1#-------------------------------------------------------------------------------
2# Copyright (c) 2022, Arm Limited. All rights reserved.
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6#-------------------------------------------------------------------------------
7
8########################## FPU and MVE #########################################
9
10tfm_invalid_config(NOT CMAKE_C_COMPILER_ID STREQUAL "GNU" AND (CONFIG_TFM_ENABLE_FP OR CONFIG_TFM_ENABLE_MVE OR CONFIG_TFM_ENABLE_MVE_FP))
11tfm_invalid_config((NOT CONFIG_TFM_FP_ARCH) AND (CONFIG_TFM_ENABLE_FP OR CONFIG_TFM_ENABLE_MVE_FP))
12tfm_invalid_config((NOT CONFIG_TFM_ENABLE_FP AND NOT CONFIG_TFM_ENABLE_MVE AND NOT CONFIG_TFM_ENABLE_MVE_FP) AND CONFIG_TFM_LAZY_STACKING)
13tfm_invalid_config((CONFIG_TFM_ENABLE_FP OR CONFIG_TFM_ENABLE_MVE OR CONFIG_TFM_ENABLE_MVE_FP) AND NOT CONFIG_TFM_ENABLE_CP10CP11)
14
15###################### Check compiler for FP vulnerability #####################
16
17# Check compiler with mitigation for the VLLDM instruction security vulnerability or not.
18# For more information, please check https://developer.arm.com/support/arm-security-updates/vlldm-instruction-security-vulnerability.
19if (CONFIG_TFM_FLOAT_ABI STREQUAL "hard")
20    # Create test C file.
21    file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/cvetest.c "int x;")
22    # Compile with mitigation -mfix-cmse-cve-2021-35465.
23    execute_process (
24        COMMAND ${CMAKE_C_COMPILER} -mfix-cmse-cve-2021-35465 -S ${CMAKE_CURRENT_BINARY_DIR}/cvetest.c -o ${CMAKE_CURRENT_BINARY_DIR}/cvetest.s
25        RESULT_VARIABLE ret
26        ERROR_VARIABLE err
27    )
28    file(REMOVE ${CMAKE_CURRENT_BINARY_DIR}/cvetest.c)
29    # Check result
30    if(NOT ret EQUAL 0)
31        message(FATAL_ERROR "To enable FPU usage in SPE and NSPE both, please use the compiler with '-mfix-cmse-cve-2021-35465' support")
32    else()
33        file(REMOVE ${CMAKE_CURRENT_BINARY_DIR}/cvetest.s)
34    endif()
35endif()
36