aboutsummaryrefslogtreecommitdiff
path: root/fvp_ffa.mk
blob: 227867c8e3a278c1fbc1946b943bb85109200755 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
DTS				?= optee_ffa
DTS_PATH			?= $(BUILD_PATH)/fvp
USE_FVP_BASE_PLAT		?= 1

# Use "embedded" or "fip"
SP_PACKAGING_METHOD		?= embedded

OPTEE_OS_COMMON_EXTRA_FLAGS	+= CFG_CORE_SEL1_SPMC=y CFG_CORE_FFA=y
OPTEE_OS_COMMON_EXTRA_FLAGS	+= CFG_WITH_SP=y
OPTEE_OS_COMMON_EXTRA_FLAGS	+= O=out/arm

TF_A_FLAGS ?= \
	ARM_TSP_RAM_LOCATION=tdram \
	BL32=$(OPTEE_OS_PAGER_V2_BIN) \
	BL33=$(EDK2_BIN) \
	DEBUG=$(DEBUG) \
	PLAT=fvp \
	SPD=spmd \
	SPMD_SPM_AT_SEL2=0

include fvp.mk

TS_INSTALL_PREFIX:=$(CURDIR)/../out-ts

# Add machinery allowing to build secure partitions from Trusted Services.
#
# build-sp <sp-name>
#   <sp name>   The name of the SP.
#
# When called build and clean targets for the SP will be defined as:
#
#   ffa-<sp name>-sp            - Build the SP with cmake, and include the SP
#                                 export makefile to make the SP binary part
#                                 of the OP-TEE OS image.
#   ffa-<sp name>-sp-clean      - run make clean on the cmake project
#   ffa-<sp name>-sp-realclean  - remove all cmake output
#
# To run these for each SP in one step, the "ffa-sp-all", "ffa-sp-all-clean" and
# "ffa-sp-all-realclean" targets are defined.
#
# The build and the clean target are added to the dependency tree of common
# op-tee targets.
#

.PHONY: ffa-sp-all
.PHONY: ffa-sp-all-clean
.PHONY: ffa-sp-all-realclean

optee-os-common: ffa-sp-all
optee-os-clean: ffa-sp-all-clean

ffa-sp-all-realclean:
	rm -rf $(TS_INSTALL_PREFIX)/opteesp

define build-sp
.PHONY: ffa-$1-sp
ffa-$1-sp: ffa-$1-sp-build
	$$(eval include $${TS_INSTALL_PREFIX}/opteesp/lib/make/$1.mk)

.PHONY: ffa-$1-sp-build
ffa-$1-sp-build: optee-os-spdevkit
	CROSS_COMPILE="$$(AARCH64_CROSS_COMPILE)" cmake -G"Unix Makefiles" -DCMAKE_INSTALL_PREFIX=$${TS_INSTALL_PREFIX} \
		-DSP_DEV_KIT_DIR=$$(CURDIR)/../optee_os/out/arm/export-sp_arm64 \
		-S $$(CURDIR)/../trusted-services/deployments/$1/opteesp -B $$(CURDIR)/../ts-build/$1
	cmake --build $$(CURDIR)/../ts-build/$1 -- -j$$(nproc)
	cmake --install $$(CURDIR)/../ts-build/$1

.PHONY: ffa-$1-sp-clean
ffa-$1-sp-clean:
	cmake --build $$(CURDIR)/../ts-build/$1 -- clean -j$$(nproc)

.PHONY: ffa-$1-sp-realclean
ffa-$1-sp-realclean:
	rm -rf $$(CURDIR)/../ts-build/$1

ffa-sp-all: ffa-$1-sp
ffa-sp-all-clean: ffa-$1-sp-clean
ffa-sp-all-realclean: ffa-$1-sp-realclean
endef

$(eval $(call build-sp,secure-storage))
$(eval $(call build-sp,crypto))

# If FIP packaging method is selected, TF-A requires a number of config options:
# - ARM_BL2_SP_LIST_DTS:   This file will be included into the TB_FW_CONFIG DT
#                          of TF-A. It contains the UUID and load address of SP
#                          packages present in the FIP, BL2 will load them based
#                          on this information.
# - ARM_SPMC_MANIFEST_DTS: Contains information about the SPMC: consumed by the
#                          SPMD at SPMC init. And about the SP packages: the
#                          SPMC can only know where the packages were loaded by
#                          BL2 based on this file.
# - SP_LAYOUT_FILE:        JSON file which describes the corresponding SP image
#                          and SP manifest DT pairs, TF-A will create the SP
#                          packages based on this. However, the TS build
#                          provides a separate JSON file for each SP. A Python
#                          snippet is used to merge these JSONs into one file.
ifeq (fip, $(SP_PACKAGING_METHOD))
SP_LAYOUT_FILE := $(TS_INSTALL_PREFIX)/opteesp/json/sp_layout.json

TF_A_FLAGS+=SP_LAYOUT_FILE=$(SP_LAYOUT_FILE)
TF_A_FLAGS+=ARM_BL2_SP_LIST_DTS=$(CURDIR)/fvp/bl2_sp_images.dtsi
TF_A_FLAGS+=ARM_SPMC_MANIFEST_DTS=$(CURDIR)/fvp/spmc_manifest.dts
OPTEE_OS_COMMON_EXTRA_FLAGS+=CFG_FIP_SP=y

MERGE_JSON_PY := import json, sys
MERGE_JSON_PY += \ncombined = {}
MERGE_JSON_PY += \nfor path in sys.stdin.read().split():
MERGE_JSON_PY += \n  with open(path) as f:
MERGE_JSON_PY += \n    current = json.load(f)
MERGE_JSON_PY += \n    combined = {**combined, **current}
MERGE_JSON_PY += \nprint(json.dumps(combined, indent=4))

$(SP_LAYOUT_FILE): ffa-sp-all
	@echo $(TS_SP_JSON_LIST) | python3 -c "$$(echo -e '$(MERGE_JSON_PY)')" > $(SP_LAYOUT_FILE)

.PHONY: ffa-sp-layout-clean
ffa-sp-layout-clean:
	@rm -f $(SP_LAYOUT_FILE)

arm-tf: $(SP_LAYOUT_FILE)
ffa-sp-all-clean: ffa-sp-layout-clean
endif

# If embedded packaging method is selected, the SP manifest files from TS have
# to be merged into a common DTS file, which is passed to OP-TEE as the embedded
# DT file. For each SP a dtsi file is exported from TS, which contains a single
# node, representing that SP.
# The TS_SP_DTSI_LIST parameter contains a line like this for each SP:
#
# #include "<absolute_path_to_dtsi>/<sp_uuid>.dtsi"
#
ifeq (embedded, $(SP_PACKAGING_METHOD))
SP_MANIFEST_FILE := $(OUT_PATH)/sp_manifest.dts
OPTEE_OS_COMMON_EXTRA_FLAGS+=CFG_EMBED_DTB_SOURCE_FILE=$(SP_MANIFEST_FILE)

$(SP_MANIFEST_FILE): ffa-sp-all
	@echo -e "/dts-v1/;\n/ {$(TS_SP_DTSI_LIST)\n};" > $(SP_MANIFEST_FILE)

.PHONY: ffa-sp-manifest-clean
ffa-sp-manifest-clean:
	@rm -f $(SP_MANIFEST_FILE)

optee-os-common: $(SP_MANIFEST_FILE)
ffa-sp-all-clean: ffa-sp-manifest-clean
endif

# Add targets to build the "arm_ffa_user" Linux Kernel module.
arm_ffa_user: linux
	$(eval ROOT:=$(CURDIR)/..)
	make -C $(CURDIR)/../linux_poc $(LINUX_COMMON_FLAGS) install

arm_ffa_user_clean:
	make -C $(CURDIR)/../linux_poc clean

all: arm_ffa_user