TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / b9309b69b76b04fcdfe331fbd96d1fc5e040f85a / . / config / check_config.cmake
blob: da833b12f7138056a197c0315a65efa3fd03ae43 [file] [log] [blame]
Raef Coles958aeef2020-10-08 12:12:58 +0100[diff] [blame]1#-------------------------------------------------------------------------------
Chris Brand636ab482022-05-19 15:55:37 -0700[diff] [blame]2# Copyright (c) 2021-2022 Cypress Semiconductor Corporation (an Infineon company)
3# or an affiliate of Cypress Semiconductor Corporation. All rights reserved.
Gergely Kovacs58841442025-06-06 08:20:55 +0000[diff] [blame]4# SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
Raef Coles958aeef2020-10-08 12:12:58 +0100[diff] [blame]5#
6# SPDX-License-Identifier: BSD-3-Clause
7#
8#-------------------------------------------------------------------------------
9
Kevin Peng386374c2021-11-04 14:36:17 +0800[diff] [blame]10set (VALID_ISOLATION_LEVELS 1 2 3)
Mingyang Sunc9d24712020-10-23 15:06:34 +0800[diff] [blame]11
Kevin Peng386374c2021-11-04 14:36:17 +0800[diff] [blame]12tfm_invalid_config(NOT TFM_ISOLATION_LEVEL IN_LIST VALID_ISOLATION_LEVELS)
Roman Mazurakff8e5072022-09-14 00:08:48 +0300[diff] [blame]13tfm_invalid_config(TFM_ISOLATION_LEVEL EQUAL 3 AND NOT PLATFORM_HAS_ISOLATION_L3_SUPPORT)
Kevin Peng386374c2021-11-04 14:36:17 +0800[diff] [blame]14tfm_invalid_config(TFM_ISOLATION_LEVEL GREATER 1 AND PSA_FRAMEWORK_HAS_MM_IOVEC)
Raef Coles958aeef2020-10-08 12:12:58 +0100[diff] [blame]15
Chris Brand56b4d0c2021-12-17 16:15:58 -0800[diff] [blame]16tfm_invalid_config(TFM_MULTI_CORE_TOPOLOGY AND TFM_NS_MANAGE_NSID)
Mark Horvathdadc1ea2021-03-12 15:39:25 +0100[diff] [blame]17tfm_invalid_config(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM AND NOT TFM_MULTI_CORE_TOPOLOGY)
Nicola Mazzucato6414e292025-05-09 22:05:05 +0100[diff] [blame]18tfm_invalid_config(TFM_HYBRID_PLATFORM_API_BROKER AND NOT TFM_MULTI_CORE_TOPOLOGY)
19
Chris Brand30106ba2022-01-13 13:48:50 -0800[diff] [blame]20tfm_invalid_config(TFM_ISOLATION_LEVEL EQUAL 3 AND CONFIG_TFM_STACK_WATERMARKS)
21
Raef Colesf8426362024-01-15 12:38:10 +0000[diff] [blame]22########################## BL1 #################################################
23
24tfm_invalid_config(TFM_BL1_2_IN_OTP AND TFM_BL1_2_IN_FLASH)
25
Gergely Kovacs58841442025-06-06 08:20:55 +0000[diff] [blame]26tfm_invalid_config(TFM_DUMMY_PROVISIONING AND TFM_GENERATE_BL1_2_CM_SIGNING_KEY)
27tfm_invalid_config(TFM_DUMMY_PROVISIONING AND TFM_GENERATE_BL1_2_DM_SIGNING_KEY)
28
David Vincze0c515de2020-11-25 19:02:57 +0100[diff] [blame]29########################## BL2 #################################################
30
31get_property(MCUBOOT_STRATEGY_LIST CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS)
Jianliang Shenf57c6a72023-02-20 14:04:38 +0800[diff] [blame]32tfm_invalid_config(BL2 AND (NOT MCUBOOT_UPGRADE_STRATEGY IN_LIST MCUBOOT_STRATEGY_LIST) AND NOT USE_KCONFIG_TOOL)
Georgios Vasilakis32ffe3f2024-08-23 12:04:15 +0200[diff] [blame]33tfm_invalid_config(BL2 AND (NOT MCUBOOT_UPGRADE_STRATEGY STREQUAL "DIRECT_XIP" AND MCUBOOT_DIRECT_XIP_REVERT))
David Vincze0c515de2020-11-25 19:02:57 +0100[diff] [blame]34
Tintu Thomaseab1b472022-03-21 14:27:58 +0000[diff] [blame]35# Maximum number of MCUBoot images supported by TF-M NV counters and ROTPKs
Arnold Gabriel Benedicta6242b72023-02-01 08:34:06 +0000[diff] [blame]36tfm_invalid_config(MCUBOOT_IMAGE_NUMBER GREATER 9)
Raef Coles91fadb92021-06-18 09:20:50 +0100[diff] [blame]37
Roland Mikhel00cefb02023-06-05 14:38:02 +0200[diff] [blame]38tfm_invalid_config(MCUBOOT_SIGNATURE_TYPE STREQUAL "EC-P256" AND NOT MCUBOOT_USE_PSA_CRYPTO)
39tfm_invalid_config(MCUBOOT_SIGNATURE_TYPE STREQUAL "EC-P384" AND NOT MCUBOOT_USE_PSA_CRYPTO)
David Vinczedb398db2024-04-04 19:00:01 +0200[diff] [blame]40tfm_invalid_config(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048" AND MCUBOOT_BUILTIN_KEY)
41tfm_invalid_config(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072" AND MCUBOOT_BUILTIN_KEY)
Roland Mikhel00cefb02023-06-05 14:38:02 +0200[diff] [blame]42
David Vincze8c95d2a2022-01-19 10:11:58 +0100[diff] [blame]43tfm_invalid_config((BL2 AND CONFIG_TFM_BOOT_STORE_MEASUREMENTS AND NOT CONFIG_TFM_BOOT_STORE_ENCODED_MEASUREMENTS) AND NOT MCUBOOT_DATA_SHARING)
David Vincze8608bdb2022-02-11 12:04:54 +0100[diff] [blame]44tfm_invalid_config((NOT (TFM_PARTITION_FIRMWARE_UPDATE OR CONFIG_TFM_BOOT_STORE_MEASUREMENTS)) AND MCUBOOT_DATA_SHARING)
David Vincze8c95d2a2022-01-19 10:11:58 +0100[diff] [blame]45
Michel Jaouen24c3dd02021-08-12 15:32:13 +0200[diff] [blame]46get_property(MCUBOOT_ALIGN_VAL_LIST CACHE MCUBOOT_ALIGN_VAL PROPERTY STRINGS)
Jianliang Shenf57c6a72023-02-20 14:04:38 +0800[diff] [blame]47tfm_invalid_config(BL2 AND (NOT MCUBOOT_ALIGN_VAL IN_LIST MCUBOOT_ALIGN_VAL_LIST) AND NOT USE_KCONFIG_TOOL)
Michel Jaouen24c3dd02021-08-12 15:32:13 +0200[diff] [blame]48
Bence Balogh4a883842023-07-06 16:56:46 +0200[diff] [blame]49tfm_invalid_config(TFM_DUMMY_PROVISIONING AND MCUBOOT_GENERATE_SIGNING_KEYPAIR)
Bence Balogh04f8e862023-09-29 08:35:52 +0200[diff] [blame]50
David Vinczedb398db2024-04-04 19:00:01 +0200[diff] [blame]51tfm_invalid_config(MCUBOOT_HW_KEY AND MCUBOOT_BUILTIN_KEY)
Bence Balogh04f8e862023-09-29 08:35:52 +0200[diff] [blame]52
Tamas Ban3a7cb3c2020-11-25 15:45:04 +0000[diff] [blame]53####################### Code sharing ###########################################
54
Mark Horvathc97eb922022-09-12 11:17:37 +0200[diff] [blame]55set(TFM_CODE_SHARING_PLATFORM_LISTS arm/mps2/an521 arm/musca_b1) # Without crypto hw acceleration
Tamas Ban3a7cb3c2020-11-25 15:45:04 +0000[diff] [blame]56tfm_invalid_config(NOT TFM_CODE_SHARING STREQUAL "OFF" AND NOT TFM_PLATFORM IN_LIST TFM_CODE_SHARING_PLATFORM_LISTS)
57tfm_invalid_config(NOT TFM_CODE_SHARING STREQUAL "OFF" AND CRYPTO_HW_ACCELERATOR)
Dávid Házi302f81d2022-10-17 20:42:44 +0200[diff] [blame]58tfm_invalid_config(NOT TFM_CODE_SHARING STREQUAL "OFF" AND NOT C_COMPILER_ID:IAR)
Summer Qin2cd2ab72020-04-22 14:55:00 +0800[diff] [blame]59
Raef Coles148b9472021-06-18 08:48:17 +0100[diff] [blame]60########################## Platform ############################################
61
62tfm_invalid_config(OTP_NV_COUNTERS_RAM_EMULATION AND NOT (PLATFORM_DEFAULT_OTP OR PLATFORM_DEFAULT_NV_COUNTERS))
Michel Jaouend0fd8d92021-10-14 09:22:41 +0200[diff] [blame]63tfm_invalid_config(PLATFORM_DEFAULT_NV_COUNTERS AND NOT PLATFORM_DEFAULT_OTP_WRITEABLE)
Sebastian Bøe7ad5d852022-11-03 13:51:21 +0100[diff] [blame]64tfm_invalid_config(TFM_DUMMY_PROVISIONING AND (PLATFORM_DEFAULT_OTP AND NOT PLATFORM_DEFAULT_OTP_WRITEABLE))
Raef Coles249aba92022-06-16 10:20:29 +0100[diff] [blame]65tfm_invalid_config(TFM_NS_NV_COUNTER_AMOUNT GREATER 3)
Raef Coles148b9472021-06-18 08:48:17 +0100[diff] [blame]66
Maulik Patelf5069ff2023-06-05 16:34:43 +0100[diff] [blame]67####################### Firmware Update Partition ###############################
Sherry Zhang07b42412021-01-07 14:19:41 +0800[diff] [blame]68
David Hu79bb75c2022-08-02 18:04:51 +0800[diff] [blame]69tfm_invalid_config(NOT PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT AND TFM_PARTITION_FIRMWARE_UPDATE)
Sherry Zhang07b42412021-01-07 14:19:41 +0800[diff] [blame]70tfm_invalid_config(TFM_PARTITION_FIRMWARE_UPDATE AND NOT TFM_PARTITION_PLATFORM)
Ali Can Ozaslan33573692024-10-30 09:54:49 +0000[diff] [blame]71tfm_invalid_config((MCUBOOT_UPGRADE_STRATEGY STREQUAL "DIRECT_XIP" OR MCUBOOT_UPGRADE_STRATEGY STREQUAL "RAM_LOAD") AND TFM_PARTITION_FIRMWARE_UPDATE AND TFM_FWU_BOOTLOADER_LIB STREQUAL "mcuboot")
Sherry Zhang07b42412021-01-07 14:19:41 +0800[diff] [blame]72tfm_invalid_config(TFM_PARTITION_FIRMWARE_UPDATE AND NOT MCUBOOT_DATA_SHARING)
Tamas Banb881bea2020-11-04 16:18:36 +0000[diff] [blame]73
Georgios Vasilakisf25cefc2024-12-06 09:31:32 +0100[diff] [blame]74####################### Internal Trusted Storage Partition ########################
75
76tfm_invalid_config(ITS_ENCRYPTION AND PSA_FRAMEWORK_HAS_MM_IOVEC )
77
Maulik Patelf5069ff2023-06-05 16:34:43 +0100[diff] [blame]78####################### Protected Storage Partition ###############################
Chris Brand636ab482022-05-19 15:55:37 -0700[diff] [blame]79
Chris Brand9ea9ac72022-06-27 09:01:21 -0700[diff] [blame]80# PS only uses the platform partition when PS_ROLLBACK_PROTECTION is ON, but
David Vinczea6f501e2021-06-14 10:42:30 +0200[diff] [blame]81# the dependency in the manifest file means the dependency is unconditional
Chris Brand9ea9ac72022-06-27 09:01:21 -0700[diff] [blame]82tfm_invalid_config(TFM_PARTITION_PROTECTED_STORAGE AND NOT TFM_PARTITION_PLATFORM)
Chris Brande8d48d72024-07-24 12:19:07 -0700[diff] [blame]83tfm_invalid_config(PS_SUPPORT_FORMAT_TRANSITION AND NOT PS_ENCRYPTION)
Chris Brand636ab482022-05-19 15:55:37 -0700[diff] [blame]84
Tamas Banb881bea2020-11-04 16:18:36 +0000[diff] [blame]85########################## FIH #################################################
86
87get_property(TFM_FIH_PROFILE_LIST CACHE TFM_FIH_PROFILE PROPERTY STRINGS)
88tfm_invalid_config(NOT TFM_FIH_PROFILE IN_LIST TFM_FIH_PROFILE_LIST)
David Hue056d182021-03-29 15:14:01 +0800[diff] [blame]89
Chris Brand636ab482022-05-19 15:55:37 -0700[diff] [blame]90######################## TF-M Profile config check #############################
David Hu1feb4b12022-02-23 17:22:07 +0800[diff] [blame]91
92tfm_invalid_config(TFM_PROFILE STREQUAL "profile_small" AND CONFIG_TFM_SPM_BACKEND_IPC)
93
Jianliang Shend90aa0c2023-03-14 15:02:10 +0800[diff] [blame]94######################## TF-M Arch config check ################################
95
96tfm_invalid_config(TFM_PXN_ENABLE AND NOT TFM_SYSTEM_ARCHITECTURE STREQUAL "armv8.1-m.main")
97
Raef Coles1d91a7a2024-03-06 14:22:26 +0000[diff] [blame]98######################## Sanitization checks ###################################
99
100tfm_invalid_config(BL1_1_SANITIZE AND C_COMPILER_ID:IAR)
101tfm_invalid_config(BL1_2_SANITIZE AND C_COMPILER_ID:IAR)
102tfm_invalid_config(BL2_SANITIZE AND C_COMPILER_ID:IAR)
103tfm_invalid_config(TFM_SANITIZE AND C_COMPILER_ID:IAR)
104
105get_property(BL1_1_SANITIZER_ALLOWED_VALUES CACHE BL1_1_SANITIZE PROPERTY STRINGS)
106tfm_invalid_config(BL1_1_SANITIZE AND NOT BL1_1_SANITIZE IN_LIST BL1_1_SANITIZER_ALLOWED_VALUES)
107
108get_property(BL1_2_SANITIZER_ALLOWED_VALUES CACHE BL1_2_SANITIZE PROPERTY STRINGS)
109tfm_invalid_config(BL1_2_SANITIZE AND NOT BL1_2_SANITIZE IN_LIST BL1_2_SANITIZER_ALLOWED_VALUES)
110
111get_property(BL2_SANITIZER_ALLOWED_VALUES CACHE BL2_SANITIZE PROPERTY STRINGS)
112tfm_invalid_config(BL2_SANITIZE AND NOT BL2_SANITIZE IN_LIST BL2_SANITIZER_ALLOWED_VALUES)
113
114get_property(TFM_SANITIZER_ALLOWED_VALUES CACHE TFM_SANITIZE PROPERTY STRINGS)
115tfm_invalid_config(TFM_SANITIZE AND NOT TFM_SANITIZE IN_LIST TFM_SANITIZER_ALLOWED_VALUES)
116
Feder Liang55194382021-11-22 16:45:33 +0800[diff] [blame]117###################### Compiler check for FP support ###########################
118
119include(config/cp_check.cmake)
Chris Brand9edf0812022-07-05 14:18:42 -0700[diff] [blame]120
121###################### Platform-specific checks ################################
122
Kevin Peng174f8362023-04-07 11:32:16 +0800[diff] [blame]123include(${TARGET_PLATFORM_PATH}/check_config.cmake OPTIONAL)