Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 03514f1996efa799e50da744818ba331c2e893b6 / . / meta-arm / meta-arm / recipes-bsp / trusted-firmware-m / trusted-firmware-m.inc
blob: 772366d9117f139390f8422a4ab1ecda7f4b4f16 [file] [log] [blame]
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]1# SPDX-License-Identifier: MIT
2#
3# Copyright (c) 2020 Arm Limited
4#
5
6SUMMARY = "Trusted Firmware for Cortex-M"
7DESCRIPTION = "Trusted Firmware-M"
8HOMEPAGE = "https://git.trustedfirmware.org/trusted-firmware-m.git"
9PROVIDES = "virtual/trusted-firmware-m"
10
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]11UPSTREAM_CHECK_GITTAGREGEX = "^TF-Mv(?P<pver>\d+(\.\d+)+)$"
12
13# Note to future readers of this recipe: until the CMakeLists don't abuse
14# installation (see do_install) there is no point in trying to inherit
15# cmake here. You can easily short-circuit the toolchain but the install
16# is so convoluted there's no gain.
17
18inherit python3native deploy
19
20# Baremetal and we bring a compiler below
21INHIBIT_DEFAULT_DEPS = "1"
22
23PACKAGE_ARCH = "${MACHINE_ARCH}"
24
Patrick Williams03514f12024-04-05 07:04:11 -0500[diff] [blame^]25# At present, TF-M Select other GNU Arm compiler versions instead of 11.2:
26# https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/getting_started/tfm_getting_started.rst#n214
Patrick Williams2a254922023-08-11 09:48:11 -0500[diff] [blame]27#
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]28# See tools/requirements.txt for Python dependencies
29DEPENDS += "cmake-native \
30 ninja-native \
Patrick Williams03514f12024-04-05 07:04:11 -0500[diff] [blame^]31 gcc-arm-none-eabi-native \
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]32 python3-cbor2-native \
33 python3-click-native \
34 python3-cryptography-native \
35 python3-pyasn1-native \
36 python3-imgtool-native \
37 python3-jinja2-native \
38 python3-pyyaml-native \
39 python3-pyhsslms-native \
40 python3-ecdsa-native \
41 python3-kconfiglib-native \
42"
43
44B = "${WORKDIR}/build"
45
46# Build for debug (set TFM_DEBUG to 1 to activate)
47TFM_DEBUG ?= "0"
48
49# Platform must be set, ideally in the machine configuration.
50TFM_PLATFORM ?= ""
51python() {
52 if not d.getVar("TFM_PLATFORM"):
53 raise bb.parse.SkipRecipe("TFM_PLATFORM needs to be set")
54}
55
56PACKAGECONFIG ??= ""
57# Whether to integrate the test suite
58PACKAGECONFIG[test-secure] = "-DTEST_S=ON,-DTEST_S=OFF"
59PACKAGECONFIG[test-nonsecure] = "-DTEST_NS=ON,-DTEST_NS=OFF"
60
61# Currently we only support using the Arm binary GCC
62EXTRA_OECMAKE += "-DTFM_TOOLCHAIN_FILE=${S}/toolchain_GNUARM.cmake"
63
64# Don't let FetchContent download more sources during do_configure
65EXTRA_OECMAKE += "-DFETCHCONTENT_FULLY_DISCONNECTED=ON"
66
67# Add platform parameters
68EXTRA_OECMAKE += "-DTFM_PLATFORM=${TFM_PLATFORM}"
69
70# Handle TFM_DEBUG parameter
71EXTRA_OECMAKE += "${@bb.utils.contains('TFM_DEBUG', '1', '-DCMAKE_BUILD_TYPE=Debug', '-DCMAKE_BUILD_TYPE=Release', d)}"
72
73# Verbose builds
74EXTRA_OECMAKE += "-DCMAKE_VERBOSE_MAKEFILE:BOOL=ON"
75
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]76EXTRA_OECMAKE += "-DMBEDCRYPTO_PATH=${S}/../mbedtls -DTFM_TEST_REPO_PATH=${S}/../tf-m-tests -DTFM_EXTRAS_REPO_PATH=${S}/../tfm-extras -DMCUBOOT_PATH=${S}/../mcuboot -DQCBOR_PATH=${S}/../qcbor"
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]77
78export CMAKE_BUILD_PARALLEL_LEVEL = "${@oe.utils.parallel_make(d, False)}"
79
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]80AS[unexport] = "1"
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]81CC[unexport] = "1"
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]82LD[unexport] = "1"
83
Patrick Williams520786c2023-06-25 16:20:36 -0500[diff] [blame]84# remove once arm-none-eabi-gcc updates to 13 or newer like poky
85DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map"
86
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]87# python3-cryptography needs the legacy provider, so set OPENSSL_MODULES to the
88# right path until this is relocated automatically.
89export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"
90
91do_configure[cleandirs] = "${B}"
92do_configure() {
93 cmake -GNinja -S ${S} -B ${B} ${EXTRA_OECMAKE} ${PACKAGECONFIG_CONFARGS}
94}
95
96# Invoke install here as there's no point in splitting compile from install: the
97# first thing the build does is 'install' inside the build tree thus causing a
98# rebuild. It also overrides the install prefix to be in the build tree, so you
99# can't use the usual install prefix variables.
100do_compile() {
101 cmake --build ${B} -- install
102}
103do_compile[progress] = "outof:^\[(\d+)/(\d+)\]\s+"
104
105do_install() {
106 # TODO install headers and static libraries when we know how they're used
107 install -d -m 755 ${D}/firmware
108 install -m 0644 ${B}/bin/* ${D}/firmware/
109}
110
111FILES:${PN} = "/firmware"
112SYSROOT_DIRS += "/firmware"
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]113FILES:${PN}-dbg = "/firmware/*.elf"
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]114
115addtask deploy after do_install
116do_deploy() {
117 cp -rf ${D}/firmware/* ${DEPLOYDIR}/
118}
119
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]120# Build paths are currently embedded because it's impossible to pass -fdebug-prefix-map
Andrew Geissler9347dd42023-03-03 12:38:41 -0600[diff] [blame]121INSANE_SKIP:${PN} += "buildpaths"
Patrick Williams8e7b46e2023-05-01 14:19:06 -0500[diff] [blame]122INSANE_SKIP:${PN}-dbg += "buildpaths"
123# Target binaries will be 32-bit Arm
124INSANE_SKIP:${PN} += "arch"
125INSANE_SKIP:${PN}-dbg += "arch"