoe-horning this flag into HOSTCC gets the job done,
and actually simplifies our arm-trusted-firmware.mk.

This patch break the compatibility with version prior to 1.4 (upstream
commit 72610c4102990 ("build: Introduce HOSTCC flag")). v1.4 is very old
(July 2017), not used anymore in-tree and probably not used anymore
outside the tree.

Signed-off-by: Louis Chauvet <louis.chauvet@bootlin.com>
Co-authored-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-12-08 22:24:18 +01:00
Peter Korsgaard
5a8a7530bf boot/arm-trusted-firmware: set BUILD_STRING to package version
TF-A prints a version string at boot which includes the version number as
specified in the Makefile and additional "build" information, specified by
the BUILD_STRING parameter:

https://trustedfirmware-a.readthedocs.io/en/v2.9/getting_started/build-options.html

BUILD_STRING: Input string for VERSION_STRING, which allows the TF-A build
to be uniquely identified.  Defaults to the current git commit id.

This is implemented as:

 # Default build string (git branch and commit)
 ifeq (${BUILD_STRING},)
	BUILD_STRING  :=  $(shell git describe --always --dirty --tags 2> /dev/null)
 endif

https://github.com/ARM-software/arm-trusted-firmware/blob/master/Makefile#L225-L228

Which is never correct in the context of Buildroot, as the TF-A build
directory is never a git repo, and git will move up the directory tree and
possibly and (possibly) pick up the git version of Buildroot instead.

To fix that, explicitly set BUILD_STRING to the version of the package.
Pass it before BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES so it
can still be overridden by the user if needed.

strings images/tf-a-* | egrep '^v2\.'
v2.9(debug):2023.08-859-g99d78b52a0
v2.9(debug):v2.9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-02 14:43:57 +01:00
Thomas Petazzoni
4a71356832 boot/arm-trusted-firmware: introduce a choice to select the BL33 image
We now have 3 different options to select an image as the BL33 stage
of TF-A: Barebox, U-Boot or EDK2. Technically speaking, they are
mutually exclusive: they all specify a BL33= variable to the TF-A
build, and TF-A can only support a single BL33 stage.

However, as pointed out by Vincent Fazio in [0] there is nothing that
prevents selecting Barebox, U-Boot and EDK2 together, even though it
doesn't make sense.

To address this, this commit introduces a choice...endchoice block,
into which the Barebox, U-Boot and EDK2 options are moved. An
additional "none" option is added, which is the default, and
corresponds to not having any BL33 image.

Since we keep the same name for the options, no legacy handling is
necessary.

[0] https://lore.kernel.org/buildroot/PH1P110MB1603A4AA1638838DA56BAA069FDA9@PH1P110MB1603.NAMP110.PROD.OUTLOOK.COM/

Reported-by: Vincent Fazio <vfazio@xes-inc.com>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-08-12 22:17:14 +02:00
Vincent Stehlé
f3597910cf boot/arm-trusted-firmware: add patch to fix fiptool link
When building a fip firmware (BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y), the
TF-A build recipe starts by building the host program fiptool with the
proper build environment variables. Then the main TF-A target firmware
build step takes place, with the expectation that the fiptool program will
be used under the hood if necessary.

In TF-A, the build recipe for the host program fiptool has subtly changed
after v2.7, in commit cf2dd17ddda2 ("refactor(security): add OpenSSL 1.x
compatibility"). This change has the effect to force re-linking fiptool
each time.

If we try to build with Buildroot a fip firmware with a TF-A version after
v2.7 comprising the aforementioned change, the fiptool program is forcibly
re-linked during the main firmware build step. This happens without the
proper build environment variables and consequently, if openssl is not
installed on the host, the libcrypto shared library will not be found by
the linker and the link will fail with the following error:

  /usr/bin/ld: cannot find -lcrypto: No such file or directory

A patch has been integrated into TF-A to avoid re-linking fiptool when not
necessary, which should solve the problem starting with version v2.10. Add
that patch in Buildroot for versions v2.8 and v2.9, to repair the build in
the cases described above.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/4664845767

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
[yann.morin.1998@free.fr:
  - don't use symlink in v2.9, just copy patch
  - fix numbering in v2.8 which now has two patches
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-07-23 19:28:21 +02:00
Heiko Thiery
7b774048be boot/arm-trusted-firmware: fix build issue with binutils 2.39+
The new version of binutils introduces a new warning when linking. The
new warninng is enabled by default. To fix the issue this warning is
disabled by adding the patches to the arm-trusted-firmware package
v{2.2..2.8}. This is a backport of an upstream commit [1]

Since there are too many defconfigs that use the arm-trusted-firmware
package, it is not practical to create a global-patch-dir for all of them.
Therefore the patches are only in the package directory.

[1] 1f49db5f25

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4603996186
https://gitlab.com/buildroot.org/buildroot/-/jobs/4603996189

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: add proper Upstream: tags]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-07-10 23:39:18 +02:00
Casey Reeves
48d9042e5d boot/arm-trusted-firmware: allow using Barebox as BL33
Since version 2022.04.0, Barebox now supports a generic image built
for platforms, to be used as BL33 to generate FIP images. This patch
makes it available as a choice of BL33 to be used with ATF and is
based on the similar work put into U-Boot as BL33.

Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-02-21 22:34:27 +01:00
Baruch Siach
5e330ff030 boot/arm-trusted-firmware: fix SSP disable in v2.2
ATF version 2.2 and older does not disable SSP when
ENABLE_STACK_PROTECTOR is not set. This is because the compiler enables
SSP by default, and ATF does not pass -fno-stack-protector to the
compiler. Upstream commit 7af195e29a42 ("Disable stack protection
explicitly") fixed the issue for v2.3 and newer.

Add -fno-stack-protector in CFLAGS when
BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP is not set to fix older ATF
versions.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3301821171

Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-11-13 21:54:57 +01:00
Baruch Siach
f03ae60451 boot/arm-trusted-firmware: don't enable SSP by default
SSP support requires support in ATF platform code. Not all platforms
implement plat_get_stack_protector_canary() hook. The result is build
failure:

(.text.asm.update_stack_protector_canary+0x4): undefined reference to `plat_get_stack_protector_canary'

Commit cf176128ec ("boot/arm-trusted-firmware: add SSP option")
originally introduces this issue. But then commit ccac9a5bbb
("boot/arm-trusted-firmware: don't force ENABLE_STACK_PROTECTOR") hid
the problem by effectively disabling SSP for all platforms. So only
after commit 09acc7cbc9 ("boot/arm-trusted-firmware: fix SSP
support") the issue showed up.

Make SSP an opt-in for platform that actually provide the
plat_get_stack_protector_canary() hook.

Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Dick Olsson <hi@senzilla.io>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-10-28 08:46:15 +02:00
Baruch Siach
09acc7cbc9 boot/arm-trusted-firmware: fix SSP support
Commit ccac9a5bbb ("boot/arm-trusted-firmware: don't force
ENABLE_STACK_PROTECTOR") fixed a build failure but also effectively
disabled SSP entirely for ATF. This is because ENABLE_STACK_PROTECTOR is
set to 0 unconditionally in make_helpers/defaults.mk, overwriting any
environment set value. So we must pass ENABLE_STACK_PROTECTOR in
MAKE_OPTS for it to be effective. But to avoid said build failure we
can't pass ENABLE_STACK_PROTECTOR=0.

Only pass ENABLE_STACK_PROTECTOR when
BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP is enabled. Drop SSP_LEVEL value for
the !BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP case which is now unused.

Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-10-17 10:30:08 +02:00
Francois Perrad
4a340349bc boot/arm-trusted-firmware: allow to generate BL2 from RCW
This patch adds the option BR2_TARGET_ARM_TRUSTED_FIRMWARE_RCW that
allows TF-A to encapsulate a pre-loaded RCW (Reset Configuration Word)
file into BL2.

Upcoming NXP QorIQ family board needs this option.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-08-23 23:18:20 +02:00
Arnout Vandecappelle (Essensium/Mind)
4d919211ed boot/arm-trusted-firmware: set CFLAGS from environment, not override
Older versions of TF-A don't support setting CFLAGS on the make command
line. They use 'CFLAGS += ...' in the Makefile, which is still
overridden by the CFLAGS on the command line.

Fix this by moving the CFLAGS setting to the environment. Both older and
newer versions of TF-A handle this correctly.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/2781800954
and a large number of other defconfigs

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-07-30 17:02:02 +02:00
Christian Stewart
9e315b0cad boot/arm-trusted-firmware: allow enabling without uboot or edk2
It should be possible to compile ARM_TRUSTED_FIRMWARE without u-boot or EDK2.
For example, one might want to produce "bl31.bin" for use as an init stub for
the Raspberry Pi 4.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-07-26 22:51:09 +02:00
Kory Maincent
d5584f07e3 boot/arm-trusted-firmware: update condition for custom tarball management
This patch updates the condition to handle custom tarballs as specified by
the configuration. This change is made to have cleaner condition and for
consistency.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-07-23 22:11:26 +02:00
Kory Maincent
0829c09527 boot/arm-trusted-firmware: remove extra ending parentheses
There are two extra ending parentheses to be removed.
They are present from the beggining of TF-A package. I suppose extra
ending parenthese does not bring any issue, but it seems relevant to
remove them.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-23 21:29:18 +02:00
Olivier L'Heureux
647269b149 boot/arm-trusted-firmware: bump version to 2.7
Bumped the default version of the "arm-trusted-firmware" (a.k.a. TF-A)
from 2.5 to 2.7: updated the config and the tarball checksum.
Work-around CVE-2022-23960.

Updated the "qemu_aarch64_sbsa_defconfig" accordingly: it was using an
"arm-trusted-firmware" v2.4, it nows selects version 2.7.

Updated the license checksum because the license file changed
slightly: it mentions an additional file ("irq.h") released under a
dual GPL or MIT license.

Tested with the "qemu_aarch64_sbsa_defconfig" and QEMU: it boots
without new warning or error message.

Release notes:
<https://trustedfirmware-a.readthedocs.io/en/latest/change-log.html>

Signed-off-by: Olivier L'Heureux <olivier.lheureux@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-23 21:10:46 +02:00
Xuanhao Shi
6103d9b597 boot/arm-trusted-firmware: add target board options
Some platforms such as TI's k3 outputs a TARGET_BOARD directory
in their ATF build output paths after PLATFORM.
$(@D)/build/<PLATFORM>/ does not contain the debug or release
directories for these platforms.
They are under $(@D)/build/<PLATFORM>/<TARGET_BOARD>/

Signed-off-by: Xuanhao Shi <x-shi@ti.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-23 17:39:38 +02:00
Kory Maincent
4678363579 package/arm-gnu-toolchain: Bump to 11.2-2022.02 and rename from arm-gnu-a-toolchain
arm-gnu-a-toolchain is now deprecated to be replaced by arm-gnu-toolchain.
The old link [1] now points to a shared page between Cortex-A and
Cortex-R/M [2].

Rename the package, taking into account legacy info, while bumping it.
Also update TF-A package that depends on it.

[1] https://developer.arm.com/downloads/-/gnu-a
[2] https://developer.arm.com/Tools%20and%20Software/GNU%20Toolchain

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-06-19 18:52:38 +02:00
Kory Maincent
1061ed6c62 boot/arm-trusted-firmware: add -fno-PIE to CFLAGS
By default the toolchain-wrapper enable -fPIE to the build of all packages.
TF-A support Position Independent Executable(PIE) only in few build cases,
therefore it should be disable by default.
If you still want to enable PIE, TF-A provide a "ENABLE_PIE" build options
that will override the cflags for the supported cases.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
[Peter: Only do so for BR2_PIC_PIE]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-06-03 11:13:36 +02:00
Quentin Schulz
8354176915 boot/arm-trusted-firmware: point LICENSE_FILES to correct file
Since v2.2 release (commits 8cc36aec912 "doc: De-duplicate readme and
license files" and 9f1622b018ab "doc: Move content out of readme and
create new index page "), the license.rst file at the root of the git
repo is only telling to look at docs/license.rst file.

Let's point the ARM_TRUSTED_FIRMWARE_LICENSE_FILES to the correct file
and modify the .hash file accordingly.

The comment has also been wrong since we bumped from version 1.4 to 2.2
in commit  a757d173f1  (boot/arm-trusted-firmware: bump to version
2.2). Drop referencing an explicit version, so that is is never wrong
again.

Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
[yann.morin.1998@free.fr: also fix the comment.]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-09-24 21:49:37 +02:00
Arnout Vandecappelle (Essensium/Mind)
7dac56b76e Merge branch 'master' into next
Conflicts:
	package/go/go.hash
	package/go/go.mk

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-08-26 23:40:57 +02:00
Kory Maincent
82f5b3724b boot/arm-trusted-firmware: Add out-of-source ATF device tree support
Similarly to Uboot, this patch adds the ability to copy in and build
out-of-source device tree sources during an ATF build.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-08-19 23:27:32 +02:00
Baruch Siach
ccac9a5bbb boot/arm-trusted-firmware: don't force ENABLE_STACK_PROTECTOR
Commit 5f432df7e2 ("boot/arm-trusted-firmware: change
ENABLE_STACK_PROTECTOR value when disabled") set
ENABLE_STACK_PROTECTOR=0 when disabled. But since we pass this value as
MAKE_OPT, the internal ATF logic that sets ENABLE_STACK_PROTECTOR again
based on its initial value breaks. This leads to build failure:

make[1]: *** [/builds/buildroot.org/buildroot/output/build/arm-trusted-firmware-v2.4/build/a80x0_mcbin/release/libc/assert.o] Error 1
aarch64-buildroot-linux-uclibc-gcc.br_real: error: unrecognized command-line option ‘-fstack-protector-0’; did you mean ‘-fstack-protector’?

Move ENABLE_STACK_PROTECTOR to make environment instead to allow make to
change its value.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/1497663294

Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-08-17 09:24:09 +02:00
Thomas Petazzoni
5f432df7e2 boot/arm-trusted-firmware: change ENABLE_STACK_PROTECTOR value when disabled
Since commit
cf176128ec ("boot/arm-trusted-firmware:
add SSP option"), we are passing ENABLE_STACK_PROTECTOR=none when we
want to disable SSP usage in TF-A. While this works fine in recent
versions of TF-A, older versions such as TF-A will end up passing
-fstack-protector-none in this situation, which fails as this is not a
valid gcc option (the valid gcc option is -fno-stack-protector).

To solve this, we pass ENABLE_STACK_PROTECTOR=0 which was in older
TF-A versions used to say "don't do anything with SSP", and is also
still supported in newer versions of TF-A.

Fixes:

 https://gitlab.com/buildroot.org/buildroot/-/jobs/1478738580

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-08-08 21:54:32 +02:00
Yann E. MORIN
11fffded3c boot/arm-trusted-firmware: fix coding-style
Fix coding style issue introduced in cf176128ec (boot/arm-trusted-firmware:
add SSP option)

Fixes: cf176128ec

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-26 22:17:07 +02:00
Sergey Matyukevich
cf176128ec boot/arm-trusted-firmware: add SSP option
Buildroot sets appropriate ENABLE_STACK_PROTECTOR build flag value based
on the toolchain global BR2_SSP_* options, and all packages are built
with that setting.

However it might not be always convenient to automatically infer TF-A
stack protection from the toolchain features. For instance, secure
memory constraints may become an issue and all the extra TF-A features
need to be tuned or disabled in order to shrink TF-A firmware image.

Besides, for any value other than "none", TF-A platform specific hook
'plat_get_stack_protector_canary' must be implemented. However this hook
is not implemented by all the platforms supported by TF-A. For instance,
Allwinner currently does not provide such a hook.

Add an new option that a user can toggle to enable or disable SSP in
their ATF build. If enabled, the SSP level is automatically inherited
from the global setting.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
[yann.morin.1998@free.fr: simplify logic with a single boolean]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-26 17:10:25 +02:00
Heiko Thiery
cb5d9fdf1e boot/arm-trusted-firmware: bump to version 2.5
Release notes:
https://trustedfirmware-a.readthedocs.io/en/latest/change-log.html#version-2-5

The existing qemu_aarch64_sbsa_defconfig was using an unpinned version
of ATF, so to avoid any regression, it is pinned to the previous
version, 2.4.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: pin ATF version in qemu_aarch64_sbsa_defconfig]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-21 11:43:54 +02:00
Dick Olsson
1074a37e78 boot/edk2: new package
EDK2 is a modern, feature-rich, cross-platform firmware development
environment for the UEFI and PI specifications.

The initial version of this bootloader package makes it possible to
build firmware for the following seven configurations:

 * QEMU x86-64 pc machine
 * QEMU aarch64 virt machine, booting directly from flash
 * QEMU aarch64 virt machine, booting via the kernel protocol
 * QEMU aarch64 sbsa-ref machine
 * ARM FVP vexpress machine
 * Socionext SynQuacer Developerbox
 * SolidRun MacchiatoBin

Support the use of EDK2 UEFI payloads as BL33 in ARM Trusted Firmware.

Signed-off-by: Dick Olsson <hi@senzilla.io>
[yann.morin.1998@free.fr:
  - duplicate defaults in Config.in
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-17 16:52:33 +02:00
D. Olsson
d8705587dc boot/arm-trusted-firmware: Bump to version 2.4
Required in order to build properly with the latest stable release of
EDK2 UEFI firmware.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-12-30 10:29:05 +01:00
Christoph Müllner
7b3fcbcdaa boot/arm-trusted-firmware: Forward stack protection configuration
TF-A supports stack smashing protection (-fstack-protector-*).
However, that feature is currently silently disabled because
ENABLE_STACK_PROTECTOR is not set during build time.

As documented in the TF-A user guide, the flag ENABLE_STACK_PROTECTOR
is required to enable stack protection support. When enabled the symbols
for the stack protector (e.g. __stack_chk_guard) are built.
This needs to be done because TF-A does not link against an external
library that provides that symbols (e.g. libc).

So in case we see that BR2_SSP_* is enabled, let's enable the corresponding
ENABLE_STACK_PROTECTOR build flag for TF-A as documented in the TF-A user guide.

This patch also fixes a the following linker errors with older TF-A versions
if BR2_SSP_* is enabled (i.e. -fstack-protector-* is used as compiler flag)
and ENABLE_STACK_PROTECTOR is not set, which are caused by the missing
stack protector symbols:

  [...]
  params_setup.c:(.text.params_early_setup+0xc): undefined reference to `__stack_chk_guard'
  aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x14): undefined reference to `__stack_chk_guard'
  aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x104): undefined reference to `__stack_chk_guard'
  aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x118): undefined reference to `__stack_chk_fail'
  aarch64-none-linux-gnu-ld: ./build/px30/release/bl31/pmu.o: in function `rockchip_soc_sys_pwr_dm_suspend':
  pmu.c:(.text.rockchip_soc_sys_pwr_dm_suspend+0xc): undefined reference to `__stack_chk_guard'
  [...]

TF-A releases after Nov 2019, that include 7af195e29a4, will circumvent
these issue by explicitliy and silently disabling the stack protector
by appending '-fno-stack-protector' to the compiler flags in case
ENABLE_STACK_PROTECTOR is not set.

Tested on a Rockchip PX30 based system (TF-A v2.2 and upstream/master).

Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2020-12-15 21:24:48 +01:00
Dick Olsson
a757d173f1 boot/arm-trusted-firmware: bump to version 2.2
Release notes:
https://trustedfirmware-a.readthedocs.io/en/latest/change-log.html#version-2-2

Take this opportunity to fix the hash file spacing.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-20 22:29:17 +02:00
Romain Naour
36c0a0c656 boot/arm-trusted-firmware: ignore licencing check for user defined official version
The commit [1] "licensing info is only valid for v1.4" fixed the legal-info
issues when a custom ATF tarball or a version from git is used.
But we need to ignore licencing for a used defined official ATF version.

Althougt the ATF version are licensed under BSD-3-Clause, the license
file can be updated between version (for example between v1.4 and v2.0).

Ignore the licencing check if the user provide a custom official version.

[1] d1a61703f7

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr: use positive logic with the _LATEST option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-30 23:21:07 +02:00
Suniel Mahesh
fbed118ed2 boot/arm-trusted-firmware: add optional host-arm-gnu-a-toolchain dependency
Some ATF configurations, require a pre-built bare metal toolchain to
build some platforms which host cortex-m series core, for instance
rockchip rk3399 has a cortex-m0 core. Without a pre-built bare metal
toolchain, the build fails:

make[3]: arm-none-eabi-gcc: Command not found

To solve this, this commit implements a
BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_ARM32_TOOLCHAIN
option. Platforms which have such requirement should enable this
config option.

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-29 15:08:23 +02:00
Thomas Petazzoni
ddbb5dbd83 boot/arm-trusted-firmware: add optional host-dtc dependency
Some ATF configurations, such as the ones for the STM32MP1 processor
family, require DTC during the build as Device Tree files are
used. Without dtc, the build fails:

/bin/sh: 1: dtc: not found
dtc version too old (), you need at least version 1.4.4
plat/st/stm32mp1/platform.mk:239: recipe for target 'check_dtc_version' failed
make[1]: *** [check_dtc_version] Error 1

To solve this, this commit implements a
BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_DTC option, in a way that mimics
the BR2_TARGET_UBOOT_NEEDS_DTC option we already have for the U-Boot
package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-03-18 22:24:56 +01:00
Gervais, Francois
a621c9b6c8 boot/arm-trusted-firmware: add missing qstrip
Add missing qstrip wrapping to the new
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_TARGETS option.

Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-11 23:37:31 +01:00
Gervais, Francois
05b8c7da6d boot/arm-trusted-firmware: allow additional make targets
Allow specifying additional build targets for ATF.

This might be more useful when using a custom git repository.

For example, when using with the ATF repository from NXP QorIQ,
there is a new build target 'pbl' which is used to build the
pbl binary image. Note that in the specific case of the 'pbl'
target, additional build variables also need to be specified
through BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES.

Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-01 23:15:41 +01:00
Jerry Huang
8ef18c3b81 boot/arm-trusted-firmware: add option BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_BL33_IMAGE
Currently, when BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33 is
enabled, the arm-trusted-firmware package assumes that the BL33 image
provided by U-Boot is u-boot.bin. However for some platforms, the name
may be different (for example u-boot-dtb.bin). To support such use
cases, this commit adds a string option
BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_BL33_IMAGE to configure the
U-Boot image name, which defaults to u-boot.bin to preserve backward
compatibility.

Signed-off-by: Jerry Huang <jerry.huang@nxp.com>
Reviewed-by: Sergey Matyukevich <geomatsi@mail.com>
[Thomas: rewrite commit log and Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-25 22:57:13 +01:00
Schenk Michael
e4d276c357 boot/arm-trusted-firmware: add pattern based image copy for ATF
This adds support for different platforms where the binaries have
different extensions.

Signed-off-by: Michael Schenk <michael.schenk@noser.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-15 21:29:54 +01:00
Yann E. MORIN
d1a61703f7 boot/arm-trusted-firmware: licensing info is only valid for v1.4
The licensing information, and especially the name of the license file,
is known only for the official v1.4 version. For example, in later
versions, the license file has been renamed.

Since we can't be sure of the licensing information for custom versions,
or for versions from git, define that only for the known v1.4 version.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-07-21 15:39:21 +02:00
Etienne Carriere
afd6ee3fb1 boot/arm-trusted-firmware: support debug mode
When the trusted firmware is built with debug support (DEBUG defined),
the generated images are located in a different path compared to a
build without debug support. The non debug images are located in
generated directory build/<platform>/release/ while the debug images
are located in generated directory build/<platform>/debug/.

This change introduces the boolean option
BR2_TARGET_ARM_TRUSTED_FIRMWARE_DEBUG to define whether the release or
debug configuration is used to build trusted firmware.

Note that enabling trusted firmware debug support using
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES="... DEBUG=1 ..."
would not work since Buildroot will try to copy the generated files
from the wrong path.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-20 22:57:12 +01:00
Etienne Carriere
6959d628d4 boot/arm-trusted-firmware: add support for using OP-TEE as BL32
This change allows one to build trusted firmware (TF-A) with OP-TEE as
BL32 secure payload.

When BR2_TARGET_ARM_TRUSTED_FIRMWARE_BL32_DEFAULT is enabled TF-A
builds a BL32 stage according the TF-A configuration directive.  If
these specify no BL32 stage then TF-A will build without BL32
support. This is the default configuration and reflects TF-A legacy
integration in BR.

When BR2_TARGET_ARM_TRUSTED_FIRMWARE_BL32_OPTEE is enabled TF-A builds
with support for the OP-TEE OS as BL32.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: rename config options, simplify option prompts, and rework
option description.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-20 22:49:14 +01:00
Etienne Carriere
9dbc934217 boot/arm-trusted-firmware: support 32bit Arm targets
This change allows one to build the TF-A (Trusted Firmware A) for
32bit architectures Armv7 and Armv8 platforms. TF-A supports these
configuration since release v1.5.

Change dependency on BR2_aarch64 into a dependency on either
BR2_ARM_CPU_ARMV8A/BR2_ARM_CPU_ARMV7A to better define
the target architectures supported by the package.

Set package configuration directive ARM_ARCH_MAJOR according to
BR2_ARM_CPU_ARMV8A/BR2_ARM_CPU_ARMV7A. Set package configuration
directive ARCH based on BR2_aarch64/BR2_arm.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-20 22:33:30 +01:00
Michał Łyszczek
cab8bd3b46 boot/uboot: add support for bundling ATF BL31 in ELF format into U-Boot
Rockchip's rk3328 encapsulates the BL31 part of ATP but it needs
image in ELF format. This is extension to
2c4809e608

This commit introduces a BR2_TARGET_UBOOT_NEEDS_ATF_BL31_ELF variable
to achieve this.

Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-06 16:51:23 +01:00
Michał Łyszczek
f6a6eca432 boot/arm-trusted-firmware: add option to choose custom version
Allow user to choose specific, stable version from official ATF
repository

Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-06 16:37:20 +01:00
Danomi Manchego
a216a344c4 arm-trusted-firmware: replace hard-coded arm64 with MKIMAGE_ARCH
We already use $(MKIMAGE_ARCH) in lots of places; use it here too.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-26 21:26:33 +02:00