aboutsummaryrefslogtreecommitdiff
path: root/BuildMbedCrypto.cmake
diff options
context:
space:
mode:
authorRaef Coles <raef.coles@arm.com>2019-10-17 09:04:55 +0100
committerDavid Vincze <david.vincze@arm.com>2019-11-29 16:35:10 +0100
commit1bb168e999a2236984a0d845dde09ad71c1ca650 (patch)
treec985949fa9144f9befc6deefe5cddfae9ac97b0a /BuildMbedCrypto.cmake
parente1570bd143ef4843a531b57f77f0c2814b075dd9 (diff)
downloadtrusted-firmware-m-1bb168e999a2236984a0d845dde09ad71c1ca650.tar.gz
Boot: Switch boot to use mbed-crypto
Replace the dependency on mbedtls with the version of mbedtls packaged with mbed-crypto. Change-Id: I17a68f904c9cd68085ecb4432a7a10d6b64494a1 Signed-off-by: Raef Coles <raef.coles@arm.com>
Diffstat (limited to 'BuildMbedCrypto.cmake')
-rw-r--r--BuildMbedCrypto.cmake127
1 files changed, 117 insertions, 10 deletions
diff --git a/BuildMbedCrypto.cmake b/BuildMbedCrypto.cmake
index 4ee83fdfd5..3f573c9dd7 100644
--- a/BuildMbedCrypto.cmake
+++ b/BuildMbedCrypto.cmake
@@ -1,20 +1,127 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2019, Arm Limited. All rights reserved.
+# Copyright (c) 2017-2019, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
-# Mbed Crypto can be built in the same way Mbed TLS is built
-include(${TFM_ROOT_DIR}/BuildMbedtls.cmake)
+#When included, this file will add a target to build the Mbed Crypto libraries
+#with the same compilation setting as used by the file including this one.
+cmake_minimum_required(VERSION 3.7)
-# After building the install target, rename the installed include/psa directory
-# to include/mbedcrypto/psa to avoid name clash with the PSA Crypto headers in
-# TF-M.
-add_custom_command(TARGET ${MBEDTLS_TARGET_NAME}_install
+#Define where mbed-crypto intermediate output files are stored.
+set (MBEDCRYPTO_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbed-crypto")
+
+#Check input variables
+if(NOT DEFINED MBEDCRYPTO_DEBUG)
+ message(FATAL_ERROR "Please set MBEDCRYPTO_DEBUG to 'OFF' or 'ON' before including this file.")
+endif()
+
+if(NOT DEFINED MBEDCRYPTO_SOURCE_DIR)
+ message(FATAL_ERROR "Please set MBEDCRYPTO_SOURCE_DIR before including this file.")
+endif()
+
+if(NOT DEFINED MBEDCRYPTO_INSTALL_DIR)
+ message(FATAL_ERROR "Please set MBEDCRYPTO_INSTALL_DIR before including this file.")
+endif()
+
+if(NOT DEFINED MBEDCRYPTO_C_FLAGS)
+ message(FATAL_ERROR "Please set MBEDCRYPTO_C_FLAGS before including this file.")
+endif()
+
+if(NOT DEFINED MBEDCRYPTO_TARGET_NAME)
+ message(FATAL_ERROR "Please set MBEDCRYPTO_TARGET_NAME before including this file.")
+endif()
+
+if(MBEDCRYPTO_DEBUG)
+ set(MBEDCRYPTO_BUILD_TYPE "Debug")
+else()
+ set(MBEDCRYPTO_BUILD_TYPE "MinSizeRel")
+endif()
+
+#Based on preinclude input variables, decide if preinclude flags need to be appended
+if((NOT DEFINED MBEDCRYPTO_PREINCLUDE_PREFIX) OR (NOT DEFINED MBEDCRYPTO_PREINCLUDE_HEADER))
+ message(STATUS "Building mbed-crypto without pre-included headers and global symbols prefixing.")
+else()
+ compiler_get_preinclude_option_string(${MBEDCRYPTO_PREINCLUDE_HEADER} _PRE_INC_STRING)
+ set(MBEDCRYPTO_PREINCLUDE_C_FLAGS " -DLIB_PREFIX_NAME=${MBEDCRYPTO_PREINCLUDE_PREFIX} ${_PRE_INC_STRING}")
+ string(APPEND MBEDCRYPTO_C_FLAGS ${MBEDCRYPTO_PREINCLUDE_C_FLAGS})
+endif()
+
+function(get_mbedcrypto_mbedtls_version)
+ file(READ "${MBEDCRYPTO_SOURCE_DIR}/include/mbedtls/version.h" MBEDCRYPTO_MBEDTLS_VER_FILE)
+ string(REGEX REPLACE ".*#define[ ]+MBEDTLS_VERSION_STRING[^\"]+\"+([0-9.]+)\".*" "\\1"
+ _MBEDCRYPTO_MBEDTLS_VER ${MBEDCRYPTO_MBEDTLS_VER_FILE})
+ set(MBEDCRYPTO_MBEDTLS_VERSION ${_MBEDCRYPTO_MBEDTLS_VER} PARENT_SCOPE)
+endfunction()
+
+get_mbedcrypto_mbedtls_version()
+
+string(APPEND MBEDCRYPTO_C_FLAGS ${CMAKE_C_FLAGS})
+
+# Workaround Mbed TLS issue https://github.com/ARMmbed/mbedtls/issues/1077
+if ((${ARM_CPU_ARCHITECTURE} STREQUAL "ARMv8-M.BASE") OR
+ (${ARM_CPU_ARCHITECTURE} STREQUAL "ARMv6-M"))
+ string(APPEND MBEDCRYPTO_C_FLAGS " -DMULADDC_CANNOT_USE_R7")
+endif()
+
+if (TARGET ${MBEDCRYPTO_TARGET_NAME})
+ message(FATAL_ERROR "A target with name ${MBEDCRYPTO_TARGET_NAME} is already\
+defined. Please set MBEDCRYPTO_TARGET_NAME to a unique value.")
+endif()
+
+#Build mbed-crypto as external project.
+#This ensures mbed-crypto is built with exactly defined settings.
+#mbed-crypto will be used from its install location
+include(ExternalProject)
+# Add Mbed Crypto files to the build.
+set(_static_lib_command ${CMAKE_C_CREATE_STATIC_LIBRARY})
+externalproject_add(${MBEDCRYPTO_TARGET_NAME}
+ SOURCE_DIR ${MBEDCRYPTO_SOURCE_DIR}
+ #Set Mbed Crypto features
+ CMAKE_ARGS -DENABLE_TESTING=OFF -DENABLE_PROGRAMS=OFF
+ #Enforce our build system's settings.
+ CMAKE_ARGS -DCMAKE_MODULE_PATH=${CMAKE_MODULE_PATH} -DCMAKE_SYSTEM_NAME=${CMAKE_SYSTEM_NAME}
+ #Workaround for MbedTLS issue https://github.com/ARMmbed/mbedtls/issues/1496
+ if(MBEDCRYPTO_MBEDTLS_VERSION VERSION_GREATER "2.7.0")
+ CMAKE_ARGS -DCMAKE_HOST_UNIX:bool=true
+ endif()
+ #Inherit the build setting of this project
+ CMAKE_ARGS -DCMAKE_BUILD_TYPE=${MBEDCRYPTO_BUILD_TYPE}
+ #C compiler settings
+ CMAKE_CACHE_ARGS -DCMAKE_C_COMPILER:string=${CMAKE_C_COMPILER}
+ CMAKE_CACHE_ARGS -DCMAKE_C_COMPILER_ID:string=${CMAKE_C_COMPILER_ID}
+ CMAKE_CACHE_ARGS -DCMAKE_C_FLAGS:string=${MBEDCRYPTO_C_FLAGS}
+ CMAKE_CACHE_ARGS -DCMAKE_C_FLAGS_DEBUG:string=${CMAKE_C_FLAGS_DEBUG}
+ CMAKE_CACHE_ARGS -DCMAKE_C_FLAGS_MINSIZEREL:string=${CMAKE_C_FLAGS_MINSIZEREL}
+ CMAKE_CACHE_ARGS -DCMAKE_C_FLAGS_RELEASE:string=${CMAKE_C_FLAGS_RELEASE}
+ CMAKE_CACHE_ARGS -DCMAKE_C_OUTPUT_EXTENSION:string=.o
+ CMAKE_CACHE_ARGS -DCMAKE_C_COMPILER_WORKS:bool=true
+ #Archiver settings
+ CMAKE_CACHE_ARGS -DCMAKE_AR:string=${CMAKE_AR}
+ CMAKE_CACHE_ARGS -DCMAKE_C_CREATE_STATIC_LIBRARY:internal=${_static_lib_command}
+ CMAKE_CACHE_ARGS -DCMAKE_C_LINK_EXECUTABLE:string=${CMAKE_C_LINK_EXECUTABLE}
+ CMAKE_CACHE_ARGS -DCMAKE_STATIC_LIBRARY_PREFIX_C:string=${CMAKE_STATIC_LIBRARY_PREFIX_C}
+ CMAKE_CACHE_ARGS -DCMAKE_STATIC_LIBRARY_PREFIX_CXX:string=${CMAKE_STATIC_LIBRARY_PREFIX_CXX}
+ #Install location
+ CMAKE_CACHE_ARGS -DCMAKE_INSTALL_PREFIX:string=${MBEDCRYPTO_INSTALL_DIR}
+ #Place for intermediate build files
+ BINARY_DIR ${MBEDCRYPTO_BINARY_DIR})
+
+#Add an install target to force installation after each mbed-crypto build. Without
+#this target installation happens only when a clean mbed-crypto build is executed.
+add_custom_target(${MBEDCRYPTO_TARGET_NAME}_install
+ COMMAND ${CMAKE_COMMAND} --build ${MBEDCRYPTO_BINARY_DIR} -- install
+ WORKING_DIRECTORY ${MBEDCRYPTO_BINARY_DIR}
+ COMMENT "Installing Mbed Crypto to ${MBEDCRYPTO_INSTALL_DIR}"
+ VERBATIM)
+#Make install rule depend on Mbed Crypto library build
+add_dependencies(${MBEDCRYPTO_TARGET_NAME}_install ${MBEDCRYPTO_TARGET_NAME})
+
+add_custom_command(TARGET ${MBEDCRYPTO_TARGET_NAME}_install
POST_BUILD
COMMAND ${CMAKE_COMMAND} -E copy_directory
- ${MBEDTLS_INSTALL_DIR}/include/psa
- ${MBEDTLS_INSTALL_DIR}/include/mbedcrypto/psa
+ ${MBEDCRYPTO_INSTALL_DIR}/include/psa
+ ${MBEDCRYPTO_INSTALL_DIR}/include/mbedcrypto/psa
COMMAND ${CMAKE_COMMAND} -E remove_directory
- ${MBEDTLS_INSTALL_DIR}/include/psa)
+ ${MBEDCRYPTO_INSTALL_DIR}/include/psa)