Docs: Update for new build system
Update docs to use new build commands. Document new build options Remove
mentions of manifest generation. Remove mentions of hex file generation.
Signed-off-by: Anton Komlev <anton.komlev@arm.com>
Change-Id: I01c49c462403468c3e3650534893160cdfb6f5c5
diff --git a/docs/reference/services/tfm_crypto_integration_guide.rst b/docs/reference/services/tfm_crypto_integration_guide.rst
index 6eaa5e0..a124bdf 100644
--- a/docs/reference/services/tfm_crypto_integration_guide.rst
+++ b/docs/reference/services/tfm_crypto_integration_guide.rst
@@ -68,20 +68,24 @@
****************************
The Crypto service can use either a hardware crypto accelerator backend like
-CC-312 or a software crypto library which by default is MbedTLS. If using
-MbedTLS as backend, then the library configuration is supplied using the
-MBEDTLS_CONFIG_FILE header option. TF-M Crypto provides a default
-configuration header ``tfm_mbedcrypto_config.h`` and this can be overridden
-based on TF-M configuration or platform. Platforms can also use
-``MBEDTLS_USER_CONFIG_FILE`` to override specific options from default.
+CC-312 or a software crypto library which by default is MbedTLS.
+
+If using MbedTLS as backend, then the library configuration is supplied using
+the ``TFM_MBEDCRYPTO_CONFIG_PATH`` cmake option.
+
+Platforms can specify an extra config file by setting the
+``TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH`` variable (which is a wrapper
+around the ``MBEDTLS_USER_CONFIG_FILE`` option). This is preferred for platform
+configuration over ``TFM_MBEDCRYPTO_CONFIG_PATH`` as it does not interfere with
+config changes due to TFM Profile.
.. Note::
The default entropy source configured for MbedTLS is
MBEDTLS_TEST_NULL_ENTROPY and this does not provide randomness
- for production devices. It is must for production devices to select
+ for production devices. It is required for production devices to select
either a hardware entropy source via MBEDTLS_ENTROPY_HARDWARE_ALT or
- provision a unique seed for the device during production and use
+ provision a unique seed for the device during production and use the
MBEDTLS_ENTROPY_NV_SEED option.
**************************
diff --git a/docs/reference/services/tfm_secure_partition_addition.rst b/docs/reference/services/tfm_secure_partition_addition.rst
index 9a5663d..a9c3759 100644
--- a/docs/reference/services/tfm_secure_partition_addition.rst
+++ b/docs/reference/services/tfm_secure_partition_addition.rst
@@ -59,7 +59,6 @@
- `Add source folder`_
- `Add manifest`_
- `Add configuration`_
-- `Generate files`_
- `Implement the RoT services`_
Add source folder
@@ -263,20 +262,11 @@
Add CMake configure files
-------------------------
-Two CMake configure files need to be added:
-
-- CMakeLists.inc, which is used to add the definition of what files are needed
- to build.
- CMakeLists.txt, which is the compilation configuration for this module.
-.. Note::
- The CMakeLists.inc is not mandatory, the user can put everything in
- CMakeLists.txt.
-
The current CMake configuration should also be updated, by updating
-CommonConfig.cmake to include the definition of the newly introduced partition
+config_default.cmake to include the definition of the newly introduced partition
and adding the relevant subdirectoy in ``secure_fw/CMakeLists.txt``.
-
Please refer to the source code of TF-M for more detail.
Update manifest list
@@ -311,16 +301,10 @@
"pid": 256
}
-Generate files
-==============
-After finishing the configuration works, the user needs to generate necessary
-files from manifest by using TF-M tools.
-
-.. code-block:: bash
-
- cd <base folder>
- cd trusted-firmware-m
- python ./tools/tfm_parse_manifest_list.py
+.. Note::
+ The manifest configuration can be placed in a different external manifest
+ list. In this case, the cmake variable TFM_EXTRA_MANIFEST_LIST_PATH should be
+ set to the path of the external manifest list.
Implement the RoT services
==========================