Build: Change config_default to build minimum.
- disable all partitions
- default SPM backend is SFN
= set log level to silent
- adjust platform's CMake scripts
- to include acceleartor conditionally
- enable partitions required for some platform
Signed-off-by: Anton Komlev <anton.komlev@arm.com>
Change-Id: Icc36078c396e3a94a91fdf93d7f1bd5a46dc0d69
diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt
index 0f0fc1c..db47177 100755
--- a/platform/CMakeLists.txt
+++ b/platform/CMakeLists.txt
@@ -103,8 +103,8 @@
PRIVATE
psa_interface
tfm_partition_defs
- platform_crypto_keys
tfm_spm_defs # For tfm_spm_log.h
+ $<$<BOOL:${TFM_PARTITION_CRYPTO}>:platform_crypto_keys>
$<$<BOOL:${PLATFORM_DEFAULT_ATTEST_HAL}>:tfm_sprt>
$<$<BOOL:${TFM_PARTITION_CRYPTO}>:crypto_service_mbedcrypto>
$<$<BOOL:${TFM_PARTITION_INITIAL_ATTESTATION}>:tfm_attestation_defs>
diff --git a/platform/ext/target/arm/corstone1000/config.cmake b/platform/ext/target/arm/corstone1000/config.cmake
index c8af4ea..d7585ea 100644
--- a/platform/ext/target/arm/corstone1000/config.cmake
+++ b/platform/ext/target/arm/corstone1000/config.cmake
@@ -27,8 +27,12 @@
set(CONFIG_TFM_USE_TRUSTZONE OFF CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY ON CACHE BOOL "Whether to build for a dual-cpu architecture")
set(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM ON CACHE BOOL "Whether to use a platform specific inter core communication instead of mailbox in dual-cpu topology")
-set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+
+if(TFM_PARTITION_CRYPTO)
+ set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+endif()
+
set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode")
set(NS FALSE CACHE BOOL "Whether to build NS app")
set(EXTERNAL_SYSTEM_SUPPORT OFF CACHE BOOL "Whether to include external system support.")
diff --git a/platform/ext/target/arm/musca_b1/config.cmake b/platform/ext/target/arm/musca_b1/config.cmake
index 9a25d15..6e747db 100644
--- a/platform/ext/target/arm/musca_b1/config.cmake
+++ b/platform/ext/target/arm/musca_b1/config.cmake
@@ -14,12 +14,15 @@
set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
-set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MCUBOOT_DATA_SHARING ON CACHE BOOL "Add sharing of application specific data using the same shared data area as for the measured boot")
set(PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT ON CACHE BOOL "Platform supports firmware update, such as network connectivities and bootloader support")
set(TFM_PARTITION_FIRMWARE_UPDATE ON CACHE BOOL "Enable firmware update partition")
+if(TFM_PARTITION_CRYPTO)
+ set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+endif()
+
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_SOURCE_DIR}/platform/ext/target/arm/musca_b1/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)
set(PSA_API_TEST_TARGET "musca_b1" CACHE STRING "Target to use when building the PSA API tests")
diff --git a/platform/ext/target/arm/musca_s1/config.cmake b/platform/ext/target/arm/musca_s1/config.cmake
index 59d2715..d081f9c 100644
--- a/platform/ext/target/arm/musca_s1/config.cmake
+++ b/platform/ext/target/arm/musca_s1/config.cmake
@@ -7,8 +7,11 @@
#
#-------------------------------------------------------------------------------
-set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+if(TFM_PARTITION_CRYPTO)
+ set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+endif()
+
set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode")
set(PLATFORM_GPLED_ENABLED OFF CACHE BOOL "Use the general purpose LEDs on the platform board")
diff --git a/platform/ext/target/cypress/psoc64/config.cmake b/platform/ext/target/cypress/psoc64/config.cmake
index a40661b..c2e28db 100644
--- a/platform/ext/target/cypress/psoc64/config.cmake
+++ b/platform/ext/target/cypress/psoc64/config.cmake
@@ -20,6 +20,10 @@
set(NUM_MAILBOX_QUEUE_SLOT 4 CACHE BOOL "Number of mailbox queue slots")
set(PLATFORM_SLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports SLIH IRQ tests")
set(PLATFORM_FLIH_IRQ_TEST_SUPPORT ON CACHE BOOL "Platform supports FLIH IRQ tests")
+set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition")
+set(TFM_PARTITION_PROTECTED_STORAGE ON CACHE BOOL "Enable Protected Storage partition")
+set(TFM_PARTITION_PLATFORM ON CACHE BOOL "Enable Platform partition")
+set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition")
################################## Dependencies ################################
diff --git a/platform/ext/target/stm/b_u585i_iot02a/config.cmake b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
index 7b20320..7f770b3 100644
--- a/platform/ext/target/stm/b_u585i_iot02a/config.cmake
+++ b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
@@ -22,6 +22,8 @@
set(MCUBOOT_ENC_IMAGES ON CACHE BOOL "Enable encrypted image upgrade support")
set(MCUBOOT_ENCRYPT_RSA ON CACHE BOOL "Use RSA for encrypted image upgrade support")
################################## Dependencies ################################
+set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ON CACHE BOOL "Enable Internal Trusted Storage partition")
+set(TFM_PARTITION_CRYPTO ON CACHE BOOL "Enable Crypto partition")
set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
diff --git a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
index dfe6e1f..2d41250 100644
--- a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
+++ b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
@@ -16,6 +16,8 @@
################################## Dependencies ################################
set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
-set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
-set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
+if(TFM_PARTITION_CRYPTO)
+ set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+ set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
+endif()
diff --git a/platform/ext/target/stm/stm32l562e_dk/config.cmake b/platform/ext/target/stm/stm32l562e_dk/config.cmake
index 85e68b6..2f91b5f 100644
--- a/platform/ext/target/stm/stm32l562e_dk/config.cmake
+++ b/platform/ext/target/stm/stm32l562e_dk/config.cmake
@@ -18,7 +18,10 @@
################################## Dependencies ################################
set(CONFIG_TFM_USE_TRUSTZONE ON CACHE BOOL "Enable use of TrustZone to transition between NSPE and SPE")
set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture")
-set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
-set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
+
+if(TFM_PARTITION_CRYPTO)
+ set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
+ set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
+endif()
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_CURRENT_SOURCE_DIR}/platform/ext/target/stm/common/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)