| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 1 | #------------------------------------------------------------------------------- |
| David Hu | 1feb4b1 | 2022-02-23 17:22:07 +0800 | [diff] [blame] | 2 | # Copyright (c) 2020-2022, Arm Limited. All rights reserved. |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 3 | # |
| 4 | # SPDX-License-Identifier: BSD-3-Clause |
| 5 | # |
| 6 | #------------------------------------------------------------------------------- |
| 7 | |
| Xinyu Zhang | a2fab0e | 2022-10-24 15:37:46 +0800 | [diff] [blame^] | 8 | set(TFM_PROFILE profile_small CACHE STRING "Configuration profile") |
| 9 | set(PROJECT_CONFIG_HEADER_FILE "${CMAKE_SOURCE_DIR}/config/profile/config_profile_small.h" CACHE FILEPATH "User defined header file for TF-M config") |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 10 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 11 | ############################ SPM CONFIGURATION ################################ |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 12 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 13 | set(TFM_ISOLATION_LEVEL 1 CACHE STRING "Isolation level") |
| Xinyu Zhang | a2fab0e | 2022-10-24 15:37:46 +0800 | [diff] [blame^] | 14 | set(CONFIG_TFM_SPM_BACKEND "SFN" CACHE STRING "The SPM backend [IPC, SFN]") |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 15 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 16 | ############################ PARTITION CONFIGURATION ########################## |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 17 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 18 | set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition") |
| 19 | set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition") |
| 20 | set(TFM_PARTITION_PLATFORM OFF CACHE BOOL "Enable the TF-M Platform partition") |
| 21 | set(TFM_PARTITION_PROTECTED_STORAGE OFF CACHE BOOL "Enable Protected Storage partition") |
| 22 | set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition") |
| 23 | set(SYMMETRIC_INITIAL_ATTESTATION ON CACHE BOOL "Use symmetric crypto for inital attestation") |
| 24 | set(TFM_PARTITION_FIRMWARE_UPDATE OFF CACHE BOOL "Enable firmware update partition") |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 25 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 26 | ################################## Advanced options ############################# |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 27 | |
| David Hu | 327bc84 | 2021-05-13 16:29:33 +0800 | [diff] [blame] | 28 | # Profile Small assigns a much smller heap size for backend crypto library as |
| David Hu | e69294d | 2022-06-21 22:21:37 +0800 | [diff] [blame] | 29 | # asymmetric cryptography is not enabled and multi-part operations are enabled |
| 30 | # only. |
| 31 | # Assign 0x100 bytes for each operation and totally 0x800 byets for max 4 |
| David Hu | 327bc84 | 2021-05-13 16:29:33 +0800 | [diff] [blame] | 32 | # concurrent operation as set in CRYPTO_CONC_OPER_NUM above |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 33 | set(CRYPTO_ENGINE_BUF_SIZE 0x400 CACHE STRING "Heap size for the crypto backend") |
| 34 | set(CRYPTO_ASYM_SIGN_MODULE_DISABLED ON CACHE BOOL "Disable PSA Crypto asymmetric key signature module") |
| 35 | set(CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED ON CACHE BOOL "Disable PSA Crypto asymmetric key encryption module") |
| 36 | set(CRYPTO_SINGLE_PART_FUNCS_DISABLED ON CACHE BOOL "Only enable multi-part operations in Hash, MAC, AEAD and symmetric ciphers, to optimize memory footprint in resource-constrained devices") |
| 37 | set(CRYPTO_CONC_OPER_NUM 4 CACHE STRING "The max number of concurrent operations that can be active (allocated) at any time in Crypto") |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 38 | |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 39 | set(PSA_FRAMEWORK_HAS_MM_IOVEC ON CACHE BOOL "Enable MM-IOVEC") |
| Xinyu Zhang | a2fab0e | 2022-10-24 15:37:46 +0800 | [diff] [blame^] | 40 | set(CONFIG_TFM_CONN_HANDLE_MAX_NUM 3 CACHE STRING "The maximal number of secure services that are connected or requested at the same time") |
| Anton Komlev | 28f566b | 2022-10-27 17:40:37 +0100 | [diff] [blame] | 41 | set(ITS_BUF_SIZE 32 CACHE STRING "Size of the ITS internal data transfer buffer (defaults to ITS_MAX_ASSET_SIZE if not set)") |
| Xinyu Zhang | a2fab0e | 2022-10-24 15:37:46 +0800 | [diff] [blame^] | 42 | set(MCUBOOT_IMAGE_NUMBER 1 CACHE STRING "Whether to combine S and NS into either 1 image, or sign each seperately") |
| Sherry Zhang | 07b4241 | 2021-01-07 14:19:41 +0800 | [diff] [blame] | 43 | |
| Raef Coles | 9ec67e6 | 2020-07-10 09:40:35 +0100 | [diff] [blame] | 44 | ################################## Dependencies ################################ |
| 45 | |
| Xinyu Zhang | a2fab0e | 2022-10-24 15:37:46 +0800 | [diff] [blame^] | 46 | set(TFM_MBEDCRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h" CACHE PATH "Config to use for Mbed Crypto") |
| 47 | set(TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_small.h" CACHE PATH "Config to use psa crypto setting for Mbed Crypto.") |