1# 2# Common definition to all platforms 3# 4 5# Set a variable or error out if it was previously set to a different value 6# The reason message (3rd parameter) is optional 7# Example: 8# $(call force,CFG_FOO,foo,required by CFG_BAR) 9define force 10$(eval $(call _force,$(1),$(2),$(3))) 11endef 12 13define _force 14ifdef $(1) 15ifneq ($($(1)),$(2)) 16ifneq (,$(3)) 17_reason := $$(_empty) [$(3)] 18endif 19$$(error $(1) is set to '$($(1))' (from $(origin $(1))) but its value must be '$(2)'$$(_reason)) 20endif 21endif 22$(1) := $(2) 23endef 24 25SHELL := bash 26BASH ?= bash 27PYTHON3 ?= python3 28ROOT ?= $(shell pwd)/.. 29 30UNAME_M := $(shell uname -m) 31ARCH ?= arm 32BUILD_PATH ?= $(ROOT)/build 33LINUX_PATH ?= $(ROOT)/linux 34UBOOT_PATH ?= $(ROOT)/u-boot 35OPTEE_OS_PATH ?= $(ROOT)/optee_os 36OPTEE_CLIENT_PATH ?= $(ROOT)/optee_client 37OPTEE_TEST_PATH ?= $(ROOT)/optee_test 38OPTEE_EXAMPLES_PATH ?= $(ROOT)/optee_examples 39OPTEE_RUST_PATH ?= $(ROOT)/optee_rust 40OPTEE_FTPM_PATH ?= $(ROOT)/optee_ftpm 41BUILDROOT_TARGET_ROOT ?= $(ROOT)/out-br/target 42MS_TPM_20_REF_PATH ?= $(ROOT)/ms-tpm-20-ref 43 44# default high verbosity. slow uarts shall specify lower if prefered 45CFG_TEE_CORE_LOG_LEVEL ?= 3 46 47# optee_test 48WITH_TLS_TESTS ?= y 49ifneq ($(COMPILER),clang) 50ifeq ($(UNAME_M),x86_64) 51# assuming GCC toolchain from toolchain.mk (GCC <= 11) 52WITH_CXX_TESTS ?= y 53endif 54endif 55 56# Only set CCACHE if it's pointing to something to avoid prefixing CROSS_COMPILE 57# with whitespace. TF-A will not build with whitespace first in CROSS_COMPILE. 58CCACHE_present := $(shell which ccache) 59ifneq ($(CCACHE_present),) 60CCACHE ?= $(CCACHE_present) # Don't remove this comment (space is needed) 61endif 62 63# QEMU shared folders settings 64# 65# TL;DR: 66# 1) make QEMU_VIRTFS_AUTOMOUNT=y run 67# will mount the project's root on the host as /mnt/host in QEMU. 68# 2) mkdir -p /tmp/qemu-data-tee && make QEMU_PSS_AUTOMOUNT=y run 69# will mount the host directory /tmp/qemu-data-tee as /var/lib/tee 70# in QEMU, thus creating persistent secure storage. 71 72ifeq ($(QEMU_VIRTFS_AUTOMOUNT),y) 73$(call force,QEMU_VIRTFS_ENABLE,y,required by QEMU_VIRTFS_AUTOMOUNT) 74endif 75 76ifeq ($(QEMU_PSS_AUTOMOUNT),y) 77$(call force,QEMU_PSS_ENABLE,y,required by QEMU_PSS_AUTOMOUNT) 78endif 79 80ifeq ($(QEMU_PSS_ENABLE),y) 81$(call force,QEMU_VIRTFS_ENABLE,y,required by QEMU_PSS_ENABLE) 82endif 83 84# Accessing a shared folder on the host from QEMU: 85# # Set QEMU_VIRTFS_ENABLE to 'y' and adjust QEMU_VIRTFS_HOST_DIR 86# # Then in QEMU, run: 87# # $ mount -t 9p -o trans=virtio host <mount_point> 88# # Or enable QEMU_VIRTFS_AUTOMOUNT 89QEMU_VIRTFS_ENABLE ?= n 90QEMU_VIRTFS_HOST_DIR ?= $(ROOT) 91 92# Persistent Secure Storage via shared folder 93# # Set QEMU_PSS_ENABLE to 'y' and adjust QEMU_PSS_HOST_DIR 94# # Then in QEMU, run: 95# # $ mount -t 9p -o trans=virtio secure /var/lib/tee 96# # Or enable QEMU_PSS_AUTOMOUNT 97QEMU_PSS_ENABLE ?= n 98QEMU_PSS_HOST_DIR ?= /tmp/qemu-data-tee 99 100# Warning: when these variables are modified, you must remake the buildroot 101# target directory. This can be done without rebuilding everything as follows: 102# rm -rf ../out-br/target; find ../out-br/ -name .stamp_target_installed | xargs rm 103# make <flags> run 104QEMU_VIRTFS_AUTOMOUNT ?= n 105QEMU_PSS_AUTOMOUNT ?= n 106# Mount point for the shared directory inside QEMU 107# Used by the post-build script, this is written to /etc/fstab as the mount 108# point of the shared directory 109QEMU_VIRTFS_MOUNTPOINT ?= /mnt/host 110 111# End of QEMU shared folder settings 112 113# The ports used for the consoles that are spawned when running QEMU. 114QEMU_NW_PORT ?= 54320 115QEMU_SW_PORT ?= 54321 116 117################################################################################ 118# Mandatory for autotools (for specifying --host) 119################################################################################ 120ifeq ($(COMPILE_NS_USER),64) 121ifeq ($(UNAME_M),x86_64) 122MULTIARCH := aarch64-linux-gnu 123else ifeq ($(UNAME_M),aarch64) 124MULTIARCH := aarch64-linux 125else 126MULTIARCH := aarch64-linux 127endif 128else 129ifeq ($(UNAME_M),x86_64) 130MULTIARCH := arm-linux-gnueabihf 131else ifeq ($(UNAME_M),aarch64) 132MULTIARCH := arm-linux-gnueabihf 133else 134MULTIARCH := arm-linux 135endif 136endif 137 138################################################################################ 139# Check coherency of compilation mode 140################################################################################ 141 142ifneq ($(COMPILE_NS_USER),) 143ifeq ($(COMPILE_NS_KERNEL),) 144$(error COMPILE_NS_KERNEL must be defined as COMPILE_NS_USER=$(COMPILE_NS_USER) is defined) 145endif 146ifeq (,$(filter $(COMPILE_NS_USER),32 64)) 147$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 or 64) 148endif 149endif 150 151ifneq ($(COMPILE_NS_KERNEL),) 152ifeq ($(COMPILE_NS_USER),) 153$(error COMPILE_NS_USER must be defined as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) is defined) 154endif 155ifeq (,$(filter $(COMPILE_NS_KERNEL),32 64)) 156$(error COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) - Should be 32 or 64) 157endif 158endif 159 160ifeq ($(COMPILE_NS_KERNEL),32) 161ifneq ($(COMPILE_NS_USER),32) 162$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL)) 163endif 164endif 165 166ifneq ($(COMPILE_S_USER),) 167ifeq ($(COMPILE_S_KERNEL),) 168$(error COMPILE_S_KERNEL must be defined as COMPILE_S_USER=$(COMPILE_S_USER) is defined) 169endif 170ifeq (,$(filter $(COMPILE_S_USER),32 64)) 171$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 or 64) 172endif 173endif 174 175ifneq ($(COMPILE_S_KERNEL),) 176OPTEE_OS_COMMON_EXTRA_FLAGS ?= O=out/$(ARCH) 177OPTEE_OS_BIN ?= $(OPTEE_OS_PATH)/out/$(ARCH)/core/tee.bin 178OPTEE_OS_HEADER_V2_BIN ?= $(OPTEE_OS_PATH)/out/$(ARCH)/core/tee-header_v2.bin 179OPTEE_OS_PAGER_V2_BIN ?= $(OPTEE_OS_PATH)/out/$(ARCH)/core/tee-pager_v2.bin 180OPTEE_OS_PAGEABLE_V2_BIN ?= $(OPTEE_OS_PATH)/out/$(ARCH)/core/tee-pageable_v2.bin 181ifeq ($(COMPILE_S_USER),) 182$(error COMPILE_S_USER must be defined as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) is defined) 183endif 184ifeq (,$(filter $(COMPILE_S_KERNEL),32 64)) 185$(error COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) - Should be 32 or 64) 186endif 187endif 188 189ifeq ($(COMPILE_S_KERNEL),32) 190ifneq ($(COMPILE_S_USER),32) 191$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL)) 192endif 193endif 194 195 196################################################################################ 197# set the compiler when COMPILE_xxx are defined 198################################################################################ 199ifeq ($(ARCH),arm) 200CROSS_COMPILE_NS_USER ?= "$(CCACHE)$(AARCH$(COMPILE_NS_USER)_CROSS_COMPILE)" 201CROSS_COMPILE_NS_KERNEL ?= "$(CCACHE)$(AARCH$(COMPILE_NS_KERNEL)_CROSS_COMPILE)" 202CROSS_COMPILE_NS_RUST ?= "$(AARCH$(COMPILE_NS_USER)_CROSS_COMPILE)" 203CROSS_COMPILE_S_USER ?= "$(CCACHE)$(AARCH$(COMPILE_S_USER)_CROSS_COMPILE)" 204CROSS_COMPILE_S_KERNEL ?= "$(CCACHE)$(AARCH$(COMPILE_S_KERNEL)_CROSS_COMPILE)" 205CROSS_COMPILE_S_RUST ?= "$(AARCH$(COMPILE_S_USER)_CROSS_COMPILE)" 206else ifeq ($(ARCH),riscv) 207CROSS_COMPILE_NS_USER ?= "$(CCACHE)$(RISCV$(COMPILE_NS_USER)_CROSS_COMPILE)" 208CROSS_COMPILE_NS_KERNEL ?= "$(CCACHE)$(RISCV$(COMPILE_NS_KERNEL)_CROSS_COMPILE)" 209CROSS_COMPILE_S_USER ?= "$(CCACHE)$(RISCV$(COMPILE_S_USER)_CROSS_COMPILE)" 210CROSS_COMPILE_S_KERNEL ?= "$(CCACHE)$(RISCV$(COMPILE_S_KERNEL)_CROSS_COMPILE)" 211endif 212 213################################################################################ 214# defines, macros, configuration etc 215################################################################################ 216define KERNEL_VERSION 217$(shell cd $(LINUX_PATH) && $(MAKE) --no-print-directory kernelversion) 218endef 219 220# Read stdin, expand ${VAR} environment variables, output to stdout 221# http://superuser.com/a/302847 222define expand-env-var 223awk '{while(match($$0,"[$$]{[^}]*}")) {var=substr($$0,RSTART+2,RLENGTH -3);gsub("[$$]{"var"}",ENVIRON[var])}}1' 224endef 225 226DEBUG ?= 0 227 228# Macro to check if a compiler supports a given option 229# For example: $(call cc-option,gcc,-Wno-error=stringop-truncation,) 230# ...will return -Wno-error=stringop-truncation if gcc supports it, empty 231# otherwise. 232__cc-option = $(if $(shell $(1) $(2) -c -x c /dev/null -o /dev/null 2>&1 >/dev/null),$(3),$(2)) 233_cc-opt-cached-var-name = cached-cc-option$(subst =,~,$(strip $(2)))$(subst $(empty) $(empty),,$(1)) 234define _cc-option 235$(eval _cached := $(call _cc-opt-cached-var-name,$1,$2)) 236$(eval $(_cached) := $(if $(filter $(origin $(_cached)),undefined),$(call __cc-option,$(1),$(2),$(3)),$($(_cached)))) 237$($(_cached)) 238endef 239cc-option = $(strip $(call _cc-option,$(1),$(2),$(3))) 240 241################################################################################ 242# default target is all 243################################################################################ 244.PHONY: all clean 245all: 246 247################################################################################ 248# Build root 249################################################################################ 250ifeq ($(ARCH),arm) 251BUILDROOT_ARCH=aarch$(COMPILE_NS_USER) 252else ifeq ($(ARCH),riscv) 253BUILDROOT_ARCH=riscv$(COMPILE_NS_USER) 254endif 255ifeq ($(GDBSERVER),y) 256BUILDROOT_TOOLCHAIN=toolchain-br # Use toolchain supplied by buildroot 257DEFCONFIG_GDBSERVER=--br-defconfig build/br-ext/configs/gdbserver.conf 258else 259# Local toolchains (downloaded by "make toolchains") 260ifeq ($(UNAME_M),x86_64) 261ifeq ($(ARCH),arm) 262BUILDROOT_TOOLCHAIN=toolchain-aarch$(COMPILE_NS_USER) 263else ifeq ($(ARCH),riscv) 264BUILDROOT_TOOLCHAIN=toolchain-riscv$(COMPILE_NS_USER) 265endif 266else ifeq ($(UNAME_M),aarch64) 267ifeq ($(COMPILE_NS_USER),64) 268BUILDROOT_TOOLCHAIN=toolchain-aarch64-sdk toolchain-common-sdk 269else 270BUILDROOT_TOOLCHAIN=toolchain-aarch32 271endif 272else 273BUILDROOT_TOOLCHAIN=toolchain-aarch$(COMPILE_NS_USER)-sdk toolchain-common-sdk 274endif 275endif 276 277ifeq ($(XEN_BOOT),y) 278DEFCONFIG_XEN=--br-defconfig build/br-ext/configs/xen.conf 279endif 280 281ifeq ($(MEASURED_BOOT_FTPM),y) 282DEFCONFIG_TSS ?= --br-defconfig build/br-ext/configs/tss 283endif 284 285BR2_PER_PACKAGE_DIRECTORIES ?= y 286BR2_PACKAGE_LIBOPENSSL ?= y 287BR2_PACKAGE_MMC_UTILS ?= y 288BR2_PACKAGE_OPENSSL ?= y 289BR2_PACKAGE_OPTEE_CLIENT_EXT_SITE ?= $(OPTEE_CLIENT_PATH) 290BR2_PACKAGE_OPTEE_EXAMPLES_EXT ?= y 291BR2_PACKAGE_OPTEE_EXAMPLES_EXT_CROSS_COMPILE ?= $(CROSS_COMPILE_S_USER) 292BR2_PACKAGE_OPTEE_EXAMPLES_EXT_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR) 293BR2_PACKAGE_OPTEE_EXAMPLES_EXT_SITE ?= $(OPTEE_EXAMPLES_PATH) 294ifeq ($(ARCH),arm) 295ifeq ($(RUST_ENABLE),y) 296BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT ?= y 297BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_CROSS_COMPILE_HOST ?= $(CROSS_COMPILE_NS_RUST) 298BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_CROSS_COMPILE_TA ?= $(CROSS_COMPILE_S_RUST) 299AARCH64_RUST_TARGET ?= aarch64-unknown-linux-gnu 300AARCH32_RUST_TARGET ?= arm-unknown-linux-gnueabihf 301BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_TARGET_HOST ?= "$(AARCH$(COMPILE_NS_USER)_RUST_TARGET)" 302BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_TARGET_TA ?= "$(AARCH$(COMPILE_S_USER)_RUST_TARGET)" 303BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR) 304BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_SITE ?= $(OPTEE_RUST_PATH) 305BR2_PACKAGE_OPTEE_RUST_EXAMPLES_EXT_TC_PATH ?= $(RUST_TOOLCHAIN_PATH) 306endif 307endif 308# The OPTEE_OS package builds nothing, it just installs files into the 309# root FS when applicable (for example: shared libraries) 310BR2_PACKAGE_OPTEE_OS_EXT ?= y 311BR2_PACKAGE_OPTEE_OS_EXT_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR) 312BR2_PACKAGE_OPTEE_OS_EXT_SITE ?= $(CURDIR)/br-ext/package/optee_os_ext 313BR2_PACKAGE_OPTEE_TEST_EXT ?= y 314BR2_PACKAGE_OPTEE_TEST_EXT_CROSS_COMPILE ?= $(CROSS_COMPILE_S_USER) 315BR2_PACKAGE_OPTEE_TEST_EXT_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR) 316BR2_PACKAGE_OPTEE_TEST_EXT_SITE ?= $(OPTEE_TEST_PATH) 317BR2_PACKAGE_OPTEE_TEST_EXT_GP_PACKAGE := $(GP_PACKAGE) 318BR2_PACKAGE_OPTEE_TEST_EXT_WITH_TLS_TESTS := $(WITH_TLS_TESTS) 319BR2_PACKAGE_OPTEE_TEST_EXT_WITH_CXX_TESTS := $(WITH_CXX_TESTS) 320BR2_PACKAGE_XEN_EXT_SITE ?= $(XEN_PATH) 321BR2_PACKAGE_STRACE ?= y 322ifeq ($(XEN_BOOT),y) 323BR2_TARGET_GENERIC_GETTY_PORT ?= "console" 324else 325BR2_TARGET_GENERIC_GETTY_PORT ?= $(if $(CFG_NW_CONSOLE_UART),ttyAMA$(CFG_NW_CONSOLE_UART),ttyAMA0) 326endif 327 328# Embed opensc for pkcs11-tool 329BR2_PACKAGE_OPENSC ?= y 330 331# Embed keyutils for trusted-keys 332BR2_PACKAGE_KEYUTILS ?= y 333 334# All BR2_* variables from the makefile or the environment are appended to 335# ../out-br/extra.conf. All values are quoted "..." except y and n. 336double-quote = "#" # This really sets the variable to " and avoids upsetting vim's syntax highlighting 337streq = $(and $(findstring $(1),$(2)),$(findstring $(2),$(1))) 338y-or-n = $(or $(call streq,y,$(1)),$(call streq,n,$(1))) 339append-var_ = echo '$(1)=$(3)'$($(1))'$(3)' >>$(2); 340append-var = $(call append-var_,$(1),$(2),$(if $(call y-or-n,$($(1))),,$(double-quote))) 341append-br2-vars = $(foreach var,$(filter BR2_%,$(.VARIABLES)),$(call append-var,$(var),$(1))) 342 343ifneq (y,$(BR2_PER_PACKAGE_DIRECTORIES)) 344br-make-flags := -j1 345endif 346 347.PHONY: buildroot 348buildroot: optee-os 349 @mkdir -p ../out-br 350 @rm -f ../out-br/build/optee_*/.stamp_* 351 @rm -f ../out-br/extra.conf 352 @$(call append-br2-vars,../out-br/extra.conf) 353 @(cd .. && $(PYTHON3) build/br-ext/scripts/make_def_config.py \ 354 --br buildroot --out out-br --br-ext build/br-ext \ 355 --top-dir "$(ROOT)" \ 356 --br-defconfig build/br-ext/configs/optee_$(BUILDROOT_ARCH) \ 357 --br-defconfig build/br-ext/configs/optee_generic \ 358 $(addprefix --br-defconfig build/br-ext/configs/, \ 359 $(BUILDROOT_TOOLCHAIN)) \ 360 $(DEFCONFIG_GDBSERVER) \ 361 $(DEFCONFIG_XEN) \ 362 $(DEFCONFIG_TSS) \ 363 $(DEFCONFIG_TPM_MODULE) \ 364 $(DEFCONFIG_FTPM) \ 365 --br-defconfig out-br/extra.conf \ 366 --make-cmd $(MAKE)) 367 @$(MAKE) $(br-make-flags) -C ../out-br all 368 369.PHONY: buildroot-clean 370buildroot-clean: 371 @test ! -d $(ROOT)/out-br || $(MAKE) -C $(ROOT)/out-br clean 372 373.PHONY: buildroot-cleaner 374buildroot-cleaner: 375 @rm -rf $(ROOT)/out-br 376 377################################################################################ 378# Linux 379################################################################################ 380LINUX_COMMON_FLAGS ?= LOCALVERSION= CROSS_COMPILE=$(CROSS_COMPILE_NS_KERNEL) 381 382.PHONY: linux-menuconfig-common 383linux-menuconfig-common: linux-defconfig 384 $(MAKE) -C $(LINUX_PATH) $(LINUX_COMMON_FLAGS) menuconfig 385 386.PHONY: linux-common 387linux-common: linux-defconfig 388 $(MAKE) -C $(LINUX_PATH) $(LINUX_COMMON_FLAGS) $(LINUX_COMMON_TARGETS) 389 390$(LINUX_PATH)/.config: $(LINUX_DEFCONFIG_COMMON_FILES) 391 cd $(LINUX_PATH) && \ 392 ARCH=$(LINUX_DEFCONFIG_COMMON_ARCH) \ 393 CROSS_COMPILE=$(CROSS_COMPILE_NS_KERNEL) \ 394 scripts/kconfig/merge_config.sh $(LINUX_DEFCONFIG_COMMON_FILES) 395 396.PHONY: linux-defconfig-clean-common 397linux-defconfig-clean-common: 398 rm -f $(LINUX_PATH)/.config 399 400.PHONY: linux-clean-common 401linux-clean-common: linux-defconfig-clean 402 $(MAKE) -C $(LINUX_PATH) $(LINUX_COMMON_FLAGS) clean 403 404.PHONY: linux-cleaner-common 405linux-cleaner-common: linux-defconfig-clean 406 $(MAKE) -C $(LINUX_PATH) $(LINUX_COMMON_FLAGS) distclean 407 408################################################################################ 409# EDK2 / Tianocore 410################################################################################ 411.PHONY: edk2-common 412edk2-common: 413 $(call edk2-env) && \ 414 export PACKAGES_PATH=$(EDK2_PATH):$(EDK2_PLATFORMS_PATH) && \ 415 source $(EDK2_PATH)/edksetup.sh && \ 416 $(MAKE) -j1 -C $(EDK2_PATH)/BaseTools && \ 417 $(call edk2-call) all 418 419.PHONY: edk2-clean-common 420edk2-clean-common: 421 $(call edk2-env) && \ 422 export PACKAGES_PATH=$(EDK2_PATH):$(EDK2_PLATFORMS_PATH) && \ 423 source $(EDK2_PATH)/edksetup.sh && \ 424 $(MAKE) -j1 -C $(EDK2_PATH)/BaseTools clean && \ 425 $(call edk2-call) cleanall 426 427################################################################################ 428# QEMU / QEMUv8 429################################################################################ 430QEMU_CONFIGURE_PARAMS_COMMON = --cc="$(CCACHE)gcc" --extra-cflags="-Wno-error" \ 431 --disable-docs 432QEMU_EXTRA_ARGS +=\ 433 -object rng-random,filename=/dev/urandom,id=rng0 \ 434 -device virtio-rng-pci,rng=rng0,max-bytes=1024,period=1000 435 436ifeq ($(QEMU_VIRTFS_ENABLE),y) 437QEMU_CONFIGURE_PARAMS_COMMON += --enable-virtfs 438QEMU_RUN_ARGS_COMMON +=\ 439 -fsdev local,id=fsdev0,path=$(QEMU_VIRTFS_HOST_DIR),security_model=none \ 440 -device virtio-9p-device,fsdev=fsdev0,mount_tag=host 441ifeq ($(QEMU_PSS_ENABLE),y) 442QEMU_RUN_ARGS_COMMON +=\ 443 -fsdev local,id=fsdev1,path=$(QEMU_PSS_HOST_DIR),security_model=mapped-xattr \ 444 -device virtio-9p-device,fsdev=fsdev1,mount_tag=secure 445endif 446endif 447 448ifeq ($(GDBSERVER),y) 449HOSTFWD := ,hostfwd=tcp::12345-:12345 450endif 451# Enable QEMU SLiRP user networking 452QEMU_EXTRA_ARGS +=\ 453 -netdev user,id=vmnic$(HOSTFWD) -device virtio-net-device,netdev=vmnic 454 455define run-help 456 @echo 457 @echo \* QEMU is now waiting to start the execution 458 @echo \* Start execution with either a \'c\' followed by \<enter\> in the QEMU console or 459 @echo \* attach a debugger and continue from there. 460 @echo \* 461 @echo \* To run OP-TEE tests, use the xtest command in the \'Normal World\' terminal 462 @echo \* Enter \'xtest -h\' for help. 463 @echo 464endef 465 466ifneq (, $(LAUNCH_TERMINAL)) 467define launch-terminal 468 @nc -z 127.0.0.1 $(1) || \ 469 $(LAUNCH_TERMINAL) "$(BUILD_PATH)/soc_term.py $(1)" & 470endef 471else 472tmux := $(TMUX) 473tmux_window := $(shell echo OPTEE_$$RANDOM) 474gnome-terminal := $(shell command -v gnome-terminal 2>/dev/null) 475konsole := $(shell command -v konsole 2>/dev/null) 476xterm := $(shell command -v xterm 2>/dev/null) 477 478ifdef tmux 479define launch-terminal 480 @if tmux list-windows -F '#W' | grep -q $(tmux_window); then \ 481 nc -z 127.0.0.1 $(1) || \ 482 tmux split-window -d -h -t $(tmux_window) "$(BUILD_PATH)/soc_term.py $(1)" ; \ 483 else \ 484 nc -z 127.0.0.1 $(1) || \ 485 tmux new-window -d -n $(tmux_window) "$(BUILD_PATH)/soc_term.py $(1)" ; \ 486 fi 487 488 @echo "* $(2)'s terminal has been spawned in $(tmux_window)." 489endef 490else 491ifdef gnome-terminal 492define launch-terminal 493 @nc -z 127.0.0.1 $(1) || \ 494 $(gnome-terminal) -t $(2) -x $(BUILD_PATH)/soc_term.py $(1) & 495endef 496else 497ifdef konsole 498define launch-terminal 499 @nc -z 127.0.0.1 $(1) || \ 500 $(konsole) --new-tab -p tabtitle=$(2) -e $(BUILD_PATH)/soc_term.py $(1) & 501endef 502else 503ifdef xterm 504define launch-terminal 505 @nc -z 127.0.0.1 $(1) || \ 506 $(xterm) -title $(2) -e $(BASH) -c "$(BUILD_PATH)/soc_term.py $(1)" & 507endef 508else 509check-terminal := @echo "Error: could not find tmux, gnome-terminal, konsole nor xterm" ; false 510endif # xterm 511endif # konsole 512endif # gnome-terminal 513endif # tmux 514endif # LAUNCH_TERMINAL 515 516define wait-for-ports 517 @while ! nc -z 127.0.0.1 $(1) || ! nc -z 127.0.0.1 $(2); do sleep 1; done 518endef 519 520################################################################################ 521# OP-TEE 522################################################################################ 523ifeq ($(ARCH),arm) 524ifeq ($(COMPILE_S_USER),32) 525OPTEE_OS_TA_DEV_KIT_DIR ?= $(OPTEE_OS_PATH)/out/arm/export-ta_arm32 526OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_USER_TA_TARGETS=ta_arm32 527endif 528ifeq ($(COMPILE_S_USER),64) 529OPTEE_OS_TA_DEV_KIT_DIR ?= $(OPTEE_OS_PATH)/out/arm/export-ta_arm64 530OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_USER_TA_TARGETS=ta_arm64 531endif 532 533ifeq ($(COMPILE_S_KERNEL),64) 534OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_ARM64_core=y 535else 536OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_ARM64_core=n 537endif 538 539OPTEE_OS_TA_CROSS_COMPILE_FLAGS += CROSS_COMPILE_ta_arm64="$(CCACHE)$(AARCH64_CROSS_COMPILE)" 540OPTEE_OS_TA_CROSS_COMPILE_FLAGS += CROSS_COMPILE_ta_arm32="$(CCACHE)$(AARCH32_CROSS_COMPILE)" 541 542else ifeq ($(ARCH),riscv) 543 544ifeq ($(COMPILE_S_USER),32) 545OPTEE_OS_TA_DEV_KIT_DIR ?= $(OPTEE_OS_PATH)/out/riscv/export-ta_rv32 546OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_USER_TA_TARGETS=ta_rv32 547endif 548ifeq ($(COMPILE_S_USER),64) 549OPTEE_OS_TA_DEV_KIT_DIR ?= $(OPTEE_OS_PATH)/out/riscv/export-ta_rv64 550OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_USER_TA_TARGETS=ta_rv64 551endif 552 553ifeq ($(COMPILE_S_KERNEL),64) 554OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_RV64_core=y 555else 556OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_RV64_core=n 557endif 558 559OPTEE_OS_TA_CROSS_COMPILE_FLAGS += CROSS_COMPILE_ta_rv64="$(CCACHE)$(RISCV64_CROSS_COMPILE)" 560OPTEE_OS_TA_CROSS_COMPILE_FLAGS += CROSS_COMPILE_ta_rv32="$(CCACHE)$(RISCV32_CROSS_COMPILE)" 561endif 562 563CFG_IN_TREE_EARLY_TAS ?= trusted_keys/f04a0fe7-1f5d-4b9b-abf7-619b85b4ce8c 564 565OPTEE_OS_COMMON_FLAGS ?= \ 566 $(OPTEE_OS_COMMON_EXTRA_FLAGS) \ 567 PLATFORM=$(OPTEE_OS_PLATFORM) \ 568 CROSS_COMPILE=$(CROSS_COMPILE_S_USER) \ 569 CROSS_COMPILE_core=$(CROSS_COMPILE_S_KERNEL) \ 570 $(OPTEE_OS_TA_CROSS_COMPILE_FLAGS) \ 571 CFG_TEE_CORE_LOG_LEVEL=$(CFG_TEE_CORE_LOG_LEVEL) \ 572 DEBUG=$(DEBUG) \ 573 CFG_IN_TREE_EARLY_TAS="$(CFG_IN_TREE_EARLY_TAS)" 574 575.PHONY: optee-os-common 576ifeq ($(MEASURED_BOOT_FTPM),y) 577OPTEE_OS_COMMON_EXTRA_FLAGS += EARLY_TA_PATHS=$(OPTEE_FTPM_PATH)/out/bc50d971-d4c9-42c4-82cb-343fb7f37896.stripped.elf 578optee-os-common: ftpm 579endif 580 581optee-os-common: 582 $(MAKE) -C $(OPTEE_OS_PATH) $(OPTEE_OS_COMMON_FLAGS) 583 584.PHONY: optee-os-clean-common 585optee-os-clean-common: 586 $(MAKE) -C $(OPTEE_OS_PATH) $(OPTEE_OS_COMMON_FLAGS) clean 587 588.PHONY: optee-os-devkit 589optee-os-devkit: 590 $(MAKE) -C $(OPTEE_OS_PATH) $(OPTEE_OS_COMMON_FLAGS) ta_dev_kit 591 592################################################################################ 593# fTPM Rules 594################################################################################ 595 596FTPM_FLAGS ?= \ 597 CROSS_COMPILE=$(CROSS_COMPILE_S_USER) \ 598 TA_DEV_KIT_DIR=$(OPTEE_OS_TA_DEV_KIT_DIR) \ 599 CFG_MS_TPM_20_REF=$(MS_TPM_20_REF_PATH) \ 600 CFG_TA_MEASURED_BOOT=y $(if $(filter 1,$(DEBUG)),CFG_TA_DEBUG=y) \ 601 O=out 602 603.PHONY: ftpm 604ftpm: 605ifeq ($(MEASURED_BOOT_FTPM),y) 606ftpm: optee-os-devkit 607 $(FTPM_FLAGS) $(MAKE) -C $(OPTEE_FTPM_PATH) 608endif 609 610.PHONY: ftpm-clean 611ftpm-clean: 612ifeq ($(MEASURED_BOOT_FTPM),y) 613ftpm-clean: 614 -$(FTPM_FLAGS) $(MAKE) -C $(OPTEE_FTPM_PATH) clean 615endif 616