#------------------------------------------------------------------------------- # Copyright (c) 2020-2024, Arm Limited. All rights reserved. # Copyright (c) 2022 Cypress Semiconductor Corporation (an Infineon company) # or an affiliate of Cypress Semiconductor Corporation. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # #------------------------------------------------------------------------------- cmake_minimum_required(VERSION 3.21) add_library(platform_s STATIC) add_library(platform_region_defs INTERFACE) add_library(platform_common_interface INTERFACE) if (BL2) add_library(platform_bl2 STATIC) endif() if (BL1 AND PLATFORM_DEFAULT_BL1) add_library(platform_bl1_1 STATIC) add_library(platform_bl1_2 STATIC) add_library(platform_bl1_1_interface INTERFACE) endif() if (TFM_PARTITION_CRYPTO) add_library(platform_crypto_keys STATIC) endif() set(PLATFORM_DIR ${CMAKE_CURRENT_LIST_DIR} CACHE PATH "Path to platform directory") # Skip "up-to-date" prints to avoid flooding the build output. Just print "installing" set(CMAKE_INSTALL_MESSAGE LAZY) add_subdirectory(ext/target/${TFM_PLATFORM} target) #====================== CMSIS stack override interface ========================# # NS linker scripts using the default CMSIS style naming conventions, while the # secure and bl2 linker scripts remain untouched (region.h compatibility). # To be compatible with the untouched files (which using ARMCLANG naming style), # we have to override __INITIAL_SP and __STACK_LIMIT labels. set(CMSIS_OVERRIDE_HEADER "${CMAKE_CURRENT_LIST_DIR}/include/cmsis_override.h") add_library(cmsis_stack_override INTERFACE) target_compile_options(cmsis_stack_override INTERFACE "$<$:SHELL:-include ${CMSIS_OVERRIDE_HEADER}>" "$<$:SHELL:--preinclude ${CMSIS_OVERRIDE_HEADER}>" ) #========================= Platform Common interface ==========================# target_include_directories(platform_common_interface INTERFACE ext ext/common ext/driver include ) #========================= Platform Secure ====================================# target_include_directories(platform_s PUBLIC $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/accelerator/interface> ../secure_fw/spm/include/private ) target_sources(platform_s PRIVATE $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/tfm_hal_ps.c> $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/tfm_hal_its.c> $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/tfm_hal_reset_halt.c> $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/uart_stdout.c> $<$:ext/common/tfm_hal_spm_logdev_peripheral.c> $<$:ext/common/exception_info.c> $<$:ext/common/template/attest_hal.c> $<$:ext/common/template/nv_counters.c> $<$:ext/common/template/tfm_rotpk.c> $<$:ext/common/template/crypto_nv_seed.c> $<$,$>,$>:ext/common/template/flash_otp_nv_counters_backend.c> $<$:ext/common/template/otp_flash.c> $<$:ext/common/provisioning.c> $<$,$>:${CMAKE_SOURCE_DIR}/platform/ext/common/test_interrupt.c> $<$:ext/common/tfm_sanitize_handlers.c> ./ext/common/tfm_fatal_error.c ) # If this is not added to the tfm_s it will not correctly override the weak # default handlers declared in assemebly, and will instead be discarded as they # are not in use. target_sources(tfm_s PRIVATE ext/common/faults.c ) target_link_libraries(platform_s PUBLIC platform_common_interface platform_region_defs tfm_fih_headers cmsis_stack_override cmsis PRIVATE tfm_config tfm_spm_defs # For tfm_spm_log.h $<$:platform_crypto_keys> $<$:tfm_sprt> $<$:crypto_service_mbedcrypto> $<$:tfm_attestation_defs> $<$>:tfm_fih> psa_crypto_library_config ) target_compile_definitions(platform_s PUBLIC TFM_SPM_LOG_LEVEL=${TFM_SPM_LOG_LEVEL} $<$:TFM_SPM_LOG_RAW_ENABLED> $<$:OTP_NV_COUNTERS_RAM_EMULATION=1> $<$:TFM_EXCEPTION_INFO_DUMP> $<$,$>:CONFIG_TFM_ENABLE_MEMORY_PROTECT> $<$:TFM_PXN_ENABLE> $<$:CONFIG_TFM_FLOAT_ABI=2> $<$:CONFIG_TFM_FLOAT_ABI=0> $<$:CONFIG_TFM_LAZY_STACKING> $<$:CONFIG_TFM_ENABLE_CP10CP11> $<$:PLATFORM_DEFAULT_CRYPTO_KEYS> $<$:PLATFORM_DEFAULT_OTP> $<$:PLATFORM_DEFAULT_NV_COUNTERS> $<$,$>>:LOG_FATAL_ERRORS> $<$,$>>:LOG_NONFATAL_ERRORS> PRIVATE $<$:SYMMETRIC_INITIAL_ATTESTATION> $<$:TFM_DUMMY_PROVISIONING> $<$:OTP_WRITEABLE> ) target_compile_options(platform_s PUBLIC ${COMPILER_CP_FLAG} $<$:-fsanitize=${TFM_SANITIZE}> ) #========================= Platform Crypto Keys ===============================# if(TFM_PARTITION_CRYPTO) target_sources(platform_crypto_keys PRIVATE $<$:ext/common/template/crypto_keys.c> ) target_link_libraries(platform_crypto_keys PRIVATE crypto_service_mbedcrypto tfm_psa_rot_partition_crypto platform_region_defs tfm_config ) target_include_directories(platform_crypto_keys PRIVATE $<$:${CMAKE_SOURCE_DIR}/interface/include/crypto_keys> ${CMAKE_BINARY_DIR}/generated/interface/include ) target_compile_definitions(platform_crypto_keys PRIVATE $<$:SYMMETRIC_INITIAL_ATTESTATION> $<$:PLATFORM_DEFAULT_OTP> $<$:TEST_S_ATTESTATION> $<$:TEST_NS_ATTESTATION> ) target_compile_options(platform_crypto_keys PUBLIC ${COMPILER_CP_FLAG} ) endif() #========================= Platform BL2 =======================================# if(BL2) #TODO import policy target_include_directories(platform_bl2 PUBLIC $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/accelerator/interface> ${MCUBOOT_PATH}/boot/bootutil/include ${CMAKE_SOURCE_DIR}/bl2/ext/mcuboot/include ) target_sources(platform_bl2 PRIVATE ext/common/boot_hal_bl2.c $<$:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/uart_stdout.c> $<$:ext/common/template/nv_counters.c> $<$:ext/common/template/tfm_rotpk.c> $<$,$>:ext/common/template/flash_otp_nv_counters_backend.c> $<$:ext/common/template/otp_flash.c> $<$:ext/common/tfm_sanitize_handlers.c> ./ext/common/tfm_fatal_error.c ) target_link_libraries(platform_bl2 PUBLIC platform_common_interface platform_region_defs cmsis_stack_override cmsis PRIVATE bl2_hal mcuboot_config $<$,$>>:tfm_boot_status> ) target_compile_definitions(platform_bl2 PUBLIC BL2 MCUBOOT_${MCUBOOT_UPGRADE_STRATEGY} $<$:MCUBOOT_DIRECT_XIP_REVERT> $<$:SYMMETRIC_INITIAL_ATTESTATION> $<$:MCUBOOT_HW_KEY> MCUBOOT_FIH_PROFILE_${MCUBOOT_FIH_PROFILE} $<$:PLATFORM_DEFAULT_OTP> $<$:OTP_NV_COUNTERS_RAM_EMULATION=1> $<$:TFM_DUMMY_PROVISIONING> $<$:PLATFORM_DEFAULT_NV_COUNTERS> $<$:OTP_WRITEABLE> $<$,$>>:TFM_MEASURED_BOOT_API> $<$,$>:LOG_FATAL_ERRORS> $<$,$>:LOG_NONFATAL_ERRORS> ) target_compile_options(platform_bl2 PUBLIC ${BL2_COMPILER_CP_FLAG} $<$:-fsanitize=${BL2_SANITIZE}> ) endif() #========================= Platform BL1_1 =====================================# if(BL1 AND PLATFORM_DEFAULT_BL1) target_include_directories(platform_bl1_1_interface INTERFACE . include ext/driver ) target_link_libraries(platform_bl1_1_interface INTERFACE platform_region_defs platform_common_interface cmsis_stack_override cmsis ) target_compile_definitions(platform_bl1_1_interface INTERFACE $<$:CRYPTO_HW_ACCELERATOR> $<$:TFM_BL1_LOGGING> $<$:PLATFORM_DEFAULT_OTP> $<$:OTP_NV_COUNTERS_RAM_EMULATION=1> $<$:TFM_DUMMY_PROVISIONING> $<$:PLATFORM_DEFAULT_NV_COUNTERS> $<$:OTP_WRITEABLE> $<$:TFM_BL1_MEMORY_MAPPED_FLASH> $<$:TFM_BL1_2_IN_OTP> $<$,$>>:TFM_MEASURED_BOOT_API> $<$,$>:LOG_FATAL_ERRORS> $<$,$>:LOG_NONFATAL_ERRORS> ) target_compile_options(platform_bl1_1 PUBLIC $<$:-fsanitize=${BL1_1_SANITIZE}> ${BL1_COMPILER_CP_FLAG} ) target_link_options(platform_bl1_1 PUBLIC ${BL1_LINKER_CP_OPTION} ) target_sources(platform_bl1_1 PRIVATE ext/common/boot_hal_bl1_1.c ext/common/uart_stdout.c $<$:ext/common/template/flash_otp_nv_counters_backend.c> $<$:ext/common/template/otp_flash.c> $<$,$>:ext/common/tfm_sanitize_handlers.c> ./ext/common/tfm_fatal_error.c ) target_link_libraries(platform_bl1_1 PUBLIC platform_bl1_1_interface platform_region_defs PRIVATE tfm_fih tfm_fih_headers tfm_boot_status ) endif() #========================= Platform BL1_2 =====================================# if(BL1 AND PLATFORM_DEFAULT_BL1) target_include_directories(platform_bl1_2 PRIVATE . include ext/driver ) target_link_libraries(platform_bl1_2 INTERFACE platform_region_defs platform_common_interface cmsis_stack_override cmsis ) target_compile_definitions(platform_bl1_2 INTERFACE $<$:CRYPTO_HW_ACCELERATOR> $<$:TFM_BL1_LOGGING> $<$:PLATFORM_DEFAULT_OTP> $<$:OTP_NV_COUNTERS_RAM_EMULATION=1> $<$:TFM_DUMMY_PROVISIONING> $<$:PLATFORM_DEFAULT_NV_COUNTERS> $<$:OTP_WRITEABLE> $<$:TFM_BL1_MEMORY_MAPPED_FLASH> $<$:TFM_BL1_2_IN_OTP> $<$,$>>:TFM_MEASURED_BOOT_API> $<$,$>:LOG_FATAL_ERRORS> $<$,$>:LOG_NONFATAL_ERRORS> ) target_sources(platform_bl1_2 PRIVATE ext/common/boot_hal_bl1_2.c $<$:ext/common/template/nv_counters.c> $<$,$>:ext/common/template/flash_otp_nv_counters_backend.c> $<$:ext/common/template/otp_flash.c> ) target_link_libraries(platform_bl1_2 PUBLIC platform_bl1_1_interface PRIVATE tfm_fih tfm_fih_headers tfm_boot_status platform_region_defs bl1_1_shared_lib_interface ) target_compile_options(platform_bl1_2 PUBLIC $<$:-fsanitize=${BL1_2_SANITIZE}> ${BL1_COMPILER_CP_FLAG} ) target_link_options(platform_bl1_2 PUBLIC ${BL1_LINKER_CP_OPTION} ) endif() #========================= Platform region defs ===============================# if(NOT ${MCUBOOT_SIGNATURE_TYPE} STREQUAL "") string(REGEX MATCH "[0-9]*$" SIG_LEN ${MCUBOOT_SIGNATURE_TYPE}) string(REGEX MATCH "^[A-Z]*" SIG_TYPE ${MCUBOOT_SIGNATURE_TYPE}) endif() #TODO maybe just link the other platforms to this target_compile_definitions(platform_region_defs INTERFACE $<$:BL1> $<$:BL2> BL2_HEADER_SIZE=${BL2_HEADER_SIZE} BL2_TRAILER_SIZE=${BL2_TRAILER_SIZE} BL1_HEADER_SIZE=${BL1_HEADER_SIZE} BL1_TRAILER_SIZE=${BL1_TRAILER_SIZE} $<$:PLATFORM_DEFAULT_BL1> $<$:SECURE_UART1> DAUTH_${DEBUG_AUTHENTICATION} $<$:MCUBOOT_IMAGE_NUMBER=${MCUBOOT_IMAGE_NUMBER}> $<$:MCUBOOT_BUILTIN_KEY> $<$:MCUBOOT_SIGN_RSA> $<$:MCUBOOT_SIGN_RSA_LEN=${SIG_LEN}> $<$:MCUBOOT_SIGN_EC${SIG_LEN}> $<$:LINK_TO_SECONDARY_PARTITION> $<$:PSA_API_TEST_${TEST_PSA_API}> $<$:CODE_SHARING> $<$,$>:ENABLE_HEAP> PLATFORM_NS_NV_COUNTERS=${TFM_NS_NV_COUNTER_AMOUNT} $<$:HALT_ON_FATAL_ERROR> $<$:FATAL_ERR_LOG_FILE_AND_LINE> ) target_include_directories(platform_region_defs INTERFACE ${CMAKE_CURRENT_LIST_DIR}/ext/common ) target_link_libraries(platform_region_defs INTERFACE tfm_config )