diff options
23 files changed, 746 insertions, 1518 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 7f1a7ba232..d629418cea 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,20 +1,84 @@ #------------------------------------------------------------------------------- -# Copyright (c) 2017-2020, Arm Limited. All rights reserved. +# Copyright (c) 2020, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # #------------------------------------------------------------------------------- -cmake_minimum_required(VERSION 3.7) +cmake_minimum_required(VERSION 3.13) + +project("Trusted Firmware M" VERSION 1.1.0 LANGUAGES C ASM) +set(TFM_VERSION ${PROJECT_VERSION}) + +# Some compiler flags depend on the CPU / platform config. This include should +# be run before anything else so the compiler can be configured properly. +include(platform/ext/target/${TFM_PLATFORM}/preload.cmake) + +# The default build type is release. If debug symbols are needed then +# -DCMAKE_BUILD_TYPE=debug should be used (likewise with other build types) +if (NOT CMAKE_BUILD_TYPE) + set(CMAKE_BUILD_TYPE "Release" CACHE STRING "Build type: [Debug, Release, RelWithDebInfo, MinSizeRel]" FORCE) +endif() + +message(FATAL_ERROR "This commit is inside the patch chain for convertion of the +old cmake buildsystem to the modern one. TFM will not build unless all of these +patches have been applied, these commits are split only for ease of +understanding. If you wish to build TFM, please checkout the commit +\"Build: Convert docs directory to modern cmake\"") + +############################ CONFIGURATION ##################################### + +# First load defaults. +include(config/config_default.cmake) + +# Then load the build type config, overriding defaults and command line. +string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWERCASE) +if (EXISTS ${CMAKE_SOURCE_DIR}/config/build_type/${CMAKE_BUILD_TYPE_LOWERCASE}.cmake) + include(${CMAKE_SOURCE_DIR}/config/build_type/${CMAKE_BUILD_TYPE_LOWERCASE}.cmake) +endif() + +# Then load the profile, overriding build type config, defaults and command +# line. +if (TFM_PROFILE) + include(config/profile/${TFM_PROFILE}.cmake) +endif() + +# Then load the platform options, overriding profile, build type config, +# defaults and command line. +if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/platform/ext/target/${TFM_PLATFORM}/config.cmake) + include(platform/ext/target/${TFM_PLATFORM}/config.cmake) +endif() + +# Optionally load extra config, overriding platform options, overriding profile, +# build type config, defaults and command line. +if (TFM_EXTRA_CONFIG_PATH) + include(${TFM_EXTRA_CONFIG_PATH}) +endif() list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake) -include("Common/BuildSys") +################################################################################ + +add_subdirectory(lib/ext) +add_subdirectory(tools) +if(NS) + # Set to ${TFM_TEST_REPO_PATH}/app by default + add_subdirectory(${TFM_APP_PATH} ${CMAKE_CURRENT_BINARY_DIR}/app) +endif() add_subdirectory(secure_fw) -add_subdirectory(../tf-m-tests/app ${CMAKE_CURRENT_BINARY_DIR}/app) -if (BL2) - add_subdirectory(bl2/ext/mcuboot) +add_subdirectory(interface) +if(BL2) + add_subdirectory(bl2) +endif() +add_subdirectory(platform) + +if(NS AND (TEST_S OR TEST_NS)) + # Set to ${TFM_TEST_REPO_PATH}/test by default + add_subdirectory(${TFM_TEST_PATH} ${CMAKE_CURRENT_BINARY_DIR}/test) endif() -#Define a top-level generic tfm project -project(tfm LANGUAGES) +include(cmake/install.cmake) + +if(CRYPTO_HW_ACCELERATOR) + add_subdirectory(platform/ext/accelerator) +endif() diff --git a/CommonConfig.cmake b/CommonConfig.cmake deleted file mode 100644 index 583bbba0bb..0000000000 --- a/CommonConfig.cmake +++ /dev/null @@ -1,543 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2018-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -if(NOT DEFINED REGRESSION) - message(FATAL_ERROR "ERROR: Incomplete Configuration: REGRESSION not defined, Include this file from a Config*.cmake") -elseif(NOT DEFINED CORE_TEST) - message(FATAL_ERROR "ERROR: Incomplete Configuration: CORE_TEST not defined, Include this file from a Config*.cmake") -elseif(NOT DEFINED TFM_LVL) - message(FATAL_ERROR "ERROR: Incomplete Configuration: TFM_LVL not defined, Include this file from a Config*.cmake") -elseif(NOT DEFINED CORE_IPC) - message(FATAL_ERROR "ERROR: Incomplete Configuration: CORE_IPC not defined. Include this file from a Config*.cmake") -endif() - -if(NOT DEFINED COMPILER) - message(FATAL_ERROR "ERROR: COMPILER is not set in command line") -elseif((NOT ${COMPILER} STREQUAL "ARMCLANG") AND (NOT ${COMPILER} STREQUAL "GNUARM") AND (NOT ${COMPILER} STREQUAL "IARARM")) - message(FATAL_ERROR "ERROR: Compiler \"${COMPILER}\" is not supported.") -endif() - -set(TEST_DIR ${CMAKE_SOURCE_DIR}/../tf-m-tests/test) - -#Configure the default build type -set(CMAKE_BUILD_TYPE "Debug" CACHE STRING "Build type (i.e. Debug)") - -#Ignore case on the cmake build types -string(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE) - -if(CORE_IPC) - if (TFM_LVL EQUAL 3) - message(FATAL_ERROR "ERROR: Invalid isolation level!") - endif() -else() - if(NOT TFM_LVL EQUAL 1) - message(FATAL_ERROR "ERROR: Invalid isolation level!") - endif() -endif() - -#BL2 bootloader (MCUBoot) related settings -include(${CMAKE_CURRENT_LIST_DIR}/bl2/ext/mcuboot/MCUBootConfig.cmake) - -set(BUILD_CMSIS_CORE Off) -set(BUILD_RETARGET Off) -set(BUILD_NATIVE_DRIVERS Off) -set(BUILD_TIME Off) -set(BUILD_STARTUP Off) -set(BUILD_TARGET_CFG Off) -set(BUILD_TARGET_HARDWARE_KEYS Off) -set(BUILD_TARGET_NV_COUNTERS Off) -set(BUILD_CMSIS_DRIVERS Off) -set(BUILD_UART_STDOUT Off) -set(BUILD_FLASH Off) -set(BUILD_PLAT_TEST Off) -set(BUILD_BOOT_HAL Off) -if(NOT DEFINED PLATFORM_CMAKE_FILE) - message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.") -elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE}) - message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.") -else() - include(${PLATFORM_CMAKE_FILE}) -endif() - -# Select the corresponding CPU type and configuration according to current -# building status in multi-core scenario. -# The updated configuration will be used in following compiler setting. -if (DEFINED TFM_MULTI_CORE_TOPOLOGY AND TFM_MULTI_CORE_TOPOLOGY) - if (NOT CORE_IPC) - message(FATAL_ERROR "CORE_IPC is OFF. Multi-core topology should work in IPC model.") - endif() - - include("Common/MultiCore") - - if (NOT DEFINED TFM_BUILD_IN_SPE) - message(FATAL_ERROR "Flag of building in SPE is not specified. Please set TFM_BUILD_IN_SPE.") - else() - select_arm_cpu_type(${TFM_BUILD_IN_SPE}) - endif() - - # CMSE is unnecessary in multi-core scenarios. - # TODO: Need further discussion about if CMSE is required when an Armv8-M - # core acts as secure core in multi-core scenario. - # leave CMSE_FLAGS undefined -else() - if(${COMPILER} STREQUAL "IARARM") - set (CMSE_FLAGS "--cmse") - else() - set (CMSE_FLAGS "-mcmse") - endif() - - # Clear multi-core test setting - set (TFM_MULTI_CORE_TEST OFF) -endif() - -if(NOT ${COMPILER} STREQUAL "GNUARM") - if(CODE_COVERAGE_EN) - message(WARNING "CODE COVERAGE for '${COMPILER}' is not supported.") - endif() -endif() - -if(${COMPILER} STREQUAL "ARMCLANG") - #Use any ARMCLANG version found on PATH. Note: Only versions supported by the - #build system will work. A file cmake/Common/CompilerArmClangXY.cmake - #must be present with a matching version. - include("Common/FindArmClang") - include("Common/${ARMCLANG_MODULE}") - - set (COMMON_COMPILE_FLAGS -fshort-enums -fshort-wchar -funsigned-char -mfpu=none -ffunction-sections -fdata-sections -fno-builtin -nostdlib) - ##Shared compiler settings. - function(config_setting_shared_compiler_flags tgt) - embedded_set_target_compile_flags(TARGET ${tgt} LANGUAGE C APPEND FLAGS -xc -std=c99 ${COMMON_COMPILE_FLAGS} -Wall -Werror) - endfunction() - - ##Shared linker settings. - function(config_setting_shared_linker_flags tgt) - embedded_set_target_link_flags(TARGET ${tgt} FLAGS --strict --map --symbols --xref --entry=Reset_Handler --remove --info=summarysizes,sizes,totals,unused,veneers) - endfunction() -elseif(${COMPILER} STREQUAL "GNUARM") - #Use any GNUARM version found on PATH. Note: Only versions supported by the - #build system will work. A file cmake/Common/CompilerGNUARMXY.cmake - #must be present with a matching version. - include("Common/FindGNUARM") - include("Common/${GNUARM_MODULE}") - - set (COMMON_COMPILE_FLAGS -fshort-enums -fshort-wchar -funsigned-char -msoft-float -ffunction-sections -fdata-sections --specs=nano.specs -fno-builtin) - - #Code coverage required - if(CODE_COVERAGE_EN) - set (CODE_COVERAGE_FLAGS -g) - else() - unset (CODE_COVERAGE_FLAGS) - endif() - - ##Shared compiler and linker settings. - function(config_setting_shared_compiler_flags tgt) - embedded_set_target_compile_flags(TARGET ${tgt} LANGUAGE C APPEND FLAGS -xc -std=c99 ${COMMON_COMPILE_FLAGS} ${CODE_COVERAGE_FLAGS} -Wall -Werror -Wno-format -Wno-return-type -Wno-unused-but-set-variable) - endfunction() - - ##Shared linker settings. - function(config_setting_shared_linker_flags tgt) - #--no-wchar-size-warning flag is added because TF-M sources are compiled - #with short wchars, however the standard library is compiled with normal - #wchar, and this generates linker time warnings. TF-M code does not use - #wchar, so the warning can be suppressed. - embedded_set_target_link_flags(TARGET ${tgt} FLAGS -Wl,-check-sections,-fatal-warnings,--gc-sections,--no-wchar-size-warning,--print-memory-usage --entry=Reset_Handler --specs=nano.specs) - endfunction() -elseif(${COMPILER} STREQUAL "IARARM") - #Use any IARARM version found on PATH. Note: Only versions supported by the - #build system will work. A file cmake/Common/CompilerIARARMXY.cmake - #must be present with a matching version. - include("Common/FindIARARM") - include("Common/${IARARM_MODULE}") - - set (COMMON_COMPILE_FLAGS -e --dlib_config=full --vla --silent -DNO_TYPEOF --diag_suppress Pe546,Pe940,Pa082,Pa084) - ##Shared compiler and linker settings. - function(config_setting_shared_compiler_flags tgt) - embedded_set_target_compile_flags(TARGET ${tgt} LANGUAGE C APPEND FLAGS ${COMMON_COMPILE_FLAGS} ) - endfunction() - - ##Shared linker settings. - function(config_setting_shared_linker_flags tgt) - #--no-wchar-size-warning flag is added because TF-M sources are compiled - #with short wchars, however the standard library is compiled with normal - #wchar, and this generates linker time warnings. TF-M code does not use - #wchar, so the warning can be suppressed. - embedded_set_target_link_flags(TARGET ${tgt} FLAGS --silent --semihosting --redirect __write=__write_buffered) - endfunction() -endif() - -#Create a string from the compile flags list, so that it can be used later -#in this file to set mbedtls and BL2 flags -list_to_string(COMMON_COMPILE_FLAGS_STR ${COMMON_COMPILE_FLAGS}) - -#Settings which shall be set for all projects the same way based -# on the variables above. -set (TFM_PARTITION_TEST_CORE OFF) -set (TFM_PARTITION_TEST_CORE_IPC OFF) -set (CORE_TEST_POSITIVE OFF) -set (CORE_TEST_INTERACTIVE OFF) -set (TFM_PARTITION_TEST_SECURE_SERVICES OFF) -set (TFM_PARTITION_TEST_PS OFF) -set (SERVICES_TEST_ENABLED OFF) -set (TEST_FRAMEWORK_S OFF) -set (TEST_FRAMEWORK_NS OFF) -set (TFM_PSA_API OFF) - -if (NOT DEFINED TFM_PARTITION_AUDIT_LOG) - # Enable the TF-M Audit Log partition - set(TFM_PARTITION_AUDIT_LOG ON) -endif() -if (NOT DEFINED TFM_PARTITION_PLATFORM) - # Enable the TF-M Platform partition - set(TFM_PARTITION_PLATFORM ON) -endif() -if (NOT DEFINED TFM_PARTITION_PROTECTED_STORAGE) - # Enable the TF-M Protected storage partition - set(TFM_PARTITION_PROTECTED_STORAGE ON) -endif() -if (NOT DEFINED TFM_PARTITION_INTERNAL_TRUSTED_STORAGE) - # Enable the TF-M internal trusted storage partition - set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -endif() -if (NOT DEFINED TFM_PARTITION_CRYPTO) - # Enable the TF-M crypto partition - set(TFM_PARTITION_CRYPTO ON) -endif() -if (NOT DEFINED TFM_PARTITION_INITIAL_ATTESTATION) - # Enable the TF-M initial attestation partition - set(TFM_PARTITION_INITIAL_ATTESTATION ON) -endif() - -if (NOT TFM_LVL EQUAL 1 AND NOT DEFINED CONFIG_TFM_ENABLE_MEMORY_PROTECT) - set (CONFIG_TFM_ENABLE_MEMORY_PROTECT ON) -endif() - -if (TFM_PARTITION_INITIAL_ATTESTATION OR TFM_PARTITION_PROTECTED_STORAGE) - #PSA Initial Attestation and Protected storage rely on Cryptography API - set(TFM_PARTITION_CRYPTO ON) -endif() - -if (TFM_PARTITION_PROTECTED_STORAGE) - set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -endif() - -# Option to demonstrate usage of secure-only peripheral -if (NOT DEFINED SECURE_UART1) - set (SECURE_UART1 OFF) -endif() - -if (PLATFORM_SVC_HANDLERS) - add_definitions(-DPLATFORM_SVC_HANDLERS) -endif() - -if (REGRESSION) - set(SERVICES_TEST_ENABLED ON) -endif() - -if (CORE_IPC) - set(TFM_PSA_API ON) - - # Disable IPC Test by default if the config or platform doesn't explicitly - # require it - if (NOT DEFINED IPC_TEST) - set(IPC_TEST OFF) - endif() -else() - set(IPC_TEST OFF) -endif() - -if (TFM_PSA_API) - add_definitions(-DTFM_PSA_API) -endif() - -if (DEFINED TFM_MULTI_CORE_TOPOLOGY AND TFM_MULTI_CORE_TOPOLOGY) - add_definitions(-DTFM_MULTI_CORE_TOPOLOGY) - - # Skip multi-core test cases if regression test is disabled - if (NOT REGRESSION) - set(TFM_MULTI_CORE_TEST OFF) - endif() -endif() - -if (SERVICES_TEST_ENABLED) - set(SERVICE_TEST_S ON) - set(SERVICE_TEST_NS ON) -endif() - -if (CORE_TEST) - if (NOT CORE_IPC OR TFM_LVL EQUAL 1) - set(CORE_TEST_POSITIVE ON) - endif() - set(CORE_TEST_INTERACTIVE OFF) -endif() - -if (CORE_TEST_INTERACTIVE) - add_definitions(-DCORE_TEST_INTERACTIVE) - set(TEST_FRAMEWORK_NS ON) - set(TFM_PARTITION_TEST_CORE ON) -endif() - -if (CORE_TEST_POSITIVE) - add_definitions(-DCORE_TEST_POSITIVE) - set(TEST_FRAMEWORK_NS ON) - set(TFM_PARTITION_TEST_CORE ON) -endif() - -if (TFM_PARTITION_TEST_CORE) - # If the platform or the topology doesn't specify whether IRQ test is - # supported, enable it by default. - if (NOT DEFINED TFM_ENABLE_IRQ_TEST) - set(TFM_ENABLE_IRQ_TEST ON) - endif() - - if (TFM_ENABLE_IRQ_TEST) - add_definitions(-DTFM_ENABLE_IRQ_TEST) - endif() -else() - set(TFM_ENABLE_IRQ_TEST OFF) -endif() - -if (IPC_TEST) - add_definitions(-DENABLE_IPC_TEST) - set(TEST_FRAMEWORK_NS ON) - set(TFM_PARTITION_TEST_CORE_IPC ON) -endif() - -if (SERVICE_TEST_S) - add_definitions(-DSERVICES_TEST_S) - set(TEST_FRAMEWORK_S ON) -endif() - -if (SERVICE_TEST_NS) - add_definitions(-DSERVICES_TEST_NS) - set(TEST_FRAMEWORK_NS ON) -endif() - -if (TEST_FRAMEWORK_S) - add_definitions(-DTEST_FRAMEWORK_S) - # The secure client partition is required to run secure tests - set(TFM_PARTITION_TEST_SECURE_SERVICES ON) -endif() - -if (TEST_FRAMEWORK_NS) - add_definitions(-DTEST_FRAMEWORK_NS) -endif() - -if (CORE_IPC) - set(TFM_PARTITION_AUDIT_LOG OFF) -endif() - -include(${TEST_DIR}/TestConfig.cmake) - -if (TFM_PARTITION_AUDIT_LOG) - add_definitions(-DTFM_PARTITION_AUDIT_LOG) -endif() - -if (TFM_PARTITION_PLATFORM) - add_definitions(-DTFM_PARTITION_PLATFORM) -endif() - -if (TFM_PARTITION_PROTECTED_STORAGE) - add_definitions(-DTFM_PARTITION_PROTECTED_STORAGE) -endif() - -if (TFM_PARTITION_INTERNAL_TRUSTED_STORAGE) - add_definitions(-DTFM_PARTITION_INTERNAL_TRUSTED_STORAGE) -endif() - -if (TFM_PARTITION_CRYPTO) - add_definitions(-DTFM_PARTITION_CRYPTO) -endif() - -if (TFM_PARTITION_INITIAL_ATTESTATION) - add_definitions(-DTFM_PARTITION_INITIAL_ATTESTATION) - - if (NOT DEFINED SYMMETRIC_INITIAL_ATTESTATION) - set(SYMMETRIC_INITIAL_ATTESTATION OFF) - endif() - - if (SYMMETRIC_INITIAL_ATTESTATION) - add_definitions(-DSYMMETRIC_INITIAL_ATTESTATION) - endif() -endif() - -if (TFM_PARTITION_TEST_CORE) - add_definitions(-DTFM_PARTITION_TEST_CORE) -endif() - -if (TFM_PARTITION_TEST_CORE_IPC) - add_definitions(-DTFM_PARTITION_TEST_CORE_IPC) -endif() - -if (TFM_PARTITION_TEST_SECURE_SERVICES) - add_definitions(-DTFM_PARTITION_TEST_SECURE_SERVICES) -endif() - -if (CONFIG_TFM_ENABLE_MEMORY_PROTECT) - add_definitions(-DCONFIG_TFM_ENABLE_MEMORY_PROTECT) -endif() - -if (PSA_API_TEST) - add_definitions(-DPSA_API_TEST_NS) - set(PSA_API_TEST_NS ON) - if (NOT DEFINED PSA_API_TEST_CRYPTO) - set(PSA_API_TEST_CRYPTO OFF) - endif() - if (NOT DEFINED PSA_API_TEST_STORAGE) - set(PSA_API_TEST_STORAGE OFF) - endif() - if (NOT DEFINED PSA_API_TEST_INTERNAL_TRUSTED_STORAGE) - set(PSA_API_TEST_INTERNAL_TRUSTED_STORAGE OFF) - endif() - if (NOT DEFINED PSA_API_TEST_PROTECTED_STORAGE) - set(PSA_API_TEST_PROTECTED_STORAGE OFF) - endif() - if (NOT DEFINED PSA_API_TEST_INITIAL_ATTESTATION) - set(PSA_API_TEST_INITIAL_ATTESTATION OFF) - endif() - if (NOT DEFINED PSA_API_TEST_IPC) - set(PSA_API_TEST_IPC OFF) - endif() - - #Set PSA API compliance test build path - if(NOT DEFINED PSA_API_TEST_BUILD_PATH) - #If not specified, assume it's the default build folder checked out at the same level of TFM root dir - set(PSA_API_TEST_BUILD_PATH "${TFM_ROOT_DIR}/../psa-arch-tests/api-tests/BUILD") - endif() -endif() - -# The config for enable secure context management in TF-M -if (NOT DEFINED CONFIG_TFM_ENABLE_CTX_MGMT) - set(CONFIG_TFM_ENABLE_CTX_MGMT ON) -endif() - -if (CONFIG_TFM_ENABLE_CTX_MGMT) - add_definitions(-DCONFIG_TFM_ENABLE_CTX_MGMT) -endif() - -# This flag indicates if the non-secure OS is capable of identify the non-secure clients -# which call the secure services. It is diabled in IPC model. -if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION) - if (TFM_PSA_API) - set(TFM_NS_CLIENT_IDENTIFICATION OFF) - else() - if (CONFIG_TFM_ENABLE_CTX_MGMT) - set(TFM_NS_CLIENT_IDENTIFICATION ON) - else() - set(TFM_NS_CLIENT_IDENTIFICATION OFF) - endif() - endif() -endif() - -if (NOT CONFIG_TFM_ENABLE_CTX_MGMT AND TFM_NS_CLIENT_IDENTIFICATION) - # NS client ID is part of context management. - message(FATAL_ERROR "TFM_NS_CLIENT_IDENTIFICATION cannot be ON when CONFIG_TFM_ENABLE_CTX_MGMT is OFF") -endif() - -if (BL2) - # Add MCUBOOT_IMAGE_NUMBER definition to the compiler command line. - add_definitions(-DMCUBOOT_IMAGE_NUMBER=${MCUBOOT_IMAGE_NUMBER}) - - if (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP") - set(LINK_TO_BOTH_MEMORY_REGION ON) - endif() - - if (MCUBOOT_REPO STREQUAL "TF-M") - # FixMe: LEGACY_TFM_TLV_HEADER could be removed when MCUBoot fork is deleted. - set(LEGACY_TFM_TLV_HEADER ON) - endif() -endif() - -##Set Mbed Crypto compiler flags and variables for crypto service -set(MBEDCRYPTO_C_FLAGS_SERVICES "${CMSE_FLAGS} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -I${CMAKE_CURRENT_LIST_DIR}/platform/ext/common") - -#Default TF-M protected storage flags. -#These flags values can be overwritten by setting them in platform/ext/<TARGET_NAME>.cmake -#Documentation about these flags can be found in docs/user_guides/services/tfm_ps_integration_guide.rst -if (NOT DEFINED PS_ENCRYPTION) - set (PS_ENCRYPTION ON) -endif() - -if (NOT DEFINED PS_ROLLBACK_PROTECTION) - set (PS_ROLLBACK_PROTECTION OFF) -endif() - -if (NOT DEFINED PS_CREATE_FLASH_LAYOUT) - set (PS_CREATE_FLASH_LAYOUT OFF) -endif() - -if (NOT DEFINED PS_VALIDATE_METADATA_FROM_FLASH) - set (PS_VALIDATE_METADATA_FROM_FLASH ON) -endif() - -if (NOT DEFINED PS_RAM_FS) - set (PS_RAM_FS OFF) -endif() - -if (NOT DEFINED PS_TEST_NV_COUNTERS) - if (REGRESSION AND ENABLE_PROTECTED_STORAGE_SERVICE_TESTS) - set(PS_TEST_NV_COUNTERS ON) - else() - set(PS_TEST_NV_COUNTERS OFF) - endif() -endif() - -# The PS NV counter tests depend on the PS test partition to call -# ps_system_prepare(). -if (PS_TEST_NV_COUNTERS) - set(TFM_PARTITION_TEST_PS ON) - add_definitions(-DTFM_PARTITION_TEST_PS) -endif() - -#Default TF-M internal trusted storage flags. -#These flags values can be overwritten by setting them in platform/ext/<TARGET_NAME>.cmake -#Documentation about these flags can be found in the TF-M ITS integration guide -option(ITS_CREATE_FLASH_LAYOUT "Create an empty ITS Flash Layout" OFF) - -if (NOT DEFINED ITS_VALIDATE_METADATA_FROM_FLASH) - set (ITS_VALIDATE_METADATA_FROM_FLASH ON) -endif() - -if (NOT DEFINED ITS_RAM_FS) - set (ITS_RAM_FS OFF) -endif() - -if (NOT DEFINED MBEDCRYPTO_DEBUG) - set(MBEDCRYPTO_DEBUG OFF) -endif() - -#Default TF-M initial-attestation service flags. -#Documentation about these flags can be found in docs/user_guides/services/tfm_attestation_integration_guide.rst -if (NOT DEFINED ATTEST_INCLUDE_OPTIONAL_CLAIMS) - set(ATTEST_INCLUDE_OPTIONAL_CLAIMS ON) -endif() - -if (NOT DEFINED ATTEST_INCLUDE_COSE_KEY_ID) - set(ATTEST_INCLUDE_COSE_KEY_ID OFF) -endif() - -if (NOT DEFINED ATTEST_INCLUDE_TEST_CODE) - if (CMAKE_BUILD_TYPE STREQUAL "debug") - set(ATTEST_INCLUDE_TEST_CODE ON) - else() - set(ATTEST_INCLUDE_TEST_CODE OFF) - endif() -endif() - -if (NOT DEFINED BOOT_DATA_AVAILABLE) - if (BL2) - set(BOOT_DATA_AVAILABLE ON) - else() - set(BOOT_DATA_AVAILABLE OFF) - endif() -endif() - -if (NOT DEFINED ATTEST_CLAIM_VALUE_CHECK) - set(ATTEST_CLAIM_VALUE_CHECK OFF) -endif() - -##Set common mbedTLS compiler flags for BL2 bootloader -set(MBEDCRYPTO_C_FLAGS_BL2 "${CMSE_FLAGS} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -DMBEDTLS_CONFIG_FILE=\\\\\\\"config-rsa.h\\\\\\\"") diff --git a/configs/profile_m_config_ext_ps_disabled.cmake b/config/build_type/debug.cmake index 0ec887f4d7..b79c6bf2d1 100644 --- a/configs/profile_m_config_ext_ps_disabled.cmake +++ b/config/build_type/debug.cmake @@ -1,13 +1,8 @@ -#-------------------------------------------------------------------------------
-# Copyright (c) 2020, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-
-# This is a reference configuration extension file for Profile Medium to
-# disable Protected Storage service on devices which don't integrate an
-# off-chip storage device.
-
-# Disable Protected Storage service
-set(TFM_PARTITION_PROTECTED_STORAGE OFF)
+#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(MBEDCRYPTO_BUILD_TYPE relwithdebinfo CACHE STRING "Build type of Mbed Crypto library" FORCE) diff --git a/config/build_type/minsizerel.cmake b/config/build_type/minsizerel.cmake new file mode 100644 index 0000000000..2a055ce37f --- /dev/null +++ b/config/build_type/minsizerel.cmake @@ -0,0 +1,8 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(MCUBOOT_LOG_LEVEL "NONE" CACHE STRING "Level of logging to use for MCUboot [OFF, ERROR, WARNING, INFO, DEBUG]" FORCE) diff --git a/config/build_type/release.cmake b/config/build_type/release.cmake new file mode 100644 index 0000000000..2a055ce37f --- /dev/null +++ b/config/build_type/release.cmake @@ -0,0 +1,8 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(MCUBOOT_LOG_LEVEL "NONE" CACHE STRING "Level of logging to use for MCUboot [OFF, ERROR, WARNING, INFO, DEBUG]" FORCE) diff --git a/config/config_default.cmake b/config/config_default.cmake new file mode 100644 index 0000000000..191fa2ad68 --- /dev/null +++ b/config/config_default.cmake @@ -0,0 +1,132 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(BL2 ON CACHE BOOL "Whether to build BL2") +set(NS ON CACHE BOOL "Whether to build NS app") + +set(TEST_S OFF CACHE BOOL "Whether to build S regression tests") +set(TEST_NS OFF CACHE BOOL "Whether to build NS regression tests") +set(TEST_PSA_API "" CACHE STRING "Which (if any) of the PSA API tests should be compiled") + +set(TFM_PSA_API OFF CACHE BOOL "Use PSA api (IPC mode) instead of secure library mode") +set(TFM_ISOLATION_LEVEL 1 CACHE STRING "Isolation level") +set(TFM_PROFILE "" CACHE STRING "Profile to use") + +set(TFM_NS_CLIENT_IDENTIFICATION OFF CACHE BOOL "Enable NS client identification") + +set(TFM_EXTRA_CONFIG_PATH "" CACHE PATH "Path to extra cmake config file") +set(TFM_EXTRA_MANIFEST_LIST_PATH "" CACHE PATH "Path to extra manifest file, used to declare extra partitions. Appended to standard TFM manifest") +set(TFM_EXTRA_GENERATED_FILE_LIST_PATH "" CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list.") + +########################## BL2 ################################################# + +set(MCUBOOT_IMAGE_NUMBER 2 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately") +set(MCUBOOT_EXECUTION_SLOT 1 CACHE STRING "Slot from which to execute the image, used for XIP mode") +set(MCUBOOT_LOG_LEVEL "INFO" CACHE STRING "Level of logging to use for MCUboot [OFF, ERROR, WARNING, INFO, DEBUG]") +set(MCUBOOT_HW_KEY ON CACHE BOOL "Whether to embed the entire public key in the image metadata instead of the hash only") +set(MCUBOOT_UPGRADE_STRATEGY "OVERWRITE_ONLY" CACHE STRING "Upgrade strategy for images [OVERWRITE_ONLY, SWAP, NO_SWAP, RAM_LOADING]") +set(MCUBOOT_MEASURED_BOOT ON CACHE BOOL "Add boot measurement values to boot status. Used for initial attestation token") +set(MCUBOOT_HW_ROLLBACK_PROT ON CACHE BOOL "Enable security counter validation against non-volatile HW counters") +set(MCUBOOT_ENC_IMAGES OFF CACHE BOOL "Enable encrypted image upgrade support") +set(MCUBOOT_ENCRYPT_RSA OFF CACHE BOOL "Use RSA for encrypted image upgrade support") + +# Note - If either SIGNATURE_TYPE or KEY_LEN are changed, the entries for KEY_S +# and KEY_NS will either have to be updated manually or removed from the cache. +# `cmake .. -UMCUBOOT_KEY_S -UMCUBOOT_KEY_NS`. Once removed from the cache it +# will be set to default again. +set(MCUBOOT_SIGNATURE_TYPE "RSA" CACHE STRING "Algorithm to use for signature validation") +set(MCUBOOT_SIGNATURE_KEY_LEN 3072 CACHE STRING "Key length to use for signature validation") +set(MCUBOOT_KEY_S "${CMAKE_SOURCE_DIR}/bl2/ext/mcuboot/root-${MCUBOOT_SIGNATURE_TYPE}-${MCUBOOT_SIGNATURE_KEY_LEN}.pem" CACHE FILEPATH "Path to key with which to sign secure binary") +set(MCUBOOT_KEY_NS "${CMAKE_SOURCE_DIR}/bl2/ext/mcuboot/root-${MCUBOOT_SIGNATURE_TYPE}-${MCUBOOT_SIGNATURE_KEY_LEN}_1.pem" CACHE FILEPATH "Path to key with which to sign non-secure binary") + +set(MCUBOOT_IMAGE_VERSION_S ${TFM_VERSION} CACHE STRING "Version number of S image") +set(MCUBOOT_IMAGE_VERSION_NS 0.0.0 CACHE STRING "Version number of NS image") +set(MCUBOOT_SECURITY_COUNTER_S "auto" CACHE STRING "Security counter for S image. auto sets it to IMAGE_VERSION_S") +set(MCUBOOT_SECURITY_COUNTER_NS "auto" CACHE STRING "Security counter for NS image. auto sets it to IMAGE_VERSION_NS") +set(MCUBOOT_S_IMAGE_MIN_VER 0.0.0+0 CACHE STRING "Minimum version for upgrade of secure image") +set(MCUBOOT_NS_IMAGE_MIN_VER 0.0.0+0 CACHE STRING "Minimum version for upgrade of non-secure image") + +############################ Platform ########################################## + +set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture") +set(DEBUG_AUTHENTICATION CHIP_DEFAULT CACHE STRING "Debug authentication setting. [CHIP_DEFAULT, NONE, NS_ONLY, FULL") +set(SECURE_UART1 OFF CACHE BOOL "Enable secure UART1") + +set(CRYPTO_HW_ACCELERATOR OFF CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms") +set(CRYPTO_HW_ACCELERATOR_OTP_STATE OFF CACHE STRING "Whether to enable the crypto hardware accelerator OTP memory on supported platforms (Set to PROVISIONING to enable OTP provisioning)") + +set(PLATFORM_DUMMY_ATTEST_HAL TRUE CACHE BOOL "Use dummy attest hal implementation. Should not be used in production.") +set(PLATFORM_DUMMY_NV_COUNTERS TRUE CACHE BOOL "Use dummy nv counter implementation. Should not be used in production.") +set(PLATFORM_DUMMY_CRYPTO_KEYS TRUE CACHE BOOL "Use dummy crypto keys. Should not be used in production.") +set(PLATFORM_DUMMY_ROTPK TRUE CACHE BOOL "Use dummy root of trust public key. Dummy key is the public key for the default keys in bl2. Should not be used in production.") +set(PLATFORM_DUMMY_IAK TRUE CACHE BOOL "Use dummy initial attestation_key. Should not be used in production.") + +############################ Partitions ######################################## + +set(TFM_PARTITION_PROTECTED_STORAGE ON CACHE BOOL "Enable Protected Storage partition") +set(PS_CREATE_FLASH_LAYOUT ON CACHE BOOL "Create flash fs if it doesn't exist for Protected Storage partition") +set(PS_ENCRYPTION ON CACHE BOOL "Enable encryption for Protected Storage partition") +set(PS_RAM_FS OFF CACHE BOOL "Enable emulated RAM FS for platforms that don't have flash for Protected Storage partition") +set(PS_ROLLBACK_PROTECTION ON CACHE BOOL "Enable rollback protection for Protected Storage partition") +set(PS_VALIDATE_METADATA_FROM_FLASH OFF CACHE BOOL "Validate filesystem metadata every time it is read from flash") +set(PS_CRYPTO_AEAD_ALG PSA_ALG_GCM CACHE STRING "The AEAD algorithm to use for authenticated encryption in protected storage") + +set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition") +set(ITS_CREATE_FLASH_LAYOUT ON CACHE BOOL "Create flash fs if it doesn't exist for Interal Trusted Storage partition") +set(ITS_RAM_FS OFF CACHE BOOL "Enable emulated RAM FS for platforms that don't have flash for Interal Trusted Storage partition") +set(ITS_VALIDATE_METADATA_FROM_FLASH OFF CACHE BOOL "Validate filesystem metadata every time it is read from flash") +set(ITS_BUF_SIZE "" CACHE STRING "Size of the ITS internal data transfer buffer (defaults to ITS_MAX_ASSET_SIZE if not set)") + +set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition") +set(CRYPTO_ENGINE_BUF_SIZE 0x2000 CACHE STRING "TODO Soby Matthew") +set(CRYPTO_CONC_OPER_NUM 8 CACHE STRING "TODO Soby Matthew") +set(CRYPTO_KEY_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_AEAD_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_MAC_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_HASH_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_CIPHER_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_GENERATOR_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_GENERATOR_MODULE_DISABLED TRUE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_ASYMMETRIC_MODULE_DISABLED FALSE CACHE BOOL "TODO Soby Matthew") +set(CRYPTO_IOVEC_BUFFER_SIZE 5120 CACHE BOOL "TODO Soby Matthew") + +set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition") +set(SYMMETRIC_INITIAL_ATTESTATION OFF CACHE BOOL "Use symmetric crypto for inital attestation") +set(ATTEST_INCLUDE_OPTIONAL_CLAIMS ON CACHE BOOL "Include optional claims in initial attestation token") +set(ATTEST_INCLUDE_COSE_KEY_ID OFF CACHE BOOL "Include COSE key-id in initial attestation token") + +set(TFM_PARTITION_PLATFORM ON CACHE BOOL "Enable Platform partition") + +set(TFM_PARTITION_AUDIT_LOG ON CACHE BOOL "Enable Audit Log partition") + +################################## Tests ####################################### + +set(TFM_CRYPTO_TEST_ALG_CBC ON CACHE BOOL "Test CBC cryptography mode") +set(TFM_CRYPTO_TEST_ALG_CCM ON CACHE BOOL "Test CCM cryptography mode") +set(TFM_CRYPTO_TEST_ALG_CFB ON CACHE BOOL "Test CFB cryptography mode") +set(TFM_CRYPTO_TEST_ALG_CTR ON CACHE BOOL "Test CTR cryptography mode") +set(TFM_CRYPTO_TEST_ALG_GCM ON CACHE BOOL "Test GCM cryptography mode") +set(TFM_CRYPTO_TEST_ALG_SHA_512 ON CACHE BOOL "Test SHA-512 cryptography algorithm") +set(TFM_CRYPTO_TEST_HKDF ON CACHE BOOL "Test SHA-512 cryptography algorithm") + +################################## Dependencies ################################ + +set(MBEDCRYPTO_PATH "DOWNLOAD" CACHE PATH "Path to Mbed Crypto (or DOWNLOAD to fetch automatically") +set(MBEDCRYPTO_VERSION "2.23.0" CACHE STRING "The version of Mbed Crypto to use") +set(MBEDCRYPTO_BUILD_TYPE "${CMAKE_BUILD_TYPE}" CACHE STRING "Build type of Mbed Crypto library") +set(TFM_MBEDCRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h" CACHE PATH "Config to use for Mbed Crypto") +set(TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH "" CACHE PATH "Config to append to standard Mbed Crypto config, used by platforms to cnfigure feature support") + +set(TFM_TEST_REPO_PATH "DOWNLOAD" CACHE PATH "Path to TFM-TEST repo (or DOWNLOAD to fetch automatically") +set(CMSIS_5_PATH "DOWNLOAD" CACHE PATH "Path to CMSIS_5 (or DOWNLOAD to fetch automatically") + +set(MCUBOOT_PATH "DOWNLOAD" CACHE PATH "Path to MCUboot (or DOWNLOAD to fetch automatically") +set(MCUBOOT_VERSION "1.6.0" CACHE STRING "The version of MCUboot to use") +set(TFM_INTERNAL_MCUBOOT OFF CACHE BOOL "Use internal MCUboot files instead of upstream repo") + +set(PSA_ARCH_TESTS_PATH "DOWNLOAD" CACHE PATH "Path to PSA arch tests (or DOWNLOAD to fetch automatically") +set(PSA_ARCH_TESTS_VERSION "master" CACHE STRING "The version of PSA arch tests to use") diff --git a/config/profile/profile_medium.cmake b/config/profile/profile_medium.cmake new file mode 100644 index 0000000000..32b1923572 --- /dev/null +++ b/config/profile/profile_medium.cmake @@ -0,0 +1,33 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(TFM_PROFILE profile_medium CACHE STRING "Profile to use" FORCE) +set(TFM_PSA_API ON CACHE BOOL "Use PSA api (IPC mode) instead of secure library mode" FORCE) +set(TFM_ISOLATION_LEVEL 2 CACHE STRING "Isolation level" FORCE) + +############################ Partitions ######################################## + +set(ITS_BUF_SIZE 32 CACHE STRING "Size of the ITS internal data transfer buffer (defaults to ITS_MAX_ASSET_SIZE if not set)" FORCE) + +set(PS_CRYPTO_AEAD_ALG PSA_ALG_CCM CACHE STRING "The AEAD algorithm to use for authenticated encryption in protected storage" FORCE) + +set(TFM_PARTITION_AUDIT_LOG OFF CACHE BOOL "Enable Audit Log partition" FORCE) + +################################## Tests ####################################### + +# TFM_CRYPTO_TEST_ALG_CCM is the only test mode left enabled, to go with the +# reduced crypto config +set(TFM_CRYPTO_TEST_ALG_CBC OFF CACHE BOOL "Test CBC cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_CTR OFF CACHE BOOL "Test CTR cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_GCM OFF CACHE BOOL "Test GCM cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_SHA_512 OFF CACHE BOOL "Test SHA-512 cryptography algorithm" FORCE) +set(TFM_CRYPTO_TEST_HKDF OFF CACHE BOOL "Test SHA-512 cryptography algorithm" FORCE) + +################################## Dependencies ################################ + +set(TFM_MBEDCRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h" CACHE PATH "Config to use for Mbed Crypto" FORCE) diff --git a/config/profile/profile_small.cmake b/config/profile/profile_small.cmake new file mode 100644 index 0000000000..33c401ec07 --- /dev/null +++ b/config/profile/profile_small.cmake @@ -0,0 +1,44 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(TFM_PROFILE profile_small CACHE STRING "Profile to use" FORCE) +set(TFM_PSA_API OFF CACHE BOOL "Use PSA api (IPC mode) instead of secure library mode" FORCE) +set(TFM_ISOLATION_LEVEL 1 CACHE STRING "Isolation level" FORCE) + +########################## BL2 ################################################# + +set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately" FORCE) + +############################ Partitions ######################################## + +set(TFM_PARTITION_PROTECTED_STORAGE OFF CACHE BOOL "Enable Protected Storage partition" FORCE) + +set(ITS_BUF_SIZE 32 CACHE STRING "Size of the ITS internal data transfer buffer (defaults to ITS_MAX_ASSET_SIZE if not set)" FORCE) + +set(CRYPTO_ASYMMETRIC_MODULE_DISABLED TRUE CACHE BOOL "TODO Soby Matthew" FORCE) + +set(SYMMETRIC_INITIAL_ATTESTATION ON CACHE BOOL "Use symmetric crypto for inital attestation" FORCE) + +set(TFM_PARTITION_PLATFORM OFF CACHE BOOL "Enable Platform partition" FORCE) + +set(TFM_PARTITION_AUDIT_LOG OFF CACHE BOOL "Enable Audit Log partition" FORCE) + +################################## Tests ####################################### + +# TFM_CRYPTO_TEST_ALG_CCM is the only test mode left enabled, to go with the +# reduced crypto config +set(TFM_CRYPTO_TEST_ALG_CBC OFF CACHE BOOL "Test CBC cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_CTR OFF CACHE BOOL "Test CTR cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_GCM OFF CACHE BOOL "Test GCM cryptography mode" FORCE) +set(TFM_CRYPTO_TEST_ALG_SHA_512 OFF CACHE BOOL "Test SHA-512 cryptography algorithm" FORCE) +set(TFM_CRYPTO_TEST_HKDF OFF CACHE BOOL "Test SHA-512 cryptography algorithm" FORCE) + +################################## Dependencies ################################ + +set(TFM_MBEDCRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h" CACHE PATH "Config to use for Mbed Crypto" FORCE) + diff --git a/configs/ConfigCoreIPC.cmake b/configs/ConfigCoreIPC.cmake deleted file mode 100644 index 1ab012f2ef..0000000000 --- a/configs/ConfigCoreIPC.cmake +++ /dev/null @@ -1,60 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2018-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -elseif(${TARGET_PLATFORM} MATCHES "^STM") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/stm.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# Select IPC model -set (CORE_IPC True) - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (IPC_TEST False) -set (PSA_API_TEST False) - -# TF-M isolation level: 1, 2 -set (TFM_LVL 1) - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigCoreIPCTfmLevel2.cmake b/configs/ConfigCoreIPCTfmLevel2.cmake deleted file mode 100644 index 594c34b4ae..0000000000 --- a/configs/ConfigCoreIPCTfmLevel2.cmake +++ /dev/null @@ -1,60 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -elseif(${TARGET_PLATFORM} MATCHES "^STM") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/stm.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# Select IPC model -set (CORE_IPC True) - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (IPC_TEST False) -set (PSA_API_TEST False) - -# TF-M isolation level: 1, 2 -set (TFM_LVL 2) - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigDefault.cmake b/configs/ConfigDefault.cmake deleted file mode 100644 index d43d48b994..0000000000 --- a/configs/ConfigDefault.cmake +++ /dev/null @@ -1,53 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (CORE_IPC False) -set (PSA_API_TEST False) - -# TF-M isolation level: 1 -set (TFM_LVL 1) - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigDefaultProfileM.cmake b/configs/ConfigDefaultProfileM.cmake deleted file mode 100644 index 91a8ae92ea..0000000000 --- a/configs/ConfigDefaultProfileM.cmake +++ /dev/null @@ -1,94 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -# This file holds information of the configuration for TF-M Profile Medium - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# These variables select the default setting of this TF-M Profile Medium. -# The settings can be overwritten by the customized platform specific settings - -# IPC model -set(CORE_IPC ON) -# TF-M isolation level: 2 -set(TFM_LVL 2) - -# BL2 settings can be overwritten in the profile extension configuration -# or in platform specific cmake file. -if(NOT DEFINED BL2) - set(BL2 ON) -endif() - -if(BL2) - # Mulit-image boot - set(MCUBOOT_IMAGE_NUMBER 2 CACHE STRING "Multi-image boot by default") -endif() - -# Enable Internal Trusted Storage service -set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -# Set the transient internal buffer size to 32 bytes -set(ITS_BUF_SIZE 32) - -# Enable Crypto service -set(TFM_PARTITION_CRYPTO ON) -# Set the dedicated mbed-crypto default config file -set(MBEDTLS_CONFIG_FILE "tfm_profile_m_mbedcrypto_config.h") - -# Enable Initial Attestation service -set(TFM_PARTITION_INITIAL_ATTESTATION ON) - -# Enable Protected Storage service -set(TFM_PARTITION_PROTECTED_STORAGE ON) -# Set AES-CCM as the AEAD algorithm in SST -set(PS_CRYPTO_AEAD_ALG PSA_ALG_CCM) - -# Enable Platform service -set(TFM_PARTITION_PLATFORM ON) - -# Disable Audit Logging service -set(TFM_PARTITION_AUDIT_LOG OFF) - -# Disable all the test cases -set(REGRESSION OFF) -set(CORE_TEST OFF) -set(PSA_API_TEST OFF) - -# Include platform specific profile configuration extension file if it is -# provided via argument TFM_PROFILE_CONFIG_EXT in command line. -# The configuration extension file can be specified as an absolute path or a -# relative path to TF-M root folder. -if(TFM_PROFILE_CONFIG_EXT) - get_filename_component(TFM_PROFILE_CONFIG_EXT ${TFM_PROFILE_CONFIG_EXT} - ABSOLUTE BASE_DIR ${TFM_ROOT_DIR}) - - if(NOT EXISTS ${TFM_PROFILE_CONFIG_EXT}) - message(FATAL_ERROR "The config extension ${TFM_PROFILE_CONFIG_EXT} is not found") - endif() - - include(${TFM_PROFILE_CONFIG_EXT}) - message("The config extension ${TFM_PROFILE_CONFIG_EXT} is included") -endif() - -include("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigDefaultProfileS.cmake b/configs/ConfigDefaultProfileS.cmake deleted file mode 100644 index 772eab1fce..0000000000 --- a/configs/ConfigDefaultProfileS.cmake +++ /dev/null @@ -1,91 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -# This file holds information of the configuration for TF-M Profile Small - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# These variables select the default setting of this TF-M Profile Small. -# The settings can be overwritten by the customized platform specific settings - -# Library model -set(CORE_IPC False) -# TF-M isolation level: 1 -set(TFM_LVL 1) - -# BL2 settings can be overwritten in the profile extension configuration -# or in platform specific cmake file. -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(BL2) - # Single binary boot - set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Single binary boot by default") -endif() - -# Enable Internal Trusted Storage service -set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -# Decrease the transient internal buffer size to 32 bytes -set(ITS_BUF_SIZE 32) - -# Enable Crypto service -set(TFM_PARTITION_CRYPTO ON) -set(CRYPTO_ASYMMETRIC_MODULE_DISABLED ON) -# Set the dedicated mbed-crypto default config file -set(MBEDTLS_CONFIG_FILE "tfm_profile_s_mbedcrypto_config.h") - -# Disable Audit Logging service -set(TFM_PARTITION_AUDIT_LOG OFF) - -# Disable Platform service -set(TFM_PARTITION_PLATFORM OFF) - -# Disable Protected Storage service -set(TFM_PARTITION_PROTECTED_STORAGE OFF) - -# Enable Initial Attestation service -set(TFM_PARTITION_INITIAL_ATTESTATION ON) -# Enable Initial Attestation based on symmetric key algorithm -set(SYMMETRIC_INITIAL_ATTESTATION ON) - -# Disable all the test cases -set(REGRESSION False) -set(CORE_TEST False) -set(PSA_API_TEST False) - -# Include platform specific profile configuration extension file if it is -# provided via argument TFM_PROFILE_CONFIG_EXT in command line. -# The configuration extension file can be specified as an absolute path or a -# relative path to TF-M root folder. -if(TFM_PROFILE_CONFIG_EXT) - get_filename_component(TFM_PROFILE_CONFIG_EXT ${TFM_PROFILE_CONFIG_EXT} - ABSOLUTE BASE_DIR ${TFM_ROOT_DIR}) - - if(NOT EXISTS ${TFM_PROFILE_CONFIG_EXT}) - message(FATAL_ERROR "The config extension ${TFM_PROFILE_CONFIG_EXT} is not found") - endif() - - include(${TFM_PROFILE_CONFIG_EXT}) - message("The config extension ${TFM_PROFILE_CONFIG_EXT} is included") -endif() - -include("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigPsaApiTest.cmake b/configs/ConfigPsaApiTest.cmake deleted file mode 100644 index 321befebff..0000000000 --- a/configs/ConfigPsaApiTest.cmake +++ /dev/null @@ -1,52 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -#These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (CORE_IPC False) -set (PSA_API_TEST True) - -#TF-M isolation level: 1 -set (TFM_LVL 1) - -#Service specific configuration for the PSA API Compliance test requirements -if(PSA_API_TEST_CRYPTO) - set(CRYPTO_ENGINE_BUF_SIZE 20480) -endif() - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigPsaApiTestIPC.cmake b/configs/ConfigPsaApiTestIPC.cmake deleted file mode 100644 index d009466934..0000000000 --- a/configs/ConfigPsaApiTestIPC.cmake +++ /dev/null @@ -1,71 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -#These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (CORE_IPC True) -set (PSA_API_TEST True) - -#TF-M isolation level: 1, 2 -set (TFM_LVL 1) - -#BL2 bootloader(MCUBoot) related settings -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(NOT DEFINED MCUBOOT_NO_SWAP) - set(MCUBOOT_NO_SWAP False) -endif() - -if(NOT DEFINED MCUBOOT_RAM_LOADING) - set(MCUBOOT_RAM_LOADING False) -endif() - -#Service specific configuration for the PSA API Compliance test requirements -if(PSA_API_TEST_CRYPTO) - set(CRYPTO_ENGINE_BUF_SIZE 20480) -endif() - -if(PSA_API_TEST_IPC) - set (CONFIG_TFM_ENABLE_MEMORY_PROTECT ON) -endif() - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigPsaApiTestIPCTfmLevel2.cmake b/configs/ConfigPsaApiTestIPCTfmLevel2.cmake deleted file mode 100644 index befb125e3f..0000000000 --- a/configs/ConfigPsaApiTestIPCTfmLevel2.cmake +++ /dev/null @@ -1,67 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -#These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION False) -set (CORE_TEST False) -set (CORE_IPC True) -set (PSA_API_TEST True) - -# TF-M isolation level: 1, 2 -set (TFM_LVL 2) - -#BL2 bootloader(MCUBoot) related settings -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(NOT DEFINED MCUBOOT_NO_SWAP) - set(MCUBOOT_NO_SWAP False) -endif() - -if(NOT DEFINED MCUBOOT_RAM_LOADING) - set(MCUBOOT_RAM_LOADING False) -endif() - -#Service specific configuration for the PSA API Compliance test requirements -if(PSA_API_TEST_CRYPTO) - set(CRYPTO_ENGINE_BUF_SIZE 20480) -endif() - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigRegression.cmake b/configs/ConfigRegression.cmake deleted file mode 100644 index dae7bcad0c..0000000000 --- a/configs/ConfigRegression.cmake +++ /dev/null @@ -1,53 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION True) -set (CORE_TEST True) -set (CORE_IPC False) -set (PSA_API_TEST False) - -# TF-M isolation level: 1 -set (TFM_LVL 1) - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigRegressionIPC.cmake b/configs/ConfigRegressionIPC.cmake deleted file mode 100644 index 1485b00eda..0000000000 --- a/configs/ConfigRegressionIPC.cmake +++ /dev/null @@ -1,71 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# Select IPC model -set (CORE_IPC True) - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION True) -set (CORE_TEST True) -set (IPC_TEST True) -set (PSA_API_TEST False) - -# TF-M isolation level: 1, 2 -set (TFM_LVL 1) - -#BL2 bootloader(MCUBoot) related settings -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(NOT DEFINED MCUBOOT_NO_SWAP) - set(MCUBOOT_NO_SWAP False) -endif() - -if(NOT DEFINED MCUBOOT_RAM_LOADING) - set(MCUBOOT_RAM_LOADING False) -endif() - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigRegressionIPCTfmLevel2.cmake b/configs/ConfigRegressionIPCTfmLevel2.cmake deleted file mode 100644 index a4c1a6de63..0000000000 --- a/configs/ConfigRegressionIPCTfmLevel2.cmake +++ /dev/null @@ -1,73 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -#This file holds information of a specific build configuration of this project. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN539") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN539.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "FVP_SSE300_MPS2") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/fvp_sse300_mps2.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN524") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps3AN524.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "LPC55S69") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/lpc55s69.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_A") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_a.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_S1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_s1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "SSE-200_AWS") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/SSE-200_AWS.cmake") -elseif(${TARGET_PLATFORM} MATCHES "^STM") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/stm.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# Select IPC model -set (CORE_IPC True) - -##These variables select how the projects are built. Each project will set -#various project specific settings (e.g. what files to build, macro -#definitions) based on these. -set (REGRESSION True) -set (CORE_TEST True) -set (IPC_TEST True) -set (PSA_API_TEST False) - -# TF-M isolation level: 1, 2 -set (TFM_LVL 2) - -#BL2 bootloader(MCUBoot) related settings -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(NOT DEFINED MCUBOOT_NO_SWAP) - set(MCUBOOT_NO_SWAP False) -endif() - -if(NOT DEFINED MCUBOOT_RAM_LOADING) - set(MCUBOOT_RAM_LOADING False) -endif() - -include ("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigRegressionProfileM.cmake b/configs/ConfigRegressionProfileM.cmake deleted file mode 100644 index 5464d9515b..0000000000 --- a/configs/ConfigRegressionProfileM.cmake +++ /dev/null @@ -1,104 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -# This file holds information of the configuration for TF-M Profile Medium - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "MUSCA_B1") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/musca_b1.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "psoc64") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/psoc64.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# These variables select the default setting of this TF-M Profile Medium. -# The settings can be overwritten by the customized platform specific settings - -# IPC model -set(CORE_IPC ON) -# TF-M isolation level: 2 -set(TFM_LVL 2) - -# BL2 settings can be overwritten in the profile extension configuration -# or in platform specific cmake file. -if(NOT DEFINED BL2) - set(BL2 ON) -endif() - -if(BL2) - # Mulit-image boot - set(MCUBOOT_IMAGE_NUMBER 2 CACHE STRING "Multi-image boot by default") -endif() - -# Enable Internal Trusted Storage service -set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -# Set the transient internal buffer size to 32 bytes -set(ITS_BUF_SIZE 32) - -# Enable Crypto service -set(TFM_PARTITION_CRYPTO ON) -# Set the dedicated mbed-crypto default config file -set(MBEDTLS_CONFIG_FILE "tfm_profile_m_mbedcrypto_config.h") - -# Enable Initial Attestation service -set(TFM_PARTITION_INITIAL_ATTESTATION ON) - -# Enable Protected Storage service -set(TFM_PARTITION_PROTECTED_STORAGE ON) -# Set AES-CCM as the AEAD algorithm in SST -set(PS_CRYPTO_AEAD_ALG PSA_ALG_CCM) - -# Enable Platform service -set(TFM_PARTITION_PLATFORM ON) - -# Disable Audit Logging service -set(TFM_PARTITION_AUDIT_LOG OFF) - -# Configure the test cases -set (REGRESSION ON) -set (CORE_TEST ON) -set (IPC_TEST ON) -set (PSA_API_TEST OFF) -# Configure Crypto test cases -set(TFM_CRYPTO_TEST_ALG_CBC OFF) -# Select AES-CCM by default -set(TFM_CRYPTO_TEST_ALG_CCM ON) -set(TFM_CRYPTO_TEST_ALG_CFB OFF) -set(TFM_CRYPTO_TEST_ALG_CTR OFF) -set(TFM_CRYPTO_TEST_ALG_GCM OFF) -set(TFM_CRYPTO_TEST_ALG_SHA_512 OFF) -set(TFM_CRYPTO_TEST_HKDF OFF) - -# Include platform specific profile configuration extension file if it is -# provided via argument TFM_PROFILE_CONFIG_EXT in command line. -# The configuration extension file can be specified as an absolute path or a -# relative path to TF-M root folder. -if(TFM_PROFILE_CONFIG_EXT) - get_filename_component(TFM_PROFILE_CONFIG_EXT ${TFM_PROFILE_CONFIG_EXT} - ABSOLUTE BASE_DIR ${TFM_ROOT_DIR}) - - if(NOT EXISTS ${TFM_PROFILE_CONFIG_EXT}) - message(FATAL_ERROR "The config extension ${TFM_PROFILE_CONFIG_EXT} is not found") - endif() - - include(${TFM_PROFILE_CONFIG_EXT}) - message("The config extension ${TFM_PROFILE_CONFIG_EXT} is included") -endif() - -include("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/configs/ConfigRegressionProfileS.cmake b/configs/ConfigRegressionProfileS.cmake deleted file mode 100644 index af90b926ec..0000000000 --- a/configs/ConfigRegressionProfileS.cmake +++ /dev/null @@ -1,105 +0,0 @@ -#------------------------------------------------------------------------------- -# Copyright (c) 2019-2020, Arm Limited. All rights reserved. -# -# SPDX-License-Identifier: BSD-3-Clause -# -#------------------------------------------------------------------------------- - -# This file holds information of the configuration for TF-M Profile Small with -# regression tests. - -if(NOT DEFINED TFM_ROOT_DIR) - message(FATAL_ERROR "Variable TFM_ROOT_DIR is not set!") -endif() - -#Include board specific config (CPU, etc...), select platform specific build -#system settings file -if(NOT DEFINED TARGET_PLATFORM) - message(FATAL_ERROR "ERROR: TARGET_PLATFORM is not set in command line") -elseif(${TARGET_PLATFORM} STREQUAL "AN521") - set(PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN521.cmake") -elseif(${TARGET_PLATFORM} STREQUAL "AN519") - set (PLATFORM_CMAKE_FILE "${TFM_ROOT_DIR}/platform/ext/Mps2AN519.cmake") -else() - message(FATAL_ERROR "ERROR: Target \"${TARGET_PLATFORM}\" is not supported.") -endif() - -# These variables select the default setting of this TF-M Profile Small. -# The settings can be overwritten by the customized platform specific settings - -# Library model -set(CORE_IPC False) -# TF-M isolation level: 1 -set(TFM_LVL 1) - -# BL2 settings can be overwritten in the profile extension configuration -# or in platform specific cmake file. -if(NOT DEFINED BL2) - set(BL2 True) -endif() - -if(BL2) - # Single binary boot - set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Single binary boot by default") -endif() - -# Enable Internal Trusted Storage service -set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON) -# Decrease the transient internal buffer size to 32 bytes -set(ITS_BUF_SIZE 32) - -# Enable Crypto service -set(TFM_PARTITION_CRYPTO ON) -set(CRYPTO_ASYMMETRIC_MODULE_DISABLED ON) -# Set the dedicated mbed-crypto default config file -set(MBEDTLS_CONFIG_FILE "tfm_profile_s_mbedcrypto_config.h") - -# Disable Audit Logging service -set(TFM_PARTITION_AUDIT_LOG OFF) - -# Disable Platform service -set(TFM_PARTITION_PLATFORM OFF) - -# Disable Protected Storage service -set(TFM_PARTITION_PROTECTED_STORAGE OFF) - -# Enable Initial Attestation service -set(TFM_PARTITION_INITIAL_ATTESTATION ON) -# Enable symmetric key algorithm based attestation -set(SYMMETRIC_INITIAL_ATTESTATION ON) -# Disable QCBOR test cases to save memory -set(ENABLE_QCBOR_TESTS OFF) -# Disable t_cose test cases to save memory -set(ENABLE_T_COSE_TESTS OFF) - -# Configure the test cases -set(REGRESSION True) -set(CORE_TEST True) -set(PSA_API_TEST False) -# Configure Crypto test cases -set(TFM_CRYPTO_TEST_ALG_CBC OFF) -# Select AES-CCM by default -set(TFM_CRYPTO_TEST_ALG_CCM ON) -set(TFM_CRYPTO_TEST_ALG_CFB OFF) -set(TFM_CRYPTO_TEST_ALG_CTR OFF) -set(TFM_CRYPTO_TEST_ALG_GCM OFF) -set(TFM_CRYPTO_TEST_ALG_SHA_512 OFF) -set(TFM_CRYPTO_TEST_HKDF OFF) - -# Include platform specific profile configuration extension file if it is -# provided via argument TFM_PROFILE_CONFIG_EXT in command line. -# The configuration extension file can be specified as an absolute path or a -# relative path to TF-M root folder. -if(TFM_PROFILE_CONFIG_EXT) - get_filename_component(TFM_PROFILE_CONFIG_EXT ${TFM_PROFILE_CONFIG_EXT} - ABSOLUTE BASE_DIR ${TFM_ROOT_DIR}) - - if(NOT EXISTS ${TFM_PROFILE_CONFIG_EXT}) - message(FATAL_ERROR "The config extension ${TFM_PROFILE_CONFIG_EXT} is not found") - endif() - - include(${TFM_PROFILE_CONFIG_EXT}) - message("The config extension ${TFM_PROFILE_CONFIG_EXT} is included") -endif() - -include("${TFM_ROOT_DIR}/CommonConfig.cmake") diff --git a/toolchain_ARMCLANG.cmake b/toolchain_ARMCLANG.cmake new file mode 100644 index 0000000000..032abb2da4 --- /dev/null +++ b/toolchain_ARMCLANG.cmake @@ -0,0 +1,253 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +cmake_minimum_required(VERSION 3.15) + +SET(CMAKE_SYSTEM_NAME Generic) +# This setting is overridden in ${TFM_PLATFORM}/preload.cmake. It can be set to +# any value here. +set(CMAKE_SYSTEM_PROCESSOR cortex-m23) + +set(CMAKE_C_COMPILER armclang) +set(CMAKE_ASM_COMPILER armclang) + +set(LINKER_VENEER_OUTPUT_FLAG --import_cmse_lib_out=) +set(COMPILER_CMSE_FLAG -mcmse) + +# This variable name is a bit of a misnomer. The file it is set to is included +# at a particular step in the compiler initialisation. It is used here to +# configure the extensions for object files. Despite the name, it also works +# with the Ninja generator. +set(CMAKE_USER_MAKE_RULES_OVERRIDE ${CMAKE_CURRENT_LIST_DIR}/cmake/set_extensions.cmake) + +# Cmake makes it _really_ hard to dynamically set the cmake_system_processor +# (used for setting mcpu flags etc). Instead we load +# platform/ext/target/${TFM_PLATFORM}/preload.cmake, which should run this macro +# to reload the compiler autoconfig. Note that it can't be loaded in this file +# as cmake does not allow the use of command-line defined variables in toolchain +# files and the path is platform dependent. +macro(_compiler_reload) + set(CMAKE_SYSTEM_PROCESSOR ${TFM_SYSTEM_PROCESSOR}) + set(CMAKE_SYSTEM_ARCHITECTURE ${TFM_SYSTEM_ARCHITECTURE}) + + set_property(DIRECTORY PROPERTY COMPILE_OPTIONS "") + set_property(DIRECTORY PROPERTY LINK_OPTIONS "") + if(${CMAKE_C_COMPILER_VERSION} VERSION_GREATER_EQUAL "6.11") + add_compile_options( + --target=arm-arm-none-eabi + -Wno-ignored-optimization-argument + -Wno-unused-command-line-argument + -c + -fdata-sections + -ffunction-sections + -fno-builtin + -fshort-enums + -fshort-wchar + -funsigned-char + -masm=auto + -nostdlib + -std=c99 + $<$<NOT:$<BOOL:${TFM_SYSTEM_FP}>>:-mfpu=none> + ) + else() + # Compile options for legacy compiler 6.10.1. To be removed as soon that + # that compiler can be deprecated. + add_compile_options( + $<$<COMPILE_LANGUAGE:C>:--target=arm-arm-none-eabi> + $<$<COMPILE_LANGUAGE:C>:-Wno-ignored-optimization-argument> + $<$<COMPILE_LANGUAGE:C>:-Wno-unused-command-line-argument> + $<$<COMPILE_LANGUAGE:C>:-Wall> + # Don't error when the MBEDTLS_NULL_ENTROPY warning is shown + $<$<COMPILE_LANGUAGE:C>:-Wno-error=cpp> + $<$<COMPILE_LANGUAGE:C>:-c> + $<$<COMPILE_LANGUAGE:C>:-fdata-sections> + $<$<COMPILE_LANGUAGE:C>:-ffunction-sections> + $<$<COMPILE_LANGUAGE:C>:-fno-builtin> + $<$<COMPILE_LANGUAGE:C>:-fshort-enums> + $<$<COMPILE_LANGUAGE:C>:-fshort-wchar> + $<$<COMPILE_LANGUAGE:C>:-funsigned-char> + $<$<COMPILE_LANGUAGE:C>:-masm=auto> + $<$<COMPILE_LANGUAGE:C>:-nostdlib> + $<$<COMPILE_LANGUAGE:C>:-std=c99> + $<$<AND:$<COMPILE_LANGUAGE:C>,$<NOT:$<BOOL:${TFM_SYSTEM_FP}>>>:-mfpu=none> + $<$<COMPILE_LANGUAGE:ASM>:--cpu=${CMAKE_SYSTEM_PROCESSOR}> + $<$<AND:$<COMPILE_LANGUAGE:ASM>,$<NOT:$<BOOL:${TFM_SYSTEM_FP}>>>:--fpu=none> + ) + set(COMPILER_CMSE_FLAG $<$<COMPILE_LANGUAGE:C>:-mcmse>) + endif() + add_link_options( + --info=summarysizes,sizes,totals,unused,veneers + --strict + --symbols + --xref + # Suppress link warnings that are consistant (and therefore hopefully + # harmless) + # https://developer.arm.com/documentation/100074/0608/linker-errors-and-warnings/list-of-the-armlink-error-and-warning-messages + # Empty region description + --diag_suppress=6312 + # Ns section matches pattern + --diag_suppress=6314 + # Duplicate input files + --diag_suppress=6304 + $<$<NOT:$<BOOL:${TFM_SYSTEM_FP}>>:--fpu=softvfp> + ) + + if (DEFINED TFM_SYSTEM_FP) + if(TFM_SYSTEM_FP) + # TODO Whether a system requires these extensions appears to depend + # on the system in question, with no real rule. Since adding +fp + # will cause compile failures on systems that already have fp + # enabled, this is commented out for now to avoid those failures. In + # future, better handling should be implemented. + # string(APPEND CMAKE_SYSTEM_PROCESSOR "+fp") + else() + string(APPEND CMAKE_SYSTEM_PROCESSOR "+nofp") + endif() + endif() + + if (DEFINED TFM_SYSTEM_DSP) + if(TFM_SYSTEM_DSP) + # TODO Whether a system requires these extensions appears to depend + # on the system in question, with no real rule. Since adding +dsp + # will cause compile failures on systems that already have dsp + # enabled, this is commented out for now to avoid those failures. In + # future, better handling should be implemented. + # string(APPEND CMAKE_SYSTEM_PROCESSOR "+dsp") + else() + string(APPEND CMAKE_SYSTEM_PROCESSOR "+nodsp") + endif() + endif() + + unset(CMAKE_C_FLAGS_INIT) + unset(CMAKE_C_LINK_FLAGS) + unset(CMAKE_ASM_FLAGS_INIT) + unset(CMAKE_ASM_LINK_FLAGS) + + # cmake does not allow the use of +dsp / +nofpu syntax. An override is added + # here to enable it. First reset the supported CPU list in case this has + # already been run. + __armclang_set_processor_list(C CMAKE_C_COMPILER_PROCESSOR_LIST) + __armclang_set_processor_list(ASM CMAKE_ASM_COMPILER_PROCESSOR_LIST) + # Then use regex to add +dsp +nodsp +fpu and +nofp options + # TODO generate this combinatorially + list(TRANSFORM CMAKE_C_COMPILER_PROCESSOR_LIST REPLACE "^(.+)$" "\\1;\\1+fp;\\1+nofp;") + list(TRANSFORM CMAKE_C_COMPILER_PROCESSOR_LIST REPLACE "^(.+)$" "\\1;\\1+dsp;\\1+nodsp;") + list(TRANSFORM CMAKE_ASM_COMPILER_PROCESSOR_LIST REPLACE "^(.+)$" "\\1;\\1+fp;\\1+nofp;") + list(TRANSFORM CMAKE_ASM_COMPILER_PROCESSOR_LIST REPLACE "^(.+)$" "\\1;\\1+dsp;\\1+nodsp;") + + __compiler_armclang(C) + + if(${CMAKE_C_COMPILER_VERSION} VERSION_GREATER_EQUAL "6.11") + __compiler_armclang(ASM) + else() + # Because armclang<6.11 does not have an integrated assembler that + # supports the ASM syntax used by the CMSIS startup files, it is + # required to manuall invoke armasm. CMake does not support that when + # using armclang as the declared compiler, so instead we use some of the + # internals from ArmCC which uses armasm by default. + find_program(ARMASM_PATH armasm HINTS "${_CMAKE_C_TOOLCHAIN_LOCATION}") + set(CMAKE_ASM_COMPILER ${ARMASM_PATH}) + include(${CMAKE_ROOT}/Modules/Compiler/ARMCC.cmake) + include(${CMAKE_ROOT}/Modules/Compiler/ARMCC-ASM.cmake) + __compiler_armcc(ASM) + endif() + + set(CMAKE_C_FLAGS ${CMAKE_C_FLAGS_INIT}) + set(CMAKE_ASM_FLAGS ${CMAKE_ASM_FLAGS_INIT}) + + # But armlink doesn't support this +dsp syntax, so take the cpu flag and + # throw away the plus and everything after. + string(REGEX REPLACE "(--cpu=.*)\\+[a-z\\+]*[ ]?" "\\1" CMAKE_C_LINK_FLAGS "${CMAKE_C_LINK_FLAGS}") + string(REGEX REPLACE "(--cpu=.*)\\+[a-z\\+]*[ ]?" "\\1" CMAKE_ASM_LINK_FLAGS "${CMAKE_ASM_LINK_FLAGS}") +endmacro() + +# Behaviour for handling scatter files is so wildly divergent between compilers +# that this macro is required. +macro(target_add_scatter_file target) + target_link_options(${target} + PRIVATE + --scatter=$<TARGET_OBJECTS:${target}_scatter> + ) + + add_dependencies(${target} + ${target}_scatter + ) + + add_library(${target}_scatter OBJECT) + foreach(scatter_file ${ARGN}) + target_sources(${target}_scatter + PRIVATE + ${scatter_file} + ) + # Cmake cannot use generator expressions in the + # set_source_file_properties command, so instead we just parse the regex + # for the filename and set the property on all files, regardless of if + # the generator expression would evaluate to true or not. + string(REGEX REPLACE ".*>:(.*)>$" "\\1" SCATTER_FILE_PATH "${scatter_file}") + set_source_files_properties(${SCATTER_FILE_PATH} + PROPERTIES + LANGUAGE C + ) + endforeach() + + set_target_properties(${target}_scatter PROPERTIES + SUFFIX ".ld" + ) + + target_link_libraries(${target}_scatter + platform_region_defs + psa_interface + tfm_partition_defs + ) + + target_compile_options(${target}_scatter + PRIVATE + -E + -xc + ) +endmacro() + +macro(add_convert_to_bin_target target) + get_target_property(bin_dir ${target} RUNTIME_OUTPUT_DIRECTORY) + + add_custom_target(${target}_bin + SOURCES ${bin_dir}/${target}.bin + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.bin + DEPENDS ${target} + COMMAND fromelf + --bincombined $<TARGET_FILE:${target}> + --output=${bin_dir}/${target}.bin + ) + + add_custom_target(${target}_elf + SOURCES ${bin_dir}/${target}.elf + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.elf + DEPENDS ${target} + COMMAND fromelf + --elf $<TARGET_FILE:${target}> + --output=${bin_dir}/${target}.elf + ) + + add_custom_target(${target}_hex + SOURCES ${bin_dir}/${target}.hex + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.hex + DEPENDS ${target} + COMMAND fromelf + --i32combined $<TARGET_FILE:${target}> + --output=${bin_dir}/${target}.hex + ) + + add_custom_target(${target}_binaries + ALL + DEPENDS ${target}_bin + DEPENDS ${target}_elf + DEPENDS ${target}_hex + ) +endmacro() diff --git a/toolchain_GNUARM.cmake b/toolchain_GNUARM.cmake new file mode 100644 index 0000000000..bb1728c785 --- /dev/null +++ b/toolchain_GNUARM.cmake @@ -0,0 +1,188 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2020, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +set(CMAKE_SYSTEM_NAME Generic) +set(CMAKE_SYSTEM_PROCESSOR arm) + +set(CMAKE_C_COMPILER arm-none-eabi-gcc) +set(CMAKE_ASM_COMPILER arm-none-eabi-gcc) + +# Tell CMake not to try to link executables during its checks +set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY) + +# This variable name is a bit of a misnomer. The file it is set to is included +# at a particular step in the compiler initialisation. It is used here to +# configure the extensions for object files. Despite the name, it also works +# with the Ninja generator. +set(CMAKE_USER_MAKE_RULES_OVERRIDE ${CMAKE_CURRENT_LIST_DIR}/cmake/set_extensions.cmake) + +# Cmake makes it _really_ hard to dynamically set the cmake_system_processor +# (used for setting mcpu flags etc). Instead we load +# platform/ext/target/${TFM_PLATFORM}/preload.cmake, which should run this macro +# to reload the compiler autoconfig. Note that it can't be loaded in this file +# as cmake does not allow the use of command-line defined variables in toolchain +# files and the path is platform dependent. +macro(_compiler_reload) + set(CMAKE_SYSTEM_PROCESSOR ${TFM_SYSTEM_PROCESSOR}) + set(CMAKE_SYSTEM_ARCHITECTURE ${TFM_SYSTEM_ARCHITECTURE}) + + if (DEFINED TFM_SYSTEM_FP) + if(TFM_SYSTEM_FP) + # TODO Whether a system requires these extensions appears to depend + # on the system in question, with no real rule. Since adding +fp + # will cause compile failures on systems that already have fp + # enabled, this is commented out for now to avoid those failures. In + # future, better handling should be implemented. + # string(APPEND CMAKE_SYSTEM_PROCESSOR "+fp") + else() + string(APPEND CMAKE_SYSTEM_PROCESSOR "+nofp") + endif() + endif() + + if (DEFINED TFM_SYSTEM_DSP) + if(TFM_SYSTEM_DSP) + # TODO Whether a system requires these extensions appears to depend + # on the system in question, with no real rule. Since adding +dsp + # will cause compile failures on systems that already have dsp + # enabled, this is commented out for now to avoid those failures. In + # future, better handling should be implemented. + # string(APPEND CMAKE_SYSTEM_PROCESSOR "+dsp") + else() + string(APPEND CMAKE_SYSTEM_PROCESSOR "+nodsp") + endif() + endif() + + set_property(DIRECTORY PROPERTY COMPILE_OPTIONS "") + set_property(DIRECTORY PROPERTY LINK_OPTIONS "") + add_compile_options( + --specs=nano.specs + -Wall + -Wno-format + -Wno-return-type + -Wno-unused-but-set-variable + -c + -fdata-sections + -ffunction-sections + -fno-builtin + -fshort-enums + -fshort-wchar + -funsigned-char + -mthumb + -nostdlib + -std=c99 + $<$<NOT:$<BOOL:${TFM_SYSTEM_FP}>>:-msoft-float> + ) + add_link_options( + --entry=Reset_Handler + --specs=nano.specs + LINKER:-check-sections + LINKER:-fatal-warnings + LINKER:--gc-sections + LINKER:--no-wchar-size-warning + LINKER:--print-memory-usage + ) + + unset(CMAKE_C_FLAGS_INIT) + unset(CMAKE_ASM_FLAGS_INIT) + + set(CMAKE_C_FLAGS_INIT "-mcpu=${CMAKE_SYSTEM_PROCESSOR}") + set(CMAKE_ASM_FLAGS_INIT "-mcpu=${CMAKE_SYSTEM_PROCESSOR}") + set(CMAKE_C_LINK_FLAGS "-mcpu=${CMAKE_SYSTEM_PROCESSOR}") + set(CMAKE_ASM_LINK_FLAGS "-mcpu=${CMAKE_SYSTEM_PROCESSOR}") + + set(CMAKE_C_FLAGS ${CMAKE_C_FLAGS_INIT}) + set(CMAKE_ASM_FLAGS ${CMAKE_ASM_FLAGS_INIT}) +endmacro() + +set(LINKER_VENEER_OUTPUT_FLAG -Wl,--cmse-implib,--out-implib=) +set(COMPILER_CMSE_FLAG -mcmse) + +macro(target_add_scatter_file target) + target_link_options(${target} + PRIVATE + -T $<TARGET_OBJECTS:${target}_scatter> + ) + + add_dependencies(${target} + ${target}_scatter + ) + + add_library(${target}_scatter OBJECT) + foreach(scatter_file ${ARGN}) + target_sources(${target}_scatter + PRIVATE + ${scatter_file} + ) + # Cmake cannot use generator expressions in the + # set_source_file_properties command, so instead we just parse the regex + # for the filename and set the property on all files, regardless of if + # the generator expression would evaluate to true or not. + string(REGEX REPLACE ".*>:(.*)>$" "\\1" SCATTER_FILE_PATH "${scatter_file}") + set_source_files_properties(${SCATTER_FILE_PATH} + PROPERTIES + LANGUAGE C + ) + endforeach() + + set_target_properties(${target}_scatter PROPERTIES + SUFFIX ".ld" + ) + + target_link_libraries(${target}_scatter + platform_region_defs + psa_interface + tfm_partition_defs + ) + + target_compile_options(${target}_scatter + PRIVATE + -E + -P + -xc + ) +endmacro() + +macro(add_convert_to_bin_target target) + get_target_property(bin_dir ${target} RUNTIME_OUTPUT_DIRECTORY) + + add_custom_target(${target}_bin + SOURCES ${bin_dir}/${target}.bin + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.bin + DEPENDS ${target} + COMMAND ${CMAKE_OBJCOPY} + -O binary $<TARGET_FILE:${target}> + ${bin_dir}/${target}.bin + ) + + add_custom_target(${target}_elf + SOURCES ${bin_dir}/${target}.elf + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.elf + DEPENDS ${target} + COMMAND ${CMAKE_OBJCOPY} + -O elf32-littlearm $<TARGET_FILE:${target}> + ${bin_dir}/${target}.elf + ) + + add_custom_target(${target}_hex + SOURCES ${bin_dir}/${target}.hex + ) + add_custom_command(OUTPUT ${bin_dir}/${target}.hex + DEPENDS ${target} + COMMAND ${CMAKE_OBJCOPY} + -O ihex $<TARGET_FILE:${target}> + ${bin_dir}/${target}.hex + ) + + add_custom_target(${target}_binaries + ALL + DEPENDS ${target}_bin + DEPENDS ${target}_elf + DEPENDS ${target}_hex + ) +endmacro() |