diff options
author | Balint Matyi <Balint.Matyi@arm.com> | 2020-02-18 12:27:38 +0000 |
---|---|---|
committer | Tamas Ban <tamas.ban@arm.com> | 2020-04-20 09:39:32 +0000 |
commit | 2fe049262a441dd11e878e4a5f4a3d67aabfefe3 (patch) | |
tree | 508310473c6da89838437c7b7d0ca451a099adec /bl2 | |
parent | c071161c062fcbc05b767ed5b5a0f2aacbf748ec (diff) | |
download | trusted-firmware-m-2fe049262a441dd11e878e4a5f4a3d67aabfefe3.tar.gz |
Build: Move MCUBoot configs from compile time defines to header
Changed the propagation of configurations from being passed by
CMake, to putting them into a dynamically generated header file.
Change-Id: I419121af3762929f18d3b408594d3f5f61528ddb
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
Diffstat (limited to 'bl2')
-rw-r--r-- | bl2/ext/mcuboot/CMakeLists.txt | 56 | ||||
-rw-r--r-- | bl2/ext/mcuboot/MCUBootConfig.cmake | 1 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bl2_main.c | 1 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h | 1 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bootutil/src/bootutil_priv.h | 1 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bootutil/src/image_rsa.c | 4 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bootutil/src/image_validate.c | 2 | ||||
-rw-r--r-- | bl2/ext/mcuboot/bootutil/src/loader.c | 1 | ||||
-rw-r--r-- | bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in (renamed from bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h) | 24 | ||||
-rw-r--r-- | bl2/ext/mcuboot/keys.c | 3 | ||||
-rw-r--r-- | bl2/src/boot_record.c | 1 |
11 files changed, 60 insertions, 35 deletions
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt index 4e0c51817a..1f19b2a18a 100644 --- a/bl2/ext/mcuboot/CMakeLists.txt +++ b/bl2/ext/mcuboot/CMakeLists.txt @@ -132,6 +132,7 @@ embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${TFM_ROOT_DIR}/ embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${TFM_ROOT_DIR}/bl2/ext/mcuboot/include ABSOLUTE APPEND) embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${MCUBOOT_DIR}/bootutil/include ABSOLUTE APPEND) embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${MBEDCRYPTO_INSTALL_DIR}/include ABSOLUTE APPEND) +embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${CMAKE_CURRENT_BINARY_DIR} ABSOLUTE APPEND) #Define linker file if(NOT DEFINED BL2_LINKER_CONFIG) @@ -187,53 +188,50 @@ message("- MCUBOOT_SIGNATURE_TYPE: '${MCUBOOT_SIGNATURE_TYPE}'.") message("- MCUBOOT_HW_KEY: '${MCUBOOT_HW_KEY}'.") message("- MCUBOOT_LOG_LEVEL: '${MCUBOOT_LOG_LEVEL}'.") -#Set macro definitions for the project. -target_compile_definitions(${PROJECT_NAME} PRIVATE - MCUBOOT_VALIDATE_PRIMARY_SLOT - MCUBOOT_USE_FLASH_AREA_GET_SECTORS - MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" - MCUBOOT_TARGET_CONFIG="flash_layout.h") +get_property(_log_levels CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS) +list(FIND _log_levels ${MCUBOOT_LOG_LEVEL} LOG_LEVEL_ID) if (MCUBOOT_REPO STREQUAL "UPSTREAM") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_USE_UPSTREAM) + set(MCUBOOT_USE_UPSTREAM On) endif() -if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=3072) +if(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072") + set(MCUBOOT_SIGN_RSA On) + set(MCUBOOT_SIGN_RSA_LEN 3072) elseif(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=2048) -else() - message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm") + set(MCUBOOT_SIGN_RSA On) + set(MCUBOOT_SIGN_RSA_LEN 2048) endif() if (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "OVERWRITE_ONLY") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_OVERWRITE_ONLY) -elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_NO_SWAP) + set(MCUBOOT_OVERWRITE_ONLY On) +elseif(${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP") + set(MCUBOOT_NO_SWAP On) elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "RAM_LOADING") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_RAM_LOADING) -elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "SWAP") - #No compile definition needs to be specified for this upgrade strategy -else() - get_property(_upgrade_strategies CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS) - message(FATAL_ERROR "ERROR: MCUBoot supports the ${_upgrade_strategies} upgrade strategies only.") + set(MCUBOOT_RAM_LOADING On) endif() -if (MCUBOOT_HW_KEY) - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_HW_KEY) +if (ATTEST_BOOT_INTERFACE STREQUAL "INDIVIDUAL_CLAIMS") + set(MCUBOOT_INDIVIDUAL_CLAIMS On) +endif() + +configure_file("${CMAKE_CURRENT_LIST_DIR}/include/mcuboot_config/mcuboot_config.h.in" + "${CMAKE_CURRENT_BINARY_DIR}/mcuboot_config/mcuboot_config.h" + @ONLY) + +target_compile_definitions(${PROJECT_NAME} PRIVATE MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + +if (NOT MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072" AND NOT MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048") + message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm") endif() +validate_cache_value(MCUBOOT_UPGRADE_STRATEGY) + if (ATTEST_BOOT_INTERFACE STREQUAL "INDIVIDUAL_CLAIMS") - target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_INDIVIDUAL_CLAIMS) message(WARNING "ATTEST_BOOT_INTERFACE was set to ${ATTEST_BOOT_INTERFACE}. This configuration is " "deprecated and this feature will probably be removed from MCUBoot in the future.") endif() -#Configure log level for MCUBoot. -get_property(_log_levels CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS) -list(FIND _log_levels ${MCUBOOT_LOG_LEVEL} LOG_LEVEL_ID) -target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_LOG_LEVEL=${LOG_LEVEL_ID}) - #Set install location. Keep original value to avoid overriding command line settings. if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX "${CMAKE_BINARY_DIR}/install" CACHE PATH "Default install location for MCUBoot." FORCE) diff --git a/bl2/ext/mcuboot/MCUBootConfig.cmake b/bl2/ext/mcuboot/MCUBootConfig.cmake index f421ee6944..06a828b374 100644 --- a/bl2/ext/mcuboot/MCUBootConfig.cmake +++ b/bl2/ext/mcuboot/MCUBootConfig.cmake @@ -44,6 +44,7 @@ if (BL2) if (NOT CMAKE_BUILD_TYPE STREQUAL "debug") set(MCUBOOT_LOG_LEVEL "LOG_LEVEL_OFF") endif() + validate_cache_value(MCUBOOT_LOG_LEVEL) if ((${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP" OR diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c index 6c55ac805f..62b93d984e 100644 --- a/bl2/ext/mcuboot/bl2_main.c +++ b/bl2/ext/mcuboot/bl2_main.c @@ -15,6 +15,7 @@ * limitations under the License. */ +#include "mcuboot_config/mcuboot_config.h" #include <assert.h> #include "bl2_util.h" #include "target.h" diff --git a/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h b/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h index b0c1f2133f..7b87df866e 100644 --- a/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h +++ b/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h @@ -21,6 +21,7 @@ #define __BOOTUTIL_SIGN_KEY_H_ #include <stdint.h> +#include "mcuboot_config/mcuboot_config.h" #ifdef __cplusplus extern "C" { diff --git a/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h b/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h index 4edfcdbd3d..a55b50de32 100644 --- a/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h +++ b/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h @@ -32,6 +32,7 @@ #include "bootutil/bootutil.h" #include "bootutil/image.h" #include "flash_layout.h" +#include "mcuboot_config/mcuboot_config.h" #ifdef __cplusplus extern "C" { diff --git a/bl2/ext/mcuboot/bootutil/src/image_rsa.c b/bl2/ext/mcuboot/bootutil/src/image_rsa.c index ea7c78fd9b..c29ea002ca 100644 --- a/bl2/ext/mcuboot/bootutil/src/image_rsa.c +++ b/bl2/ext/mcuboot/bootutil/src/image_rsa.c @@ -21,11 +21,13 @@ * Original code taken from mcuboot project at: * https://github.com/JuulLabs-OSS/mcuboot * Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a - * Modifications are Copyright (c) 2018-2019 Arm Limited. + * Modifications are Copyright (c) 2018-2020 Arm Limited. */ #include <string.h> +#include "mcuboot_config/mcuboot_config.h" + #ifdef MCUBOOT_SIGN_RSA #include "bootutil/sign_key.h" #include "bootutil/sha256.h" diff --git a/bl2/ext/mcuboot/bootutil/src/image_validate.c b/bl2/ext/mcuboot/bootutil/src/image_validate.c index db9d5410a6..938996b09a 100644 --- a/bl2/ext/mcuboot/bootutil/src/image_validate.c +++ b/bl2/ext/mcuboot/bootutil/src/image_validate.c @@ -35,6 +35,8 @@ #include "bootutil/sign_key.h" #include "security_cnt.h" +#include "mcuboot_config/mcuboot_config.h" + #if defined(MCUBOOT_SIGN_RSA) #include "mbedtls/rsa.h" #endif diff --git a/bl2/ext/mcuboot/bootutil/src/loader.c b/bl2/ext/mcuboot/bootutil/src/loader.c index 2197a472d1..2b6f655c29 100644 --- a/bl2/ext/mcuboot/bootutil/src/loader.c +++ b/bl2/ext/mcuboot/bootutil/src/loader.c @@ -45,6 +45,7 @@ #include "bl2/include/tfm_boot_status.h" #include "bl2/include/boot_record.h" #include "security_cnt.h" +#include "mcuboot_config/mcuboot_config.h" static struct boot_loader_state boot_data; diff --git a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in index a0dfe0981d..3ac50be7db 100644 --- a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h +++ b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 Open Source Foundries Limited - * Copyright (c) 2019 Arm Limited + * Copyright (c) 2019-2020 Arm Limited * * SPDX-License-Identifier: Apache-2.0 */ @@ -29,11 +29,26 @@ extern "C" { */ #ifndef __BOOTSIM__ +#define MCUBOOT_VALIDATE_PRIMARY_SLOT +#define MCUBOOT_USE_FLASH_AREA_GET_SECTORS +#define MCUBOOT_TARGET_CONFIG "flash_layout.h" + /* - * In TF-M most of the configuration flags (e.g. signature type, - * upgrade mode ...) are handled by the CMake-based buildsystem and - * added to the compiler command lines. + * Signature types */ +#cmakedefine MCUBOOT_SIGN_RSA +#cmakedefine MCUBOOT_SIGN_RSA_LEN @MCUBOOT_SIGN_RSA_LEN@ + +/* + * Upgrade mode + */ +#cmakedefine MCUBOOT_OVERWRITE_ONLY +#cmakedefine MCUBOOT_NO_SWAP +#cmakedefine MCUBOOT_RAM_LOADING + +#cmakedefine MCUBOOT_INDIVIDUAL_CLAIMS +#cmakedefine MCUBOOT_HW_KEY +#cmakedefine MCUBOOT_USE_UPSTREAM /* * Cryptographic settings @@ -44,6 +59,7 @@ extern "C" { * Logging */ #define MCUBOOT_HAVE_LOGGING 1 +#define MCUBOOT_LOG_LEVEL @LOG_LEVEL_ID@ #endif /* !__BOOTSIM__ */ diff --git a/bl2/ext/mcuboot/keys.c b/bl2/ext/mcuboot/keys.c index c8f960bf98..480994c132 100644 --- a/bl2/ext/mcuboot/keys.c +++ b/bl2/ext/mcuboot/keys.c @@ -21,10 +21,11 @@ * Original code taken from mcuboot project at: * https://github.com/JuulLabs-OSS/mcuboot * Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a - * Modifications are Copyright (c) 2019 Arm Limited. + * Modifications are Copyright (c) 2019-2020 Arm Limited. */ #include <bootutil/sign_key.h> +#include "mcuboot_config/mcuboot_config.h" #if !defined(MCUBOOT_HW_KEY) #if defined(MCUBOOT_SIGN_RSA) diff --git a/bl2/src/boot_record.c b/bl2/src/boot_record.c index 2c6146ac85..b20cf936be 100644 --- a/bl2/src/boot_record.c +++ b/bl2/src/boot_record.c @@ -5,6 +5,7 @@ * */ +#include "mcuboot_config/mcuboot_config.h" #include "boot_record.h" #include "region_defs.h" #include "tfm_boot_status.h" |