spm: use generated binary instead of prebuilt
Till now we were using prebuilt spm/hafnium binaries but as we are going
to track upstream repository its desirable to use generated binaries.
This patch gets hypervisor build artefacts from building spm/hafnium
tree and copying them to artefacts folder with "secure_" appended to
spm files.
Change-Id: I02e081e230dbe1e14dec03f59c7f83e8c78d485e
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
diff --git a/fvp_utils.sh b/fvp_utils.sh
index 1e31c0b..5062e5d 100644
--- a/fvp_utils.sh
+++ b/fvp_utils.sh
@@ -23,6 +23,9 @@
sp1_addr="${sp1_addr:-0x7000000}"
sp2_addr="${sp2_addr:-0x7100000}"
sp3_addr="${sp3_addr:-0x7200000}"
+# SPM out directories
+export spm_secure_out_dir="${spm_secure_out_dir:-secure_aem_v8a_fvp_clang}"
+export spm_non_secure_out_dir="${spm_non_secure_out_dir:-aem_v8a_fvp_clang}"
ns_bl1u_addr="${ns_bl1u_addr:-0x0beb8000}"
fwu_fip_addr="${fwu_fip_addr:-0x08400000}"
diff --git a/run_config/fvp-spm b/run_config/fvp-spm
index 749f721..75d4923 100644
--- a/run_config/fvp-spm
+++ b/run_config/fvp-spm
@@ -6,10 +6,6 @@
#
post_tf_build() {
- url="$project_filer/ci-files/spm-10-23-2020/secure_hafnium.bin" fetch_file
-
- archive_file "secure_hafnium.bin"
-
build_fip BL33="$archive/tftf.bin" BL32="$archive/secure_hafnium.bin"
}
diff --git a/run_config/fvp-spm.linux b/run_config/fvp-spm.linux
index d8c9a47..b05f714 100644
--- a/run_config/fvp-spm.linux
+++ b/run_config/fvp-spm.linux
@@ -6,13 +6,9 @@
#
post_tf_build() {
- url="$project_filer/ci-files/spm-10-23-2020/hafnium.bin" fetch_file
- url="$project_filer/ci-files/spm-10-23-2020/secure_hafnium.bin" fetch_file
url="$project_filer/ci-files/spm-10-23-2020/initrd.img" fetch_file
url="$project_filer/ci-files/spm-10-23-2020/manifest.dtb" fetch_file
- archive_file "hafnium.bin"
- archive_file "secure_hafnium.bin"
archive_file "initrd.img"
archive_file "manifest.dtb"
diff --git a/run_config/fvp-spm.optee.sp b/run_config/fvp-spm.optee.sp
index a5ab81a..099d07f 100644
--- a/run_config/fvp-spm.optee.sp
+++ b/run_config/fvp-spm.optee.sp
@@ -6,10 +6,8 @@
#
post_tf_build() {
- url="$project_filer/ci-files/spm-10-23-2020/secure_hafnium.bin" fetch_file
url="$project_filer/ci-files/spm-10-23-2020/spmc_sel2_optee_sel1.bin" fetch_file
- archive_file "secure_hafnium.bin"
archive_file "spmc_sel2_optee_sel1.bin"
cp "${archive}/spmc_sel2_optee_sel1.bin" "${tf_root}/build/fvp/${bin_mode}"
diff --git a/run_config/fvp-spm.rstbl31 b/run_config/fvp-spm.rstbl31
index 8a19901..7c7e6a5 100644
--- a/run_config/fvp-spm.rstbl31
+++ b/run_config/fvp-spm.rstbl31
@@ -16,8 +16,6 @@
build_fip BL33="$dummy_file" BL32="$dummy_file"
- url="$project_filer/ci-files/spm-10-23-2020/hafnium.bin" fetch_file
- url="$project_filer/ci-files/spm-10-23-2020/secure_hafnium.bin" fetch_file
url="$project_filer/ci-files/spm-10-23-2020/initrd.img" fetch_file
url="$project_filer/ci-files/spm-10-23-2020/manifest.dtb" fetch_file
url="${tf_build_root}/${plat}/${mode}/fdts/fvp_spmc_manifest.dtb" fetch_file
@@ -25,8 +23,6 @@
url="${tf_build_root}/${plat}/${mode}/cactus-secondary.pkg" fetch_file
url="${tf_build_root}/${plat}/${mode}/cactus-tertiary.pkg" fetch_file
- archive_file "hafnium.bin"
- archive_file "secure_hafnium.bin"
archive_file "initrd.img"
archive_file "manifest.dtb"
archive_file "fvp_spmc_manifest.dtb"
@@ -40,9 +36,9 @@
arch_version="8.4" \
reset_to_bl31="1" \
preload_bl33="1" \
- preload_bl33_bin="hafnium.bin" \
+ preload_bl33_bin="$archive/hafnium.bin" \
spmc_manifest="fvp_spmc_manifest.dtb" \
- spm_bin="secure_hafnium.bin" \
+ spm_bin="$archive/secure_hafnium.bin" \
sp1_pkg="cactus-primary.pkg" \
sp2_pkg="cactus-secondary.pkg" \
sp3_pkg="cactus-tertiary.pkg" \
diff --git a/script/build_package.sh b/script/build_package.sh
index 168565f..e9195c2 100755
--- a/script/build_package.sh
+++ b/script/build_package.sh
@@ -198,6 +198,18 @@
' bash '{}' +
}
+# Collect SPM/hafnium artefacts with "secure_" appended to the files
+# generated for SPM(secure hafnium).
+collect_spm_artefacts() {
+ if [ ! -d "${non_secure_from:?}" ] || [ ! -d "${secure_from:?}" ]; then
+ return
+ fi
+
+ find "$non_secure_from" \( -name "*.bin" -o -name '*.elf' \) -exec cp -t "${to:?}" '{}' +
+
+ for f in $(find "$secure_from" \( -name "*.bin" -o -name '*.elf' \)); do cp -- "$f" "${to:?}"/secure_$(basename $f); done
+}
+
# Map the UART ID used for expect with the UART descriptor and port
# used by the FPGA automation tools.
map_uart() {
@@ -1319,8 +1331,11 @@
source "$plat_utils"
fi
+ # SPM build generates two sets of binaries, one for normal and other
+ # for Secure world. We need both set of binaries for CI.
archive="$build_archive"
- spm_build_root="$spm_root/out/reference/secure_aem_v8a_fvp_clang"
+ spm_build_root="$spm_root/out/reference/$spm_secure_out_dir"
+ hafnium_build_root="$spm_root/out/reference/$spm_non_secure_out_dir"
echo "Building SPM ($mode) ..." |& log_separator
@@ -1330,10 +1345,10 @@
build_spm
# Show SPM/Hafnium binary details
- ls -lart $spm_build_root/hafnium.bin
- cksum $spm_build_root/hafnium.bin
+ ls -lart $spm_build_root/hafnium.bin $hafnium_build_root/hafnium.bin
+ cksum $spm_build_root/hafnium.bin $hafnium_build_root/hafnium.bin
- from="$spm_build_root" to="$archive" collect_build_artefacts
+ secure_from="$spm_build_root" non_secure_from="$hafnium_build_root" to="$archive" collect_spm_artefacts
echo "##########"
echo