Build: A switch for selecting platform service
Switch 'TFM_PARTITION_PLATFORM' is added for selecting platform
service. Enabled by default and can be overridden by cmake command.
Change-Id: Ic2529b101292b8f81203da4a11815778194806f9
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index 4f43cf9..eb37566 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -115,6 +115,7 @@
set (CORE_TEST_IPC OFF)
option(TFM_PARTITION_AUDIT_LOG "Enable the TF-M Audit Log partition" ON)
+option(TFM_PARTITION_PLATFORM "Enable the TF-M Platform partition" ON)
if(${TARGET_PLATFORM} STREQUAL "AN521" OR ${TARGET_PLATFORM} STREQUAL "AN519")
set (REFERENCE_PLATFORM ON)
@@ -197,12 +198,17 @@
if (CORE_IPC)
set(TFM_PARTITION_AUDIT_LOG OFF)
+ set(TFM_PARTITION_PLATFORM OFF)
endif()
if (TFM_PARTITION_AUDIT_LOG)
add_definitions(-DTFM_PARTITION_AUDIT_LOG)
endif()
+if (TFM_PARTITION_PLATFORM)
+ add_definitions(-DTFM_PARTITION_PLATFORM)
+endif()
+
if (TFM_PARTITION_TEST_CORE)
add_definitions(-DTFM_PARTITION_TEST_CORE)
endif()
diff --git a/app/CMakeLists.txt b/app/CMakeLists.txt
index 7ed68c8..5aeebf7 100644
--- a/app/CMakeLists.txt
+++ b/app/CMakeLists.txt
@@ -42,6 +42,10 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_AUDIT_LOG is undefined.")
endif()
+if (NOT DEFINED TFM_PARTITION_PLATFORM)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
+endif()
+
set(NS_APP_SRC "${CMSIS_5_DIR}/CMSIS/RTOS2/RTX/Config/RTX_Config.c"
"${CMSIS_5_DIR}/CMSIS/RTOS2/RTX/Source/rtx_lib.c"
"${APP_DIR}/main_ns.c"
@@ -49,7 +53,6 @@
"${APP_DIR}/os_wrapper_rtx.c"
"${INTERFACE_DIR}/src/tfm_sst_api.c"
"${INTERFACE_DIR}/src/tfm_crypto_api.c"
- "${INTERFACE_DIR}/src/tfm_platform_api.c"
"${INTERFACE_DIR}/src/tfm_initial_attestation_api.c"
"${INTERFACE_DIR}/src/tfm_ns_lock_rtx.c"
)
@@ -58,6 +61,10 @@
list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_audit_api.c")
endif()
+if (TFM_PARTITION_PLATFORM)
+ list(APPEND NS_APP_SRC "${INTERFACE_DIR}/src/tfm_platform_api.c")
+endif()
+
if (NOT DEFINED TFM_NS_CLIENT_IDENTIFICATION)
message(FATAL_ERROR "Incomplete build configuration: TFM_NS_CLIENT_IDENTIFICATION is undefined.")
elseif (TFM_NS_CLIENT_IDENTIFICATION)
diff --git a/interface/include/tfm_veneers.h b/interface/include/tfm_veneers.h
index c365bbf..ae4bb69 100644
--- a/interface/include/tfm_veneers.h
+++ b/interface/include/tfm_veneers.h
@@ -77,9 +77,11 @@
psa_status_t tfm_tfm_crypto_generate_random_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
psa_status_t tfm_tfm_crypto_generate_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
psa_status_t tfm_platform_sp_system_reset_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
psa_status_t tfm_platform_sp_pin_service_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
psa_status_t tfm_initial_attest_get_token_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);
diff --git a/platform/ext/Mps2AN519.cmake b/platform/ext/Mps2AN519.cmake
index 4e9baf6..53f5833 100644
--- a/platform/ext/Mps2AN519.cmake
+++ b/platform/ext/Mps2AN519.cmake
@@ -120,7 +120,9 @@
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/spm_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/native_drivers/mpu_armv8m_drv.c")
- list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/tfm_platform_system.c")
+ if (TFM_PARTITION_PLATFORM)
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/tfm_platform_system.c")
+ endif()
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
endif()
diff --git a/platform/ext/Mps2AN521.cmake b/platform/ext/Mps2AN521.cmake
index 3b6cd68..f15b976 100644
--- a/platform/ext/Mps2AN521.cmake
+++ b/platform/ext/Mps2AN521.cmake
@@ -121,7 +121,9 @@
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/spm_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/native_drivers/mpu_armv8m_drv.c")
- list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/tfm_platform_system.c")
+ if (TFM_PARTITION_PLATFORM)
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/tfm_platform_system.c")
+ endif()
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
endif()
diff --git a/platform/ext/common/armclang/tfm_common_s.sct b/platform/ext/common/armclang/tfm_common_s.sct
index 802d2c2..48e27b1 100644
--- a/platform/ext/common/armclang/tfm_common_s.sct
+++ b/platform/ext/common/armclang/tfm_common_s.sct
@@ -66,10 +66,12 @@
*(TFM_SP_CRYPTO_ATTR_FN)
}
+#ifdef TFM_PARTITION_PLATFORM
TFM_SP_PLATFORM +0 ALIGN 32 {
*tfm_platform* (+RO)
*(TFM_SP_PLATFORM_ATTR_FN)
}
+#endif /* TFM_PARTITION_PLATFORM */
TFM_SP_INITIAL_ATTESTATION +0 ALIGN 32 {
*tfm_attest* (+RO)
@@ -219,6 +221,7 @@
}
#endif
+#ifdef TFM_PARTITION_PLATFORM
TFM_SP_PLATFORM_DATA +0 ALIGN 32 {
*tfm_platform* (+RW +ZI)
}
@@ -230,6 +233,7 @@
TFM_SP_PLATFORM_STACK +0 ALIGN 128 EMPTY 0x0400 {
}
#endif
+#endif /* TFM_PARTITION_PLATFORM */
TFM_SP_INITIAL_ATTESTATION_DATA +0 ALIGN 32 {
*tfm_attest* (+RW +ZI)
diff --git a/platform/ext/common/gcc/tfm_common_s.ld b/platform/ext/common/gcc/tfm_common_s.ld
index df49aec..9410b92 100644
--- a/platform/ext/common/gcc/tfm_common_s.ld
+++ b/platform/ext/common/gcc/tfm_common_s.ld
@@ -80,9 +80,11 @@
LONG (LOADADDR(.TFM_SP_CRYPTO_DATA))
LONG (ADDR(.TFM_SP_CRYPTO_DATA))
LONG (SIZEOF(.TFM_SP_CRYPTO_DATA))
+#ifdef TFM_PARTITION_PLATFORM
LONG (LOADADDR(.TFM_SP_PLATFORM_DATA))
LONG (ADDR(.TFM_SP_PLATFORM_DATA))
LONG (SIZEOF(.TFM_SP_PLATFORM_DATA))
+#endif /* TFM_PARTITION_PLATFORM */
LONG (LOADADDR(.TFM_SP_INITIAL_ATTESTATION_DATA))
LONG (ADDR(.TFM_SP_INITIAL_ATTESTATION_DATA))
LONG (SIZEOF(.TFM_SP_INITIAL_ATTESTATION_DATA))
@@ -148,12 +150,14 @@
LONG (ADDR(.TFM_SP_CRYPTO_STACK))
LONG (SIZEOF(.TFM_SP_CRYPTO_STACK))
#endif
+#ifdef TFM_PARTITION_PLATFORM
LONG (ADDR(.TFM_SP_PLATFORM_BSS))
LONG (SIZEOF(.TFM_SP_PLATFORM_BSS))
#if defined(TFM_PSA_API) || (TFM_LVL != 1)
LONG (ADDR(.TFM_SP_PLATFORM_STACK))
LONG (SIZEOF(.TFM_SP_PLATFORM_STACK))
#endif
+#endif /* TFM_PARTITION_PLATFORM */
LONG (ADDR(.TFM_SP_INITIAL_ATTESTATION_BSS))
LONG (SIZEOF(.TFM_SP_INITIAL_ATTESTATION_BSS))
#if defined(TFM_PSA_API) || (TFM_LVL != 1)
@@ -276,6 +280,7 @@
Image$$TFM_SP_CRYPTO$$Base = ADDR(.TFM_SP_CRYPTO);
Image$$TFM_SP_CRYPTO$$Limit = ADDR(.TFM_SP_CRYPTO) + SIZEOF(.TFM_SP_CRYPTO);
+#ifdef TFM_PARTITION_PLATFORM
.TFM_SP_PLATFORM : ALIGN(32)
{
*tfm_platform*:*(.text*)
@@ -287,6 +292,7 @@
Image$$TFM_SP_PLATFORM$$RO$$Limit = ADDR(.TFM_SP_PLATFORM) + SIZEOF(.TFM_SP_PLATFORM);
Image$$TFM_SP_PLATFORM$$Base = ADDR(.TFM_SP_PLATFORM);
Image$$TFM_SP_PLATFORM$$Limit = ADDR(.TFM_SP_PLATFORM) + SIZEOF(.TFM_SP_PLATFORM);
+#endif /* TFM_PARTITION_PLATFORM */
.TFM_SP_INITIAL_ATTESTATION : ALIGN(32)
{
@@ -611,6 +617,7 @@
#endif
+#ifdef TFM_PARTITION_PLATFORM
.TFM_SP_PLATFORM_DATA : ALIGN(32)
{
*tfm_platform*:*(.data*)
@@ -639,6 +646,7 @@
Image$$TFM_SP_PLATFORM_STACK$$ZI$$Limit = ADDR(.TFM_SP_PLATFORM_STACK) + SIZEOF(.TFM_SP_PLATFORM_STACK);
#endif
+#endif /* TFM_PARTITION_PLATFORM */
.TFM_SP_INITIAL_ATTESTATION_DATA : ALIGN(32)
{
diff --git a/platform/ext/musca_a.cmake b/platform/ext/musca_a.cmake
index bae8f60..913061d 100644
--- a/platform/ext/musca_a.cmake
+++ b/platform/ext/musca_a.cmake
@@ -121,7 +121,9 @@
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/spm_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/Native_Driver/mpu_armv8m_drv.c")
- list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/tfm_platform_system.c")
+ if (TFM_PARTITION_PLATFORM)
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/tfm_platform_system.c")
+ endif()
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
endif()
diff --git a/platform/ext/musca_b1.cmake b/platform/ext/musca_b1.cmake
index ceaf1c8..5fbd488 100644
--- a/platform/ext/musca_b1.cmake
+++ b/platform/ext/musca_b1.cmake
@@ -121,7 +121,9 @@
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/spm_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/Native_Driver/mpu_armv8m_drv.c")
- list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/tfm_platform_system.c")
+ if (TFM_PARTITION_PLATFORM)
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/tfm_platform_system.c")
+ endif()
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
endif()
diff --git a/secure_fw/CMakeLists.txt b/secure_fw/CMakeLists.txt
index bf41f38..3186c5d 100644
--- a/secure_fw/CMakeLists.txt
+++ b/secure_fw/CMakeLists.txt
@@ -35,6 +35,10 @@
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_AUDIT_LOG is undefined.")
endif()
+if (NOT DEFINED TFM_PARTITION_PLATFORM)
+ message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_PLATFORM is undefined.")
+endif()
+
include(${SECURE_FW_DIR}/spm/CMakeLists.inc)
include(${SECURE_FW_DIR}/ns_callable/CMakeLists.inc)
#Involve all IPC related sources in ipc's CMakeLists.inc, and switch core between IPC and Library.
@@ -150,12 +154,14 @@
add_dependencies(${EXE_NAME} tfm_crypto)
add_dependencies(${EXE_NAME} tfm_storage)
- add_dependencies(${EXE_NAME} tfm_platform)
add_dependencies(${EXE_NAME} tfm_secure_tests)
add_dependencies(${EXE_NAME} tfm_attest)
if (TFM_PARTITION_AUDIT_LOG)
add_dependencies(${EXE_NAME} tfm_audit)
endif()
+ if (TFM_PARTITION_PLATFORM)
+ add_dependencies(${EXE_NAME} tfm_platform)
+ endif()
#Set macro definitions for the project.
embedded_set_target_compile_defines(TARGET ${PROJECT_OBJ_LIB} LANGUAGE C DEFINES __thumb2__ __ARM_FEATURE_CMSE=3 TFM_LVL=${TFM_LVL} ${DEBUG_AUTHENTICATION} APPEND)
@@ -172,27 +178,35 @@
#FIXME Remove the explicit load and the above comment once the secure client
#test partition uses the generated veneers.
if((${COMPILER} STREQUAL "ARMCLANG") AND (NOT TFM_PSA_API))
- target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_platform $<TARGET_LINKER_FILE:tfm_secure_tests>\(*veneers.o\) tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage $<TARGET_LINKER_FILE:tfm_secure_tests>\(*veneers.o\) tfm_attest)
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_platform tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_secure_tests tfm_attest tfm_crypto tfm_storage tfm_attest)
endif()
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_platform tfm_secure_tests tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_secure_tests tfm_attest)
endif()
else()
- target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_platform tfm_attest)
+ target_link_libraries(${EXE_NAME} tfm_attest tfm_crypto tfm_storage tfm_attest)
endif()
if (TFM_PARTITION_AUDIT_LOG)
target_link_libraries(${EXE_NAME} tfm_audit)
endif()
+ if (TFM_PARTITION_PLATFORM)
+ target_link_libraries(${EXE_NAME} tfm_platform)
+ endif()
+
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_LVL=${TFM_LVL}")
if (TFM_PARTITION_AUDIT_LOG)
embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_AUDIT_LOG")
endif()
+ if (TFM_PARTITION_PLATFORM)
+ embedded_set_target_link_defines(TARGET ${EXE_NAME} DEFINES "TFM_PARTITION_PLATFORM")
+ endif()
+
if (NOT DEFINED TFM_PARTITION_TEST_CORE)
message(FATAL_ERROR "Incomplete build configuration: TFM_PARTITION_TEST_CORE is undefined. ")
elseif (TFM_PARTITION_TEST_CORE)
@@ -292,7 +306,9 @@
add_subdirectory(${SECURE_FW_DIR}/services/secure_storage)
#Add the platform service library target
-add_subdirectory(${SECURE_FW_DIR}/services/platform)
+if (TFM_PARTITION_PLATFORM)
+ add_subdirectory(${SECURE_FW_DIR}/services/platform)
+endif()
#Add the initial attestation service library target
add_subdirectory(${SECURE_FW_DIR}/services/initial_attestation)
diff --git a/secure_fw/ns_callable/CMakeLists.inc b/secure_fw/ns_callable/CMakeLists.inc
index 91f803a..5664a8e 100644
--- a/secure_fw/ns_callable/CMakeLists.inc
+++ b/secure_fw/ns_callable/CMakeLists.inc
@@ -23,8 +23,11 @@
message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_veneers.c"
- "${CMAKE_CURRENT_LIST_DIR}/tfm_platform_veneers.c")
+set (SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_veneers.c")
+
+if (TFM_PARTITION_PLATFORM)
+ list(APPEND SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_platform_veneers.c")
+endif()
if (TFM_PARTITION_AUDIT_LOG)
list(APPEND SS_NS_CALLABLE_C_SRC "${CMAKE_CURRENT_LIST_DIR}/tfm_audit_veneers.c")
diff --git a/secure_fw/ns_callable/tfm_veneers.c b/secure_fw/ns_callable/tfm_veneers.c
index 3519af6..f04422d 100644
--- a/secure_fw/ns_callable/tfm_veneers.c
+++ b/secure_fw/ns_callable/tfm_veneers.c
@@ -71,9 +71,11 @@
psa_status_t tfm_crypto_generate_random(psa_invec *, size_t, psa_outvec *, size_t);
psa_status_t tfm_crypto_generate_key(psa_invec *, size_t, psa_outvec *, size_t);
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
psa_status_t platform_sp_system_reset(psa_invec *, size_t, psa_outvec *, size_t);
psa_status_t platform_sp_pin_service(psa_invec *, size_t, psa_outvec *, size_t);
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
psa_status_t initial_attest_get_token(psa_invec *, size_t, psa_outvec *, size_t);
@@ -181,9 +183,11 @@
TFM_VENEER_FUNCTION(TFM_SP_CRYPTO, tfm_crypto_generate_random)
TFM_VENEER_FUNCTION(TFM_SP_CRYPTO, tfm_crypto_generate_key)
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
TFM_VENEER_FUNCTION(TFM_SP_PLATFORM, platform_sp_system_reset)
TFM_VENEER_FUNCTION(TFM_SP_PLATFORM, platform_sp_pin_service)
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
TFM_VENEER_FUNCTION(TFM_SP_INITIAL_ATTESTATION, initial_attest_get_token)
diff --git a/secure_fw/services/platform/CMakeLists.inc b/secure_fw/services/platform/CMakeLists.inc
index e79aa5e..90ec1d0 100644
--- a/secure_fw/services/platform/CMakeLists.inc
+++ b/secure_fw/services/platform/CMakeLists.inc
@@ -21,31 +21,21 @@
#Get the current directory where this file is located.
set(PLATFORM_SERVICE_DIR ${CMAKE_CURRENT_LIST_DIR})
-#Check input variables
-if (NOT DEFINED ENABLE_PLATFORM_SERVICE)
- message(FATAL_ERROR "Incomplete build configuration: ENABLE_PLATFORM_SERVICE is undefined. ")
+if (NOT DEFINED TFM_ROOT_DIR)
+ message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
endif()
-if (ENABLE_PLATFORM_SERVICE)
- if (NOT DEFINED TFM_ROOT_DIR)
- message(FATAL_ERROR "Please set TFM_ROOT_DIR before including this file.")
- endif()
+set (PLATFORM_SERVICE_C_SRC
+ "${PLATFORM_SERVICE_DIR}/platform_sp.c"
+ "${PLATFORM_SERVICE_DIR}/tfm_platform_secure_api.c")
- set (PLATFORM_SERVICE_C_SRC
- "${PLATFORM_SERVICE_DIR}/platform_sp.c"
- "${PLATFORM_SERVICE_DIR}/tfm_platform_secure_api.c")
+#Append all our source files to global lists.
+list(APPEND ALL_SRC_C ${PLATFORM_SERVICE_C_SRC})
+unset(PLATFORM_SERVICE_C_SRC)
- #Append all our source files to global lists.
- list(APPEND ALL_SRC_C ${PLATFORM_SERVICE_C_SRC})
- unset(PLATFORM_SERVICE_C_SRC)
-
- #Setting include directories
- embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
- embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
-
-else()
- message(FATAL_ERROR "Build system currently doesn't support selectively disabling of a service.")
-endif()
+#Setting include directories
+embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/platform/ext/common ABSOLUTE)
diff --git a/secure_fw/services/platform/CMakeLists.txt b/secure_fw/services/platform/CMakeLists.txt
index b2ae183..4f4f0d1 100644
--- a/secure_fw/services/platform/CMakeLists.txt
+++ b/secure_fw/services/platform/CMakeLists.txt
@@ -23,7 +23,6 @@
get_filename_component(TFM_ROOT_DIR "${PLATFORM_SP_DIR}/../../.." ABSOLUTE)
###Get the definition of what files we need to build
-set (ENABLE_PLATFORM_SERVICE ON)
include(CMakeLists.inc)
if (NOT DEFINED TFM_LVL)
diff --git a/secure_fw/services/tfm_partition_defs.inc b/secure_fw/services/tfm_partition_defs.inc
index e7b20e6..3a0b197 100644
--- a/secure_fw/services/tfm_partition_defs.inc
+++ b/secure_fw/services/tfm_partition_defs.inc
@@ -18,7 +18,9 @@
#define TFM_SP_CRYPTO_ID (TFM_SP_BASE + 2)
+#ifdef TFM_PARTITION_PLATFORM
#define TFM_SP_PLATFORM_ID (TFM_SP_BASE + 3)
+#endif /* TFM_PARTITION_PLATFORM */
#define TFM_SP_INITIAL_ATTESTATION_ID (TFM_SP_BASE + 4)
diff --git a/secure_fw/services/tfm_partition_list.inc b/secure_fw/services/tfm_partition_list.inc
index f78052a..3a47e19 100644
--- a/secure_fw/services/tfm_partition_list.inc
+++ b/secure_fw/services/tfm_partition_list.inc
@@ -32,10 +32,12 @@
, "PSA-ROT", 0x00000102, NORMAL);
PARTITION_ADD_INIT_FUNC(TFM_SP_CRYPTO, tfm_crypto_init);
+#ifdef TFM_PARTITION_PLATFORM
/******** TFM_SP_PLATFORM ********/
PARTITION_DECLARE(TFM_SP_PLATFORM, 0
, "PSA-ROT", 0x00000102, NORMAL);
PARTITION_ADD_INIT_FUNC(TFM_SP_PLATFORM, platform_sp_init);
+#endif /* TFM_PARTITION_PLATFORM */
/******** TFM_SP_INITIAL_ATTESTATION ********/
PARTITION_DECLARE(TFM_SP_INITIAL_ATTESTATION, 0
diff --git a/tools/tfm_manifest_list.yaml b/tools/tfm_manifest_list.yaml
index d01f5b7..1fea8fa 100644
--- a/tools/tfm_manifest_list.yaml
+++ b/tools/tfm_manifest_list.yaml
@@ -41,6 +41,7 @@
"short_name": "TFM_SP_Platform",
"manifest": "secure_fw/services/platform/manifest.yaml",
"tfm_extensions": true,
+ "conditional": "TFM_PARTITION_PLATFORM",
"version_major": 0,
"version_minor": 1
},