PolarFire SoC eMMC/SD improvements and RISC-V boot code unification

arch.mk

@@ -542,7 +542,7 @@ ifeq ($(ARCH),RENESAS_RX)
 endif
 
 
-## RISCV
+## RISCV (32-bit)
 ifeq ($(ARCH),RISCV)
   CROSS_COMPILE?=riscv32-unknown-elf-
   ARCH_FLAGS=-march=rv32imac -mabi=ilp32 -mcmodel=medany
@@ -555,11 +555,12 @@ ifeq ($(ARCH),RISCV)
   CFLAGS +=-ffunction-sections -fdata-sections
   LDFLAGS+=-Wl,--gc-sections
 
-  OBJS+=src/boot_riscv.o src/vector_riscv.o
+  # Unified RISC-V boot code (32/64-bit via __riscv_xlen)
+  OBJS+=src/boot_riscv_start.o src/boot_riscv.o src/vector_riscv.o
   ARCH_FLASH_OFFSET=0x20010000
 endif
 
-## RISCV64
+## RISCV64 (64-bit)
 ifeq ($(ARCH),RISCV64)
   CROSS_COMPILE?=riscv64-unknown-elf-
   CFLAGS+=-DMMU -DWOLFBOOT_DUALBOOT
@@ -568,15 +569,16 @@ ifeq ($(ARCH),RISCV64)
   OBJS += src/gpt.o
   OBJS += src/disk.o
   ARCH_FLAGS=-march=rv64imafd -mabi=lp64d -mcmodel=medany
-  CFLAGS+=-fno-builtin-printf -DUSE_M_TIME -g -nostartfiles -DARCH_RISCV64
+  CFLAGS+=-fno-builtin-printf -DUSE_M_TIME -g -nostartfiles -DARCH_RISCV -DARCH_RISCV64
   CFLAGS+=$(ARCH_FLAGS)
   LDFLAGS+=$(ARCH_FLAGS)
 
   # Prune unused functions and data
   CFLAGS +=-ffunction-sections -fdata-sections
   LDFLAGS+=-Wl,--gc-sections
 
-  OBJS+=src/boot_riscv64_start.o src/boot_riscv64.o src/vector_riscv64.o
+  # Unified RISC-V boot code (32/64-bit via __riscv_xlen)
+  OBJS+=src/boot_riscv_start.o src/boot_riscv.o src/vector_riscv.o
 
   CFLAGS+=-DWOLFBOOT_FDT
   OBJS+=src/fdt.o

config/examples/polarfire_mpfs250.config

@@ -25,9 +25,6 @@ WOLFTPM?=0
 ELF?=1
 #DEBUG_ELF?=1
 
-# Optionally allow downgrade to older valid version in update partition
-ALLOW_DOWNGRADE?=0
-
 # Use RISC-V assembly version of ECDSA and SHA
 NO_ASM?=0
 NO_ARM_ASM?=0
@@ -48,12 +45,16 @@ WOLFBOOT_LOAD_ADDRESS?=0x8E000000
 WOLFBOOT_NO_PARTITIONS=1
 CFLAGS_EXTRA+=-DBOOT_PART_A=1
 CFLAGS_EXTRA+=-DBOOT_PART_B=2
-# Speed up disk partition read (1MB chunks)
-CFLAGS_EXTRA+=-DDISK_BLOCK_SIZE=0x100000
+# Speed up disk partition read (512KB chunks)
+CFLAGS_EXTRA+=-DDISK_BLOCK_SIZE=0x80000
 
 # DTS (Device Tree)
 WOLFBOOT_LOAD_DTS_ADDRESS?=0x8A000000
 
+# Optional Encryption
+#ENCRYPT=1
+#ENCRYPT_WITH_AES256=1
+
 # Optional EMMC_SD debugging logs
 #CFLAGS_EXTRA+=-DDEBUG_MMC
 # Optional disk debugging logs

docs/Targets.md

@@ -883,6 +883,7 @@ n
 n
 4
 
+
 t
 1
 4
@@ -920,6 +921,9 @@ Device      Start      End  Sectors  Size Type
 2) Build, Sign and copy images
 
 ```sh
+# Copy wolfBoot to "BIOS" partition
+sudo dd if=wolfboot.bin of=/dev/sdc1 bs=512 && sudo cmp wolfboot.bin /dev/sdc1
+
 # make test-app
 make test-app/image.elf
 
@@ -930,8 +934,22 @@ sudo dd if=test-app/image_v1_signed.bin of=/dev/sdc2 bs=512 && sudo cmp test-app
 
 4) Insert SDCARD into PolarFire and let HSS start wolfBoot. You may need to use `boot sdcard` or configure/build HSS to disable MMC / enable SDCARD.
 
+### PolarFire Building Hart Software Services (HSS)
+
+The Hart Software Services (HSS) is the zero-stage bootloader for the PolarFire SoC. It runs on the E51 monitor core and is responsible for system initialization, hardware configuration, and booting the U54 application cores. The HSS provides essential services including watchdog management, inter-processor communication (IPC), and loading payloads from various boot sources (eMMC, SD card, or SPI flash).
+
+```sh
+git clone https://github.com/polarfire-soc/hart-software-services.git
+cd hart-software-services
+make clean
+make BOARD=mpfs-video-kit
+make BOARD=mpfs-video-kit program
+```
+
 ### PolarFire Building Yocto-SDK Linux
 
+The Yocto Project provides a customizable embedded Linux distribution for PolarFire SoC. Microchip maintains the `meta-mchp` layer with board support packages (BSP), drivers, and example applications for their devices. The build system uses OpenEmbedded and produces bootable images that can be flashed to eMMC or SD card.
+
 See:
 * https://github.com/linux4microchip/meta-mchp/blob/scarthgap/meta-mchp-common/README.md
 * https://github.com/linux4microchip/meta-mchp/blob/scarthgap/meta-mchp-polarfire-soc/README.md
@@ -958,6 +976,9 @@ Build images are output to: `./tmp-glibc/deploy/images/mpfs-video-kit/`
 #### Custom FIT image, signing and coping to SDCard
 
 ```sh
+# Copy wolfBoot to "BIOS" partition
+sudo dd if=wolfboot.bin of=/dev/sdc1 bs=512 && sudo cmp wolfboot.bin /dev/sdc1
+
 # Extract GZIP compressed linux kernel to wolfboot root
 gzip -cdvk ../yocto-dev-polarfire/build/tmp-glibc/work/mpfs_video_kit-oe-linux/linux-mchp/6.12.22+git/build/linux.bin > kernel.bin
 
@@ -1003,9 +1024,51 @@ sudo dd if=fitImage_v1_signed.bin of=/dev/sdc2 bs=512 status=progress && sudo cm
 sudo dd if=fitImage_v1_signed.bin of=/dev/sdc3 bs=512 status=progress && sudo cmp fitImage_v1_signed.bin /dev/sdc3
 
 # Copy root file system
-sudo dd if=../yocto-dev-polarfire/build/tmp-glibc/deploy/images/mpfs-video-kit/mchp-base-image-sdk-mpfs-video-kit.rootfs.ext4 of=/dev/sdb4 bs=512 status=progress
+sudo dd if=../yocto-dev-polarfire/build/tmp-glibc/deploy/images/mpfs-video-kit/mchp-base-image-sdk-mpfs-video-kit.rootfs.ext4 of=/dev/sdc4 bs=4M status=progress
+```
+
+### PolarFire SoC Encryption
+
+PolarFire SoC uses MMU mode with disk-based updates. The encryption key is stored in RAM rather than flash.
+
+Enable encryption in your configuration with `ENCRYPT=1` and one of: `ENCRYPT_WITH_AES256=1`, `ENCRYPT_WITH_AES128=1`, or `ENCRYPT_WITH_CHACHA=1`.
+
+| Algorithm | Key Size | Nonce/IV Size |
+|-----------|----------|---------------|
+| ChaCha20  | 32 bytes | 12 bytes      |
+| AES-128   | 16 bytes | 16 bytes      |
+| AES-256   | 32 bytes | 16 bytes      |
+
+The `libwolfboot` API provides the following functions for managing the encryption key:
+
+```c
+int wolfBoot_set_encrypt_key(const uint8_t *key, const uint8_t *nonce);
+int wolfBoot_get_encrypt_key(uint8_t *key, uint8_t *nonce);
+int wolfBoot_erase_encrypt_key(void);  /* called automatically by wolfBoot_success() */
+```
+
+To sign and encrypt an image, create a key file with the concatenated key and nonce, then use the sign tool:
+
+```sh
+# Create key file (32-byte key + 16-byte IV for AES-256)
+echo -n "0123456789abcdef0123456789abcdef0123456789abcdef" > enc_key.der
+
+# Sign and encrypt
+./tools/keytools/sign --ecc384 --sha384 --aes256 --encrypt enc_key.der \
+    fitImage wolfboot_signing_private_key.der 1
 ```
 
+In your application, set the encryption key before triggering an update:
+
+```c
+wolfBoot_set_encrypt_key(enc_key, enc_iv);
+wolfBoot_update_trigger();
+```
+
+During boot, wolfBoot decrypts the image headers from disk to select the best candidate, loads and decrypts the full image to RAM, then verifies integrity and authenticity before booting. On successful boot, `wolfBoot_success()` clears the key from RAM.
+
+See the [Encrypted Partitions](encrypted_partitions.md) documentation for additional details.
+
 ### PolarFire Soc Debugging
 
 Start GDB server:
@@ -1034,7 +1097,7 @@ set architecture riscv:rv64
 ### PolarFire Example Boot Output
 
 ```
-wolfBoot Version: 2.7.0 (Dec 22 2025 14:14:37)
+wolfBoot Version: 2.7.0 (Dec 29 2025 11:34:01)
 Reading MBR...
 Found GPT PTE at sector 1
 Found valid boot signature in MBR
@@ -1054,19 +1117,18 @@ Checking secondary OS image in 0,2...
 Versions, A:1 B:1
 Load address 0x8E000000
 Attempting boot from P:A
-Boot partition: 0x801FFDA0 (sz 19767000, ver 0x1, type 0x601)
-Loading image from disk...done.
-Boot partition: 0x8E000000 (sz 19767000, ver 0x1, type 0x601)
-Checking image integrity...done.
-Verifying image signature...done.
+Boot partition: 0x801FFD80 (sz 19767004, ver 0x1, type 0x601)
+Loading image from disk...done. (846 ms)
+Boot partition: 0x8E000000 (sz 19767004, ver 0x1, type 0x601)
+Checking image integrity...done. (1507 ms)
+Verifying image signature...done. (68 ms)
 Firmware Valid.
-Flattened uImage Tree: Version 17, Size 19767000
+Flattened uImage Tree: Version 17, Size 19767004
 Loading Image kernel-1: 0x8E0002C8 -> 0x80200000 (19745280 bytes)
 Image kernel-1: 0x80200000 (19745280 bytes)
 Loading Image fdt-1: 0x8F2D4DCC -> 0x8A000000 (19897 bytes)
 Image fdt-1: 0x8A000000 (19897 bytes)
 Loading DTS: 0x8A000000 -> 0x8A000000 (19897 bytes)
-Loading elf at 0x80200000
 Invalid elf, falling back to raw binary
 Booting at 80200000
 [    0.000000] Linux version 6.12.22-linux4microchip+fpga-2025.07-g032a7095303a (oe-user@oe-host) (riscv64-oe-linux-gcc (GCC) 13.3.0, GNU ld (GNU Binutils) 2.42.0.20240723) #1 SMP Tue Jul 22 10:04:20 UTC 2025
@@ -1078,15 +1140,63 @@ Booting at 80200000
 [    0.000000] SBI RFENCE extension detected
 [    0.000000] SBI SRST extension detected
 [    0.000000] earlycon: ns16550a0 at MMIO32 0x0000000020100000 (options '115200n8')
+[    0.000000] printk: legacy bootconsole [ns16550a0] enabled
 ...
 ```
 
+### PolarFire Benchmarks
+
+RISC-V 64-bit U54 (RV64GC1) 625 MHz
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.8.4
+------------------------------------------------------------------------------
+Math:   Multi-Precision: Wolf(SP) word-size=64 bits=3072 sp_int.c
+        Assembly Speedups: RISCVASM ALIGN
+wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each)
+RNG                          5 MiB took 1.232 seconds,    4.058 MiB/s
+AES-128-CBC-enc             10 MiB took 1.182 seconds,    8.457 MiB/s
+AES-128-CBC-dec             10 MiB took 1.166 seconds,    8.573 MiB/s
+AES-192-CBC-enc             10 MiB took 1.378 seconds,    7.257 MiB/s
+AES-192-CBC-dec             10 MiB took 1.362 seconds,    7.344 MiB/s
+AES-256-CBC-enc             10 MiB took 1.569 seconds,    6.373 MiB/s
+AES-256-CBC-dec             10 MiB took 1.556 seconds,    6.426 MiB/s
+AES-128-GCM-enc             10 MiB took 1.956 seconds,    5.113 MiB/s
+AES-128-GCM-dec             10 MiB took 1.955 seconds,    5.115 MiB/s
+AES-192-GCM-enc              5 MiB took 1.075 seconds,    4.650 MiB/s
+AES-192-GCM-dec              5 MiB took 1.074 seconds,    4.654 MiB/s
+AES-256-GCM-enc              5 MiB took 1.172 seconds,    4.268 MiB/s
+AES-256-GCM-dec              5 MiB took 1.170 seconds,    4.275 MiB/s
+GMAC Table 4-bit            15 MiB took 1.133 seconds,   13.245 MiB/s
+CHACHA                      20 MiB took 1.107 seconds,   18.064 MiB/s
+CHA-POLY                    15 MiB took 1.060 seconds,   14.152 MiB/s
+POLY1305                    75 MiB took 1.044 seconds,   71.812 MiB/s
+SHA                         20 MiB took 1.139 seconds,   17.561 MiB/s
+SHA-256                     10 MiB took 1.069 seconds,    9.350 MiB/s
+SHA-384                     15 MiB took 1.072 seconds,   13.994 MiB/s
+SHA-512                     15 MiB took 1.072 seconds,   13.990 MiB/s
+SHA-512/224                 15 MiB took 1.068 seconds,   14.041 MiB/s
+SHA-512/256                 15 MiB took 1.066 seconds,   14.070 MiB/s
+HMAC-SHA                    20 MiB took 1.140 seconds,   17.542 MiB/s
+HMAC-SHA256                 10 MiB took 1.068 seconds,    9.366 MiB/s
+HMAC-SHA384                 15 MiB took 1.066 seconds,   14.076 MiB/s
+HMAC-SHA512                 15 MiB took 1.066 seconds,   14.077 MiB/s
+PBKDF2                       1 KiB took 1.024 seconds,    1.129 KiB/s
+RSA     2048   public       800 ops took 1.142 sec, avg 1.427 ms,   700.575 ops/sec
+RSA     2048  private       100 ops took 8.450 sec, avg 84.504 ms,    11.834 ops/sec
+DH      2048  key gen        60 ops took 1.010 sec, avg 16.841 ms,    59.379 ops/sec
+DH      2048    agree       100 ops took 3.421 sec, avg 34.211 ms,    29.231 ops/sec
+ECC   [      SECP256R1]   256  key gen       100 ops took 1.304 sec, avg 13.039 ms,    76.691 ops/sec
+ECDHE [      SECP256R1]   256    agree       100 ops took 1.299 sec, avg 12.992 ms,    76.970 ops/sec
+ECDSA [      SECP256R1]   256     sign       100 ops took 1.338 sec, avg 13.383 ms,    74.723 ops/sec
+ECDSA [      SECP256R1]   256   verify       200 ops took 1.846 sec, avg 9.231 ms,   108.333 ops/sec
+Benchmark complete
+```
+
 ### PolarFire TODO
 
 * Add eMMC/SD features:
-  - Improve mmc_delay and timeout handling
-  - DMA read support
-  - Write support
   - eMMC support (not just SD)
 * Add support for reading serial number and modifying ethernet MAC in device tree
 * Add support for QSPI NOR flash