Build: A switch for selecting platform service
Switch 'TFM_PARTITION_PLATFORM' is added for selecting platform
service. Enabled by default and can be overridden by cmake command.
Change-Id: Ic2529b101292b8f81203da4a11815778194806f9
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
diff --git a/secure_fw/CMakeLists.txt b/secure_fw/CMakeLists.txt
index bf41f38..3186c5d 100644
--- a/secure_fw/CMakeLists.txt
+++ b/secure_fw/CMakeLists.txt
@@ -35,6 +35,10 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_AUDIT_LOG is undefined.")
endif()
+if (NOT DEFINED TFM_PARTITION_PLATFORM)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
+endif()
+
include(${SECURE_FW_DIR}/spm/CMakeLists.inc)
include(${SECURE_FW_DIR}/ns_callable/CMakeLists.inc)
#Involve all IPC related sources in ipc's CMakeLists.inc, and switch core between IPC and Library.
@@ -150,12 +154,14 @@
add_dependencies(${EXE_NAME} tfm_crypto)
add_dependencies(${EXE_NAME} tfm_storage)
- add_dependencies(${EXE_NAME} tfm_platform)
add_dependencies(${EXE_NAME} tfm_secure_tests)
add_dependencies(${EXE_NAME} tfm_attest)
if (TFM_PARTITION_AUDIT_LOG)
add_dependencies(${EXE_NAME} tfm_audit)
endif()
+ if (TFM_PARTITION_PLATFORM)
+ add_dependencies(${EXE_NAME} tfm_platform)
+ endif()
#Set macro definitions for the project.
embedded_set_target_compile_defines(TARGET ${PROJECT_OBJ_LIB} LANGUAGE C DEFINES __thumb2__ __ARM_FEATURE_CMSE=3 TFM_LVL=${TFM_LVL} ${DEBUG_AUTHENTICATION} APPEND)
@@ -172,27 +178,35 @@
#FIXME Remove the explicit load and the above comment once the secure client
#test partition uses the generated veneers.
if((${COMPILER} STREQUAL "ARMCLANG") AND (NOT TFM_PSA_API))
- target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_platform $<TARGET_LINKER_FILE:tfm_secure_tests>\(*veneers.o\) tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage $<TARGET_LINKER_FILE:tfm_secure_tests>\(*veneers.o\) tfm_attest)
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_platform tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_attest)
endif()
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_platform tfm_secure_tests tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_secure_tests tfm_attest)
endif()
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_platform tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_attest)
endif()
if (TFM_PARTITION_AUDIT_LOG)
target_link_libraries(${EXE_NAME} tfm_audit)
endif()
+ if (TFM_PARTITION_PLATFORM)
+ target_link_libraries(${EXE_NAME} tfm_platform)
+ endif()
+
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_LVL=${TFM_LVL}")
if (TFM_PARTITION_AUDIT_LOG)
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_AUDIT_LOG")
endif()
+ if (TFM_PARTITION_PLATFORM)
+ embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_PLATFORM")
+ endif()
+
if (NOT DEFINED TFM_PARTITION_TEST_CORE)
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_CORE is undefined. ")
elseif (TFM_PARTITION_TEST_CORE)
@@ -292,7 +306,9 @@
add_subdirectory(${SECURE_FW_DIR}/services/secure_storage)
#Add the platform service library target
-add_subdirectory(${SECURE_FW_DIR}/services/platform)
+if (TFM_PARTITION_PLATFORM)
+ add_subdirectory(${SECURE_FW_DIR}/services/platform)
+endif()
#Add the initial attestation service library target
add_subdirectory(${SECURE_FW_DIR}/services/initial_attestation)
diff --git a/secure_fw/ns_callable/CMakeLists.inc b/secure_fw/ns_callable/CMakeLists.inc
index 91f803a..5664a8e 100644
--- a/secure_fw/ns_callable/CMakeLists.inc
+++ b/secure_fw/ns_callable/CMakeLists.inc
@@ -23,8 +23,11 @@
message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_veneers.c"
- "${CMAKE_CURRENT_LIST_DIR}/tfm_platform_veneers.c")
+set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_veneers.c")
+
+if (TFM_PARTITION_PLATFORM)
+ list(APPEND SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_platform_veneers.c")
+endif()
if (TFM_PARTITION_AUDIT_LOG)
list(APPEND SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_audit_veneers.c")
diff --git a/secure_fw/ns_callable/tfm_veneers.c b/secure_fw/ns_callable/tfm_veneers.c
index 3519af6..f04422d 100644
--- a/secure_fw/ns_callable/tfm_veneers.c
+++ b/secure_fw/ns_callable/tfm_veneers.c
@@ -71,9 +71,11 @@
psa_status_t tfm_crypto_generate_random(psa_invec *, size_t, psa_outvec *, size_t);
psa_status_t tfm_crypto_generate_key(psa_invec *, size_t, psa_outvec *, size_t);
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
psa_status_t platform_sp_system_reset(psa_invec *, size_t, psa_outvec *, size_t);
psa_status_t platform_sp_pin_service(psa_invec *, size_t, psa_outvec *, size_t);
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
psa_status_t initial_attest_get_token(psa_invec *, size_t, psa_outvec *, size_t);
@@ -181,9 +183,11 @@
TFM_VENEER_FUNCTION(TFM_SP_CRYPTO, tfm_crypto_generate_random)
TFM_VENEER_FUNCTION(TFM_SP_CRYPTO, tfm_crypto_generate_key)
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
TFM_VENEER_FUNCTION(TFM_SP_PLATFORM, platform_sp_system_reset)
TFM_VENEER_FUNCTION(TFM_SP_PLATFORM, platform_sp_pin_service)
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
TFM_VENEER_FUNCTION(TFM_SP_INITIAL_ATTESTATION, initial_attest_get_token)
diff --git a/secure_fw/services/platform/CMakeLists.inc b/secure_fw/services/platform/CMakeLists.inc
index e79aa5e..90ec1d0 100644
--- a/secure_fw/services/platform/CMakeLists.inc
+++ b/secure_fw/services/platform/CMakeLists.inc
@@ -21,31 +21,21 @@
#Get the current directory where this file is located.
set(PLATFORM_SERVICE_DIR ${CMAKE_CURRENT_LIST_DIR})
-#Check input variables
-if (NOT DEFINED ENABLE_PLATFORM_SERVICE)
- message(FATAL_ERROR "Incomplete build configuration: ENABLE_PLATFORM_SERVICE is undefined. ")
+if (NOT DEFINED TFM_ROOT_DIR)
+ message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-if (ENABLE_PLATFORM_SERVICE)
- if (NOT DEFINED TFM_ROOT_DIR)
- message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
- endif()
+set (PLATFORM_SERVICE_C_SRC
+ "${PLATFORM_SERVICE_DIR}/platform_sp.c"
+ "${PLATFORM_SERVICE_DIR}/tfm_platform_secure_api.c")
- set (PLATFORM_SERVICE_C_SRC
- "${PLATFORM_SERVICE_DIR}/platform_sp.c"
- "${PLATFORM_SERVICE_DIR}/tfm_platform_secure_api.c")
+#Append all our source files to global lists.
+list(APPEND ALL_SRC_C ${PLATFORM_SERVICE_C_SRC})
+unset(PLATFORM_SERVICE_C_SRC)
- #Append all our source files to global lists.
- list(APPEND ALL_SRC_C ${PLATFORM_SERVICE_C_SRC})
- unset(PLATFORM_SERVICE_C_SRC)
-
- #Setting include directories
- embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
-
-else()
- message(FATAL_ERROR "Build system currently doesn't support selectively disabling of a service.")
-endif()
+#Setting include directories
+embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
diff --git a/secure_fw/services/platform/CMakeLists.txt b/secure_fw/services/platform/CMakeLists.txt
index b2ae183..4f4f0d1 100644
--- a/secure_fw/services/platform/CMakeLists.txt
+++ b/secure_fw/services/platform/CMakeLists.txt
@@ -23,7 +23,6 @@
get_filename_component(TFM_ROOT_DIR "${PLATFORM_SP_DIR}/../../.." ABSOLUTE)
###Get the definition of what files we need to build
-set (ENABLE_PLATFORM_SERVICE ON)
include(CMakeLists.inc)
if (NOT DEFINED TFM_LVL)
diff --git a/secure_fw/services/tfm_partition_defs.inc b/secure_fw/services/tfm_partition_defs.inc
index e7b20e6..3a0b197 100644
--- a/secure_fw/services/tfm_partition_defs.inc
+++ b/secure_fw/services/tfm_partition_defs.inc
@@ -18,7 +18,9 @@
#define TFM_SP_CRYPTO_ID (TFM_SP_BASE + 2)
+#ifdef TFM_PARTITION_PLATFORM
#define TFM_SP_PLATFORM_ID (TFM_SP_BASE + 3)
+#endif /* TFM_PARTITION_PLATFORM */
#define TFM_SP_INITIAL_ATTESTATION_ID (TFM_SP_BASE + 4)
diff --git a/secure_fw/services/tfm_partition_list.inc b/secure_fw/services/tfm_partition_list.inc
index f78052a..3a47e19 100644
--- a/secure_fw/services/tfm_partition_list.inc
+++ b/secure_fw/services/tfm_partition_list.inc
@@ -32,10 +32,12 @@
, "PSA-ROT", 0x00000102, NORMAL);
PARTITION_ADD_INIT_FUNC(TFM_SP_CRYPTO, tfm_crypto_init);
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
PARTITION_DECLARE(TFM_SP_PLATFORM, 0
, "PSA-ROT", 0x00000102, NORMAL);
PARTITION_ADD_INIT_FUNC(TFM_SP_PLATFORM, platform_sp_init);
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
PARTITION_DECLARE(TFM_SP_INITIAL_ATTESTATION, 0