Build: Set ns_agent partition flags
Remove defaults for CONFIG_TFM_USE_TRUSTZONE and
TFM_MULTI_CORE_TOPOLOGY.
Derive TFM_PARTITION_NS_AGENT_MAILBOX and TFM_PARTITION_NS_AGENT_TZ
from other configuration flags, and then use those flags where more
appropriate.
The goal is to open the path to other ns_agent configurations.
Change-Id: Ia866fd43d0cfbbaea0f70c9f9ee200644ce8bf9b
Signed-off-by: Chris Brand <chris.brand@cypress.com>
diff --git a/cmake/install.cmake b/cmake/install.cmake
index 6f45df6..8ee9189 100644
--- a/cmake/install.cmake
+++ b/cmake/install.cmake
@@ -46,14 +46,16 @@
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
endif()
-if (TFM_MULTI_CORE_TOPOLOGY)
+if (TFM_PARTITION_NS_AGENT_MAILBOX)
install(FILES ${INTERFACE_INC_DIR}/multi_core/tfm_multi_core_api.h
${INTERFACE_INC_DIR}/multi_core/tfm_ns_mailbox.h
${INTERFACE_INC_DIR}/multi_core/tfm_mailbox.h
${INTERFACE_INC_DIR}/multi_core/tfm_ns_mailbox_test.h
${CMAKE_BINARY_DIR}/generated/interface/include/tfm_mailbox_config.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR})
-elseif (NOT TFM_PSA_API)
+endif()
+
+if (NOT TFM_PSA_API)
install(FILES ${CMAKE_BINARY_DIR}/generated/interface/include/tfm_veneers.h
DESTINATION ${INSTALL_INTERFACE_INC_DIR}/tfm/veneers)
endif()
@@ -115,18 +117,20 @@
####################### export sources #########################################
-if (TFM_MULTI_CORE_TOPOLOGY)
+if (TFM_PARTITION_NS_AGENT_MAILBOX)
install(FILES ${INTERFACE_SRC_DIR}/multi_core/tfm_ns_mailbox.c
${INTERFACE_SRC_DIR}/multi_core/tfm_multi_core_ns_api.c
${INTERFACE_SRC_DIR}/multi_core/tfm_multi_core_psa_ns_api.c
${INTERFACE_SRC_DIR}/multi_core/tfm_ns_mailbox_thread.c
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
-else()
- if(TFM_PSA_API)
- install(FILES ${INTERFACE_SRC_DIR}/tfm_psa_ns_api.c
- DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
- endif()
+endif()
+if (TFM_PARTITION_NS_AGENT_TZ)
+ install(FILES ${INTERFACE_SRC_DIR}/tfm_psa_ns_api.c
+ DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
+endif()
+
+if (CONFIG_TFM_USE_TRUSTZONE)
install(FILES ${INTERFACE_SRC_DIR}/tfm_ns_interface.c.example
DESTINATION ${INSTALL_INTERFACE_SRC_DIR})
endif()
diff --git a/config/config_default.cmake b/config/config_default.cmake
index dce78a3..e12d43f 100755
--- a/config/config_default.cmake
+++ b/config/config_default.cmake
@@ -24,7 +24,6 @@
# TFM_LIB_MODEL is the only user configuration for Library Model selection.
# TFM_PSA_API becomes an internal variable. Please do NOT use it in build command line.
set(TFM_LIB_MODEL OFF CACHE BOOL "Use secure library model instead of PSA API (IPC model)")
-set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_ISOLATION_LEVEL 1 CACHE STRING "Isolation level")
set(PSA_FRAMEWORK_HAS_MM_IOVEC OFF CACHE BOOL "Enable MM-IOVEC")
set(TFM_PROFILE "" CACHE STRING "Profile to use")
@@ -70,7 +69,6 @@
############################ Platform ##########################################
-set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(NUM_MAILBOX_QUEUE_SLOT 1 CACHE BOOL "Number of mailbox queue slots")
set(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM OFF CACHE BOOL "Whether to use a platform specific inter-core communication instead of mailbox in dual-cpu topology")
diff --git a/config/tfm_ipc_config_default.cmake b/config/tfm_ipc_config_default.cmake
index e1f9b93..f2ee8ab 100644
--- a/config/tfm_ipc_config_default.cmake
+++ b/config/tfm_ipc_config_default.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -11,3 +13,14 @@
set(CONFIG_TFM_SPM_BACKEND_IPC ON)
set(CONFIG_TFM_SPM_BACKEND_SFN OFF)
set(CONFIG_TFM_PARTITION_META ON)
+# Derive ns_agent partitions
+if (TFM_MULTI_CORE_TOPOLOGY)
+ set(TFM_PARTITION_NS_AGENT_MAILBOX ON CACHE BOOL "Enable Non-Secure Mailbox Agent partition")
+else()
+ set(TFM_PARTITION_NS_AGENT_MAILBOX OFF CACHE BOOL "Enable Non-Secure Mailbox Agent partition")
+endif()
+if (CONFIG_TFM_USE_TRUSTZONE)
+ set(TFM_PARTITION_NS_AGENT_TZ ON CACHE BOOL "Enable Non-Secure TrustZone Agent partition")
+else()
+ set(TFM_PARTITION_NS_AGENT_TZ OFF CACHE BOOL "Enable Non-Secure TrustZone Agent partition")
+endif()
diff --git a/config/tfm_library_config_default.cmake b/config/tfm_library_config_default.cmake
index 0085041..ef32f54 100644
--- a/config/tfm_library_config_default.cmake
+++ b/config/tfm_library_config_default.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -10,3 +12,5 @@
set(TFM_PSA_API OFF CACHE BOOL "Use PSA API instead of secure library model")
set(TFM_PARTITION_AUDIT_LOG ON CACHE BOOL "Enable Audit Log partition")
set(CONFIG_TFM_PARTITION_META OFF)
+set(TFM_PARTITION_NS_AGENT_MAILBOX OFF)
+set(TFM_PARTITION_NS_AGENT_TZ OFF)
diff --git a/config/tfm_sfn_config_default.cmake b/config/tfm_sfn_config_default.cmake
index 18ba9fd..23db32f 100644
--- a/config/tfm_sfn_config_default.cmake
+++ b/config/tfm_sfn_config_default.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,3 +14,14 @@
set(CONFIG_TFM_SPM_BACKEND_IPC OFF)
set(CONFIG_TFM_SPM_BACKEND_SFN ON)
set(CONFIG_TFM_PARTITION_META OFF)
+# Derive ns_agent partitions
+if (TFM_MULTI_CORE_TOPOLOGY)
+ set(TFM_PARTITION_NS_AGENT_MAILBOX ON CACHE BOOL "Enable Non-Secure Mailbox Agent partition")
+else()
+ set(TFM_PARTITION_NS_AGENT_MAILBOX OFF CACHE BOOL "Enable Non-Secure Mailbox Agent partition")
+endif()
+if (CONFIG_TFM_USE_TRUSTZONE)
+ set(TFM_PARTITION_NS_AGENT_TZ ON CACHE BOOL "Enable Non-Secure TrustZone Agent partition")
+else()
+ set(TFM_PARTITION_NS_AGENT_TZ OFF CACHE BOOL "Enable Non-Secure TrustZone Agent partition")
+endif()
diff --git a/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst b/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
index 07b7383..a6dcc21 100644
--- a/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
+++ b/docs/integration_guide/platform/porting_TFM_to_a_new_hardware.rst
@@ -148,6 +148,14 @@
This optional Non-Secure world is set-up via the tfm_ns target in the
CMakelists.txt file (see below).
+ - How does the non-secure world communicate with the secure world?
+
+ TF-M supports running the non-secure world on the same CPU as the secure
+ world, communicating via TrustZone or running the non-secure world on
+ a separate CPU, communicating via a mailbox.
+
+ The architecture is configured in the config.cmake file (see below).
+
- How does the FLASH need to be split between worlds?
The flash split is very dependent on the support of BL2 and NS world.
@@ -217,6 +225,9 @@
If the platform is single core, this file should not be present.
+ If the platform is dual core but both cores have the same architecture,
+ this file is optional.
+
[preload_cmake_]
config.cmake:
@@ -224,9 +235,20 @@
(MANDATORY)
- This file is use to setup default build configuration for TF-M, see example
- below. [config_cmake_]
+ This file is use to setup default build configuration for TF-M.
+ It must specify the values below, and should also specify other
+ configuration values that are fixed for the platform.
+
+ +------------------------------+-------------------------------------------------------------------+
+ | name | description |
+ +==============================+===================================================================+
+ |CONFIG_TFM_USE_TRUSTZONE | Use TrustZone to transition between NSPE and SPE on the same CPU |
+ +------------------------------+-------------------------------------------------------------------+
+ |TFM_MULTI_CORE_TOPOLOGY | NSPE runs on a separate CPU to SPE |
+ +------------------------------+-------------------------------------------------------------------+
+
+ [config_cmake_]
startup files:
---------------
@@ -741,6 +763,8 @@
::
[config_cmake]
+ set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+ set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(BL2 OFF CACHE BOOL "Whether to build BL2")
set(NS FALSE CACHE BOOL "Whether to build NS app" FORCE)
@@ -768,3 +792,5 @@
tfm_invalid_config((CMAKE_C_COMPILER_ID STREQUAL "ARMClang") AND (CMAKE_C_COMPILER_VERSION VERSION_LESS "6.10.1"))
*Copyright (c) 2021-2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+or an affiliate of Cypress Semiconductor Corporation. All rights reserved.*
diff --git a/platform/ext/target/arm/mps2/an519/config.cmake b/platform/ext/target/arm/mps2/an519/config.cmake
index c9128f8..aa82d57 100644
--- a/platform/ext/target/arm/mps2/an519/config.cmake
+++ b/platform/ext/target/arm/mps2/an519/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,6 +14,9 @@
set(BL2_TRAILER_SIZE 0x10400 CACHE STRING "Trailer size")
endif()
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(PLATFORM_SLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports SLIH IRQ tests")
set(PLATFORM_FLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports FLIH IRQ tests")
diff --git a/platform/ext/target/arm/mps2/an521/config.cmake b/platform/ext/target/arm/mps2/an521/config.cmake
index 1a9e3d1..d077ed8 100644
--- a/platform/ext/target/arm/mps2/an521/config.cmake
+++ b/platform/ext/target/arm/mps2/an521/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -7,6 +9,9 @@
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_CURRENT_SOURCE_DIR}/platform/ext/target/arm/mps2/an521/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(PLATFORM_SLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports SLIH IRQ tests")
set(PLATFORM_FLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports FLIH IRQ tests")
diff --git a/platform/ext/target/arm/mps3/an524/config.cmake b/platform/ext/target/arm/mps3/an524/config.cmake
index ceabc5b..15f47ef 100644
--- a/platform/ext/target/arm/mps3/an524/config.cmake
+++ b/platform/ext/target/arm/mps3/an524/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,4 +14,7 @@
endif()
################################## Dependencies ################################
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/arm/mps3/an547/config.cmake b/platform/ext/target/arm/mps3/an547/config.cmake
index d90145f..957bbd8 100644
--- a/platform/ext/target/arm/mps3/an547/config.cmake
+++ b/platform/ext/target/arm/mps3/an547/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -11,3 +13,6 @@
#No header if no bootloader, but keep IMAGE_CODE_SIZE the same
set(BL2_TRAILER_SIZE 0xC00 CACHE STRING "Trailer size")
endif()
+
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
diff --git a/platform/ext/target/arm/mps3/an552/config.cmake b/platform/ext/target/arm/mps3/an552/config.cmake
index 4a6e07b..868e43e 100644
--- a/platform/ext/target/arm/mps3/an552/config.cmake
+++ b/platform/ext/target/arm/mps3/an552/config.cmake
@@ -1,10 +1,15 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(PLATFORM_SLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports SLIH IRQ tests")
set(PLATFORM_FLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports FLIH IRQ tests")
diff --git a/platform/ext/target/arm/mps3/corstone310_fvp/config.cmake b/platform/ext/target/arm/mps3/corstone310_fvp/config.cmake
index 36ee657..111e002 100644
--- a/platform/ext/target/arm/mps3/corstone310_fvp/config.cmake
+++ b/platform/ext/target/arm/mps3/corstone310_fvp/config.cmake
@@ -1,10 +1,15 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(PLATFORM_SLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports SLIH IRQ tests")
set(PLATFORM_FLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports FLIH IRQ tests")
set(PLATFORM_SVC_HANDLERS ON CACHE BOOL "Platform specific SVC handlers")
diff --git a/platform/ext/target/arm/musca_b1/sse_200/config.cmake b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
index 31451b9..73af640 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/config.cmake
+++ b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -9,6 +11,9 @@
set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode")
set(PLATFORM_GPLED_ENABLED OFF CACHE BOOL "Use the general purpose LEDs on the platform board")
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
if (NOT FORWARD_PROT_MSG)
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
diff --git a/platform/ext/target/arm/musca_s1/config.cmake b/platform/ext/target/arm/musca_s1/config.cmake
index 6e0f5a3..59d2715 100644
--- a/platform/ext/target/arm/musca_s1/config.cmake
+++ b/platform/ext/target/arm/musca_s1/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -17,6 +19,9 @@
set(BL2_TRAILER_SIZE 0xC00 CACHE STRING "Trailer size")
endif()
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
if(PLATFORM_GPLED_ENABLED)
#If required, Musca_s1 platform supports GPLED services
set(PLATFORM_GPLED_SUPPORTED ON CACHE BOOL "Whether to enable the gpled functionality on supported platforms")
diff --git a/platform/ext/target/nordic_nrf/common/core/config.cmake b/platform/ext/target/nordic_nrf/common/core/config.cmake
index af0540b..67b9f27 100644
--- a/platform/ext/target/nordic_nrf/common/core/config.cmake
+++ b/platform/ext/target/nordic_nrf/common/core/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2021, Nordic Semiconductor ASA.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -9,6 +11,9 @@
set(HAL_NORDIC_VERSION "004b62c0b74c62bd8489e0a702a498899e0463d1" CACHE STRING "Version of the Nordic HAL to download") # nrfx 2.6.0
set(HAL_NORDIC_REMOTE "https://github.com/zephyrproject-rtos/hal_nordic" CACHE STRING "Remote of the Nordic HAL to download")
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
set(NULL_POINTER_EXCEPTION_DETECTION FALSE CACHE BOOL
"Enable null-pointer dereference detection for \
priviliged and unpriviliged secure reads and writes on supported platforms. \
diff --git a/platform/ext/target/nuvoton/m2351/config.cmake b/platform/ext/target/nuvoton/m2351/config.cmake
index 58db9cd..73ff731 100644
--- a/platform/ext/target/nuvoton/m2351/config.cmake
+++ b/platform/ext/target/nuvoton/m2351/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -10,3 +12,6 @@
set(PS_NUM_ASSETS 12 CACHE STRING "The maximum number of assets to be stored in the Protected Storage area")
set(ITS_NUM_ASSETS 12 CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area")
set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
+
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
diff --git a/platform/ext/target/nuvoton/m2354/config.cmake b/platform/ext/target/nuvoton/m2354/config.cmake
index 58db9cd..73ff731 100644
--- a/platform/ext/target/nuvoton/m2354/config.cmake
+++ b/platform/ext/target/nuvoton/m2354/config.cmake
@@ -1,5 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -10,3 +12,6 @@
set(PS_NUM_ASSETS 12 CACHE STRING "The maximum number of assets to be stored in the Protected Storage area")
set(ITS_NUM_ASSETS 12 CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area")
set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
+
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
diff --git a/platform/ext/target/nxp/lpcxpresso55s69/config.cmake b/platform/ext/target/nxp/lpcxpresso55s69/config.cmake
index bcf905d..adf75a1 100644
--- a/platform/ext/target/nxp/lpcxpresso55s69/config.cmake
+++ b/platform/ext/target/nxp/lpcxpresso55s69/config.cmake
@@ -1,11 +1,16 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020, Arm Limited. All rights reserved.
# Copyright (c) 2021, NXP Semiconductors. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
+
################################## Dependencies ################################
set(TFM_PLATFORM_NXP_HAL_FILE_PATH "DOWNLOAD" CACHE STRING "Path to the NXP SDK hal (or DOWNLOAD to fetch automatically)")
set(NXP_SDK_GIT_TAG "MCUX_2.10.0" CACHE STRING "The version of the NXP MCUXpresso SDK")
diff --git a/platform/ext/target/stm/b_u585i_iot02a/config.cmake b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
index b590835..16ed4e3 100644
--- a/platform/ext/target/stm/b_u585i_iot02a/config.cmake
+++ b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
@@ -1,6 +1,8 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
# Copyright (c) 2021 STMicroelectronics. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -16,6 +18,8 @@
set(TFM_PARTITION_PLATFORM ON CACHE BOOL "Enable platform partition")
set(MCUBOOT_DATA_SHARING ON CACHE BOOL "Enable Data Sharing")
################################## Dependencies ################################
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
@@ -23,4 +27,4 @@
set(PLATFORM_DEFAULT_OTP_WRITEABLE OFF CACHE BOOL "Use on chip flash with write support")
set(PLATFORM_DEFAULT_NV_COUNTERS OFF CACHE BOOL "Use default nv counter implementation.")
set(PS_CRYPTO_AEAD_ALG PSA_ALG_GCM CACHE STRING "The AEAD algorithm to use for authenticated encryption in Protected Storage")
-set(MCUBOOT_FIH_PROFILE LOW CACHE STRING "Fault injection hardening profile [OFF, LOW, MEDIUM, HIGH]")
\ No newline at end of file
+set(MCUBOOT_FIH_PROFILE LOW CACHE STRING "Fault injection hardening profile [OFF, LOW, MEDIUM, HIGH]")
diff --git a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
index e398fe2..dfe6e1f 100644
--- a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
+++ b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
@@ -1,6 +1,8 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
# Copyright (c) 2021 STMicroelectronics. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,6 +14,8 @@
set(BL2_TRAILER_SIZE 0x2000 CACHE STRING "Trailer size")
################################## Dependencies ################################
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/stm/stm32l562e_dk/config.cmake b/platform/ext/target/stm/stm32l562e_dk/config.cmake
index f38cb0f..1e5988f 100644
--- a/platform/ext/target/stm/stm32l562e_dk/config.cmake
+++ b/platform/ext/target/stm/stm32l562e_dk/config.cmake
@@ -1,6 +1,8 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
# Copyright (c) 2021 STMicroelectronics. All rights reserved.
+# Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,6 +14,8 @@
set(BL2_TRAILER_SIZE 0x2000 CACHE STRING "Trailer size")
################################## Dependencies ################################
+set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
+set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/secure_fw/partitions/ns_agent_mailbox/CMakeLists.txt b/secure_fw/partitions/ns_agent_mailbox/CMakeLists.txt
index faf55f8..b33552e 100644
--- a/secure_fw/partitions/ns_agent_mailbox/CMakeLists.txt
+++ b/secure_fw/partitions/ns_agent_mailbox/CMakeLists.txt
@@ -7,7 +7,7 @@
#
#-------------------------------------------------------------------------------
-if (NOT TFM_MULTI_CORE_TOPOLOGY)
+if (NOT TFM_PARTITION_NS_AGENT_MAILBOX)
return()
endif()
diff --git a/secure_fw/partitions/ns_agent_tz/CMakeLists.txt b/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
index 9f22bbe..f86426c 100644
--- a/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
+++ b/secure_fw/partitions/ns_agent_tz/CMakeLists.txt
@@ -7,17 +7,13 @@
#
#-------------------------------------------------------------------------------
-if (NOT CONFIG_TFM_USE_TRUSTZONE)
+if (NOT TFM_PARTITION_NS_AGENT_TZ)
return()
endif()
cmake_minimum_required(VERSION 3.15)
cmake_policy(SET CMP0079 NEW)
-if(NOT TFM_PSA_API)
- return()
-endif()
-
target_sources(tfm_partitions
INTERFACE
${CMAKE_CURRENT_SOURCE_DIR}/load_info_ns_agent_tz.c
diff --git a/tools/tfm_manifest_list.yaml b/tools/tfm_manifest_list.yaml
index 2454db4..10cc730 100644
--- a/tools/tfm_manifest_list.yaml
+++ b/tools/tfm_manifest_list.yaml
@@ -1,6 +1,7 @@
#-------------------------------------------------------------------------------
# Copyright (c) 2018-2021, Arm Limited. All rights reserved.
-# Copyright (c) 2021, Cypress Semiconductor Corporation. All rights reserved.
+# Copyright (c) 2021-2022 Cypress Semiconductor Corporation (an Infineon company)
+# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -26,7 +27,7 @@
"short_name": "TFM_NS_AGENT_MAILBOX",
"manifest": "${CMAKE_SOURCE_DIR}/secure_fw/partitions/ns_agent_mailbox/ns_agent_mailbox.yaml",
"output_path": "secure_fw/partitions/ns_agent_mailbox",
- "conditional": "@TFM_MULTI_CORE_TOPOLOGY@",
+ "conditional": "@TFM_PARTITION_NS_AGENT_MAILBOX@",
"version_major": 0,
"version_minor": 1,
"pid": 0,