refactor(trusted-firmware-a): switch to meta-arm trusted-firmware-a recipe

When introducing CN913x devices by using the meta-belden-marvell-bsp layer trusted-firmwarre-a recipe was copied from meta-arm and modified. Now the original recipe is used from meta-arm and the changes were put into a bbappend. Also trusted-firmware-a version changed from 2.3 to 2.6.
2023-12-05 22:24:24 +01:00 · 2023-12-05 22:24:24 +01:00 · b786afc271
parent 6cb0182491
commit b786afc271
7 changed files with 15 additions and 281 deletions
--- a/layers/meta-belden-coreos/conf/layer.conf
+++ b/layers/meta-belden-coreos/conf/layer.conf
@ -15,6 +15,7 @@ LAYERDEPENDS_meta-belden-coreos = "\
    networking-layer \
    virtualization-layer \
    webserver \
+    meta-arm \
 "

 LAYERSERIES_COMPAT_meta-belden-coreos = "kirkstone"
--- a/layers/meta-belden-coreos/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
+++ b/layers/meta-belden-coreos/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
@ -1,244 +0,0 @@
-DESCRIPTION = "Trusted Firmware-A"
-LICENSE = "BSD-3-Clause & MIT"
-
-PACKAGE_ARCH = "${MACHINE_ARCH}"
-
-inherit deploy
-
-SRC_URI = "git://git.trustedfirmware.org/TF-A/trusted-firmware-a.git;protocol=https;name=tfa;branch=master"
-
-UPSTREAM_CHECK_GITTAGREGEX = "^v(?P<pver>\d+(\.\d+)+)$"
-
-SRCREV_FORMAT = "tfa"
-
-COMPATIBLE_MACHINE ?= "invalid"
-
-# Platform must be set for each machine
-TFA_PLATFORM ?= "invalid"
-
-# Some platforms can have multiple board configurations
-# Leave empty for default behavior
-TFA_BOARD ?= ""
-
-# Some platforms use SPD (Secure Payload Dispatcher) services
-# Few options are "opteed", "tlkd", "trusty", "tspd", "spmd"...
-# Leave empty to not use SPD
-TFA_SPD ?= ""
-
-# Variable used when TFA_SPD=spmd
-TFA_SPMD_SPM_AT_SEL2 ?= "1"
-
-# SP layout file location. Used when TFA_SPD=spmd and TFA_SPMD_SPM_AT_SEL2=1
-TFA_SP_LAYOUT_FILE ?= ""
-
-# SPMC manifest file location. Used when TFA_SPD=spmd and TFA_SPMD_SPM_AT_SEL2=1
-TFA_ARM_SPMC_MANIFEST_DTS ?= ""
-
-# Build for debug (set TFA_DEBUG to 1 to activate)
-TFA_DEBUG ?= "0"
-
-S = "${WORKDIR}/git"
-B = "${WORKDIR}/build"
-
-# mbed TLS support (set TFA_MBEDTLS to 1 to activate)
-TFA_MBEDTLS ?= "0"
-# sub-directory in which mbedtls will be downloaded
-TFA_MBEDTLS_DIR ?= "mbedtls"
-# This should be set to MBEDTLS download URL if MBEDTLS is needed
-SRC_URI_MBEDTLS ??= ""
-# This should be set to MBEDTLS LIC FILES checksum
-LIC_FILES_CHKSUM_MBEDTLS ??= ""
-# add MBEDTLS to our sources if activated
-SRC_URI:append = " ${@bb.utils.contains('TFA_MBEDTLS', '1', '${SRC_URI_MBEDTLS}', '', d)}"
-# Update license variables
-LICENSE:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', ' & Apache-2.0', '', d)}"
-LIC_FILES_CHKSUM:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', ' ${LIC_FILES_CHKSUM_MBEDTLS}', '', d)}"
-# add mbed TLS to version
-SRCREV_FORMAT:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', '_mbedtls', '', d)}"
-
-# U-boot support (set TFA_UBOOT to 1 to activate)
-# When U-Boot support is activated BL33 is activated with u-boot.bin file
-TFA_UBOOT ??= "0"
-
-# UEFI support (set TFA_UEFI to 1 to activate)
-# When UEFI support is activated BL33 is activated with uefi.bin file
-TFA_UEFI ??= "0"
-
-# What to build
-# By default we only build bl1, do_deploy will copy
-# everything listed in this variable (by default bl1.bin)
-TFA_BUILD_TARGET ?= "bl1"
-
-# What to install
-# do_install and do_deploy will install everything listed in this
-# variable. It is set by default to TFA_BUILD_TARGET
-TFA_INSTALL_TARGET ?= "${TFA_BUILD_TARGET}"
-
-# Requires CROSS_COMPILE set by hand as there is no configure script
-export CROSS_COMPILE="${TARGET_PREFIX}"
-
-# Let the Makefile handle setting up the CFLAGS and LDFLAGS as it is a standalone application
-CFLAGS[unexport] = "1"
-LDFLAGS[unexport] = "1"
-AS[unexport] = "1"
-LD[unexport] = "1"
-
-# No configure
-do_configure[noexec] = "1"
-
-# Baremetal, just need a compiler
-DEPENDS:remove = "virtual/${TARGET_PREFIX}compilerlibs virtual/libc"
-
-# We need dtc for dtbs compilation
-# We need openssl for fiptool
-DEPENDS = "dtc-native openssl-native"
-DEPENDS:append:toolchain-clang = " compiler-rt"
-
-# CC and LD introduce arguments which conflict with those otherwise provided by
-# this recipe. The heads of these variables excluding those arguments
-# are therefore used instead.
-def remove_options_tail (in_string):
-    from itertools import takewhile
-    return ' '.join(takewhile(lambda x: not x.startswith('-'), in_string.split(' ')))
-
-EXTRA_OEMAKE += "LD=${@remove_options_tail(d.getVar('LD'))}"
-
-EXTRA_OEMAKE += "CC=${@remove_options_tail(d.getVar('CC'))}"
-
-# Verbose builds, no -Werror
-EXTRA_OEMAKE += "V=1 E=0"
-
-# Add platform parameter
-EXTRA_OEMAKE += "BUILD_BASE=${B} PLAT=${TFA_PLATFORM}"
-
-# Handle TFA_BOARD parameter
-EXTRA_OEMAKE += "${@'TARGET_BOARD=${TFA_BOARD}' if d.getVar('TFA_BOARD') else ''}"
-
-# Handle TFA_SPD parameter
-EXTRA_OEMAKE += "${@'SPD=${TFA_SPD}' if d.getVar('TFA_SPD') else ''}"
-
-# If TFA_SPD is spmd, set SPMD_SPM_AT_SEL2
-EXTRA_OEMAKE += "${@'SPMD_SPM_AT_SEL2=${TFA_SPMD_SPM_AT_SEL2}' if d.getVar('TFA_SPD', True) == 'spmd' else ''}"
-
-# Handle TFA_DEBUG parameter
-EXTRA_OEMAKE += "${@bb.utils.contains('TFA_DEBUG', '1', 'DEBUG=${TFA_DEBUG}', '', d)}"
-
-# Handle MBEDTLS
-EXTRA_OEMAKE += "${@bb.utils.contains('TFA_MBEDTLS', '1', 'MBEDTLS_DIR=${TFA_MBEDTLS_DIR}', '', d)}"
-
-# Uboot support
-DEPENDS += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot', '', d)}"
-do_compile[depends] += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot:do_deploy', '', d)}"
-EXTRA_OEMAKE += "${@bb.utils.contains('TFA_UBOOT', '1', 'BL33=${DEPLOY_DIR_IMAGE}/u-boot.bin', '', d)}"
-
-# UEFI support
-DEPENDS += " ${@bb.utils.contains('TFA_UEFI', '1', 'edk2-firmware', '', d)}"
-EXTRA_OEMAKE += "${@bb.utils.contains('TFA_UEFI', '1', 'BL33=${RECIPE_SYSROOT}/firmware/uefi.bin', '', d)}"
-
-# TFTF test support
-DEPENDS += " ${@bb.utils.contains('TFTF_TESTS', '1', 'tf-a-tests', '', d)}"
-EXTRA_OEMAKE += "${@bb.utils.contains('TFTF_TESTS', '1', 'BL33=${RECIPE_SYSROOT}/firmware/tftf.bin', '',d)}"
-
-# Hafnium support
-SEL2_SPMC = "${@'${TFA_SPMD_SPM_AT_SEL2}' if d.getVar('TFA_SPD', True) == 'spmd' else ''}"
-
-DEPENDS += " ${@bb.utils.contains('SEL2_SPMC', '1', 'hafnium', '', d)}"
-
-EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'CTX_INCLUDE_EL2_REGS=1 ARM_ARCH_MINOR=4 BL32=${RECIPE_SYSROOT}/firmware/hafnium.bin', '', d)}"
-
-# Add SP layout file and spmc manifest for hafnium
-EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'SP_LAYOUT_FILE=${TFA_SP_LAYOUT_FILE}' if d.getVar('TFA_SP_LAYOUT_FILE') else '', '', d)}"
-
-EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'ARM_SPMC_MANIFEST_DTS=${TFA_ARM_SPMC_MANIFEST_DTS}' if d.getVar('TFA_ARM_SPMC_MANIFEST_DTS') else '', '', d)}"
-
-# Tell the tools where the native OpenSSL is located
-EXTRA_OEMAKE += "OPENSSL_DIR=${STAGING_DIR_NATIVE}/${prefix_native}"
-# Use the correct native compiler
-EXTRA_OEMAKE += "HOSTCC='${BUILD_CC}'"
-
-# Runtime variables
-EXTRA_OEMAKE += "RUNTIME_SYSROOT=${STAGING_DIR_HOST}"
-
-BUILD_DIR = "${B}/${TFA_PLATFORM}"
-BUILD_DIR .= "${@'/${TFA_BOARD}' if d.getVar('TFA_BOARD') else ''}"
-BUILD_DIR .= "/${@'debug' if d.getVar("TFA_DEBUG") == '1' else 'release'}"
-
-do_compile() {
-    # This is still needed to have the native tools executing properly by
-    # setting the RPATH
-    sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
-    sed -i '/^INCLUDE_PATHS/ s,$, \$\{BUILD_CFLAGS},' ${S}/tools/fiptool/Makefile
-    sed -i '/^LIB/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/cert_create/Makefile
-
-    # Currently there are races if you build all the targets at once in parallel
-    for T in ${TFA_BUILD_TARGET}; do
-        oe_runmake -C ${S} $T
-    done
-}
-do_compile[cleandirs] = "${B}"
-
-do_install() {
-    install -d -m 755 ${D}/firmware
-    for atfbin in ${TFA_INSTALL_TARGET}; do
-        processed="0"
-        if [ "$atfbin" = "all" ]; then
-            # Target all is not handled by default
-            bberror "all as TFA_INSTALL_TARGET is not handled by do_install"
-            bberror "Please specify valid targets in TFA_INSTALL_TARGET or"
-            bberror "rewrite or turn off do_install"
-            exit 1
-        fi
-
-        if [ -f ${BUILD_DIR}/$atfbin.bin ]; then
-            echo "Install $atfbin.bin"
-            install -m 0644 ${BUILD_DIR}/$atfbin.bin \
-                ${D}/firmware/$atfbin-${TFA_PLATFORM}.bin
-            ln -sf $atfbin-${TFA_PLATFORM}.bin ${D}/firmware/$atfbin.bin
-            processed="1"
-        fi
-        if [ -f ${BUILD_DIR}/$atfbin/$atfbin.elf ]; then
-            echo "Install $atfbin.elf"
-            install -m 0644 ${BUILD_DIR}/$atfbin/$atfbin.elf \
-                ${D}/firmware/$atfbin-${TFA_PLATFORM}.elf
-            ln -sf $atfbin-${TFA_PLATFORM}.elf ${D}/firmware/$atfbin.elf
-            processed="1"
-        fi
-        if [ -f ${BUILD_DIR}/$atfbin ]; then
-            echo "Install $atfbin"
-            install -m 0644 ${BUILD_DIR}/$atfbin \
-                ${D}/firmware/$atfbin-${TFA_PLATFORM}
-            ln -sf $atfbin-${TFA_PLATFORM} ${D}/firmware/$atfbin
-            processed="1"
-        fi
-        if [ -f ${BUILD_DIR}/fdts/$atfbin.dtb ]; then
-            echo "Install $atfbin.dtb"
-            install -m 0644 "${BUILD_DIR}/fdts/$atfbin.dtb" \
-                "${D}/firmware/$atfbin.dtb"
-            processed="1"
-        elif [ "$atfbin" = "dtbs" ]; then
-            echo "dtbs install, skipped: set dtbs in TFA_INSTALL_TARGET"
-        elif [ -f ${B}/tools/$atfbin/$atfbin ]; then
-            echo "Tools $atfbin install, skipped"
-        elif [ "$processed" = "0" ]; then
-            bberror "Unsupported TFA_INSTALL_TARGET target $atfbin"
-            exit 1
-        fi
-    done
-}
-
-FILES:${PN} = "/firmware"
-SYSROOT_DIRS += "/firmware"
-
-FILES:${PN}-dbg = "/firmware/*.elf"
-# Skip QA check for relocations in .text of elf binaries
-INSANE_SKIP:${PN}-dbg = "textrel"
-
-do_deploy() {
-    cp -rf ${D}/firmware/* ${DEPLOYDIR}/
-}
-addtask deploy after do_install
-
-CVE_PRODUCT = "arm:arm-trusted-firmware \
-               arm:trusted_firmware-a \
-               arm:arm_trusted_firmware \
-               arm_trusted_firmware_project:arm_trusted_firmware"
--- a/layers/meta-belden-marvell-bsp/conf/machine/include/cn913x.inc
+++ b/layers/meta-belden-marvell-bsp/conf/machine/include/cn913x.inc
@ -26,7 +26,7 @@ UBOOT_LOADADDRESS = "0x7000000"

 PREFERRED_PROVIDER_virtual/kernel ?= "linux-netmodule"
 PREFERRED_VERSION_linux-netmodule ?= "git-5.15-solidrun"
-PREFERRED_VERSION_trusted_firmware_a ?= "2.3-solidrun"
+PREFERRED_VERSION_trusted_firmware_a = "2.6"

 KERNEL_IMAGETYPE = "Image"
 KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/README.md
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/README.md
@ -1,28 +0,0 @@
-# trusted-firmware-a
-
-
-trusted-firmware-a recipes was copied from:
-
-meta-arm/meta-arm/recipes-bsp/trusted-firmware-a
-
-Repo:  git://git.yoctoproject.org/meta-arm
-Branch: kirkstone
-Git SHA: 78fce73c3803aba82149a3a03fde1b708f5424fa
-
-Theses files were copied:
-
- trusted-firmware-a.inc
- files/ssl.patch
-
-Theses files were created, by doing the same as done in meta-arm/meta-arm-bsp
-but using the same revision and make flags as in https://github.com/SolidRun/cn913x_yocto_meta.git
-
- trusted-firmware-a_2.3.bb
-
-Theses files were copied from https://github.com/SolidRun/cn913x_yocto_meta.git
-
- files/mrvl_scp_bl2.img
- files/000*.patch
-
-More info about how to use trusted-firmware-a for Marvell can be found at
-https://trustedfirmware-a.readthedocs.io/en/latest/plat/marvell/armada/build.html
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.3-solidrun.bb
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.3-solidrun.bb
@ -1,9 +1,8 @@
-require recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
+# CN913x specific TFA support

-PV = "2.3+git${SRCPV}"
-SRCREV_tfa = "00ad74c7afe67b2ffaf08300710f18d3dafebb45"
+COMPATIBLE_MACHINE = "cn913x"

-LIC_FILES_CHKSUM += "file://docs/license.rst;md5=189505435dbcdcc8caa63c46fe93fa89"
+DEPENDS += "mv-ddr-marvell coreutils-native"

 SRC_URI +=  " \
    file://0001-ddr-spd-read-failover-to-defualt-config.patch \
@ -11,10 +10,6 @@ SRC_URI +=  " \
    file://mrvl_scp_bl2.img \
 "

-COMPATIBLE_MACHINE = "cn913x"
-
-DEPENDS += "mv-ddr-marvell coreutils-native"
-
 CP_NUM:cn9131-bldn-mbv = "2"
 CP_NUM:cn9130-cf-pro = "1"

--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.6.bbappend
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.6.bbappend
@ -0,0 +1,8 @@
+# Machine specific TFAs
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
+MACHINE_TFA_REQUIRE ?= ""
+MACHINE_TFA_REQUIRE:cn913x = "trusted-firmware-a-cn913x.inc"
+
+require ${MACHINE_TFA_REQUIRE}
--- a/templates/bblayers.conf.sample
+++ b/templates/bblayers.conf.sample
@ -19,4 +19,6 @@ BBLAYERS ?= " \
  ##COREOS_EXTLAYERSDIR##/meta-virtualization \
  ##COREOS_EXTLAYERSDIR##/meta-efibootguard \
  ##COREOS_EXTLAYERSDIR##/meta-swupdate \
+  ##COREOS_EXTLAYERSDIR##/meta-arm/meta-arm \
+  ##COREOS_EXTLAYERSDIR##/meta-arm/meta-arm-toolchain \
  "