Build: Add option to enable or disable Audit Log
Adds a build option that makes it possible to enable or disable the
TF-M Audit Log partition. The option TFM_PARTITION_AUDIT_LOG can be
provided in the CMake configure command, and is enabled by default if
not supplied.
Change-Id: Ib60f22aeb62652e34a1ac43a61154288e6d989b3
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
diff --git a/secure_fw/services/audit_logging/CMakeLists.inc b/secure_fw/services/audit_logging/CMakeLists.inc
index ef491e7..31c401f 100644
--- a/secure_fw/services/audit_logging/CMakeLists.inc
+++ b/secure_fw/services/audit_logging/CMakeLists.inc
@@ -20,32 +20,23 @@
#Get the current directory where this file is located.
set(AUDIT_LOGGING_DIR ${CMAKE_CURRENT_LIST_DIR})
-#Check input variables
-if (NOT DEFINED ENABLE_AUDIT_LOGGING)
- message(FATAL_ERROR "Incomplete build configuration: ENABLE_AUDIT_LOGGING is undefined. ")
+if (NOT DEFINED TFM_ROOT_DIR)
+ message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-if (ENABLE_AUDIT_LOGGING)
- if (NOT DEFINED TFM_ROOT_DIR)
- message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
- endif()
+set (AUDIT_LOGGING_C_SRC
+ "${AUDIT_LOGGING_DIR}/tfm_audit_secure_api.c"
+ "${AUDIT_LOGGING_DIR}/audit_core.c"
+ "${AUDIT_LOGGING_DIR}/audit_wrappers.c"
+)
- set (AUDIT_LOGGING_C_SRC
- "${AUDIT_LOGGING_DIR}/tfm_audit_secure_api.c"
- "${AUDIT_LOGGING_DIR}/audit_core.c"
- "${AUDIT_LOGGING_DIR}/audit_wrappers.c"
- )
+#Append all our source files to global lists.
+list(APPEND ALL_SRC_C ${AUDIT_LOGGING_C_SRC})
+unset(AUDIT_LOGGING_C_SRC)
- #Append all our source files to global lists.
- list(APPEND ALL_SRC_C ${AUDIT_LOGGING_C_SRC})
- unset(AUDIT_LOGGING_C_SRC)
-
- #Setting include directories
- embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
-else()
- message(FATAL_ERROR "Build system currently doesn't support selectively disabling of a service.")
-endif()
+#Setting include directories
+embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
diff --git a/secure_fw/services/audit_logging/CMakeLists.txt b/secure_fw/services/audit_logging/CMakeLists.txt
index e7bfa82..d67c854 100644
--- a/secure_fw/services/audit_logging/CMakeLists.txt
+++ b/secure_fw/services/audit_logging/CMakeLists.txt
@@ -23,7 +23,6 @@
get_filename_component(TFM_ROOT_DIR "${AUDIT_LOGGING_DIR}/../../.." ABSOLUTE)
###Get the definition of what files we need to build
-set (ENABLE_AUDIT_LOGGING ON)
include(CMakeLists.inc)
if (NOT DEFINED TFM_LVL)
diff --git a/secure_fw/services/tfm_partition_defs.inc b/secure_fw/services/tfm_partition_defs.inc
index ab0cb28..e7b20e6 100644
--- a/secure_fw/services/tfm_partition_defs.inc
+++ b/secure_fw/services/tfm_partition_defs.inc
@@ -12,7 +12,9 @@
#define TFM_SP_STORAGE_ID (TFM_SP_BASE + 0)
+#ifdef TFM_PARTITION_AUDIT_LOG
#define TFM_SP_AUDIT_LOG_ID (TFM_SP_BASE + 1)
+#endif /* TFM_PARTITION_AUDIT_LOG */
#define TFM_SP_CRYPTO_ID (TFM_SP_BASE + 2)
diff --git a/secure_fw/services/tfm_partition_list.inc b/secure_fw/services/tfm_partition_list.inc
index f5edad6..f78052a 100644
--- a/secure_fw/services/tfm_partition_list.inc
+++ b/secure_fw/services/tfm_partition_list.inc
@@ -16,6 +16,7 @@
, "PSA-ROT", 0x00000100, NORMAL);
PARTITION_ADD_INIT_FUNC(TFM_SP_STORAGE, tfm_sst_req_mngr_init);
+#ifdef TFM_PARTITION_AUDIT_LOG
/******** TFM_SP_AUDIT_LOG ********/
PARTITION_DECLARE(TFM_SP_AUDIT_LOG, 0
, "PSA-ROT", 0x00000101, NORMAL);
@@ -23,6 +24,7 @@
#ifdef AUDIT_UART_REDIRECTION
PARTITION_ADD_PERIPHERAL(TFM_SP_AUDIT_LOG, TFM_PERIPHERAL_UART1);
#endif /* AUDIT_UART_REDIRECTION */
+#endif /* TFM_PARTITION_AUDIT_LOG */
/******** TFM_SP_CRYPTO ********/
PARTITION_DECLARE(TFM_SP_CRYPTO, 0