Kconfig: Refine platform Kconfig configs
Add more configs from config_base.cmake and operate the
relationship like dependency with SPM and secure partition
configs. To make the structure clear, these configs are
modularized.
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I82e46ff646acc4e569be841ff1541844fb463e0d
diff --git a/platform/Kconfig b/platform/Kconfig
index 45cba5e..f8e59fd 100644
--- a/platform/Kconfig
+++ b/platform/Kconfig
@@ -1,65 +1,33 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
-rsource "Kconfig.arch"
-
menu "Platform options"
-config PLATFORM_DEFAULT_BL1
- bool "Use default BL1"
- default y
+rsource "Kconfig.arch"
-config PLATFORM_DEFAULT_ATTEST_HAL
- bool "Use default attest hal implementation"
- default y
-
-config PLATFORM_DEFAULT_NV_COUNTERS
- bool "Use default nv counter implementation"
- default y
- depends on PLATFORM_DEFAULT_OTP_WRITEABLE
-
-config PLATFORM_DEFAULT_CRYPTO_KEYS
- bool "Use default crypto keys implementation"
- default y
-
-config PLATFORM_DEFAULT_ROTPK
- bool "Use default root of trust public key"
- default y
-
-config PLATFORM_DEFAULT_IAK
- bool "Use default initial attestation_key"
- default y
-
-config PLATFORM_DEFAULT_UART_STDOUT
- bool "Use default uart stdout implementation"
- default y
-
-config PLATFORM_DEFAULT_NV_SEED
- bool "Use default NV seed implementation"
- default y
-
-config PLATFORM_DEFAULT_OTP
- bool "Use trusted on-chip flash to implement OTP memory"
- default y
-
-config PLATFORM_DEFAULT_OTP_WRITEABLE
- bool "Use OTP memory with write support"
- default y
-
-config PLATFORM_DEFAULT_PROVISIONING
- bool "Use default provisioning implementation"
- default y
-
-config PLATFORM_DEFAULT_SYSTEM_RESET_HALT
- bool "Use default system reset/halt implementation"
- default y
-
-config PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT
- bool
+config SECURE_UART1
+ bool "Enable secure UART1"
default n
+config TFM_DUMMY_PROVISIONING
+ bool "Provision with dummy values"
+ default y
+ select PLATFORM_DEFAULT_OTP_WRITEABLE if PLATFORM_DEFAULT_OTP
+ help
+ NOT to be used in production
+
+################################# Crypto dependencies ##########################
+
+config CRYPTO_HW_ACCELERATOR
+ bool "Enable the crypto hardware accelerator"
+ depends on CRYPTO_HW_ACCELERATOR_TYPE != ""
+ default n
+
+rsource "Kconfig.fpu"
+rsource "Kconfig.platform"
+
endmenu
diff --git a/platform/Kconfig.arch b/platform/Kconfig.arch
index 24254fa..9b1ba08 100644
--- a/platform/Kconfig.arch
+++ b/platform/Kconfig.arch
@@ -101,16 +101,3 @@
string
default "FPv5_D16" if FP_ARCH_FPV5_D16
default ""
-
-################################# Platform Hardware topology ###################
-config TFM_MULTI_CORE_TOPOLOGY
- bool
- default n
- help
- Dual-cpu architecture
-
-config CONFIG_TFM_USE_TRUSTZONE
- bool
- default n
- help
- Enable use of TrustZone to transition between NSPE and SPE
diff --git a/platform/Kconfig.fpu b/platform/Kconfig.fpu
new file mode 100644
index 0000000..793bdee
--- /dev/null
+++ b/platform/Kconfig.fpu
@@ -0,0 +1,62 @@
+
+#-------------------------------------------------------------------------------
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+################################# FPU ####################################
+
+menu "FPU/MVE"
+
+ config CONFIG_TFM_LAZY_STACKING
+ bool
+ default n
+ help
+ Enable lazy stacking
+
+ config CONFIG_TFM_ENABLE_CP10CP11
+ bool
+ default n
+ help
+ Make FPU and MVE operational when SPE and/or NSPE require FPU or MVE usage.
+ This alone only enables the coprocessors CP10-CP11, whereas CONFIG_TFM_FLOAT_ABI=hard
+ along with CONFIG_TFM_ENABLE_FP, CONFIG_TFM_ENABLE_MVE or CONFIG_TFM_ENABLE_MVE_FP
+ compiles the code with hardware FP or MVE instructions and ABI.
+
+ config CONFIG_TFM_ENABLE_FP
+ #TODO: depends on toolchain type
+ bool "Enable FP usage"
+ depends on CONFIG_TFM_FP_ARCH != ""
+ default n
+ imply CONFIG_TFM_LAZY_STACKING
+ select CONFIG_TFM_ENABLE_CP10CP11
+
+ config CONFIG_TFM_ENABLE_MVE
+ #TODO: depends on v8.1
+ bool "Enable integer MVE usage"
+ default n
+ imply CONFIG_TFM_LAZY_STACKING
+ select CONFIG_TFM_ENABLE_CP10CP11
+
+ config CONFIG_TFM_ENABLE_MVE_FP
+ bool "Enable floating-point MVE usage"
+ depends on CONFIG_TFM_FP_ARCH != ""
+ default n
+ imply CONFIG_TFM_LAZY_STACKING
+ select CONFIG_TFM_ENABLE_CP10CP11
+
+ config CONFIG_TFM_FLOAT_ABI
+ #TODO: shall be int to align with compile options
+ string
+ default "hard" if CONFIG_TFM_ENABLE_FP || CONFIG_TFM_ENABLE_MVE || CONFIG_TFM_ENABLE_MVE_FP
+ default "soft"
+ help
+ Set float abi hard to enable hardware floating-point instructions and
+ hardware floating-point linkage.
+
+ Set float abi soft, meaning software library functions for
+ floating-point operations and software floating-point linkage.
+
+endmenu
diff --git a/platform/Kconfig.platform b/platform/Kconfig.platform
new file mode 100644
index 0000000..e2e666c
--- /dev/null
+++ b/platform/Kconfig.platform
@@ -0,0 +1,183 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+################################# Platform dependencies ########################
+
+config PLATFORM_SVC_HANDLERS
+ bool "Platform specific SVC handlers"
+ default n
+
+config PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT
+ def_bool n
+
+config PLATFORM_HAS_ISOLATION_L3_SUPPORT
+ def_bool n
+ help
+ Platform supports Isolation level 3
+
+################################# Test dependencies ############################
+
+config PS_TEST_NV_COUNTERS
+ def_bool y
+ help
+ Use the test NV counters to test Protected Storage rollback scenarios
+
+config PLATFORM_SLIH_IRQ_TEST_SUPPORT
+ def_bool n
+ help
+ Platform supports SLIH IRQ tests
+
+config PLATFORM_FLIH_IRQ_TEST_SUPPORT
+ def_bool n
+ help
+ Platform supports FLIH IRQ tests
+
+######################### TFM psa api test target ##############################
+
+config PSA_API_TEST_TARGET
+ def_string ""
+
+################################# Debug authentication #########################
+
+config DEBUG_AUTHENTICATION_CHIP_DEFAULT
+ def_bool y
+
+config DEBUG_AUTHENTICATION_NONE
+ def_bool n
+
+config DEBUG_AUTHENTICATION_NS_ONLY
+ def_bool n
+
+config DEBUG_AUTHENTICATION_FULL
+ def_bool n
+
+config DEBUG_AUTHENTICATION
+ string
+ default "CHIP_DEFAULT" if DEBUG_AUTHENTICATION_CHIP_DEFAULT
+ default "NONE" if DEBUG_AUTHENTICATION_NONE
+ default "NS_ONLY" if DEBUG_AUTHENTICATION_NS_ONLY
+ default "FULL" if DEBUG_AUTHENTICATION_FULL
+
+################################# Platform Hardware topology ###################
+config TFM_MULTI_CORE_TOPOLOGY
+ bool
+ default n
+ help
+ Dual-cpu architecture
+
+config CONFIG_TFM_USE_TRUSTZONE
+ bool
+ default n
+ help
+ Enable use of TrustZone to transition between NSPE and SPE
+
+######################### Cyrpto Hardware accelerator ##########################
+config CRYPTO_HW_ACCELERATOR_CC312
+ def_bool n
+ help
+ CryptoCell-312
+
+config CRYPTO_HW_ACCELERATOR_STM
+ def_bool n
+
+config CRYPTO_HW_ACCELERATOR_TYPE
+ string
+ default "cc312" if CRYPTO_HW_ACCELERATOR_CC312
+ default "stm" if CRYPTO_HW_ACCELERATOR_STM
+ default ""
+
+################################# Platform default #############################
+
+config PLATFORM_DEFAULT_BL1
+ bool "Use default BL1"
+ default y
+
+config PLATFORM_DEFAULT_ATTEST_HAL
+ def_bool y
+ help
+ Use default attest hal implementation
+
+config PLATFORM_DEFAULT_NV_COUNTERS
+ def_bool y
+ depends on PLATFORM_DEFAULT_OTP_WRITEABLE
+ help
+ Use default nv counter implementation
+
+config PLATFORM_DEFAULT_CRYPTO_KEYS
+ def_bool y
+ help
+ Use default crypto keys implementation
+
+config PLATFORM_DEFAULT_ROTPK
+ def_bool y
+ help
+ Use default root of trust public key
+
+config PLATFORM_DEFAULT_IAK
+ def_bool y
+ help
+ Use default initial attestation_key
+
+config PLATFORM_DEFAULT_UART_STDOUT
+ def_bool y
+ help
+ Use default uart stdout implementation
+
+config PLATFORM_DEFAULT_NV_SEED
+ def_bool y
+ help
+ Use default NV seed implementation
+
+config PLATFORM_DEFAULT_OTP
+ bool "Use trusted on-chip flash to implement OTP memory"
+ default y
+ help
+ Use trusted on-chip flash to implement OTP memory
+
+config PLATFORM_DEFAULT_OTP_WRITEABLE
+ def_bool y
+ help
+ Use OTP memory with write support
+
+config PLATFORM_DEFAULT_PROVISIONING
+ def_bool y
+ help
+ Use default provisioning implementation
+
+config PLATFORM_DEFAULT_SYSTEM_RESET_HALT
+ bool "Use default system halt implementation"
+ default y
+ help
+ Use default system reset/halt implementation
+
+config PLATFORM_DEFAULT_IMAGE_SIGNING
+ def_bool y
+ help
+ Use default image signing implementation
+
+config TFM_PLAT_SPECIFIC_MULTI_CORE_COMM
+ bool "Use a platform specific inter-core communication"
+ depends on TFM_MULTI_CORE_TOPOLOGY
+ help
+ Whether to use a platform specific inter-core communication instead of
+ mailbox in dual-cpu topology
+
+config OTP_NV_COUNTERS_RAM_EMULATION
+ bool "Enable OTP/NV_COUNTERS emulation in RAM"
+ default n
+ depends on PLATFORM_DEFAULT_OTP || PLATFORM_DEFAULT_NV_COUNTERS
+ help
+ Enable OTP/NV_COUNTERS emulation in RAM. Has no effect on non-default
+ implementations of the OTP and NV_COUNTERS
+
+config TFM_NS_NV_COUNTER_AMOUNT
+ int "Numbers of NS NV counters"
+ default 0
+ range 0 3
+
+config PSA_API_TEST_TARGET
+ def_string ""