TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / ci / tf-a-ci-scripts / a6d6e68db000ff4ae0b0db994a55c4606dcbb9bb / . / run_config / fvp-linux.tc
blob: 6f18b36907e3dc07a062539e8d313d19471507c4 [file] [log] [blame]
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]1#!/usr/bin/env bash
2#
Harrison Mutai24da6612023-05-02 16:03:11 +0100[diff] [blame]3# Copyright (c) 2019-2023, Arm Limited. All rights reserved.
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]4#
5# SPDX-License-Identifier: BSD-3-Clause
6#
7
laurenw-armb5684102023-03-14 11:25:45 -0500[diff] [blame]8sign_image() {
9 # $1 ... host binary name to sign
10 # $2 ... image load address
11 # $3 ... signed bin size
12
13 local tmpdir="$(mktempdir)"
14 host_bin="`basename ${1}`"
15 signed_bin="signed_`basename ${1}`"
16 host_binary_layout="`basename -s .bin ${1}`_ns"
17
18 # development PEM containing a key - use same key which is used for SCP BL1 in pre-built image
19 url="$tc_prebuilts/tc$plat_variant/root-RSA-3072.pem" saveas="root-RSA-3072.pem" fetch_file
20 archive_file "root-RSA-3072.pem"
21
22 RSS_SIGN_PRIVATE_KEY=$archive/root-RSA-3072.pem
23 RSS_SEC_CNTR_INIT_VAL=1
24 RSS_LAYOUT_WRAPPER_VERSION="1.7.0"
25
26 cat << EOF > $tmpdir/$host_binary_layout
27enum image_attributes {
28 RE_IMAGE_LOAD_ADDRESS = $2,
29 RE_SIGN_BIN_SIZE = $3,
30};
31EOF
32
33 if [ ! -f $archive/$host_bin ]; then
34 echo "$archive/$host_bin does not exist. Aborting...!"
35 exit 1
36 fi
37
38 echo "Signing `basename ${1}`"
39 # Get mcuboot
40 git clone "https://github.com/mcu-tools/mcuboot.git" $tmpdir/mcuboot
41 # Fetch wrapper script
42 saveas="$tmpdir" url="$tc_prebuilts/tc$plat_variant/wrapper_scripts" fetch_directory
43
44 echo "Installing dependencies..."
Harrison Mutai24da6612023-05-02 16:03:11 +0100[diff] [blame]45 pip3 install cryptography cbor2 intelhex pyyaml
laurenw-armb5684102023-03-14 11:25:45 -0500[diff] [blame]46
47 pushd $tmpdir/mcuboot/scripts
48 python3 $tmpdir/wrapper_scripts/wrapper/wrapper.py \
49 -v $RSS_LAYOUT_WRAPPER_VERSION \
50 --layout $tmpdir/$host_binary_layout \
51 -k $RSS_SIGN_PRIVATE_KEY \
52 --public-key-format full \
53 --align 1 \
54 --pad \
55 --pad-header \
56 -H 0x2000 \
57 -s $RSS_SEC_CNTR_INIT_VAL \
58 $archive/$host_bin \
59 $tmpdir/$signed_bin
60
61 echo "created signed_`basename ${1}`"
62 url="$tmpdir/$signed_bin" saveas="$signed_bin" fetch_file
63 archive_file "$signed_bin"
64 popd
65}
66
67update_fip() {
68 local prebuild_prefix=$tc_prebuilts/tc$plat_variant/$rss_revision
69
70 # Get pre-built rss rom
71 url="$prebuild_prefix/rss_rom.bin" fetch_file
72 archive_file "rss_rom.bin"
73
74 # Get pre-built rss bl2 signed bin
75 url="$prebuild_prefix/bl2_signed.bin" fetch_file
76 archive_file "bl2_signed.bin"
77
78 # Get pre-built rss TF-M NS signed bin
79 url="$prebuild_prefix/tfm_ns_signed.bin" fetch_file
80 archive_file "tfm_ns_signed.bin"
81
82 # Get pre-built rss TF-M S signed bin
83 url="$prebuild_prefix/tfm_s_signed.bin" fetch_file
84 archive_file "tfm_s_signed.bin"
85
86 # Get pre-built SCP signed bin
87 url="$prebuild_prefix/scp_signed.bin" fetch_file
88 archive_file "scp_signed.bin"
89
90 # Create FIP layout
91 "$fiptool" update \
92 --align 8192 --rss-bl2 "$archive/bl2_signed.bin" \
93 --align 8192 --rss-ns "$archive/tfm_ns_signed.bin" \
94 --align 8192 --rss-s "$archive/tfm_s_signed.bin" \
95 --align 8192 --rss-scp-bl1 "$archive/scp_signed.bin" \
96 --align 8192 --rss-ap-bl1 "$archive/$signed_bin" \
97 --out "host_flash_fip.bin" \
98 "$archive/fip.bin"
99 archive_file "host_flash_fip.bin"
100}
101
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]102fetch_tf_resource() {
103 kernel_type="fvp-tc-kernel" get_kernel
104 initrd_type="fvp-tc-ramdisk" get_initrd
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]105
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]106 # Use SCP binary from SCP build if it exists, or fetch pre-built ones.
Nicola Mazzucatod15f7132021-10-27 14:56:34 +0100[diff] [blame]107 if [ ! -f "$archive/scp_rom.bin" ]; then
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]108 # Pick the appropriate binary based on target platform variant
Jayanth Dodderi Chidanand40636992022-04-06 18:21:55 +0100[diff] [blame]109 url="$scp_prebuilts/tc$plat_variant/release/tc$plat_variant-bl1.bin" saveas="scp_rom.bin" fetch_file
Nicola Mazzucatod15f7132021-10-27 14:56:34 +0100[diff] [blame]110 archive_file "scp_rom.bin"
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]111 fi
112
Rupinderjit Singh8d4e1e42022-08-18 14:51:41 +0100[diff] [blame]113
114 # RSS is applicable to TC2
115 if [ $plat_variant -eq 2 ]; then
116
Sandrine Bailleux67bf6502022-09-07 15:41:18 +0200[diff] [blame]117 # Hold RSS terminal_uart_ap
118 uart="2" file="hold_uart.exp" track_expect
119
Rupinderjit Singh8d4e1e42022-08-18 14:51:41 +0100[diff] [blame]120 # sign AP bl1
121 sign_image bl1.bin $ap_bl1_flash_load_addr $ap_bl1_flash_size
122
laurenw-arm60de2742023-03-08 10:50:15 -0600[diff] [blame]123 # Update FIP with pre-built RSS binaries and signed AP BL1 to create host flash fip image
124 update_fip
Rupinderjit Singh8d4e1e42022-08-18 14:51:41 +0100[diff] [blame]125 fi
Madhukar Pappireddy2f284e12021-08-30 16:06:14 -0500[diff] [blame]126}
Chris Kay4e8aaf12022-09-01 15:21:55 +0100[diff] [blame]127
128generate_lava_job_template() {
129 # Hold scp terminal_s0
Chris Kay24d039f2022-11-23 12:53:30 +0000[diff] [blame]130 uart="0" port="5002" file="hold_uart.exp" track_expect
131 uart="1" port="5003" file="linux-rd-busybox.exp" set_primary="1" \
132 track_expect
133
134 set_uart_port "${archive:?}" 2 5000
135 set_uart_port "${archive:?}" 3 5001
Chris Kay4e8aaf12022-09-01 15:21:55 +0100[diff] [blame]136
Harrison Mutaia6d6e682023-03-27 13:20:33 +0100[diff] [blame^]137 payload_type="linux" gen_yaml_template
Chris Kay4e8aaf12022-09-01 15:21:55 +0100[diff] [blame]138}