1#------------------------------------------------------------------------------- 2# Copyright (c) 2020-2024, Arm Limited. All rights reserved. 3# Copyright (c) 2021-2024 Cypress Semiconductor Corporation (an Infineon 4# company) or an affiliate of Cypress Semiconductor Corporation. All rights 5# reserved. 6# 7# SPDX-License-Identifier: BSD-3-Clause 8# 9#------------------------------------------------------------------------------- 10 11cmake_minimum_required(VERSION 3.21) 12 13add_executable(tfm_s) 14add_library(secure_fw INTERFACE) 15 16add_subdirectory(spm) 17add_subdirectory(partitions) 18 19target_include_directories(tfm_config 20 INTERFACE 21 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include> 22 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/crypto> 23 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/firmware_update> 24 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/initial_attestation> 25 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/internal_trusted_storage> 26 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/platform> 27 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions/protected_storage> 28 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/spm/include> 29 $<BUILD_INTERFACE:${CMAKE_BINARY_DIR}/generated/interface/include> 30) 31 32target_compile_definitions(tfm_config 33 INTERFACE 34 $<$<STREQUAL:${PS_CRYPTO_AEAD_ALG},PSA_ALG_GCM>:PS_CRYPTO_AEAD_ALG_GCM> 35 $<$<STREQUAL:${PS_CRYPTO_AEAD_ALG},PSA_ALG_CCM>:PS_CRYPTO_AEAD_ALG_CCM> 36 $<$<BOOL:${PS_ENCRYPTION}>:PS_ENCRYPTION> 37 $<$<BOOL:${PS_ROLLBACK_PROTECTION}>:PS_ROLLBACK_PROTECTION=1> 38 $<$<NOT:$<BOOL:${PS_ROLLBACK_PROTECTION}>>:PS_ROLLBACK_PROTECTION=0> 39 $<$<BOOL:${PS_SUPPORT_FORMAT_TRANSITION}>:PS_SUPPORT_FORMAT_TRANSITION> 40 $<$<BOOL:${PLATFORM_RAM_FS}>:ITS_RAM_FS=1> 41 $<$<BOOL:${PLATFORM_RAM_FS}>:PS_RAM_FS=1> 42 PS_AES_KEY_USAGE_LIMIT=${PS_AES_KEY_USAGE_LIMIT} 43) 44 45target_include_directories(secure_fw 46 INTERFACE 47 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include> 48 $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/partitions> 49) 50 51target_link_libraries(secure_fw 52 INTERFACE 53 tfm_spm 54 tfm_partitions 55) 56 57target_link_libraries(tfm_s 58 PRIVATE 59 secure_fw 60 platform_s 61 psa_interface 62 tfm_sprt 63) 64 65set_target_properties(tfm_s 66 PROPERTIES 67 SUFFIX ".axf" 68 RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin" 69 ADDITIONAL_CLEAN_FILES "${CMAKE_BINARY_DIR}/generated;${CMAKE_BINARY_DIR}/bin/tfm_s.map" 70) 71 72target_compile_options(tfm_s 73 PUBLIC 74 ${COMPILER_CP_FLAG} 75) 76 77target_link_options(tfm_s 78 PRIVATE 79 $<$<C_COMPILER_ID:GNU>:-Wl,-Map=${CMAKE_BINARY_DIR}/bin/tfm_s.map> 80 $<$<C_COMPILER_ID:ARMClang>:--map> 81 $<$<C_COMPILER_ID:IAR>:--map\;${CMAKE_BINARY_DIR}/bin/tfm_s.map> 82 $<$<C_COMPILER_ID:Clang>:-Wl,-Map=${CMAKE_BINARY_DIR}/bin/tfm_s.map -nostdlib> 83 PUBLIC 84 ${LINKER_CP_OPTION} 85) 86 87add_convert_to_bin_target(tfm_s) 88 89############################ Secure API ######################################## 90 91set_source_files_properties( 92 ${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_svc.c 93 ${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_thread_fn_call.c 94 ${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_sfn.c 95 PROPERTIES 96 COMPILE_FLAGS $<$<C_COMPILER_ID:GNU>:-Wno-unused-parameter> 97 COMPILE_FLAGS $<$<C_COMPILER_ID:ARMClang>:-Wno-unused-parameter> 98 COMPILE_FLAGS $<$<C_COMPILER_ID:Clang>:-Wno-unused-parameter> 99) 100 101target_sources(tfm_sprt 102 PRIVATE 103 $<$<BOOL:$<VERSION_GREATER:${TFM_ISOLATION_LEVEL},1>>:${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_svc.c> 104 $<$<BOOL:${CONFIG_TFM_SPM_BACKEND_IPC}>:${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_thread_fn_call.c> 105 $<$<BOOL:${CONFIG_TFM_SPM_BACKEND_SFN}>:${CMAKE_SOURCE_DIR}/secure_fw/spm/core/psa_interface_sfn.c> 106) 107 108############################# Secure veneers ################################### 109 110if(CONFIG_TFM_USE_TRUSTZONE) 111 add_library(tfm_s_veneers STATIC) 112 113 target_sources(tfm_s_veneers 114 PRIVATE 115 ${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o 116 ) 117 118 # Since s_veneers.o doesn't exist when this is evaluated by cmake we need to 119 # explicitly specify what language it will use. 120 set_target_properties(tfm_s_veneers 121 PROPERTIES 122 LINKER_LANGUAGE C 123 ) 124 125 # Pretend we have a command to generate the veneers, when in reality all 126 # that's needed is the dependency on tfm_s. This is required for the ninja 127 # build system 128 add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o 129 COMMAND 130 DEPENDS tfm_s 131 ) 132 133 target_link_options(tfm_s 134 PRIVATE 135 ${LINKER_VENEER_OUTPUT_FLAG}${CMAKE_CURRENT_BINARY_DIR}/s_veneers.o 136 ) 137endif() 138 139############################### CODE SHARING ################################### 140if (TFM_CODE_SHARING) 141 target_link_shared_code(tfm_s 142 bl2 143 ) 144 145 # mbedtls is build outside of tree, so we have to use the _from_dependency 146 # version of this function to attach the custom_command to the tfm_s target. 147 # It's also picky about stripping the symbols, so we just make them weak 148 # instead. 149 target_weaken_symbols_from_dependency(tfm_s crypto_service_mbedcrypto 150 mbedtls_asn1* 151 mbedtls_mpi* 152 mbedtls_platform* 153 mbedtls_rsa* 154 155 #This group is only relevant if BL2 image encryption is on 156 mbedtls_md* 157 158 #This group has two functions that cause runtime errors when shared, so the 159 #error-free ones are listed piece by piece 160 mbedtls_internal_sha256* 161 mbedtls_sha256_free 162 mbedtls_sha256_init 163 mbedtls_sha256_finish 164 mbedtls_sha256_starts 165 166 #Symbols necessary to make sharing additional functions possible 167 mbedtls_calloc* 168 mbedtls_free* 169 170 #Miscellaneous functions 171 mbedtls_exit* 172 memset_func* 173 ) 174 175endif() 176