1#-------------------------------------------------------------------------------
2# Copyright (c) 2020-2022, Arm Limited. All rights reserved.
3# Copyright (c) 2021-2022 Cypress Semiconductor Corporation (an Infineon
4# company) or an affiliate of Cypress Semiconductor Corporation. All rights
5# reserved.
6#
7# SPDX-License-Identifier: BSD-3-Clause
8#
9#-------------------------------------------------------------------------------
10
11cmake_minimum_required(VERSION 3.15)
12
13add_executable(tfm_s)
14add_library(secure_fw INTERFACE)
15
16add_subdirectory(spm)
17add_subdirectory(partitions)
18
19target_include_directories(tfm_config
20    INTERFACE
21        ${CMAKE_CURRENT_SOURCE_DIR}/include
22        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/crypto
23        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/firmware_update
24        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/initial_attestation
25        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/internal_trusted_storage
26        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/platform
27        ${CMAKE_CURRENT_SOURCE_DIR}/partitions/protected_storage
28        ${CMAKE_CURRENT_SOURCE_DIR}/spm/include
29        ${CMAKE_BINARY_DIR}/generated/interface/include
30)
31
32target_compile_definitions(tfm_config
33    INTERFACE
34        $<$<STREQUAL:${PS_CRYPTO_AEAD_ALG},PSA_ALG_GCM>:PS_CRYPTO_AEAD_ALG_GCM>
35        $<$<STREQUAL:${PS_CRYPTO_AEAD_ALG},PSA_ALG_CCM>:PS_CRYPTO_AEAD_ALG_CCM>
36        $<$<BOOL:${PS_ENCRYPTION}>:PS_ENCRYPTION>
37)
38
39target_include_directories(secure_fw
40    INTERFACE
41        $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
42        $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions>
43)
44
45target_link_libraries(secure_fw
46    INTERFACE
47        tfm_spm
48        tfm_partitions
49)
50
51target_link_libraries(tfm_s
52    PRIVATE
53        secure_fw
54        platform_s
55        psa_interface
56        tfm_sprt
57)
58
59set_target_properties(tfm_s
60    PROPERTIES
61        SUFFIX ".axf"
62        RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin"
63)
64
65target_compile_options(tfm_s
66    PUBLIC
67        ${COMPILER_CP_FLAG}
68)
69
70target_link_options(tfm_s
71    PRIVATE
72        --entry=Reset_Handler
73        $<$<C_COMPILER_ID:GNU>:-Wl,-Map=${CMAKE_BINARY_DIR}/bin/tfm_s.map>
74        $<$<C_COMPILER_ID:ARMClang>:--map>
75        $<$<C_COMPILER_ID:IAR>:--map\;${CMAKE_BINARY_DIR}/bin/tfm_s.map>
76    PUBLIC
77        ${LINKER_CP_OPTION}
78)
79
80add_convert_to_bin_target(tfm_s)
81
82############################ Secure API ########################################
83
84set_source_files_properties(
85    ${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_svc.c
86    ${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_cross.c
87    ${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_sfn.c
88    PROPERTIES
89    COMPILE_FLAGS $<$<C_COMPILER_ID:GNU>:-Wno-unused-parameter>
90    COMPILE_FLAGS $<$<C_COMPILER_ID:ARMClang>:-Wno-unused-parameter>
91)
92
93target_sources(tfm_sprt
94    PRIVATE
95        $<$<BOOL:${CONFIG_TFM_PSA_API_SUPERVISOR_CALL}>:${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_svc.c>
96        $<$<BOOL:${CONFIG_TFM_PSA_API_CROSS_CALL}>:${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_cross.c>
97        $<$<BOOL:${CONFIG_TFM_PSA_API_SFN_CALL}>:${CMAKE_SOURCE_DIR}/secure_fw/spm/cmsis_psa/psa_interface_sfn.c>
98)
99
100############################# Secure veneers ###################################
101
102if(CONFIG_TFM_USE_TRUSTZONE)
103    add_library(tfm_s_veneers STATIC)
104
105    target_sources(tfm_s_veneers
106        PRIVATE
107            ${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o
108    )
109
110    # Since s_veneers.o doesn't exist when this is evaluated by cmake we need to
111    # explicity specify what language it will use.
112    set_target_properties(tfm_s_veneers
113        PROPERTIES
114            LINKER_LANGUAGE C
115    )
116
117    # Pretend we have a command to generate the veneers, when in reality all
118    # that's needed is the dependency on tfm_s. This is required for the ninja
119    # build system
120    add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o
121        COMMAND
122        DEPENDS tfm_s
123    )
124
125    target_link_options(tfm_s
126        PRIVATE
127            ${LINKER_VENEER_OUTPUT_FLAG}${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o
128    )
129endif()
130
131############################### CODE SHARING ###################################
132if (TFM_CODE_SHARING)
133    target_link_shared_code(tfm_s
134        bl2
135    )
136
137    # mbedtls is build outside of tree, so we have to use the _from_dependency
138    # version of this function to attach the custom_command to the tfm_s target.
139    # It's also picky about stripping the symbols, so we just make them weak
140    # instead.
141    target_weaken_symbols_from_dependency(tfm_s crypto_service_mbedcrypto
142        mbedtls_asn1*
143        mbedtls_mpi*
144        mbedtls_platform*
145        mbedtls_rsa*
146
147        #This group is only relevant if BL2 image encryption is on
148        mbedtls_md*
149
150        #This group has two functions that cause runtime errors when shared, so the
151        #error-free ones are listed piece by piece
152        mbedtls_internal_sha256*
153        mbedtls_sha256_free
154        mbedtls_sha256_init
155        mbedtls_sha256_finish
156        mbedtls_sha256_starts
157
158        #Symbols necessary to make sharing additional functions possible
159        mbedtls_calloc*
160        mbedtls_free*
161
162        #Miscellaneous functions
163        mbedtls_exit*
164        memset_func*
165    )
166
167endif()
168