DistroKit Mailinglist
 help / color / mirror / Atom feed
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: distrokit@pengutronix.de
Cc: Ahmad Fatoum <a.fatoum@pengutronix.de>,
	Michael Tretter <m.tretter@pengutronix.de>
Subject: [DistroKit] [PATCH 3/6] rules: add ARM Trusted Firmware-A
Date: Mon,  2 Mar 2020 12:03:53 +0100	[thread overview]
Message-ID: <20200302110356.19112-4-a.fatoum@pengutronix.de> (raw)
In-Reply-To: <20200302110356.19112-1-a.fatoum@pengutronix.de>

Trusted Firmware-A (TF-A) is a reference implementation of secure world
software for Arm A-Profile architectures (Armv8-A and Armv7-A).

TF-A is used as first-stage bootloader on the STM32MP1. We'll use
barebox for second-stage only for now, thus add a rule for TF-A.

Tested-by: Michael Tretter <m.tretter@pengutronix.de>
Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Link: https://www.mail-archive.com/ptxdist@pengutronix.de/msg15828.html
---
 configs/platform-v7a/platformconfig |   1 +
 rules/tf-a.in                       | 140 ++++++++++++++++++++++++++++
 rules/tf-a.make                     | 122 ++++++++++++++++++++++++
 3 files changed, 263 insertions(+)
 create mode 100644 rules/tf-a.in
 create mode 100644 rules/tf-a.make

diff --git a/configs/platform-v7a/platformconfig b/configs/platform-v7a/platformconfig
index f468a77e4f96..e3a9b6433172 100644
--- a/configs/platform-v7a/platformconfig
+++ b/configs/platform-v7a/platformconfig
@@ -181,6 +181,7 @@ PTXCONF_BAREBOX_ARCH_STRING="arm"
 # PTXCONF_GRUB is not set
 # PTXCONF_HOST_MXS_UTILS is not set
 # PTXCONF_OPTEE is not set
+# PTXCONF_TF_A is not set
 # PTXCONF_U_BOOT is not set
 # PTXCONF_X_LOAD is not set
 
diff --git a/rules/tf-a.in b/rules/tf-a.in
new file mode 100644
index 000000000000..3cddf7907960
--- /dev/null
+++ b/rules/tf-a.in
@@ -0,0 +1,140 @@
+## SECTION=bootloader
+
+menuconfig TF_A
+	select BOOTLOADER
+	prompt "ARM Trusted Firmware-A        "
+	depends on ARCH_ARM || ARCH_ARM64
+	bool
+
+if TF_A
+
+config TF_A_VERSION
+	string
+	default "v2.2"
+	prompt "TF-A version"
+	help
+	  Enter the TF-A git commit-ish you want to build. Usually a tagged
+	  release like "v2.2"
+
+config TF_A_MD5
+	string
+	default "bb300e5a62c911e189c80d935d497a4b"
+	prompt "TF-A source md5"
+
+config TF_A_ARCH_STRING
+        string
+        default "aarch32" if ARCH_ARM
+        default "aarch64" if ARCH_ARM64
+
+choice
+	prompt "TF-A Architecture"
+	default TF_A_ARM_ARCH_MAJOR_7 if ARCH_ARM
+	default TF_A_ARM_ARCH_MAJOR_8 if ARCH_ARM64
+	help
+	  Architecture version major number
+
+	config TF_A_ARM_ARCH_MAJOR_7
+		depends on ARCH_ARM
+		prompt "ARMv7"
+		bool
+
+	config TF_A_ARM_ARCH_MAJOR_8_32_BIT
+		depends on ARCH_ARM
+		prompt "ARMv8 32-bit"
+		bool
+
+	config TF_A_ARM_ARCH_MAJOR_8
+		depends on ARCH_ARM64
+		prompt "ARMv8"
+		bool
+
+endchoice
+
+config TF_A_ARM_ARCH_MAJOR
+        int
+        default 7 if TF_A_ARM_ARCH_MAJOR_7
+        default 8 if TF_A_ARM_ARCH_MAJOR_8_32_BIT
+        default 8 if TF_A_ARM_ARCH_MAJOR_8
+
+
+config TF_A_PLATFORM
+	string
+	prompt "TF-A target platform"
+	help
+	  The TF-A target platform.
+
+config TF_A_ARM_ARCH_MINOR
+	depends on TF_A_ARM_ARCH_MAJOR_8 || TF_A_ARM_ARCH_MAJOR_8_32_BIT
+	int
+	default 0
+	prompt "TF-A target ARMv8.MINOR version"
+	help
+	  The minor version of the ARMv8 architecture targeted. Defaults to 0.
+
+config TF_A_EXTRA_ARGS
+	string
+	prompt "TF-A extra build arguments"
+	help
+	  Extra platform-specific build arguments to pass to the TF-A build
+	  process, e.g. DTB_FILE_NAME= for the stm32mp1
+
+config TF_A_ARTIFACTS
+	string
+	prompt "TF-A artifact file names"
+	help
+	  A space-separated list of glob patterns of artifacts to copy from the
+	  build directory.
+	  All file names are relative to the appropriate TF-A platform build
+	  directory.
+
+comment "Payloads"
+
+choice
+	prompt "BL32 Payload"
+	default TF_A_BL32_NONE
+	help
+	  payload for BL32 (Secure World OS)
+
+	config TF_A_BL32_NONE
+		prompt "None"
+		bool
+
+	config TF_A_BL32_SP_MIN
+		depends on ARCH_ARM
+		prompt "sp_min"
+		bool
+
+	config TF_A_BL32_TSP
+		depends on ARCH_ARM64
+		prompt "Test Secure Payload"
+		bool
+
+endchoice
+
+if TF_A_BL32_TSP
+choice TF_A_BL32_TSP_RAM_LOCATION
+	prompt "TSP location"
+	default TF_A_BL32_TSP_RAM_LOCATION_TSRAM
+
+	config TF_A_BL32_TSP_RAM_LOCATION_TSRAM
+		prompt "Trusted SRAM"
+		bool
+
+	config TF_A_BL32_TSP_RAM_LOCATION_TDRAM
+		prompt "Trusted DRAM (if available)"
+		bool
+
+	config TF_A_BL32_TSP_RAM_LOCATION_DRAM
+		prompt "Secure DRAM region (configured by TrustZone controller)"
+		bool
+endchoice
+
+config TF_A_BL32_TSP_RAM_LOCATION_STRING
+        string
+        default "tsram" if TF_A_BL32_TSP_RAM_LOCATION_TSRAM
+        default "tdram" if TF_A_BL32_TSP_RAM_LOCATION_TDRAM
+        default "dram"  if TF_A_BL32_TSP_RAM_LOCATION_DRAM
+
+endif
+
+endif
diff --git a/rules/tf-a.make b/rules/tf-a.make
new file mode 100644
index 000000000000..3ba5ca275050
--- /dev/null
+++ b/rules/tf-a.make
@@ -0,0 +1,122 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2018 by Rouven Czerwinski <r.czerwinski@pengutronix.de>
+#               2019 by Ahmad Fatoum <a.fatoum@pengutronix.de>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_TF_A) += tf-a
+
+#
+# Paths and names
+#
+TF_A_VERSION	:= $(call remove_quotes,$(PTXCONF_TF_A_VERSION))
+TF_A_MD5	:= $(call remove_quotes,$(PTXCONF_TF_A_MD5))
+TF_A		:= tf-a-$(TF_A_VERSION)
+TF_A_SUFFIX	:= tar.gz
+TF_A_URL	:= https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/snapshot/$(TF_A_VERSION).$(TF_A_SUFFIX)
+TF_A_SOURCE	:= $(SRCDIR)/$(TF_A).$(TF_A_SUFFIX)
+TF_A_DIR	:= $(BUILDDIR)/$(TF_A)
+TF_A_LICENSE    := BSD-3-Clause AND BSD-2-Clause \
+		   AND (GPL-2.0-or-later OR BSD-2-Clause) \
+		   AND (NCSA OR MIT) \
+		   AND Zlib \
+		   AND (GPL-2.0-or-later OR BSD-3-Clause)
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+TF_A_WRAPPER_BLACKLIST := \
+	TARGET_HARDEN_RELRO \
+	TARGET_HARDEN_BINDNOW \
+	TARGET_HARDEN_PIE \
+	TARGET_DEBUG \
+	TARGET_BUILD_ID
+
+TF_A_RELEASE := 1
+
+TF_A_PATH	:= PATH=$(CROSS_PATH)
+TF_A_MAKE_OPT	:= \
+	CROSS_COMPILE=$(BOOTLOADER_CROSS_COMPILE) \
+	HOSTCC=$(HOSTCC) \
+	PLAT=$(PTXCONF_TF_A_PLATFORM) \
+	DEBUG=$(if $(filter 1,$(TF_A_RELEASE)),0,1) \
+	ARCH=$(PTXCONF_TF_A_ARCH_STRING) \
+	ARM_ARCH_MAJOR=$(PTXCONF_TF_A_ARM_ARCH_MAJOR) \
+	BUILD_STRING=$(PTXCONF_TF_A_VERSION) \
+	$(call remove_quotes,$(PTXCONF_TF_A_EXTRA_ARGS)) \
+	all
+
+ifdef PTXCONF_TF_A_BL32_TSP
+TF_A_MAKE_OPT += ARM_TSP_RAM_LOCATION=$(PTXCONF_TF_A_BL32_TSP_RAM_LOCATION_STRING)
+endif
+ifdef PTXCONF_TF_A_ARM_ARCH_MINOR
+TF_A_MAKE_OPT += ARM_ARCH_MINOR=$(PTXCONF_TF_A_ARM_ARCH_MINOR)
+endif
+ifdef PTXCONF_TF_A_BL32_SP_MIN
+TF_A_MAKE_OPT += AARCH32_SP=sp_min
+endif
+
+ifdef PTXCONF_TF_A
+ifeq ($(PTXCONF_TF_A_ARTIFACTS),)
+$(error TF_A_ARTIFACTS is empty. nothing to install.)
+endif
+endif
+
+TF_A_CONF_TOOL	:= NO
+
+$(STATEDIR)/tf-a.prepare:
+	@$(call targetinfo)
+	@rm -rf $(TF_A_DIR)/build/
+	@$(call touch)
+
+# ----------------------------------------------------------------------------
+# Compile
+# ----------------------------------------------------------------------------
+
+TF_A_MAKE_ENV	:= $(CROSS_ENV)
+
+# ----------------------------------------------------------------------------
+# Install
+# ----------------------------------------------------------------------------
+
+TF_A_BUILD_OUTPUT_DIR := $(TF_A_DIR)/build/$(call remove_quotes, \
+	$(PTXCONF_TF_A_PLATFORM))/$(if $(filter 1,$(TF_A_RELEASE)),release,debug)
+TF_A_ARTIFACTS_SRC = $(wildcard $(addprefix $(TF_A_BUILD_OUTPUT_DIR)/, \
+	$(call remove_quotes,$(PTXCONF_TF_A_ARTIFACTS))))
+TF_A_ARTIFACTS_DEST = $(subst $(TF_A_BUILD_OUTPUT_DIR)/,,$(TF_A_ARTIFACTS_SRC))
+
+$(STATEDIR)/tf-a.install:
+	@$(call targetinfo)
+	@$(foreach artifact, $(TF_A_ARTIFACTS_SRC), \
+		install -v -D -m 644 $(artifact) \
+		$(TF_A_PKGDIR)/usr/lib/firmware/$(notdir $(artifact))$(ptx/nl))
+	@$(call touch)
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/tf-a.targetinstall:
+	@$(call targetinfo)
+	@$(foreach artifact, $(TF_A_ARTIFACTS_SRC), \
+		install -v -D -m 644 $(artifact) \
+		$(IMAGEDIR)/$(notdir $(artifact))$(ptx/nl))
+	@$(call touch)
+
+# ----------------------------------------------------------------------------
+# Clean
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/tf-a.clean:
+	@$(call targetinfo)
+	@rm -f $(addprefix $(IMAGEDIR)/, $(TF_A_ARTIFACTS_DEST))
+	@$(call clean_pkg, TF_A)
+
+# vim: syntax=make
-- 
2.25.0


_______________________________________________
DistroKit mailing list
DistroKit@pengutronix.de

  parent reply	other threads:[~2020-03-02 11:03 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-02 11:03 [DistroKit] [PATCH 0/6] v7a: add basic STM32MP157C-DK2 support Ahmad Fatoum
2020-03-02 11:03 ` [DistroKit] [PATCH 1/6] v7a: kernel: configure for STM32MP157 support Ahmad Fatoum
2020-03-05 16:43   ` Robert Schwebel
2020-03-02 11:03 ` [DistroKit] [PATCH 2/6] v7a: barebox: add new stm32mp rule Ahmad Fatoum
2020-03-03  9:43   ` Roland Hieber
2020-03-03  9:54     ` Ahmad Fatoum
2020-03-05 16:44   ` Robert Schwebel
2020-03-02 11:03 ` Ahmad Fatoum [this message]
2020-03-05 16:44   ` [DistroKit] [PATCH 3/6] rules: add ARM Trusted Firmware-A Robert Schwebel
2020-03-05 17:28     ` Robert Schwebel
2020-03-02 11:03 ` [DistroKit] [PATCH 4/6] v7a: stm32mp: enable TF-A for first stage Ahmad Fatoum
2020-03-05 16:45   ` Robert Schwebel
2020-03-02 11:03 ` [DistroKit] [PATCH 5/6] datapartition: disable autoformat of non-MBR Linux partitions Ahmad Fatoum
2020-03-05 16:45   ` Robert Schwebel
2020-03-02 11:03 ` [DistroKit] [PATCH 6/6] v7a: add stm32mp157c-dk2 SD-Card image Ahmad Fatoum
2020-03-03 12:08   ` Roland Hieber
2020-03-05 16:46     ` Robert Schwebel
2020-03-05 16:46   ` Robert Schwebel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200302110356.19112-4-a.fatoum@pengutronix.de \
    --to=a.fatoum@pengutronix.de \
    --cc=distrokit@pengutronix.de \
    --cc=m.tretter@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox