diff --git a/Makefile b/Makefile index 050a76e..31ac5d6 100644 --- a/Makefile +++ b/Makefile @@ -31,98 +31,152 @@ # # Trusted Firmware Version # -VERSION_MAJOR := 1 -VERSION_MINOR := 1 +VERSION_MAJOR := 1 +VERSION_MINOR := 1 -# +include make_helpers/build_macros.mk + +################################################################################ # Default values for build configurations -# +################################################################################ # Build verbosity -V := 0 +V := 0 # Debug build -DEBUG := 0 +DEBUG := 0 # Build platform -DEFAULT_PLAT := fvp -PLAT := ${DEFAULT_PLAT} +DEFAULT_PLAT := fvp +PLAT := ${DEFAULT_PLAT} # SPD choice -SPD := none +SPD := none # Base commit to perform code check on -BASE_COMMIT := origin/master +BASE_COMMIT := origin/master # NS timer register save and restore -NS_TIMER_SWITCH := 0 +NS_TIMER_SWITCH := 0 # By default, Bl1 acts as the reset handler, not BL31 -RESET_TO_BL31 := 0 +RESET_TO_BL31 := 0 # Include FP registers in cpu context CTX_INCLUDE_FPREGS := 0 # Determine the version of ARM GIC architecture to use for interrupt management # in EL3. The platform port can change this value if needed. -ARM_GIC_ARCH := 2 +ARM_GIC_ARCH := 2 # Determine the version of ARM CCI product used in the platform. The platform # port can change this value if needed. -ARM_CCI_PRODUCT_ID := 400 +ARM_CCI_PRODUCT_ID := 400 # Flag used to indicate if ASM_ASSERTION should be enabled for the build. # This defaults to being present in DEBUG builds only. -ASM_ASSERTION := ${DEBUG} +ASM_ASSERTION := ${DEBUG} # Build option to choose whether Trusted firmware uses Coherent memory or not. -USE_COHERENT_MEM := 1 +USE_COHERENT_MEM := 1 # Flag used to choose the power state format viz Extended State-ID or the Original # format. -PSCI_EXTENDED_STATE_ID := 0 +PSCI_EXTENDED_STATE_ID := 0 # Default FIP file name -FIP_NAME := fip.bin +FIP_NAME := fip.bin # By default, use the -pedantic option in the gcc command line -DISABLE_PEDANTIC := 0 +DISABLE_PEDANTIC := 0 # Flags to generate the Chain of Trust -GENERATE_COT := 0 -CREATE_KEYS := 1 -SAVE_KEYS := 0 +GENERATE_COT := 0 +CREATE_KEYS := 1 +SAVE_KEYS := 0 # Flags to build TF with Trusted Boot support -TRUSTED_BOARD_BOOT := 0 +TRUSTED_BOARD_BOOT := 0 # By default, consider that the platform's reset address is not programmable. # The platform Makefile is free to override this value. PROGRAMMABLE_RESET_ADDRESS := 0 # Build flag to warn about usage of deprecated platform and framework APIs -WARN_DEPRECATED := 0 +WARN_DEPRECATED := 0 -# Checkpatch ignores -CHECK_IGNORE = --ignore COMPLEX_MACRO \ + +################################################################################ +# Checkpatch script options +################################################################################ + +CHECK_IGNORE := --ignore COMPLEX_MACRO \ --ignore GERRIT_CHANGE_ID \ --ignore GIT_COMMIT_ID - -CHECKPATCH_ARGS = --no-tree --no-signoff ${CHECK_IGNORE} -CHECKCODE_ARGS = --no-patch --no-tree --no-signoff ${CHECK_IGNORE} +CHECKPATCH_ARGS := --no-tree --no-signoff ${CHECK_IGNORE} +CHECKCODE_ARGS := --no-patch --no-tree --no-signoff ${CHECK_IGNORE} # Do not check the coding style on C library files -CHECK_PATHS = $(shell ls -I include -I lib) \ +CHECK_PATHS := $(shell ls -I include -I lib) \ $(addprefix include/,$(shell ls -I stdlib include)) \ $(addprefix lib/,$(shell ls -I stdlib lib)) + +################################################################################ +# Process build options +################################################################################ + +# Verbose flag ifeq (${V},0) - Q=@ - CHECKCODE_ARGS += --no-summary --terse + Q=@ + CHECKCODE_ARGS += --no-summary --terse else - Q= + Q= endif export Q +# Process Debug flag +$(eval $(call add_define,DEBUG)) ifneq (${DEBUG}, 0) - BUILD_TYPE := debug - # Use LOG_LEVEL_INFO by default for debug builds - LOG_LEVEL := 40 + BUILD_TYPE := debug + CFLAGS += -g + ASFLAGS += -g -Wa,--gdwarf-2 + # Use LOG_LEVEL_INFO by default for debug builds + LOG_LEVEL := 40 else - BUILD_TYPE := release - # Use LOG_LEVEL_NOTICE by default for release builds - LOG_LEVEL := 20 + BUILD_TYPE := release + $(eval $(call add_define,NDEBUG)) + # Use LOG_LEVEL_NOTICE by default for release builds + LOG_LEVEL := 20 endif # Default build string (git branch and commit) ifeq (${BUILD_STRING},) - BUILD_STRING := $(shell git log -n 1 --pretty=format:"%h") + BUILD_STRING := $(shell git log -n 1 --pretty=format:"%h") endif - VERSION_STRING := v${VERSION_MAJOR}.${VERSION_MINOR}(${BUILD_TYPE}):${BUILD_STRING} -BL_COMMON_SOURCES := common/bl_common.c \ +# The cert_create tool cannot generate certificates individually, so we use the +# target 'certificates' to create them all +ifneq (${GENERATE_COT},0) + FIP_DEPS += certificates +endif + + +################################################################################ +# Toolchain +################################################################################ + +CC := ${CROSS_COMPILE}gcc +CPP := ${CROSS_COMPILE}cpp +AS := ${CROSS_COMPILE}gcc +AR := ${CROSS_COMPILE}ar +LD := ${CROSS_COMPILE}ld +OC := ${CROSS_COMPILE}objcopy +OD := ${CROSS_COMPILE}objdump +NM := ${CROSS_COMPILE}nm +PP := ${CROSS_COMPILE}gcc -E + +ASFLAGS += -nostdinc -ffreestanding -Wa,--fatal-warnings \ + -Werror -Wmissing-include-dirs \ + -mgeneral-regs-only -D__ASSEMBLY__ \ + ${DEFINES} ${INCLUDES} +CFLAGS += -nostdinc -ffreestanding -Wall \ + -Werror -Wmissing-include-dirs \ + -mgeneral-regs-only -std=c99 -c -Os \ + ${DEFINES} ${INCLUDES} +CFLAGS += -ffunction-sections -fdata-sections + +LDFLAGS += --fatal-warnings -O1 +LDFLAGS += --gc-sections + + +################################################################################ +# Common sources and include directories +################################################################################ + +BL_COMMON_SOURCES += common/bl_common.c \ common/tf_printf.c \ common/aarch64/debug.S \ lib/aarch64/cache_helpers.S \ @@ -131,99 +185,6 @@ lib/stdlib/std.c \ plat/common/aarch64/platform_helpers.S -BUILD_BASE := ./build -BUILD_PLAT := ${BUILD_BASE}/${PLAT}/${BUILD_TYPE} - -PLAT_MAKEFILE := platform.mk -# Generate the platforms list by recursively searching for all directories -# under /plat containing a PLAT_MAKEFILE. Append each platform with a `|` -# char and strip out the final '|'. -PLATFORMS := $(shell find plat/ -name '${PLAT_MAKEFILE}' -print0 | \ - sed -r 's%[^\x00]*\/([^/]*)\/${PLAT_MAKEFILE}\x00%\1|%g' | \ - sed -r 's/\|$$//') -SPDS := $(shell ls -I none services/spd) - -# Convenience function for adding build definitions -# $(eval $(call add_define,FOO)) will have: -# -DFOO if $(FOO) is empty; -DFOO=$(FOO) otherwise -define add_define -DEFINES += -D$(1)$(if $(value $(1)),=$(value $(1)),) -endef - -# Convenience function for verifying option has a boolean value -# $(eval $(call assert_boolean,FOO)) will assert FOO is 0 or 1 -define assert_boolean -$(and $(patsubst 0,,$(value $(1))),$(patsubst 1,,$(value $(1))),$(error $(1) must be boolean)) -endef - -ifeq (${PLAT},) - $(error "Error: Unknown platform. Please use PLAT= to specify the platform") -endif -PLAT_MAKEFILE_FULL := $(shell find plat/ -wholename '*/${PLAT}/${PLAT_MAKEFILE}') -ifeq ($(PLAT_MAKEFILE_FULL),) - $(error "Error: Invalid platform. The following platforms are available: ${PLATFORMS}") -endif - -all: msg_start - -msg_start: - @echo "Building ${PLAT}" - -include ${PLAT_MAKEFILE_FULL} - -# If the platform has not defined ENABLE_PLAT_COMPAT, then enable it by default -ifndef ENABLE_PLAT_COMPAT -ENABLE_PLAT_COMPAT := 1 -endif - -# Include the platform compatibility helpers for PSCI -ifneq (${ENABLE_PLAT_COMPAT}, 0) -include plat/compat/plat_compat.mk -endif - -# Include the CPU specific operations makefile. By default all CPU errata -# workarounds and CPU specifc optimisations are disabled. This can be -# overridden by the platform. -include lib/cpus/cpu-ops.mk - -ifdef BL1_SOURCES -NEED_BL1 := yes -include bl1/bl1.mk -endif - -ifdef BL2_SOURCES -NEED_BL2 := yes -include bl2/bl2.mk -# Using the ARM Trusted Firmware BL2 implies that a BL3-3 image also need to be supplied for the FIP. -# This flag can be overridden by the platform. -NEED_BL33 ?= yes -endif - -ifdef BL31_SOURCES -NEED_BL31 := yes -include bl31/bl31.mk -endif - -# Include SPD Makefile if one has been specified -ifneq (${SPD},none) - # We expect to locate an spd.mk under the specified SPD directory - SPD_MAKE := $(shell m="services/spd/${SPD}/${SPD}.mk"; [ -f "$$m" ] && echo "$$m") - - ifeq (${SPD_MAKE},) - $(error Error: No services/spd/${SPD}/${SPD}.mk located) - endif - $(info Including ${SPD_MAKE}) - include ${SPD_MAKE} - - # If there's BL3-2 companion for the chosen SPD, and the SPD wants to build the - # BL3-2 from source, we expect that the SPD's Makefile would set NEED_BL32 - # variable to "yes". In case the BL3-2 is a binary which needs to be included in - # fip, then the NEED_BL32 needs to be set and BL3-2 would need to point to the bin. -endif - -.PHONY: all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool fip certtool -.SUFFIXES: - INCLUDES += -Iinclude/bl31 \ -Iinclude/bl31/services \ -Iinclude/common \ @@ -241,135 +202,214 @@ ${PLAT_INCLUDES} \ ${SPD_INCLUDES} -# Process DEBUG flag -$(eval $(call assert_boolean,DEBUG)) -$(eval $(call add_define,DEBUG)) -ifeq (${DEBUG},0) - $(eval $(call add_define,NDEBUG)) -else -CFLAGS += -g -ASFLAGS += -g -Wa,--gdwarf-2 + +################################################################################ +# Generic definitions +################################################################################ + +BUILD_BASE := ./build +BUILD_PLAT := ${BUILD_BASE}/${PLAT}/${BUILD_TYPE} + +PLAT_MAKEFILE := platform.mk +# Generate the platforms list by recursively searching for all directories +# under /plat containing a PLAT_MAKEFILE. Append each platform with a `|` +# char and strip out the final '|'. +PLATFORMS := $(shell find plat/ -name '${PLAT_MAKEFILE}' -print0 | \ + sed -r 's%[^\x00]*\/([^/]*)\/${PLAT_MAKEFILE}\x00%\1|%g' | \ + sed -r 's/\|$$//') +SPDS := $(shell ls -I none services/spd) + +# Platforms providing their own TBB makefile may override this value +INCLUDE_TBBR_MK := 1 + + +################################################################################ +# Include SPD Makefile if one has been specified +################################################################################ + +ifneq (${SPD},none) + # We expect to locate an spd.mk under the specified SPD directory + SPD_MAKE := $(shell m="services/spd/${SPD}/${SPD}.mk"; [ -f "$$m" ] && echo "$$m") + + ifeq (${SPD_MAKE},) + $(error Error: No services/spd/${SPD}/${SPD}.mk located) + endif + $(info Including ${SPD_MAKE}) + include ${SPD_MAKE} + + # If there's BL3-2 companion for the chosen SPD, and the SPD wants to build the + # BL3-2 from source, we expect that the SPD's Makefile would set NEED_BL32 + # variable to "yes". In case the BL3-2 is a binary which needs to be included in + # fip, then the NEED_BL32 needs to be set and BL3-2 would need to point to the bin. endif -# Process PLAT flag -$(eval $(call add_define,PLAT_${PLAT})) -# Process NS_TIMER_SWITCH flag -$(eval $(call assert_boolean,NS_TIMER_SWITCH)) -$(eval $(call add_define,NS_TIMER_SWITCH)) +################################################################################ +# Include the platform specific Makefile after the SPD Makefile (the platform +# makefile may use all previous definitions in this file) +################################################################################ -# Process RESET_TO_BL31 flag -$(eval $(call assert_boolean,RESET_TO_BL31)) -$(eval $(call add_define,RESET_TO_BL31)) +ifeq (${PLAT},) + $(error "Error: Unknown platform. Please use PLAT= to specify the platform") +endif +PLAT_MAKEFILE_FULL := $(shell find plat/ -wholename '*/${PLAT}/${PLAT_MAKEFILE}') +ifeq ($(PLAT_MAKEFILE_FULL),) + $(error "Error: Invalid platform. The following platforms are available: ${PLATFORMS}") +endif -# Process CTX_INCLUDE_FPREGS flag -$(eval $(call assert_boolean,CTX_INCLUDE_FPREGS)) -$(eval $(call add_define,CTX_INCLUDE_FPREGS)) +include ${PLAT_MAKEFILE_FULL} -# Process ARM_GIC_ARCH flag -$(eval $(call add_define,ARM_GIC_ARCH)) - -# Process ARM_CCI_PRODUCT_ID flag -$(eval $(call add_define,ARM_CCI_PRODUCT_ID)) - -# Process ASM_ASSERTION flag -$(eval $(call assert_boolean,ASM_ASSERTION)) -$(eval $(call add_define,ASM_ASSERTION)) - -# Process LOG_LEVEL flag -$(eval $(call add_define,LOG_LEVEL)) - -# Process USE_COHERENT_MEM flag -$(eval $(call assert_boolean,USE_COHERENT_MEM)) -$(eval $(call add_define,USE_COHERENT_MEM)) - -# Process PSCI_EXTENDED_STATE_ID flag -$(eval $(call assert_boolean,PSCI_EXTENDED_STATE_ID)) -$(eval $(call add_define,PSCI_EXTENDED_STATE_ID)) - -# Process Generate CoT flags -$(eval $(call assert_boolean,GENERATE_COT)) -$(eval $(call assert_boolean,CREATE_KEYS)) -$(eval $(call assert_boolean,SAVE_KEYS)) - -# Process TRUSTED_BOARD_BOOT flag -$(eval $(call assert_boolean,TRUSTED_BOARD_BOOT)) -$(eval $(call add_define,TRUSTED_BOARD_BOOT)) - -# Process PROGRAMMABLE_RESET_ADDRESS flag -$(eval $(call assert_boolean,PROGRAMMABLE_RESET_ADDRESS)) -$(eval $(call add_define,PROGRAMMABLE_RESET_ADDRESS)) - -# Process ENABLE_PLAT_COMPAT flag -$(eval $(call assert_boolean,ENABLE_PLAT_COMPAT)) -$(eval $(call add_define,ENABLE_PLAT_COMPAT)) - -# Process WARN_DEPRECATED flag -$(eval $(call assert_boolean,WARN_DEPRECATED)) -$(eval $(call add_define,WARN_DEPRECATED)) - -ASFLAGS += -nostdinc -ffreestanding -Wa,--fatal-warnings \ - -Werror -Wmissing-include-dirs \ - -mgeneral-regs-only -D__ASSEMBLY__ \ - ${DEFINES} ${INCLUDES} -CFLAGS += -nostdinc -ffreestanding -Wall \ - -Werror -Wmissing-include-dirs \ - -mgeneral-regs-only -std=c99 -c -Os \ - ${DEFINES} ${INCLUDES} -CFLAGS += -ffunction-sections -fdata-sections - -LDFLAGS += --fatal-warnings -O1 -LDFLAGS += --gc-sections +# Include the CPU specific operations makefile. By default all CPU errata +# workarounds and CPU specifc optimisations are disabled. This can be +# overridden by the platform. +include lib/cpus/cpu-ops.mk -CC := ${CROSS_COMPILE}gcc -CPP := ${CROSS_COMPILE}cpp -AS := ${CROSS_COMPILE}gcc -AR := ${CROSS_COMPILE}ar -LD := ${CROSS_COMPILE}ld -OC := ${CROSS_COMPILE}objcopy -OD := ${CROSS_COMPILE}objdump -NM := ${CROSS_COMPILE}nm -PP := ${CROSS_COMPILE}gcc -E ${CFLAGS} +################################################################################ +# Process platform overrideable behaviour +################################################################################ -# Variables for use with Firmware Image Package -FIPTOOLPATH ?= tools/fip_create -FIPTOOL ?= ${FIPTOOLPATH}/fip_create -fiptool: ${FIPTOOL} -fip: ${BUILD_PLAT}/${FIP_NAME} +# Check if -pedantic option should be used +ifeq (${DISABLE_PEDANTIC},0) + CFLAGS += -pedantic +endif + +# Using the ARM Trusted Firmware BL2 implies that a BL3-3 image also need to be +# supplied for the FIP and Certificate generation tools. This flag can be +# overridden by the platform. +ifdef BL2_SOURCES +NEED_BL33 ?= yes +endif + +# Process TBB related flags +ifneq (${GENERATE_COT},0) + # Common cert_create options + ifneq (${CREATE_KEYS},0) + $(eval CRT_ARGS += -n) + ifneq (${SAVE_KEYS},0) + $(eval CRT_ARGS += -k) + endif + endif + # Include TBBR makefile (unless the platform indicates otherwise) + ifeq (${INCLUDE_TBBR_MK},1) + include make_helpers/tbbr/tbbr_tools.mk + endif +endif + + +################################################################################ +# Auxiliary tools (fip_create, cert_create, etc) +################################################################################ # Variables for use with Certificate Generation Tool CRTTOOLPATH ?= tools/cert_create CRTTOOL ?= ${CRTTOOLPATH}/cert_create -certtool: ${CRTTOOL} -# CoT generation tool default parameters -TRUSTED_KEY_CERT := ${BUILD_PLAT}/trusted_key.crt +# Variables for use with Firmware Image Package +FIPTOOLPATH ?= tools/fip_create +FIPTOOL ?= ${FIPTOOLPATH}/fip_create -# Pass the private keys to the CoT generation tool in the command line -# If CREATE_KEYS is set, the '-n' option will be added, indicating the tool to create new keys -ifneq (${GENERATE_COT},0) - $(eval CERTS := yes) - $(eval FIP_DEPS += certificates) - $(eval FIP_ARGS += --trusted-key-cert ${TRUSTED_KEY_CERT}) +################################################################################ +# Build options checks +################################################################################ - ifneq (${CREATE_KEYS},0) - $(eval CRT_ARGS += -n) - ifneq (${SAVE_KEYS},0) - $(eval CRT_ARGS += -k) - endif - endif - $(eval CRT_ARGS += $(if ${ROT_KEY}, --rot-key ${ROT_KEY})) - $(eval CRT_ARGS += $(if ${TRUSTED_WORLD_KEY}, --trusted-world-key ${TRUSTED_WORLD_KEY})) - $(eval CRT_ARGS += $(if ${NON_TRUSTED_WORLD_KEY}, --non-trusted-world-key ${NON_TRUSTED_WORLD_KEY})) - $(eval CRT_ARGS += --trusted-key-cert ${TRUSTED_KEY_CERT}) - $(eval CRT_ARGS += $(if ${KEY_ALG}, --key-alg ${KEY_ALG})) +$(eval $(call assert_boolean,DEBUG)) +$(eval $(call assert_boolean,NS_TIMER_SWITCH)) +$(eval $(call assert_boolean,RESET_TO_BL31)) +$(eval $(call assert_boolean,CTX_INCLUDE_FPREGS)) +$(eval $(call assert_boolean,ASM_ASSERTION)) +$(eval $(call assert_boolean,USE_COHERENT_MEM)) +$(eval $(call assert_boolean,DISABLE_PEDANTIC)) +$(eval $(call assert_boolean,GENERATE_COT)) +$(eval $(call assert_boolean,CREATE_KEYS)) +$(eval $(call assert_boolean,SAVE_KEYS)) +$(eval $(call assert_boolean,TRUSTED_BOARD_BOOT)) +$(eval $(call assert_boolean,PROGRAMMABLE_RESET_ADDRESS)) +$(eval $(call assert_boolean,PSCI_EXTENDED_STATE_ID)) +$(eval $(call assert_boolean,WARN_DEPRECATED)) + + +################################################################################ +# Add definitions to the cpp preprocessor based on the current build options. +# This is done after including the platform specific makefile to allow the +# platform to overwrite the default options +################################################################################ + +$(eval $(call add_define,PLAT_${PLAT})) +$(eval $(call add_define,NS_TIMER_SWITCH)) +$(eval $(call add_define,RESET_TO_BL31)) +$(eval $(call add_define,CTX_INCLUDE_FPREGS)) +$(eval $(call add_define,ARM_GIC_ARCH)) +$(eval $(call add_define,ARM_CCI_PRODUCT_ID)) +$(eval $(call add_define,ASM_ASSERTION)) +$(eval $(call add_define,LOG_LEVEL)) +$(eval $(call add_define,USE_COHERENT_MEM)) +$(eval $(call add_define,TRUSTED_BOARD_BOOT)) +$(eval $(call add_define,PROGRAMMABLE_RESET_ADDRESS)) +$(eval $(call add_define,PSCI_EXTENDED_STATE_ID)) +$(eval $(call add_define,WARN_DEPRECATED)) + + +################################################################################ +# Include BL specific makefiles +################################################################################ + +ifdef BL1_SOURCES +NEED_BL1 := yes +include bl1/bl1.mk endif -# Check if -pedantic option should be used -ifeq (${DISABLE_PEDANTIC},0) - CFLAGS += -pedantic +ifdef BL2_SOURCES +NEED_BL2 := yes +include bl2/bl2.mk +endif + +ifdef BL31_SOURCES +NEED_BL31 := yes +include bl31/bl31.mk +endif + + +################################################################################ +# Build targets +################################################################################ + +# Default target +.DEFAULT_GOAL := all + +.PHONY: all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool fip certtool +.SUFFIXES: + +all: msg_start + +msg_start: + @echo "Building ${PLAT}" + +# Expand build macros for the different images +ifeq (${NEED_BL1},yes) +$(eval $(call MAKE_BL,1)) +endif + +ifeq (${NEED_BL2},yes) +$(if ${BL2}, $(eval $(call MAKE_TOOL_ARGS,2,${BL2},in_fip)),\ + $(eval $(call MAKE_BL,2,in_fip))) +endif + +ifeq (${NEED_BL31},yes) +BL31_SOURCES += ${SPD_SOURCES} +$(if ${BL31}, $(eval $(call MAKE_TOOL_ARGS,31,${BL31},in_fip)),\ + $(eval $(call MAKE_BL,31,in_fip))) +endif + +ifeq (${NEED_BL32},yes) +$(if ${BL32}, $(eval $(call MAKE_TOOL_ARGS,32,${BL32},in_fip)),\ + $(eval $(call MAKE_BL,32,in_fip))) +endif + +# Add the BL33 image if required by the platform +ifeq (${NEED_BL33},yes) +$(eval $(call FIP_ADD_IMG,BL33,--bl33)) endif locate-checkpatch: @@ -382,282 +422,60 @@ endif clean: - @echo " CLEAN" - ${Q}rm -rf ${BUILD_PLAT} - ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean + @echo " CLEAN" + ${Q}rm -rf ${BUILD_PLAT} + ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean + ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean realclean distclean: - @echo " REALCLEAN" - ${Q}rm -rf ${BUILD_BASE} - ${Q}rm -f ${CURDIR}/cscope.* - ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean + @echo " REALCLEAN" + ${Q}rm -rf ${BUILD_BASE} + ${Q}rm -f ${CURDIR}/cscope.* + ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean + ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean checkcodebase: locate-checkpatch - @echo " CHECKING STYLE" - @if test -d .git ; then \ - git ls-files | grep -v stdlib | while read GIT_FILE ; do ${CHECKPATCH} ${CHECKCODE_ARGS} -f $$GIT_FILE ; done ; \ - else \ - find . -type f -not -iwholename "*.git*" -not -iwholename "*build*" -not -iwholename "*stdlib*" -exec ${CHECKPATCH} ${CHECKCODE_ARGS} -f {} \; ; \ - fi + @echo " CHECKING STYLE" + @if test -d .git ; then \ + git ls-files | grep -v stdlib | while read GIT_FILE ; do ${CHECKPATCH} ${CHECKCODE_ARGS} -f $$GIT_FILE ; done ; \ + else \ + find . -type f -not -iwholename "*.git*" -not -iwholename "*build*" -not -iwholename "*stdlib*" -exec ${CHECKPATCH} ${CHECKCODE_ARGS} -f {} \; ; \ + fi checkpatch: locate-checkpatch - @echo " CHECKING STYLE" - ${Q}git log -p ${BASE_COMMIT}..HEAD -- ${CHECK_PATHS} | ${CHECKPATCH} ${CHECKPATCH_ARGS} - || true + @echo " CHECKING STYLE" + ${Q}git log -p ${BASE_COMMIT}..HEAD -- ${CHECK_PATHS} | ${CHECKPATCH} ${CHECKPATCH_ARGS} - || true + +certtool: ${CRTTOOL} .PHONY: ${CRTTOOL} ${CRTTOOL}: - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} - @echo - @echo "Built $@ successfully" - @echo + ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} + @echo + @echo "Built $@ successfully" + @echo + +ifneq (${GENERATE_COT},0) +certificates: ${CRT_DEPS} ${CRTTOOL} + ${Q}${CRTTOOL} ${CRT_ARGS} + @echo + @echo "Built $@ successfully" + @echo "Certificates can be found in ${BUILD_PLAT}" + @echo +endif + +${BUILD_PLAT}/${FIP_NAME}: ${FIP_DEPS} ${FIPTOOL} + ${Q}${FIPTOOL} --dump ${FIP_ARGS} $@ + @echo + @echo "Built $@ successfully" + @echo + +fiptool: ${FIPTOOL} +fip: ${BUILD_PLAT}/${FIP_NAME} .PHONY: ${FIPTOOL} ${FIPTOOL}: - ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} - -define match_goals -$(strip $(foreach goal,$(1),$(filter $(goal),$(MAKECMDGOALS)))) -endef - -# List of rules that involve building things -BUILD_TARGETS := all bl1 bl2 bl31 bl32 fip - -# Does the list of goals specified on the command line include a build target? -ifneq ($(call match_goals,${BUILD_TARGETS}),) -IS_ANYTHING_TO_BUILD := 1 -endif - -define MAKE_C - -$(eval OBJ := $(1)/$(patsubst %.c,%.o,$(notdir $(2)))) -$(eval PREREQUISITES := $(patsubst %.o,%.d,$(OBJ))) - -$(OBJ) : $(2) - @echo " CC $$<" - $$(Q)$$(CC) $$(CFLAGS) -DIMAGE_BL$(3) -c $$< -o $$@ - - -$(PREREQUISITES) : $(2) - @echo " DEPS $$@" - @mkdir -p $(1) - $$(Q)$$(CC) $$(CFLAGS) -M -MT $(OBJ) -MF $$@ $$< - -ifdef IS_ANYTHING_TO_BUILD --include $(PREREQUISITES) -endif - -endef - - -define MAKE_S - -$(eval OBJ := $(1)/$(patsubst %.S,%.o,$(notdir $(2)))) -$(eval PREREQUISITES := $(patsubst %.o,%.d,$(OBJ))) - -$(OBJ) : $(2) - @echo " AS $$<" - $$(Q)$$(AS) $$(ASFLAGS) -DIMAGE_BL$(3) -c $$< -o $$@ - -$(PREREQUISITES) : $(2) - @echo " DEPS $$@" - @mkdir -p $(1) - $$(Q)$$(AS) $$(ASFLAGS) -M -MT $(OBJ) -MF $$@ $$< - -ifdef IS_ANYTHING_TO_BUILD --include $(PREREQUISITES) -endif - -endef - - -define MAKE_LD - -$(eval PREREQUISITES := $(1).d) - -$(1) : $(2) - @echo " PP $$<" - $$(Q)$$(AS) $$(ASFLAGS) -P -E -D__LINKER__ -o $$@ $$< - -$(PREREQUISITES) : $(2) - @echo " DEPS $$@" - @mkdir -p $$(dir $$@) - $$(Q)$$(AS) $$(ASFLAGS) -M -MT $(1) -MF $$@ $$< - -ifdef IS_ANYTHING_TO_BUILD --include $(PREREQUISITES) -endif - -endef - - -define MAKE_OBJS - $(eval C_OBJS := $(filter %.c,$(2))) - $(eval REMAIN := $(filter-out %.c,$(2))) - $(eval $(foreach obj,$(C_OBJS),$(call MAKE_C,$(1),$(obj),$(3)))) - - $(eval S_OBJS := $(filter %.S,$(REMAIN))) - $(eval REMAIN := $(filter-out %.S,$(REMAIN))) - $(eval $(foreach obj,$(S_OBJS),$(call MAKE_S,$(1),$(obj),$(3)))) - - $(and $(REMAIN),$(error Unexpected source files present: $(REMAIN))) -endef - - -# NOTE: The line continuation '\' is required in the next define otherwise we -# end up with a line-feed characer at the end of the last c filename. -# Also bare this issue in mind if extending the list of supported filetypes. -define SOURCES_TO_OBJS - $(notdir $(patsubst %.c,%.o,$(filter %.c,$(1)))) \ - $(notdir $(patsubst %.S,%.o,$(filter %.S,$(1)))) -endef - - -# MAKE_TOOL_ARGS macro defines the command line arguments for the FIP and CRT -# tools at each BL stage. Arguments: -# $(1) = BL stage (2, 30, 31, 32, 33) -# $(2) = Binary file -# $(3) = In FIP (false if empty) -# $(4) = Create certificates (false if empty) -# $(5) = Create key certificate (false if empty) -# $(6) = Private key (optional) -define MAKE_TOOL_ARGS - -$(eval FIP_DEPS += $(if $3,$(2),)) -$(eval FIP_ARGS += $(if $3,--bl$(1) $(2),)) -$(eval FIP_ARGS += $(if $4,--bl$(1)-cert $(BUILD_PLAT)/bl$(1).crt)) -$(eval FIP_ARGS += $(if $4,$(if $5,--bl$(1)-key-cert $(BUILD_PLAT)/bl$(1)_key.crt))) - -$(eval CRT_DEPS += $(if $4,$(2),)) -$(eval CRT_ARGS += $(if $4,--bl$(1) $(2))) -$(eval CRT_ARGS += $(if $4,$(if $6,--bl$(1)-key $(6)))) -$(eval CRT_ARGS += $(if $4,--bl$(1)-cert $(BUILD_PLAT)/bl$(1).crt)) -$(eval CRT_ARGS += $(if $4,$(if $5,--bl$(1)-key-cert $(BUILD_PLAT)/bl$(1)_key.crt))) - -endef - - -# MAKE_BL macro defines the targets and options to build each BL image. -# Arguments: -# $(1) = BL stage (2, 30, 31, 32, 33) -# $(2) = In FIP (false if empty) -# $(3) = Create certificates (false if empty) -# $(4) = Create key certificate (false if empty) -# $(5) = Private key (optional) -define MAKE_BL - $(eval BUILD_DIR := ${BUILD_PLAT}/bl$(1)) - $(eval SOURCES := $(BL$(1)_SOURCES) $(BL_COMMON_SOURCES) $(PLAT_BL_COMMON_SOURCES)) - $(eval OBJS := $(addprefix $(BUILD_DIR)/,$(call SOURCES_TO_OBJS,$(SOURCES)))) - $(eval LINKERFILE := $(BUILD_DIR)/bl$(1).ld) - $(eval MAPFILE := $(BUILD_DIR)/bl$(1).map) - $(eval ELF := $(BUILD_DIR)/bl$(1).elf) - $(eval DUMP := $(BUILD_DIR)/bl$(1).dump) - $(eval BIN := $(BUILD_PLAT)/bl$(1).bin) - - $(eval $(call MAKE_OBJS,$(BUILD_DIR),$(SOURCES),$(1))) - $(eval $(call MAKE_LD,$(LINKERFILE),$(BL$(1)_LINKERFILE))) - -$(BUILD_DIR) : - $$(Q)mkdir -p "$$@" - -$(ELF) : $(OBJS) $(LINKERFILE) - @echo " LD $$@" - @echo 'const char build_message[] = "Built : "__TIME__", "__DATE__; \ - const char version_string[] = "${VERSION_STRING}";' | \ - $$(CC) $$(CFLAGS) -xc - -o $(BUILD_DIR)/build_message.o - $$(Q)$$(LD) -o $$@ $$(LDFLAGS) -Map=$(MAPFILE) --script $(LINKERFILE) \ - $(BUILD_DIR)/build_message.o $(OBJS) - -$(DUMP) : $(ELF) - @echo " OD $$@" - $${Q}$${OD} -dx $$< > $$@ - -$(BIN) : $(ELF) - @echo " BIN $$@" - $$(Q)$$(OC) -O binary $$< $$@ - @echo - @echo "Built $$@ successfully" - @echo - -.PHONY : bl$(1) -bl$(1) : $(BUILD_DIR) $(BIN) $(DUMP) - -all : bl$(1) - -$(eval $(call MAKE_TOOL_ARGS,$(1),$(BIN),$(2),$(3),$(4),$(5))) - -endef - - -ifeq (${NEED_BL1},yes) -$(eval $(call MAKE_BL,1)) -endif - -ifeq (${NEED_BL2},yes) -$(if ${BL2}, $(eval $(call MAKE_TOOL_ARGS,2,${BL2},in_fip,${CERTS})),\ - $(eval $(call MAKE_BL,2,in_fip,${CERTS}))) -endif - -ifeq (${NEED_BL31},yes) -BL31_SOURCES += ${SPD_SOURCES} -$(if ${BL31}, $(eval $(call MAKE_TOOL_ARGS,31,${BL31},in_fip,${CERTS},${CERTS},${BL31_KEY})),\ - $(eval $(call MAKE_BL,31,in_fip,${CERTS},${CERTS},${BL31_KEY}))) -endif - -ifeq (${NEED_BL32},yes) -$(if ${BL32}, $(eval $(call MAKE_TOOL_ARGS,32,${BL32},in_fip,${CERTS},${CERTS},${BL32_KEY})),\ - $(eval $(call MAKE_BL,32,in_fip,${CERTS},${CERTS},${BL32_KEY}))) -endif - -ifeq (${NEED_BL30},yes) -$(if ${BL30}, $(eval $(call MAKE_TOOL_ARGS,30,${BL30},in_fip,${CERTS},${CERTS},${BL30_KEY}))) - -# If BL3-0 is needed by the platform then 'BL30' variable must be defined. -check_bl30: - $(if ${BL30},,$(error "To build a FIP for platform ${PLAT}, please set BL30 to point to the SCP firmware")) -else - -# If BL3-0 is not needed by the platform but the user still specified the path -# to a BL3-0 image then warn him that it will be ignored. -check_bl30: - $(if ${BL30},$(warning "BL3-0 is not supported on platform ${PLAT}, it will just be ignored"),) -endif - -ifeq (${NEED_BL33},yes) -$(if ${BL33}, $(eval $(call MAKE_TOOL_ARGS,33,${BL33},in_fip,${CERTS},${CERTS},${BL33_KEY}))) - -# If BL3-3 is needed by the platform then 'BL33' variable must be defined. -check_bl33: - $(if ${BL33},,$(error "To build a FIP, please set BL33 to point to the Normal World binary, eg: BL33=../uefi/FVP_AARCH64_EFI.fd")) -else - -# If BL3-3 is not needed by the platform but the user still specified the path -# to a BL3-3 image then warn him that it will be ignored. -check_bl33: - $(if ${BL33},$(warning "BL3-3 is not supported on platform ${PLAT}, it will just be ignored"),) -endif - -# Add the dependency on the certificates -ifneq (${GENERATE_COT},0) - fip: certificates -endif - -certificates: ${CRT_DEPS} ${CRTTOOL} check_bl30 check_bl33 - ${Q}${CRTTOOL} ${CRT_ARGS} - @echo - @echo "Built $@ successfully" - @echo "Certificates can be found in ${BUILD_PLAT}" - @echo - -${BUILD_PLAT}/${FIP_NAME}: ${FIP_DEPS} ${FIPTOOL} check_bl30 check_bl33 - ${Q}${FIPTOOL} --dump \ - ${FIP_ARGS} \ - $@ - @echo - @echo "Built $@ successfully" - @echo - + ${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} cscope: @echo " CSCOPE" @@ -681,6 +499,7 @@ @echo " bl2 Build the BL2 binary" @echo " bl31 Build the BL3-1 binary" @echo " bl32 Build the BL3-2 binary" + @echo " certificates Build the certificates (requires 'GENERATE_COT=1')" @echo " fip Build the Firmware Image Package (FIP)" @echo " checkcodebase Check the coding style of the entire source tree" @echo " checkpatch Check the coding style on changes in the current" diff --git a/docs/porting-guide.md b/docs/porting-guide.md index c369844..5ba102e 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -1568,11 +1568,6 @@ need to be defined in the platform makefile which will get included by the build system. -* **NEED_BL30** - This flag if defined by the platform mandates that a BL3-0 binary should - be included in the FIP image. The path to the BL3-0 binary can be specified - by the `BL30` build option (see build options in the [User Guide]). - * **NEED_BL33** By default, this flag is defined `yes` by the build system and `BL33` build option should be supplied as a build option. The platform has the option diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk new file mode 100644 index 0000000..0e2e2ac --- /dev/null +++ b/make_helpers/build_macros.mk @@ -0,0 +1,285 @@ +# +# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# Neither the name of ARM nor the names of its contributors may be used +# to endorse or promote products derived from this software without specific +# prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +# Convenience function for adding build definitions +# $(eval $(call add_define,FOO)) will have: +# -DFOO if $(FOO) is empty; -DFOO=$(FOO) otherwise +define add_define + DEFINES += -D$(1)$(if $(value $(1)),=$(value $(1)),) +endef + +# Convenience function for verifying option has a boolean value +# $(eval $(call assert_boolean,FOO)) will assert FOO is 0 or 1 +define assert_boolean + $(and $(patsubst 0,,$(value $(1))),$(patsubst 1,,$(value $(1))),$(error $(1) must be boolean)) +endef + +# IMG_LINKERFILE defines the linker script corresponding to a BL stage +# $(1) = BL stage (2, 30, 31, 32, 33) +define IMG_LINKERFILE + ${BUILD_DIR}/bl$(1).ld +endef + +# IMG_MAPFILE defines the output file describing the memory map corresponding +# to a BL stage +# $(1) = BL stage (2, 30, 31, 32, 33) +define IMG_MAPFILE + ${BUILD_DIR}/bl$(1).map +endef + +# IMG_ELF defines the elf file corresponding to a BL stage +# $(1) = BL stage (2, 30, 31, 32, 33) +define IMG_ELF + ${BUILD_DIR}/bl$(1).elf +endef + +# IMG_DUMP defines the symbols dump file corresponding to a BL stage +# $(1) = BL stage (2, 30, 31, 32, 33) +define IMG_DUMP + ${BUILD_DIR}/bl$(1).dump +endef + +# IMG_BIN defines the default image file corresponding to a BL stage +# $(1) = BL stage (2, 30, 31, 32, 33) +define IMG_BIN + ${BUILD_PLAT}/bl$(1).bin +endef + +# FIP_ADD_PAYLOAD appends the command line arguments required by the FIP tool +# to package a new payload. Optionally, it adds the dependency on this payload +# $(1) = payload filename (i.e. bl31.bin) +# $(2) = command line option for the specified payload (i.e. --bl31) +# $(3) = fip target dependency (optional) (i.e. bl31) +define FIP_ADD_PAYLOAD + $(eval FIP_ARGS += $(2) $(1)) + $(eval $(if $(3),FIP_DEPS += $(3))) +endef + +# CERT_ADD_CMD_OPT adds a new command line option to the cert_create invokation +# $(1) = parameter filename +# $(2) = cert_create command line option for the specified parameter +# $(3) = input parameter (false if empty) +define CERT_ADD_CMD_OPT + $(eval $(if $(3),CRT_DEPS += $(1))) + $(eval CRT_ARGS += $(2) $(1)) +endef + +# FIP_ADD_IMG allows the platform to specify an image to be packed in the FIP +# using a build option. It also adds a dependency on the image file, aborting +# the build if the file does not exist. +# $(1) = build option to specify the image filename (BL30, BL33, etc) +# $(2) = command line option for the fip_create tool (bl30, bl33, etc) +# Example: +# $(eval $(call FIP_ADD_IMG,BL33,--bl33)) +define FIP_ADD_IMG + CRT_DEPS += check_$(1) + FIP_DEPS += check_$(1) + $(call FIP_ADD_PAYLOAD,$(value $(1)),$(2)) + +check_$(1): + $$(if $(value $(1)),,$$(error "Platform '${PLAT}' requires $(1). Please set $(1) to point to the right file")) +endef + + +################################################################################ +# Auxiliary macros to build TF images from sources +################################################################################ + +define match_goals +$(strip $(foreach goal,$(1),$(filter $(goal),$(MAKECMDGOALS)))) +endef + +# List of rules that involve building things +BUILD_TARGETS := all bl1 bl2 bl31 bl32 certificates fip + +# Does the list of goals specified on the command line include a build target? +ifneq ($(call match_goals,${BUILD_TARGETS}),) +IS_ANYTHING_TO_BUILD := 1 +endif + + +# MAKE_C builds a C source file and generates the dependency file +# $(1) = output directory +# $(2) = source file (%.c) +# $(3) = BL stage (2, 30, 31, 32, 33) +define MAKE_C + +$(eval OBJ := $(1)/$(patsubst %.c,%.o,$(notdir $(2)))) +$(eval PREREQUISITES := $(patsubst %.o,%.d,$(OBJ))) + +$(OBJ): $(2) + @echo " CC $$<" + $$(Q)$$(CC) $$(CFLAGS) -DIMAGE_BL$(3) -c $$< -o $$@ + + +$(PREREQUISITES): $(2) + @echo " DEPS $$@" + @mkdir -p $(1) + $$(Q)$$(CC) $$(CFLAGS) -M -MT $(OBJ) -MF $$@ $$< + +ifdef IS_ANYTHING_TO_BUILD +-include $(PREREQUISITES) +endif + +endef + + +# MAKE_S builds an assembly source file and generates the dependency file +# $(1) = output directory +# $(2) = assembly file (%.S) +# $(3) = BL stage (2, 30, 31, 32, 33) +define MAKE_S + +$(eval OBJ := $(1)/$(patsubst %.S,%.o,$(notdir $(2)))) +$(eval PREREQUISITES := $(patsubst %.o,%.d,$(OBJ))) + +$(OBJ): $(2) + @echo " AS $$<" + $$(Q)$$(AS) $$(ASFLAGS) -DIMAGE_BL$(3) -c $$< -o $$@ + +$(PREREQUISITES): $(2) + @echo " DEPS $$@" + @mkdir -p $(1) + $$(Q)$$(AS) $$(ASFLAGS) -M -MT $(OBJ) -MF $$@ $$< + +ifdef IS_ANYTHING_TO_BUILD +-include $(PREREQUISITES) +endif + +endef + + +# MAKE_LD generate the linker script using the C preprocessor +# $(1) = output linker script +# $(2) = input template +define MAKE_LD + +$(eval PREREQUISITES := $(1).d) + +$(1): $(2) + @echo " PP $$<" + $$(Q)$$(AS) $$(ASFLAGS) -P -E -D__LINKER__ -o $$@ $$< + +$(PREREQUISITES): $(2) + @echo " DEPS $$@" + @mkdir -p $$(dir $$@) + $$(Q)$$(AS) $$(ASFLAGS) -M -MT $(1) -MF $$@ $$< + +ifdef IS_ANYTHING_TO_BUILD +-include $(PREREQUISITES) +endif + +endef + + +# MAKE_OBJS builds both C and assembly source files +# $(1) = output directory +# $(2) = list of source files (both C and assembly) +# $(3) = BL stage (2, 30, 31, 32, 33) +define MAKE_OBJS + $(eval C_OBJS := $(filter %.c,$(2))) + $(eval REMAIN := $(filter-out %.c,$(2))) + $(eval $(foreach obj,$(C_OBJS),$(call MAKE_C,$(1),$(obj),$(3)))) + + $(eval S_OBJS := $(filter %.S,$(REMAIN))) + $(eval REMAIN := $(filter-out %.S,$(REMAIN))) + $(eval $(foreach obj,$(S_OBJS),$(call MAKE_S,$(1),$(obj),$(3)))) + + $(and $(REMAIN),$(error Unexpected source files present: $(REMAIN))) +endef + + +# NOTE: The line continuation '\' is required in the next define otherwise we +# end up with a line-feed characer at the end of the last c filename. +# Also bare this issue in mind if extending the list of supported filetypes. +define SOURCES_TO_OBJS + $(notdir $(patsubst %.c,%.o,$(filter %.c,$(1)))) \ + $(notdir $(patsubst %.S,%.o,$(filter %.S,$(1)))) +endef + + +# MAKE_TOOL_ARGS macro defines the command line arguments for the FIP tool for +# each BL image. Arguments: +# $(1) = BL stage (2, 30, 31, 32, 33) +# $(2) = Binary file +# $(3) = In FIP (false if empty) +define MAKE_TOOL_ARGS + $(if $(3),$(eval $(call FIP_ADD_PAYLOAD,$(2),--bl$(1),bl$(1)))) +endef + + +# MAKE_BL macro defines the targets and options to build each BL image. +# Arguments: +# $(1) = BL stage (2, 30, 31, 32, 33) +# $(2) = In FIP (false if empty) +define MAKE_BL + $(eval BUILD_DIR := ${BUILD_PLAT}/bl$(1)) + $(eval SOURCES := $(BL$(1)_SOURCES) $(BL_COMMON_SOURCES) $(PLAT_BL_COMMON_SOURCES)) + $(eval OBJS := $(addprefix $(BUILD_DIR)/,$(call SOURCES_TO_OBJS,$(SOURCES)))) + $(eval LINKERFILE := $(call IMG_LINKERFILE,$(1))) + $(eval MAPFILE := $(call IMG_MAPFILE,$(1))) + $(eval ELF := $(call IMG_ELF,$(1))) + $(eval DUMP := $(call IMG_DUMP,$(1))) + $(eval BIN := $(call IMG_BIN,$(1))) + + $(eval $(call MAKE_OBJS,$(BUILD_DIR),$(SOURCES),$(1))) + $(eval $(call MAKE_LD,$(LINKERFILE),$(BL$(1)_LINKERFILE))) + +$(BUILD_DIR): + $$(Q)mkdir -p "$$@" + +$(ELF): $(OBJS) $(LINKERFILE) + @echo " LD $$@" + @echo 'const char build_message[] = "Built : "__TIME__", "__DATE__; \ + const char version_string[] = "${VERSION_STRING}";' | \ + $$(CC) $$(CFLAGS) -xc - -o $(BUILD_DIR)/build_message.o + $$(Q)$$(LD) -o $$@ $$(LDFLAGS) -Map=$(MAPFILE) --script $(LINKERFILE) \ + $(BUILD_DIR)/build_message.o $(OBJS) + +$(DUMP): $(ELF) + @echo " OD $$@" + $${Q}$${OD} -dx $$< > $$@ + +$(BIN): $(ELF) + @echo " BIN $$@" + $$(Q)$$(OC) -O binary $$< $$@ + @echo + @echo "Built $$@ successfully" + @echo + +.PHONY: bl$(1) +bl$(1): $(BUILD_DIR) $(BIN) $(DUMP) + +all: bl$(1) + +$(eval $(call MAKE_TOOL_ARGS,$(1),$(BIN),$(2))) + +endef + diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk new file mode 100644 index 0000000..58c84d2 --- /dev/null +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -0,0 +1,116 @@ +# +# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# Neither the name of ARM nor the names of its contributors may be used +# to endorse or promote products derived from this software without specific +# prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +# This file defines the keys and certificates that must be created to establish +# a Chain of Trust following the TBBR document. These definitions include the +# command line options passed to the cert_create and fip_create tools. +# +# Expected environment: +# +# BUILD_PLAT: output directory +# NEED_BL32: indicates whether BL3-2 is needed by the platform +# BL2: image filename (optional). Default is IMG_BIN(2) (see macro IMG_BIN) +# BL30: image filename (optional). Default is IMG_BIN(30) +# BL31: image filename (optional). Default is IMG_BIN(31) +# BL32: image filename (optional). Default is IMG_BIN(32) +# BL33: image filename (optional). Default is IMG_BIN(33) +# +# Build options added by this file: +# +# KEY_ALG +# ROT_KEY +# TRUSTED_WORLD_KEY +# NON_TRUSTED_WORLD_KEY +# BL30_KEY +# BL31_KEY +# BL32_KEY +# BL33_KEY +# + +# Certificate generation tool default parameters +TRUSTED_KEY_CERT := ${BUILD_PLAT}/trusted_key.crt + +# Add Trusted Key certificate to the fip_create and cert_create command line options +$(eval $(call FIP_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert)) +$(eval $(call CERT_ADD_CMD_OPT,${TRUSTED_KEY_CERT},--trusted-key-cert)) + +# Add the keys to the cert_create command line options (private keys are NOT +# packed in the FIP). Developers can use their own keys by specifying the proper +# build option in the command line when building the Trusted Firmware +$(if ${KEY_ALG},$(eval $(call CERT_ADD_CMD_OPT,${KEY_ALG},--key-alg))) +$(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key))) +$(if ${TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${TRUSTED_WORLD_KEY},--trusted-world-key))) +$(if ${NON_TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${NON_TRUSTED_WORLD_KEY},--non-trusted-world-key))) + +# Add the BL2 CoT (image cert + image) +$(if ${BL2},$(eval $(call CERT_ADD_CMD_OPT,${BL2},--bl2,true)),\ + $(eval $(call CERT_ADD_CMD_OPT,$(call IMG_BIN,2),--bl2,true))) +$(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl2.crt,--bl2-cert)) +$(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl2.crt,--bl2-cert)) + +# Add the BL30 CoT (key cert + img cert + image) +ifneq (${BL30},) + $(eval $(call CERT_ADD_CMD_OPT,${BL30},--bl30,true)) + $(if ${BL30_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL30_KEY},--bl30-key))) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl30.crt,--bl30-cert)) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl30_key.crt,--bl30-key-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl30.crt,--bl30-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl30_key.crt,--bl30-key-cert)) +endif + +# Add the BL31 CoT (key cert + img cert + image) +$(if ${BL31},$(eval $(call CERT_ADD_CMD_OPT,${BL31},--bl31,true)),\ + $(eval $(call CERT_ADD_CMD_OPT,$(call IMG_BIN,31),--bl31,true))) +$(if ${BL31_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL31_KEY},--bl31-key))) +$(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl31.crt,--bl31-cert)) +$(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl31_key.crt,--bl31-key-cert)) +$(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl31.crt,--bl31-cert)) +$(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl31_key.crt,--bl31-key-cert)) + +# Add the BL32 CoT (key cert + img cert + image) +ifeq (${NEED_BL32},yes) + $(if ${BL32},$(eval $(call CERT_ADD_CMD_OPT,${BL32},--bl32,true)),\ + $(eval $(call CERT_ADD_CMD_OPT,$(call IMG_BIN,32),--bl32,true))) + $(if ${BL32_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL32_KEY},--bl32-key))) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl32.crt,--bl32-cert)) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl32_key.crt,--bl32-key-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl32.crt,--bl32-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl32_key.crt,--bl32-key-cert)) +endif + +# Add the BL33 CoT (key cert + img cert + image) +ifneq (${BL33},) + $(eval $(call CERT_ADD_CMD_OPT,${BL33},--bl33,true)) + $(if ${BL33_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL33_KEY},--bl33-key))) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl33.crt,--bl33-cert)) + $(eval $(call CERT_ADD_CMD_OPT,${BUILD_PLAT}/bl33_key.crt,--bl33-key-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl33.crt,--bl33-cert)) + $(eval $(call FIP_ADD_PAYLOAD,${BUILD_PLAT}/bl33_key.crt,--bl33-key-cert)) +endif diff --git a/plat/arm/css/common/css_common.mk b/plat/arm/css/common/css_common.mk index d5c2fcb..6b05869 100644 --- a/plat/arm/css/common/css_common.mk +++ b/plat/arm/css/common/css_common.mk @@ -53,7 +53,8 @@ Please set RESET_TO_BL31 to 0.") endif -NEED_BL30 := yes +# Subsystems require a BL30 image +$(eval $(call FIP_ADD_IMG,BL30,--bl30)) # Enable option to detect whether the SCP ROM firmware in use predates version # 1.7.0 and therefore, is incompatible.