totalcompute/tc0: update documentation for TC0-2021.04.23 platform release

Updated change-log, release_notes, user-guide for tc0 with new
software/hardware features added and its changes from the previous release.

Change-Id: I97ea4f50163b1a3a5e1e4c5b64fb0d32b8a2bd9a
Signed-off-by: Usama Arif <usama.arif@arm.com>

docs/totalcompute/tc0/change-log.rst

@@ -4,6 +4,19 @@ Change Log
 This document contains a summary of the new features, changes and
 fixes in each release of TC0 software stack.
 
+Version 2021.04.23
+------------------
+
+Features added
+~~~~~~~~~~~~~~
+- Crypto and Storage Trusted Services running at S-EL0.
+- Shim Layer at S-EL1 running on top of S-EL2 SPMC (Hafnium).
+
+Changes
+~~~~~~~
+- Updated Android to R/11.
+- DEBUGFS support for Trusted Services added to Android Common Kernel.
+
 Version 2021.02.09
 ------------------
 

docs/totalcompute/tc0/release_notes.rst

-Release notes - 2021.02.09
+Release notes - 2021.04.23
 ==========================
 
 .. section-numbering::
@@ -8,7 +8,7 @@ Release notes - 2021.02.09
 
 Release tag
 -----------
-The manifest tag for this release is TC0-2021.02.09
+The manifest tag for this release is TC0-2021.04.23
 
 Components
 ----------
@@ -33,7 +33,7 @@ Hardware Features
 Software Features
 -----------------
  - Poky Distribution support.
- - Android Q/10 Support.
+ - Android R/11 Support.
  - Android Common Kernel 5.4.
  - Trusted Firmware-A.
  - Support secure boot based on TBBR specification https://developer.arm.com/documentation/den0006/latest
@@ -49,18 +49,21 @@ Software Features
  - Trusted OS OP-TEE as Secure Partition at S-EL1, managed by S-EL2 SPMC (Hafnium)
  - Arm FF-A driver and FF-A Transport support for OP-TEE driver in Android Common Kernel. This is an experimental feature.
  - OP-TEE Support in Poky distribution. This includes OP-TEE client and OP-TEE test suite.
+ - Crypto and Storage Trusted Services running at S-EL0.
+ - Trusted Services test suite added to poky distribution.
+ - Shim Layer at S-EL1 running on top of S-EL2 SPMC (Hafnium).
 
 Platform Support
 ----------------
  - This Software release is tested on TC0 Fast Model platform (FVP).
-   - Supported Fast model version for this release is 11.13.39
+   - Supported Fast model version for this release is 11.14.32
 
 Known issues or Limitations
 ---------------------------
 1. At the U-Boot prompt press enter and type "boot" to continue booting else wait
    for ~15 secs for boot to continue automatically.This is because of the time
    differrence in CPU frequency and FVP operating frequency.
-2. OPTEE Test (xtest) sometimes throw some failures which we are investigating and planning to fix them in next release.
+2. OPTEE Test (xtest) sometimes throw some failures ,issue is under investigation.
 
 
 Support

docs/totalcompute/tc0/user-guide.rst

@@ -41,12 +41,19 @@ To resolve these dependencies, run:
     sudo apt-get install chrpath gawk texinfo libssl-dev diffstat wget git-core unzip gcc-multilib \
      build-essential socat cpio python python3 python3-pip python3-pexpect xz-utils debianutils \
      iputils-ping python3-git python3-jinja2 libegl1-mesa libsdl1.2-dev pylint3 xterm git-lfs openssl \
-     curl lib32ncurses5-dev libz-dev python-pip repo u-boot-tools m4
+     curl lib32ncurses5-dev libz-dev python-pip u-boot-tools m4 zip
+
+To get the latest repo tool from google, run the following commands:
+
+::
+
+    curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
+    chmod a+x ~/bin/repo
 
 If syncing and building android, the minimum requirements for the host machine can be found at https://source.android.com/setup/build/requirements, These include:
  * At least 250GB of free disk space to check out the code and an extra 150 GB to build it. If you conduct multiple builds, you need additional space.
  * At least 16 GB of available RAM/swap.
- * Git configured properly else it may throw error while fetching the code.
+ * Git configured properly using "git config" otherwise it may throw error while fetching the code.
 
 Syncing and building the source code
 ------------------------------------
@@ -67,16 +74,16 @@ in these instructions.
 
     mkdir <tc0_workspace>
     cd <tc0_workspace>
-    export TC0_RELEASE=refs/tags/TC0-2021.02.09
+    export TC0_RELEASE=refs/tags/TC0-2021.04.23
 
-To sync BSP only without Android, execute the repo command.
+To sync BSP only without Android, run the repo command.
 
 ::
 
     repo init -u https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-manifest -m tc0.xml -b ${TC0_RELEASE} -g bsp
     repo sync -j$(nproc)
 
-To sync both the BSP and Android, execute the repo command.
+To sync both the BSP and Android, run the repo command.
 
 ::
 
@@ -96,7 +103,7 @@ Board Support Package build
     bitbake tc0-artifacts-image
 
 The initial clean build will be lengthy, given that all host utilities are to be built as well as
-the target images. This includes host executables (python, cmake, etc.) and the required toolchain(s).
+the target images. This includes host programs (python, cmake, etc.) and the required toolchain(s).
 
 Once the build is successful, all images will be placed in the ``<tc0_workspace>/bsp/build-poky/tmp-poky/deploy/images/tc0``
 directory.
@@ -127,18 +134,20 @@ The ``build-scripts/tc0/build_android.sh`` script in ``<tc0_workspace>/android``
     -d, --distro                            distro version, values supported [android-nano, android-swr]
     -a, --avb                               [OPTIONAL] avb boot, values supported [true, false], DEFAULT: false
 
-As an example, to build android with software rendering and AVB enabled, execute the command:
+As an example, to build android with software rendering and AVB enabled, run the command:
 
 ::
 
   ./build-scripts/tc0/build_android.sh -d android-swr -a true
 
-To build headless android without AVB, execute the command:
+To build headless android without AVB, run the command:
 
 ::
 
   ./build-scripts/tc0/build_android.sh -d android-nano
 
+Android based stack takes considerable time to build, so start the build and go grab a cup of coffee!
+
 Provided components
 -------------------
 
@@ -233,13 +242,26 @@ Based on `OP-TEE <https://github.com/OP-TEE/optee_os>`__
 +--------+------------------------------------------------------------------------------------------+
 
 
+S-EL0 trusted-services
+**********************
+
+Based on `Trusted Services <https://www.trustedfirmware.org/projects/trusted-services/>`__
+
++--------+------------------------------------------------------------------------------------------------------+
+| Recipe | <tc0_workspace>/bsp/layers/meta-arm/meta-arm/recipes-security/trusted-services/secure-storage_git.bb |
+|        | <tc0_workspace>/bsp/layers/meta-arm/meta-arm/recipes-security/trusted-services/crypto-sp_git.bb      |
++--------+------------------------------------------------------------------------------------------------------+
+| Files  | * <tc0_workspace>/bsp/build-poky/tmp-poky/deploy/images/tc0/firmware/crypto-sp.bin                   |
+|        | * <tc0_workspace>/bsp/build-poky/tmp-poky/deploy/images/tc0/firmware/secure-storage.bin              |
++--------+------------------------------------------------------------------------------------------------------+
+
 Linux
 *****
 
-The recipe responsible for building a 4.19 version of the Android Common kernel (`ACK <https://android.googlesource.com/kernel/common/>`__).
+The recipe responsible for building a 5.4 version of the Android Common kernel (`ACK <https://android.googlesource.com/kernel/common/>`__).
 
 +--------+-----------------------------------------------------------------------------------------------+
-| Recipe | <tc0_workspace>/bsp/layers/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm64-ack-tc0.inc |
+| Recipe | <tc0_workspace>/bsp/layers/meta-arm/meta-arm-bsp/recipes-kernel/linux/linux-arm-platforms.inc |
 +--------+-----------------------------------------------------------------------------------------------+
 | Files  | * <tc0_workspace>/bsp/build-poky/tmp-poky/deploy/images/tc0/Image                             |
 +--------+-----------------------------------------------------------------------------------------------+
@@ -261,7 +283,7 @@ The provided distribution is based on BusyBox and built using glibc.
 Android
 *******
 
-Android 10 is supported in this release with device profiles suitable for TC0 machine configuration.
+Android 11 is supported in this release with device profiles suitable for TC0 machine configuration.
 Android is built as a separate project and then booted with the BSP built by Yocto.
 
 
@@ -272,10 +294,16 @@ Within the ``<tc0_workspace>/bsp/run-scripts/`` are several convenience function
 stack. Usage descriptions for the various scripts are provided in the following sections.
 
 
+Obtaining the TC0 FVP
+---------------------
+
+The TC0 FVP is available to partners for build and run on Linux host environments.
+Please contact Arm to have access (support@arm.com).
+
 Running the software on FVP
 ---------------------------
 
-A Fixed Virtual Platform (FVP) of the TC0 platform must be available to execute the included run scripts.
+A Fixed Virtual Platform (FVP) of the TC0 platform must be available to run the included run scripts.
 
 The run-scripts structure is as follows:
 
@@ -286,11 +314,11 @@ The run-scripts structure is as follows:
        |--run_model.sh
        |-- ...
 
-Ensure that all dependencies are met by executing the FVP: ``./path/to/FVP_TC0``. You should see
+Ensure that all dependencies are met by running the FVP: ``./path/to/FVP_TC0``. You should see
 the FVP launch, presenting a graphical interface showing information about the current state of the FVP.
 
 The ``run_model.sh`` script in ``<tc0_workspace>/bsp/run-scripts/tc0`` will launch the FVP, providing
-the previously built images as arguments. Execute the ``run_model.sh`` script:
+the previously built images as arguments. Run the ``run_model.sh`` script:
 
 ::
 
@@ -319,16 +347,23 @@ the previously built images as arguments. Execute the ``run_model.sh`` script:
         OR
         ./run-scripts/tc0/run_model.sh -m <model binary path> -d android-nano -a true
 
-When the script is executed, two terminal instances will be launched. terminal_s0 used for the SCP,
+When the script is run, two terminal instances will be launched. terminal_s0 used for the SCP,
 TF-A, OP-TEE core logs and terminal_s1 used by TF-A early boot, Hafnium, U-boot and Linux.
 
 Once the FVP is running, the SCP will be the first to boot, bringing the AP out of reset.
 The AP will start booting from its ROM and then proceed to boot Trusted Firmware-A, Hafnium, OP-TEE
 then U-Boot, and then Linux and Poky/Android.
 
-When booting Poky the model will boot Linux and present a login prompt. Login using the username ``root``.
-You may need to hit Enter for the prompt to appear. The OP-TEE OS works on both the Android and Poky distro, but
-can be tested only on Poky using optee-test (xtest) simply by typing ``xtest`` on the linux shell.
+When booting Poky the model will boot Linux and present a login prompt. Login
+using the username ``root``. You may need to hit Enter for the prompt to appear.
+
+The OP-TEE and Trusted Services are initialized on both the Android and Poky
+distribution. But the functionality of OP-TEE and core set of trusted services
+such as cryptography and secure storage can be invoked only on Poky
+distribution. For OP-TEE, the TEE sanity test suite can be run using command
+``xtest``. For Trusted Services, run command ``ts-service-test`` for Service
+API level tests and run command ``ts-demo`` for the demonstration client
+application.
 
 --------------