Create encrypted block store configuration
Create an example opteesp configuration using the partitioned,
encrypted ram infrastructure.
Change-Id: Id45ee2c31a02717dcdb58923a2ee39bc4020d6bc
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
diff --git a/deployments/block-storage/config/encrypted-ram-opteesp/CMakeLists.txt b/deployments/block-storage/config/encrypted-ram-opteesp/CMakeLists.txt
new file mode 100644
index 0000000..76a701b
--- /dev/null
+++ b/deployments/block-storage/config/encrypted-ram-opteesp/CMakeLists.txt
@@ -0,0 +1,89 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+cmake_minimum_required(VERSION 3.18 FATAL_ERROR)
+
+# Set default platform.
+set(TS_PLATFORM "arm/fvp/fvp_base_revc-2xaemv8a" CACHE STRING "Target platform location.")
+include(../../../deployment.cmake REQUIRED)
+
+#-------------------------------------------------------------------------------
+# The CMakeLists.txt for building the block_storage deployment for opteesp
+#
+# Builds the block_storage service provider for running in an SEL0 secure partition
+# hosted by OPTEE in the role of SPM.
+#-------------------------------------------------------------------------------
+include(${TS_ROOT}/environments/opteesp/env.cmake)
+project(trusted-services LANGUAGES C ASM)
+add_executable(block-storage)
+target_include_directories(block-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+set(SP_BIN_UUID_CANON "63646e80-eb52-462f-ac4f-8cdf3987519c")
+set(SP_FFA_UUID_CANON "${TS_RPC_UUID_CANON}")
+set(SP_HEAP_SIZE "120 * 1024" CACHE STRING "SP heap size in bytes")
+set(SP_BOOT_ORDER "1" CACHE STRING "Boot order of the SP")
+set(TRACE_PREFIX "BLOCK" CACHE STRING "Trace prefix")
+
+target_include_directories(block-storage PRIVATE
+ ${CMAKE_CURRENT_LIST_DIR}
+)
+
+#-------------------------------------------------------------------------------
+# Deployment specific components. This deployment uses an infrastructure that
+# that provides ram-backed block stoarged, configured with storage partitions
+# that conform to the 'ref' scheme used for test.
+#-------------------------------------------------------------------------------
+
+add_components(TARGET "block-storage"
+ BASE_DIR ${TS_ROOT}
+ COMPONENTS
+ "environments/opteesp"
+)
+
+include(../../env/commonsp/block_storage_sp.cmake REQUIRED)
+include(../../block-storage.cmake REQUIRED)
+include(../../infra/ref-encrypt-ram.cmake REQUIRED)
+
+#-------------------------------------------------------------------------------
+# Set target platform to provide drivers needed by the deployment
+#
+#-------------------------------------------------------------------------------
+add_platform(TARGET "block-storage")
+
+#-------------------------------------------------------------------------------
+# Deployment specific build options
+#-------------------------------------------------------------------------------
+target_compile_definitions(block-storage PRIVATE
+ ARM64=1
+)
+
+if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
+ target_compile_options(block-storage PRIVATE
+ -std=c99
+ )
+
+endif()
+
+#-------------------------------------------------------------------------------
+# Deployment specific install options
+#-------------------------------------------------------------------------------
+if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
+ set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
+endif()
+
+install(TARGETS block-storage
+ RUNTIME DESTINATION ${TS_ENV}/bin
+ )
+
+include(${TS_ROOT}/tools/cmake/common/ExportSp.cmake)
+export_sp(
+ SP_FFA_UUID_CANON ${SP_FFA_UUID_CANON}
+ SP_BIN_UUID_CANON ${SP_BIN_UUID_CANON}
+ SP_BOOT_ORDER ${SP_BOOT_ORDER}
+ SP_NAME "block-storage"
+ MK_IN ${TS_ROOT}/environments/opteesp/sp.mk.in
+ DTS_IN ${CMAKE_CURRENT_LIST_DIR}/default_block-storage.dts.in
+ JSON_IN ${TS_ROOT}/environments/opteesp/sp_pkg.json.in
+)
diff --git a/deployments/block-storage/config/encrypted-ram-opteesp/default_block-storage.dts.in b/deployments/block-storage/config/encrypted-ram-opteesp/default_block-storage.dts.in
new file mode 100644
index 0000000..e9dff5f
--- /dev/null
+++ b/deployments/block-storage/config/encrypted-ram-opteesp/default_block-storage.dts.in
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+@DTS_TAG@
+
+@DTS_NODE@ {
+ compatible = "arm,ffa-manifest-1.0";
+ ffa-version = <@CFG_FFA_VERSION@>; /* 31:16 - Major, 15:0 - Minor */
+ uuid = <@EXPORT_SP_UUID_DT@>;
+ description = "BlockStorage";
+ execution-ctx-count = <1>;
+ exception-level = <1>; /* S-EL0 */
+ execution-state = <0>; /* AArch64 */
+ xlat-granule = <0>; /* 4KiB */
+ boot-order = /bits/ 16 <@EXPORT_SP_BOOT_ORDER@>;
+ messaging-method = <3>; /* Direct messaging only */
+ ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */
+ elf-format = <1>;
+};
diff --git a/deployments/block-storage/config/encrypted-ram-opteesp/optee_sp_user_defines.h b/deployments/block-storage/config/encrypted-ram-opteesp/optee_sp_user_defines.h
new file mode 100644
index 0000000..275ecf2
--- /dev/null
+++ b/deployments/block-storage/config/encrypted-ram-opteesp/optee_sp_user_defines.h
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2024, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef OPTEE_SP_USER_DEFINES_H
+#define OPTEE_SP_USER_DEFINES_H
+
+#define OPTEE_SP_FLAGS 0
+
+/* Provisioned stack size */
+#define OPTEE_SP_STACK_SIZE (64 * 1024)
+
+#endif /* SP_HEADER_DEFINES_H */
diff --git a/deployments/block-storage/config/encrypted-ram-sp/CMakeLists.txt b/deployments/block-storage/config/encrypted-ram-sp/CMakeLists.txt
new file mode 100644
index 0000000..6f66078
--- /dev/null
+++ b/deployments/block-storage/config/encrypted-ram-sp/CMakeLists.txt
@@ -0,0 +1,94 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+cmake_minimum_required(VERSION 3.18 FATAL_ERROR)
+
+# Set default platform.
+set(TS_PLATFORM "arm/fvp/fvp_base_revc-2xaemv8a" CACHE STRING "Target platform location.")
+include(../../../deployment.cmake REQUIRED)
+
+#-------------------------------------------------------------------------------
+# The CMakeLists.txt for building the block-storage deployment for generic sp
+# environment.
+#
+# Builds the block storage service provider for running in an SEL0 secure partition
+# hosted by any SPM.
+#-------------------------------------------------------------------------------
+include(${TS_ROOT}/environments/sp/env.cmake)
+set(CMAKE_BUILD_TYPE "Debug" CACHE STRING "Build type")
+project(trusted-services LANGUAGES C ASM)
+add_executable(block-storage)
+target_include_directories(block-storage PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+
+set(SP_NAME "block-storage")
+set(SP_BIN_UUID_CANON "63646e80-eb52-462f-ac4f-8cdf3987519c")
+set(SP_FFA_UUID_CANON "${TS_RPC_UUID_CANON}")
+set(SP_HEAP_SIZE "120 * 1024" CACHE STRING "SP heap size in bytes")
+set(SP_STACK_SIZE "64 * 1024" CACHE STRING "Stack size")
+set(SP_BOOT_ORDER "1" CACHE STRING "Boot order of the SP")
+set(TRACE_PREFIX "BLOCK" CACHE STRING "Trace prefix")
+
+#-------------------------------------------------------------------------------
+# Deployment specific components. This deployment uses an infrastructure that
+# that provides ram-backed block stoarged, configured with storage partitions
+# that conform to the 'ref' scheme used for test.
+#-------------------------------------------------------------------------------
+add_components(TARGET "block-storage"
+ BASE_DIR ${TS_ROOT}
+ COMPONENTS
+ environments/sp
+)
+
+include(../../env/commonsp/block_storage_sp.cmake REQUIRED)
+include(../../block-storage.cmake REQUIRED)
+include(../../infra/ref-encrypt-ram.cmake REQUIRED)
+
+#-------------------------------------------------------------------------------
+# Set target platform to provide drivers needed by the deployment
+#
+#-------------------------------------------------------------------------------
+add_platform(TARGET "block-storage")
+
+#-------------------------------------------------------------------------------
+# Deployment specific build options
+#-------------------------------------------------------------------------------
+target_compile_definitions(block-storage PRIVATE
+ ARM64=1
+)
+
+if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
+ target_compile_options(block-storage PRIVATE
+ -std=c99
+ )
+
+endif()
+
+compiler_generate_binary_output(TARGET block-storage NAME "${SP_BIN_UUID_CANON}.bin" SP_BINARY)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${SP_BIN_UUID_CANON}.bin DESTINATION ${TS_ENV}/bin)
+
+include(${TS_ROOT}/tools/cmake/common/ExportMemoryRegionsToManifest.cmake REQUIRED)
+export_memory_regions_to_manifest(TARGET block-storage NAME "${SP_BIN_UUID_CANON}_memory_regions.dtsi" RES EXPORT_MEMORY_REGIONS_DTSI)
+
+#-------------------------------------------------------------------------------
+# Deployment specific install options
+#-------------------------------------------------------------------------------
+if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
+ set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
+endif()
+install(TARGETS block-storage
+ RUNTIME DESTINATION ${TS_ENV}/bin
+ )
+
+include(${TS_ROOT}/tools/cmake/common/ExportSp.cmake REQUIRED)
+export_sp(
+ SP_FFA_UUID_CANON ${SP_FFA_UUID_CANON}
+ SP_BIN_UUID_CANON ${SP_BIN_UUID_CANON}
+ SP_BOOT_ORDER ${SP_BOOT_ORDER}
+ SP_NAME ${SP_NAME}
+ DTS_IN ${CMAKE_CURRENT_LIST_DIR}/default_${SP_NAME}.dts.in
+ DTS_MEM_REGIONS ${SP_BIN_UUID_CANON}_memory_regions.dtsi
+ JSON_IN ${TS_ROOT}/environments/sp/sp_pkg.json.in
+)
diff --git a/deployments/block-storage/config/encrypted-ram-sp/default_block-storage.dts.in b/deployments/block-storage/config/encrypted-ram-sp/default_block-storage.dts.in
new file mode 100644
index 0000000..cea46ab
--- /dev/null
+++ b/deployments/block-storage/config/encrypted-ram-sp/default_block-storage.dts.in
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+@DTS_TAG@
+
+@DTS_NODE@ {
+ compatible = "arm,ffa-manifest-1.0";
+ ffa-version = <@CFG_FFA_VERSION@>; /* 31:16 - Major, 15:0 - Minor */
+ uuid = <@EXPORT_SP_UUID_DT@>;
+ description = "BlockStorage";
+ execution-ctx-count = <1>;
+ exception-level = <1>; /* S-EL0 */
+ execution-state = <0>; /* AArch64 */
+ xlat-granule = <0>; /* 4KiB */
+ boot-order = /bits/ 16 <@EXPORT_SP_BOOT_ORDER@>;
+ messaging-method = <3>; /* Direct messaging only */
+ ns-interrupts-action = <2>; /* Non-secure interrupts are signaled */
+
+ memory-regions {
+ compatible = "arm,ffa-manifest-memory-regions";
+
+ #include "@EXPORT_DTS_MEM_REGIONS@"
+ };
+};
diff --git a/tools/b-test/test_data.yaml b/tools/b-test/test_data.yaml
index a26e181..2e95495 100644
--- a/tools/b-test/test_data.yaml
+++ b/tools/b-test/test_data.yaml
@@ -26,6 +26,14 @@
src: "$TS_ROOT/deployments/block-storage/config/default-sp"
params:
- "-GUnix Makefiles"
+ - name: "block-storage-encrypted-ram-opteesp"
+ src: "$TS_ROOT/deployments/block-storage/config/encrypted-ram-opteesp"
+ params:
+ - "-GUnix Makefiles"
+ - name: "block-storage-encrypted-ram-sp"
+ src: "$TS_ROOT/deployments/block-storage/config/encrypted-ram-sp"
+ params:
+ - "-GUnix Makefiles"
- name: "block-storage-semihosted-opteesp"
src: "$TS_ROOT/deployments/block-storage/config/semihosted-opteesp"
params: