Re: [ptxdist] [PATCH v4] tf-a: new package for ARM trusted firmware A

[Ahmad Fatoum <a.fatoum@pengutronix.de>]

On 3/19/20 5:16 PM, Guillermo Rodriguez Garcia wrote:
> Hi all,
> 
> This seems to be in pretty good shape now; will this be merged ?

Alexander Dahl spotted an issue when he built it along with DistroKit.
I will post a v5.

Cheers,

> 
> Guillermo
> 
> El jue., 27 feb. 2020 a las 13:02, Ahmad Fatoum
> (<a.fatoum@pengutronix.de>) escribió:
>>
>> Trusted Firmware-A (TF-A) is a reference implementation of secure world
>> software for Arm A-Profile architectures (Armv8-A and Armv7-A).
>>
>> Cc: Alejandro Vazquez <avazquez.dev@gmail.com>
>> Tested-by: Michael Tretter <m.tretter@pengutronix.de>
>> Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>
>> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
>> ---
>> v3 -> v4:
>>   - Fixed license statement (Roland, Philipp)
>>   - Fixed typo in Kconfig description string (Philipp)
>>   - Remove commented out TF_A_DEBUG (Philipp, mol)
>>   - Added non-commented out TF_A_RELASE (myself)
>>   - Added Michael Tretter's Tested-by
>> v2 -> v3:
>>   - sorted version and md5 Kconfig options to top (mol)
>>   - Added trailing spaces to align arrow after main prompt (mol)
>>   - Changed TF_A_VERSION help text to indicate that the version can be any
>>     git commitsh
>>   - Removed default value for TF_A_ARTIFACTS (mol)
>>   - integrated TF_A_VERSION into BUILD_STRING of resulting artifacts
>>     (Guillermo, mtr)
>>   - unconditional error if TF_A_ARTIFACTS is empty instead of warning later on
>>     (mol)
>>   - removed diplicate Prepare header (mol)
>>   - resorted make variable definitions
>>   - avoid unportable install --target-directory (Guillermo)
>>   - documented support for globbing in TF_A_ARTIFACTS
>>   - don't glob delete in IMAGEDIR, instead expand the glob in the build
>>     directory first
>> v1 -> v2:
>>   - Made TF_A_ARCH_MAJOR configurable to support 32 bit ARMv8 (Guillermo)
>>   - Replaces stm32mp-specific TF_A_DTB with TF_A_EXTRA_ARGS to contain
>>     all board/vendor specific options
>>   - removed reference to no longer existing CREDITS file
>>   - removed TF_A_MAKE_OPT contents that are set elsewhere
>>   - reduced uses of += in favor of directly appending to the string
>>   - delete old build directory in prepare instead of compile
>>   - use default compile stage (Guillermo)
>>   - install artifacts to sysroot /usr/lib/firmware in install stage
>>   - install artifacts to IMAGEDIR in targetinstall
>>   - fix clean stage to delete proper artifacts
>> ---
>>  platforms/tf-a.in | 140 ++++++++++++++++++++++++++++++++++++++++++++++
>>  rules/tf-a.make   | 122 ++++++++++++++++++++++++++++++++++++++++
>>  2 files changed, 262 insertions(+)
>>  create mode 100644 platforms/tf-a.in
>>  create mode 100644 rules/tf-a.make
>>
>> diff --git a/platforms/tf-a.in b/platforms/tf-a.in
>> new file mode 100644
>> index 000000000000..3cddf7907960
>> --- /dev/null
>> +++ b/platforms/tf-a.in
>> @@ -0,0 +1,140 @@
>> +## SECTION=bootloader
>> +
>> +menuconfig TF_A
>> +       select BOOTLOADER
>> +       prompt "ARM Trusted Firmware-A        "
>> +       depends on ARCH_ARM || ARCH_ARM64
>> +       bool
>> +
>> +if TF_A
>> +
>> +config TF_A_VERSION
>> +       string
>> +       default "v2.2"
>> +       prompt "TF-A version"
>> +       help
>> +         Enter the TF-A git commit-ish you want to build. Usually a tagged
>> +         release like "v2.2"
>> +
>> +config TF_A_MD5
>> +       string
>> +       default "bb300e5a62c911e189c80d935d497a4b"
>> +       prompt "TF-A source md5"
>> +
>> +config TF_A_ARCH_STRING
>> +        string
>> +        default "aarch32" if ARCH_ARM
>> +        default "aarch64" if ARCH_ARM64
>> +
>> +choice
>> +       prompt "TF-A Architecture"
>> +       default TF_A_ARM_ARCH_MAJOR_7 if ARCH_ARM
>> +       default TF_A_ARM_ARCH_MAJOR_8 if ARCH_ARM64
>> +       help
>> +         Architecture version major number
>> +
>> +       config TF_A_ARM_ARCH_MAJOR_7
>> +               depends on ARCH_ARM
>> +               prompt "ARMv7"
>> +               bool
>> +
>> +       config TF_A_ARM_ARCH_MAJOR_8_32_BIT
>> +               depends on ARCH_ARM
>> +               prompt "ARMv8 32-bit"
>> +               bool
>> +
>> +       config TF_A_ARM_ARCH_MAJOR_8
>> +               depends on ARCH_ARM64
>> +               prompt "ARMv8"
>> +               bool
>> +
>> +endchoice
>> +
>> +config TF_A_ARM_ARCH_MAJOR
>> +        int
>> +        default 7 if TF_A_ARM_ARCH_MAJOR_7
>> +        default 8 if TF_A_ARM_ARCH_MAJOR_8_32_BIT
>> +        default 8 if TF_A_ARM_ARCH_MAJOR_8
>> +
>> +
>> +config TF_A_PLATFORM
>> +       string
>> +       prompt "TF-A target platform"
>> +       help
>> +         The TF-A target platform.
>> +
>> +config TF_A_ARM_ARCH_MINOR
>> +       depends on TF_A_ARM_ARCH_MAJOR_8 || TF_A_ARM_ARCH_MAJOR_8_32_BIT
>> +       int
>> +       default 0
>> +       prompt "TF-A target ARMv8.MINOR version"
>> +       help
>> +         The minor version of the ARMv8 architecture targeted. Defaults to 0.
>> +
>> +config TF_A_EXTRA_ARGS
>> +       string
>> +       prompt "TF-A extra build arguments"
>> +       help
>> +         Extra platform-specific build arguments to pass to the TF-A build
>> +         process, e.g. DTB_FILE_NAME= for the stm32mp1
>> +
>> +config TF_A_ARTIFACTS
>> +       string
>> +       prompt "TF-A artifact file names"
>> +       help
>> +         A space-separated list of glob patterns of artifacts to copy from the
>> +         build directory.
>> +         All file names are relative to the appropriate TF-A platform build
>> +         directory.
>> +
>> +comment "Payloads"
>> +
>> +choice
>> +       prompt "BL32 Payload"
>> +       default TF_A_BL32_NONE
>> +       help
>> +         payload for BL32 (Secure World OS)
>> +
>> +       config TF_A_BL32_NONE
>> +               prompt "None"
>> +               bool
>> +
>> +       config TF_A_BL32_SP_MIN
>> +               depends on ARCH_ARM
>> +               prompt "sp_min"
>> +               bool
>> +
>> +       config TF_A_BL32_TSP
>> +               depends on ARCH_ARM64
>> +               prompt "Test Secure Payload"
>> +               bool
>> +
>> +endchoice
>> +
>> +if TF_A_BL32_TSP
>> +choice TF_A_BL32_TSP_RAM_LOCATION
>> +       prompt "TSP location"
>> +       default TF_A_BL32_TSP_RAM_LOCATION_TSRAM
>> +
>> +       config TF_A_BL32_TSP_RAM_LOCATION_TSRAM
>> +               prompt "Trusted SRAM"
>> +               bool
>> +
>> +       config TF_A_BL32_TSP_RAM_LOCATION_TDRAM
>> +               prompt "Trusted DRAM (if available)"
>> +               bool
>> +
>> +       config TF_A_BL32_TSP_RAM_LOCATION_DRAM
>> +               prompt "Secure DRAM region (configured by TrustZone controller)"
>> +               bool
>> +endchoice
>> +
>> +config TF_A_BL32_TSP_RAM_LOCATION_STRING
>> +        string
>> +        default "tsram" if TF_A_BL32_TSP_RAM_LOCATION_TSRAM
>> +        default "tdram" if TF_A_BL32_TSP_RAM_LOCATION_TDRAM
>> +        default "dram"  if TF_A_BL32_TSP_RAM_LOCATION_DRAM
>> +
>> +endif
>> +
>> +endif
>> diff --git a/rules/tf-a.make b/rules/tf-a.make
>> new file mode 100644
>> index 000000000000..3ba5ca275050
>> --- /dev/null
>> +++ b/rules/tf-a.make
>> @@ -0,0 +1,122 @@
>> +# -*-makefile-*-
>> +#
>> +# Copyright (C) 2018 by Rouven Czerwinski <r.czerwinski@pengutronix.de>
>> +#               2019 by Ahmad Fatoum <a.fatoum@pengutronix.de>
>> +#
>> +# For further information about the PTXdist project and license conditions
>> +# see the README file.
>> +#
>> +
>> +#
>> +# We provide this package
>> +#
>> +PACKAGES-$(PTXCONF_TF_A) += tf-a
>> +
>> +#
>> +# Paths and names
>> +#
>> +TF_A_VERSION   := $(call remove_quotes,$(PTXCONF_TF_A_VERSION))
>> +TF_A_MD5       := $(call remove_quotes,$(PTXCONF_TF_A_MD5))
>> +TF_A           := tf-a-$(TF_A_VERSION)
>> +TF_A_SUFFIX    := tar.gz
>> +TF_A_URL       := https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/snapshot/$(TF_A_VERSION).$(TF_A_SUFFIX)
>> +TF_A_SOURCE    := $(SRCDIR)/$(TF_A).$(TF_A_SUFFIX)
>> +TF_A_DIR       := $(BUILDDIR)/$(TF_A)
>> +TF_A_LICENSE    := BSD-3-Clause AND BSD-2-Clause \
>> +                  AND (GPL-2.0-or-later OR BSD-2-Clause) \
>> +                  AND (NCSA OR MIT) \
>> +                  AND Zlib \
>> +                  AND (GPL-2.0-or-later OR BSD-3-Clause)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Prepare
>> +# ----------------------------------------------------------------------------
>> +
>> +TF_A_WRAPPER_BLACKLIST := \
>> +       TARGET_HARDEN_RELRO \
>> +       TARGET_HARDEN_BINDNOW \
>> +       TARGET_HARDEN_PIE \
>> +       TARGET_DEBUG \
>> +       TARGET_BUILD_ID
>> +
>> +TF_A_RELEASE := 1
>> +
>> +TF_A_PATH      := PATH=$(CROSS_PATH)
>> +TF_A_MAKE_OPT  := \
>> +       CROSS_COMPILE=$(BOOTLOADER_CROSS_COMPILE) \
>> +       HOSTCC=$(HOSTCC) \
>> +       PLAT=$(PTXCONF_TF_A_PLATFORM) \
>> +       DEBUG=$(if $(filter 1,$(TF_A_RELEASE)),0,1) \
>> +       ARCH=$(PTXCONF_TF_A_ARCH_STRING) \
>> +       ARM_ARCH_MAJOR=$(PTXCONF_TF_A_ARM_ARCH_MAJOR) \
>> +       BUILD_STRING=$(PTXCONF_TF_A_VERSION) \
>> +       $(call remove_quotes,$(PTXCONF_TF_A_EXTRA_ARGS)) \
>> +       all
>> +
>> +ifdef PTXCONF_TF_A_BL32_TSP
>> +TF_A_MAKE_OPT += ARM_TSP_RAM_LOCATION=$(PTXCONF_TF_A_BL32_TSP_RAM_LOCATION_STRING)
>> +endif
>> +ifdef PTXCONF_TF_A_ARM_ARCH_MINOR
>> +TF_A_MAKE_OPT += ARM_ARCH_MINOR=$(PTXCONF_TF_A_ARM_ARCH_MINOR)
>> +endif
>> +ifdef PTXCONF_TF_A_BL32_SP_MIN
>> +TF_A_MAKE_OPT += AARCH32_SP=sp_min
>> +endif
>> +
>> +ifdef PTXCONF_TF_A
>> +ifeq ($(PTXCONF_TF_A_ARTIFACTS),)
>> +$(error TF_A_ARTIFACTS is empty. nothing to install.)
>> +endif
>> +endif
>> +
>> +TF_A_CONF_TOOL := NO
>> +
>> +$(STATEDIR)/tf-a.prepare:
>> +       @$(call targetinfo)
>> +       @rm -rf $(TF_A_DIR)/build/
>> +       @$(call touch)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Compile
>> +# ----------------------------------------------------------------------------
>> +
>> +TF_A_MAKE_ENV  := $(CROSS_ENV)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Install
>> +# ----------------------------------------------------------------------------
>> +
>> +TF_A_BUILD_OUTPUT_DIR := $(TF_A_DIR)/build/$(call remove_quotes, \
>> +       $(PTXCONF_TF_A_PLATFORM))/$(if $(filter 1,$(TF_A_RELEASE)),release,debug)
>> +TF_A_ARTIFACTS_SRC = $(wildcard $(addprefix $(TF_A_BUILD_OUTPUT_DIR)/, \
>> +       $(call remove_quotes,$(PTXCONF_TF_A_ARTIFACTS))))
>> +TF_A_ARTIFACTS_DEST = $(subst $(TF_A_BUILD_OUTPUT_DIR)/,,$(TF_A_ARTIFACTS_SRC))
>> +
>> +$(STATEDIR)/tf-a.install:
>> +       @$(call targetinfo)
>> +       @$(foreach artifact, $(TF_A_ARTIFACTS_SRC), \
>> +               install -v -D -m 644 $(artifact) \
>> +               $(TF_A_PKGDIR)/usr/lib/firmware/$(notdir $(artifact))$(ptx/nl))
>> +       @$(call touch)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Target-Install
>> +# ----------------------------------------------------------------------------
>> +
>> +$(STATEDIR)/tf-a.targetinstall:
>> +       @$(call targetinfo)
>> +       @$(foreach artifact, $(TF_A_ARTIFACTS_SRC), \
>> +               install -v -D -m 644 $(artifact) \
>> +               $(IMAGEDIR)/$(notdir $(artifact))$(ptx/nl))
>> +       @$(call touch)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Clean
>> +# ----------------------------------------------------------------------------
>> +
>> +$(STATEDIR)/tf-a.clean:
>> +       @$(call targetinfo)
>> +       @rm -f $(addprefix $(IMAGEDIR)/, $(TF_A_ARTIFACTS_DEST))
>> +       @$(call clean_pkg, TF_A)
>> +
>> +# vim: syntax=make
>> --
>> 2.25.0
>>
>>
>> _______________________________________________
>> ptxdist mailing list
>> ptxdist@pengutronix.de
> 
> 
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de