Build: Move MCUBoot configs from compile time defines to header
Changed the propagation of configurations from being passed by
CMake, to putting them into a dynamically generated header file.
Change-Id: I419121af3762929f18d3b408594d3f5f61528ddb
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index 4e0c518..1f19b2a 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt
@@ -132,6 +132,7 @@
embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${TFM_ROOT_DIR}/bl2/ext/mcuboot/include ABSOLUTE APPEND)
embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${MCUBOOT_DIR}/bootutil/include ABSOLUTE APPEND)
embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${MBEDCRYPTO_INSTALL_DIR}/include ABSOLUTE APPEND)
+embedded_target_include_directories(TARGET ${PROJECT_NAME} PATH ${CMAKE_CURRENT_BINARY_DIR} ABSOLUTE APPEND)
#Define linker file
if(NOT DEFINED BL2_LINKER_CONFIG)
@@ -187,53 +188,50 @@
message("- MCUBOOT_HW_KEY: '${MCUBOOT_HW_KEY}'.")
message("- MCUBOOT_LOG_LEVEL: '${MCUBOOT_LOG_LEVEL}'.")
-#Set macro definitions for the project.
-target_compile_definitions(${PROJECT_NAME} PRIVATE
- MCUBOOT_VALIDATE_PRIMARY_SLOT
- MCUBOOT_USE_FLASH_AREA_GET_SECTORS
- MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}"
- MCUBOOT_TARGET_CONFIG="flash_layout.h")
+get_property(_log_levels CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS)
+list(FIND _log_levels ${MCUBOOT_LOG_LEVEL} LOG_LEVEL_ID)
if (MCUBOOT_REPO STREQUAL "UPSTREAM")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_USE_UPSTREAM)
+ set(MCUBOOT_USE_UPSTREAM On)
endif()
-if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=3072)
+if(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
+ set(MCUBOOT_SIGN_RSA On)
+ set(MCUBOOT_SIGN_RSA_LEN 3072)
elseif(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=2048)
-else()
- message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm")
+ set(MCUBOOT_SIGN_RSA On)
+ set(MCUBOOT_SIGN_RSA_LEN 2048)
endif()
if (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "OVERWRITE_ONLY")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_OVERWRITE_ONLY)
-elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_NO_SWAP)
+ set(MCUBOOT_OVERWRITE_ONLY On)
+elseif(${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP")
+ set(MCUBOOT_NO_SWAP On)
elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "RAM_LOADING")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_RAM_LOADING)
-elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "SWAP")
- #No compile definition needs to be specified for this upgrade strategy
-else()
- get_property(_upgrade_strategies CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS)
- message(FATAL_ERROR "ERROR: MCUBoot supports the ${_upgrade_strategies} upgrade strategies only.")
-endif()
-
-if (MCUBOOT_HW_KEY)
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_HW_KEY)
+ set(MCUBOOT_RAM_LOADING On)
endif()
if (ATTEST_BOOT_INTERFACE STREQUAL "INDIVIDUAL_CLAIMS")
- target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_INDIVIDUAL_CLAIMS)
+ set(MCUBOOT_INDIVIDUAL_CLAIMS On)
+endif()
+
+configure_file("${CMAKE_CURRENT_LIST_DIR}/include/mcuboot_config/mcuboot_config.h.in"
+ "${CMAKE_CURRENT_BINARY_DIR}/mcuboot_config/mcuboot_config.h"
+ @ONLY)
+
+target_compile_definitions(${PROJECT_NAME} PRIVATE MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+
+if (NOT MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072" AND NOT MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048")
+ message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm")
+endif()
+
+validate_cache_value(MCUBOOT_UPGRADE_STRATEGY)
+
+if (ATTEST_BOOT_INTERFACE STREQUAL "INDIVIDUAL_CLAIMS")
message(WARNING "ATTEST_BOOT_INTERFACE was set to ${ATTEST_BOOT_INTERFACE}. This configuration is "
"deprecated and this feature will probably be removed from MCUBoot in the future.")
endif()
-#Configure log level for MCUBoot.
-get_property(_log_levels CACHE MCUBOOT_LOG_LEVEL PROPERTY STRINGS)
-list(FIND _log_levels ${MCUBOOT_LOG_LEVEL} LOG_LEVEL_ID)
-target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_LOG_LEVEL=${LOG_LEVEL_ID})
-
#Set install location. Keep original value to avoid overriding command line settings.
if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
set(CMAKE_INSTALL_PREFIX "${CMAKE_BINARY_DIR}/install" CACHE PATH "Default install location for MCUBoot." FORCE)
diff --git a/bl2/ext/mcuboot/MCUBootConfig.cmake b/bl2/ext/mcuboot/MCUBootConfig.cmake
index f421ee6..06a828b 100644
--- a/bl2/ext/mcuboot/MCUBootConfig.cmake
+++ b/bl2/ext/mcuboot/MCUBootConfig.cmake
@@ -44,6 +44,7 @@
if (NOT CMAKE_BUILD_TYPE STREQUAL "debug")
set(MCUBOOT_LOG_LEVEL "LOG_LEVEL_OFF")
endif()
+
validate_cache_value(MCUBOOT_LOG_LEVEL)
if ((${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP" OR
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index 6c55ac8..62b93d9 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -15,6 +15,7 @@
* limitations under the License.
*/
+#include "mcuboot_config/mcuboot_config.h"
#include <assert.h>
#include "bl2_util.h"
#include "target.h"
diff --git a/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h b/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h
index b0c1f21..7b87df8 100644
--- a/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h
+++ b/bl2/ext/mcuboot/bootutil/include/bootutil/sign_key.h
@@ -21,6 +21,7 @@
#define __BOOTUTIL_SIGN_KEY_H_
#include <stdint.h>
+#include "mcuboot_config/mcuboot_config.h"
#ifdef __cplusplus
extern "C" {
diff --git a/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h b/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h
index 4edfcdb..a55b50d 100644
--- a/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h
+++ b/bl2/ext/mcuboot/bootutil/src/bootutil_priv.h
@@ -32,6 +32,7 @@
#include "bootutil/bootutil.h"
#include "bootutil/image.h"
#include "flash_layout.h"
+#include "mcuboot_config/mcuboot_config.h"
#ifdef __cplusplus
extern "C" {
diff --git a/bl2/ext/mcuboot/bootutil/src/image_rsa.c b/bl2/ext/mcuboot/bootutil/src/image_rsa.c
index ea7c78f..c29ea00 100644
--- a/bl2/ext/mcuboot/bootutil/src/image_rsa.c
+++ b/bl2/ext/mcuboot/bootutil/src/image_rsa.c
@@ -21,11 +21,13 @@
* Original code taken from mcuboot project at:
* https://github.com/JuulLabs-OSS/mcuboot
* Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a
- * Modifications are Copyright (c) 2018-2019 Arm Limited.
+ * Modifications are Copyright (c) 2018-2020 Arm Limited.
*/
#include <string.h>
+#include "mcuboot_config/mcuboot_config.h"
+
#ifdef MCUBOOT_SIGN_RSA
#include "bootutil/sign_key.h"
#include "bootutil/sha256.h"
diff --git a/bl2/ext/mcuboot/bootutil/src/image_validate.c b/bl2/ext/mcuboot/bootutil/src/image_validate.c
index db9d541..938996b 100644
--- a/bl2/ext/mcuboot/bootutil/src/image_validate.c
+++ b/bl2/ext/mcuboot/bootutil/src/image_validate.c
@@ -35,6 +35,8 @@
#include "bootutil/sign_key.h"
#include "security_cnt.h"
+#include "mcuboot_config/mcuboot_config.h"
+
#if defined(MCUBOOT_SIGN_RSA)
#include "mbedtls/rsa.h"
#endif
diff --git a/bl2/ext/mcuboot/bootutil/src/loader.c b/bl2/ext/mcuboot/bootutil/src/loader.c
index 2197a47..2b6f655 100644
--- a/bl2/ext/mcuboot/bootutil/src/loader.c
+++ b/bl2/ext/mcuboot/bootutil/src/loader.c
@@ -45,6 +45,7 @@
#include "bl2/include/tfm_boot_status.h"
#include "bl2/include/boot_record.h"
#include "security_cnt.h"
+#include "mcuboot_config/mcuboot_config.h"
static struct boot_loader_state boot_data;
diff --git a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
similarity index 67%
rename from bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h
rename to bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
index a0dfe09..3ac50be 100644
--- a/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h
+++ b/bl2/ext/mcuboot/include/mcuboot_config/mcuboot_config.h.in
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2018 Open Source Foundries Limited
- * Copyright (c) 2019 Arm Limited
+ * Copyright (c) 2019-2020 Arm Limited
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -29,11 +29,26 @@
*/
#ifndef __BOOTSIM__
+#define MCUBOOT_VALIDATE_PRIMARY_SLOT
+#define MCUBOOT_USE_FLASH_AREA_GET_SECTORS
+#define MCUBOOT_TARGET_CONFIG "flash_layout.h"
+
/*
- * In TF-M most of the configuration flags (e.g. signature type,
- * upgrade mode ...) are handled by the CMake-based buildsystem and
- * added to the compiler command lines.
+ * Signature types
*/
+#cmakedefine MCUBOOT_SIGN_RSA
+#cmakedefine MCUBOOT_SIGN_RSA_LEN @MCUBOOT_SIGN_RSA_LEN@
+
+/*
+ * Upgrade mode
+ */
+#cmakedefine MCUBOOT_OVERWRITE_ONLY
+#cmakedefine MCUBOOT_NO_SWAP
+#cmakedefine MCUBOOT_RAM_LOADING
+
+#cmakedefine MCUBOOT_INDIVIDUAL_CLAIMS
+#cmakedefine MCUBOOT_HW_KEY
+#cmakedefine MCUBOOT_USE_UPSTREAM
/*
* Cryptographic settings
@@ -44,6 +59,7 @@
* Logging
*/
#define MCUBOOT_HAVE_LOGGING 1
+#define MCUBOOT_LOG_LEVEL @LOG_LEVEL_ID@
#endif /* !__BOOTSIM__ */
diff --git a/bl2/ext/mcuboot/keys.c b/bl2/ext/mcuboot/keys.c
index c8f960b..480994c 100644
--- a/bl2/ext/mcuboot/keys.c
+++ b/bl2/ext/mcuboot/keys.c
@@ -21,10 +21,11 @@
* Original code taken from mcuboot project at:
* https://github.com/JuulLabs-OSS/mcuboot
* Git SHA of the original version: ac55554059147fff718015be9f4bd3108123f50a
- * Modifications are Copyright (c) 2019 Arm Limited.
+ * Modifications are Copyright (c) 2019-2020 Arm Limited.
*/
#include <bootutil/sign_key.h>
+#include "mcuboot_config/mcuboot_config.h"
#if !defined(MCUBOOT_HW_KEY)
#if defined(MCUBOOT_SIGN_RSA)