Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / f96073cab66cd4c26a12710ba692fcc17cb6e33f / . / meta-arm / meta-arm / recipes-bsp / trusted-firmware-a / trusted-firmware-a.inc
blob: c5b695e4b3b72303812c6f4d0efe6d3577a12270 [file] [log] [blame]
Brad Bishopbec4ebc2022-08-03 09:55:16 -0400[diff] [blame]1DESCRIPTION = "Trusted Firmware-A"
2LICENSE = "BSD-3-Clause & MIT"
3
4PACKAGE_ARCH = "${MACHINE_ARCH}"
5
6inherit deploy
7
8SRC_URI = "git://git.trustedfirmware.org/TF-A/trusted-firmware-a.git;protocol=https;name=tfa;branch=master"
9
10UPSTREAM_CHECK_GITTAGREGEX = "^v(?P<pver>\d+(\.\d+)+)$"
11
12SRCREV_FORMAT = "tfa"
13
14COMPATIBLE_MACHINE ?= "invalid"
15
16# Platform must be set for each machine
17TFA_PLATFORM ?= "invalid"
18
19# Some platforms can have multiple board configurations
20# Leave empty for default behavior
21TFA_BOARD ?= ""
22
23# Some platforms use SPD (Secure Payload Dispatcher) services
24# Few options are "opteed", "tlkd", "trusty", "tspd", "spmd"...
25# Leave empty to not use SPD
26TFA_SPD ?= ""
27
28# Variable used when TFA_SPD=spmd
29TFA_SPMD_SPM_AT_SEL2 ?= "1"
30
31# SP layout file location. Used when TFA_SPD=spmd and TFA_SPMD_SPM_AT_SEL2=1
32TFA_SP_LAYOUT_FILE ?= ""
33
34# SPMC manifest file location. Used when TFA_SPD=spmd and TFA_SPMD_SPM_AT_SEL2=1
35TFA_ARM_SPMC_MANIFEST_DTS ?= ""
36
37# Build for debug (set TFA_DEBUG to 1 to activate)
38TFA_DEBUG ?= "0"
39
40S = "${WORKDIR}/git"
41B = "${WORKDIR}/build"
42
43# mbed TLS support (set TFA_MBEDTLS to 1 to activate)
44TFA_MBEDTLS ?= "0"
45# sub-directory in which mbedtls will be downloaded
46TFA_MBEDTLS_DIR ?= "mbedtls"
47# This should be set to MBEDTLS download URL if MBEDTLS is needed
48SRC_URI_MBEDTLS ??= ""
49# This should be set to MBEDTLS LIC FILES checksum
50LIC_FILES_CHKSUM_MBEDTLS ??= ""
51# add MBEDTLS to our sources if activated
52SRC_URI:append = " ${@bb.utils.contains('TFA_MBEDTLS', '1', '${SRC_URI_MBEDTLS}', '', d)}"
53# Update license variables
54LICENSE:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', ' & Apache-2.0', '', d)}"
55LIC_FILES_CHKSUM:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', ' ${LIC_FILES_CHKSUM_MBEDTLS}', '', d)}"
56# add mbed TLS to version
57SRCREV_FORMAT:append = "${@bb.utils.contains('TFA_MBEDTLS', '1', '_mbedtls', '', d)}"
58
59# U-boot support (set TFA_UBOOT to 1 to activate)
60# When U-Boot support is activated BL33 is activated with u-boot.bin file
61TFA_UBOOT ??= "0"
62
63# UEFI support (set TFA_UEFI to 1 to activate)
64# When UEFI support is activated BL33 is activated with uefi.bin file
65TFA_UEFI ??= "0"
66
67# What to build
68# By default we only build bl1, do_deploy will copy
69# everything listed in this variable (by default bl1.bin)
70TFA_BUILD_TARGET ?= "bl1"
71
72# What to install
73# do_install and do_deploy will install everything listed in this
74# variable. It is set by default to TFA_BUILD_TARGET
75TFA_INSTALL_TARGET ?= "${TFA_BUILD_TARGET}"
76
77# Requires CROSS_COMPILE set by hand as there is no configure script
78export CROSS_COMPILE="${TARGET_PREFIX}"
79
80# Let the Makefile handle setting up the CFLAGS and LDFLAGS as it is a standalone application
81CFLAGS[unexport] = "1"
82LDFLAGS[unexport] = "1"
83AS[unexport] = "1"
84LD[unexport] = "1"
85
86# No configure
87do_configure[noexec] = "1"
88
89# Baremetal, just need a compiler
90DEPENDS:remove = "virtual/${TARGET_PREFIX}compilerlibs virtual/libc"
91
92# We need dtc for dtbs compilation
93# We need openssl for fiptool
94DEPENDS = "dtc-native openssl-native"
95DEPENDS:append:toolchain-clang = " compiler-rt"
96
97# CC and LD introduce arguments which conflict with those otherwise provided by
98# this recipe. The heads of these variables excluding those arguments
99# are therefore used instead.
100def remove_options_tail (in_string):
101 from itertools import takewhile
102 return ' '.join(takewhile(lambda x: not x.startswith('-'), in_string.split(' ')))
103
104EXTRA_OEMAKE += "LD=${@remove_options_tail(d.getVar('LD'))}"
105
106EXTRA_OEMAKE += "CC=${@remove_options_tail(d.getVar('CC'))}"
107
108# Verbose builds, no -Werror
109EXTRA_OEMAKE += "V=1 E=0"
110
111# Add platform parameter
112EXTRA_OEMAKE += "BUILD_BASE=${B} PLAT=${TFA_PLATFORM}"
113
114# Handle TFA_BOARD parameter
115EXTRA_OEMAKE += "${@'TARGET_BOARD=${TFA_BOARD}' if d.getVar('TFA_BOARD') else ''}"
116
117# Handle TFA_SPD parameter
118EXTRA_OEMAKE += "${@'SPD=${TFA_SPD}' if d.getVar('TFA_SPD') else ''}"
119
120# If TFA_SPD is spmd, set SPMD_SPM_AT_SEL2
121EXTRA_OEMAKE += "${@'SPMD_SPM_AT_SEL2=${TFA_SPMD_SPM_AT_SEL2}' if d.getVar('TFA_SPD', True) == 'spmd' else ''}"
122
123# Handle TFA_DEBUG parameter
124EXTRA_OEMAKE += "${@bb.utils.contains('TFA_DEBUG', '1', 'DEBUG=${TFA_DEBUG}', '', d)}"
125
126# Handle MBEDTLS
127EXTRA_OEMAKE += "${@bb.utils.contains('TFA_MBEDTLS', '1', 'MBEDTLS_DIR=${TFA_MBEDTLS_DIR}', '', d)}"
128
129# Uboot support
130DEPENDS += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot', '', d)}"
131do_compile[depends] += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot:do_deploy', '', d)}"
132EXTRA_OEMAKE += "${@bb.utils.contains('TFA_UBOOT', '1', 'BL33=${DEPLOY_DIR_IMAGE}/u-boot.bin', '', d)}"
133
134# UEFI support
135DEPENDS += " ${@bb.utils.contains('TFA_UEFI', '1', 'edk2-firmware', '', d)}"
136EXTRA_OEMAKE += "${@bb.utils.contains('TFA_UEFI', '1', 'BL33=${RECIPE_SYSROOT}/firmware/uefi.bin', '', d)}"
137
138# TFTF test support
139DEPENDS += " ${@bb.utils.contains('TFTF_TESTS', '1', 'tf-a-tests', '', d)}"
140EXTRA_OEMAKE += "${@bb.utils.contains('TFTF_TESTS', '1', 'BL33=${RECIPE_SYSROOT}/firmware/tftf.bin', '',d)}"
141
142# Hafnium support
143SEL2_SPMC = "${@'${TFA_SPMD_SPM_AT_SEL2}' if d.getVar('TFA_SPD', True) == 'spmd' else ''}"
144
145DEPENDS += " ${@bb.utils.contains('SEL2_SPMC', '1', 'hafnium', '', d)}"
146
147EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'CTX_INCLUDE_EL2_REGS=1 ARM_ARCH_MINOR=4 BL32=${RECIPE_SYSROOT}/firmware/hafnium.bin', '', d)}"
148
149# Add SP layout file and spmc manifest for hafnium
150EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'SP_LAYOUT_FILE=${TFA_SP_LAYOUT_FILE}' if d.getVar('TFA_SP_LAYOUT_FILE') else '', '', d)}"
151
152EXTRA_OEMAKE += "${@bb.utils.contains('SEL2_SPMC', '1', 'ARM_SPMC_MANIFEST_DTS=${TFA_ARM_SPMC_MANIFEST_DTS}' if d.getVar('TFA_ARM_SPMC_MANIFEST_DTS') else '', '', d)}"
153
154# Tell the tools where the native OpenSSL is located
155EXTRA_OEMAKE += "OPENSSL_DIR=${STAGING_DIR_NATIVE}/${prefix_native}"
156# Use the correct native compiler
157EXTRA_OEMAKE += "HOSTCC='${BUILD_CC}'"
158
159# Runtime variables
160EXTRA_OEMAKE += "RUNTIME_SYSROOT=${STAGING_DIR_HOST}"
161
162BUILD_DIR = "${B}/${TFA_PLATFORM}"
163BUILD_DIR .= "${@'/${TFA_BOARD}' if d.getVar('TFA_BOARD') else ''}"
164BUILD_DIR .= "/${@'debug' if d.getVar("TFA_DEBUG") == '1' else 'release'}"
165
166do_compile() {
167 # This is still needed to have the native tools executing properly by
168 # setting the RPATH
169 sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
170 sed -i '/^INCLUDE_PATHS/ s,$, \$\{BUILD_CFLAGS},' ${S}/tools/fiptool/Makefile
171 sed -i '/^LIB/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/cert_create/Makefile
172
173 # Currently there are races if you build all the targets at once in parallel
174 for T in ${TFA_BUILD_TARGET}; do
175 oe_runmake -C ${S} $T
176 done
177}
178do_compile[cleandirs] = "${B}"
179
180do_install() {
181 install -d -m 755 ${D}/firmware
182 for atfbin in ${TFA_INSTALL_TARGET}; do
183 processed="0"
184 if [ "$atfbin" = "all" ]; then
185 # Target all is not handled by default
186 bberror "all as TFA_INSTALL_TARGET is not handled by do_install"
187 bberror "Please specify valid targets in TFA_INSTALL_TARGET or"
188 bberror "rewrite or turn off do_install"
189 exit 1
190 fi
191
192 if [ -f ${BUILD_DIR}/$atfbin.bin ]; then
193 echo "Install $atfbin.bin"
194 install -m 0644 ${BUILD_DIR}/$atfbin.bin \
195 ${D}/firmware/$atfbin-${TFA_PLATFORM}.bin
196 ln -sf $atfbin-${TFA_PLATFORM}.bin ${D}/firmware/$atfbin.bin
197 processed="1"
198 fi
199 if [ -f ${BUILD_DIR}/$atfbin/$atfbin.elf ]; then
200 echo "Install $atfbin.elf"
201 install -m 0644 ${BUILD_DIR}/$atfbin/$atfbin.elf \
202 ${D}/firmware/$atfbin-${TFA_PLATFORM}.elf
203 ln -sf $atfbin-${TFA_PLATFORM}.elf ${D}/firmware/$atfbin.elf
204 processed="1"
205 fi
206 if [ -f ${BUILD_DIR}/$atfbin ]; then
207 echo "Install $atfbin"
208 install -m 0644 ${BUILD_DIR}/$atfbin \
209 ${D}/firmware/$atfbin-${TFA_PLATFORM}
210 ln -sf $atfbin-${TFA_PLATFORM} ${D}/firmware/$atfbin
211 processed="1"
212 fi
213 if [ -f ${BUILD_DIR}/fdts/$atfbin.dtb ]; then
214 echo "Install $atfbin.dtb"
215 install -m 0644 "${BUILD_DIR}/fdts/$atfbin.dtb" \
216 "${D}/firmware/$atfbin.dtb"
217 processed="1"
218 elif [ "$atfbin" = "dtbs" ]; then
219 echo "dtbs install, skipped: set dtbs in TFA_INSTALL_TARGET"
220 elif [ -f ${B}/tools/$atfbin/$atfbin ]; then
221 echo "Tools $atfbin install, skipped"
222 elif [ "$processed" = "0" ]; then
223 bberror "Unsupported TFA_INSTALL_TARGET target $atfbin"
224 exit 1
225 fi
226 done
227}
228
229FILES:${PN} = "/firmware"
230SYSROOT_DIRS += "/firmware"
231
232FILES:${PN}-dbg = "/firmware/*.elf"
233# Skip QA check for relocations in .text of elf binaries
234INSANE_SKIP:${PN}-dbg += "textrel"
235# Build paths are currently embedded
236INSANE_SKIP:${PN} += "buildpaths"
237INSANE_SKIP:${PN}-dbg += "buildpaths"
238
239do_deploy() {
240 cp -rf ${D}/firmware/* ${DEPLOYDIR}/
241}
242addtask deploy after do_install
243
244CVE_PRODUCT = "arm:arm-trusted-firmware \
245 arm:trusted_firmware-a \
246 arm:arm_trusted_firmware \
247 arm_trusted_firmware_project:arm_trusted_firmware"