Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Arm Trusted Firmware
Commits
7390559b
Commit
7390559b
authored
Feb 25, 2020
by
Sandrine Bailleux
Committed by
TrustedFirmware Code Review
Feb 25, 2020
Browse files
Merge "SPMD: generate and add Secure Partition blobs into FIP" into integration
parents
f7427da1
ce2b1ec6
Changes
3
Hide whitespace changes
Inline
Side-by-side
Makefile
View file @
7390559b
...
@@ -701,6 +701,7 @@ FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
...
@@ -701,6 +701,7 @@ FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
# Variables for use with sptool
# Variables for use with sptool
SPTOOLPATH
?=
tools/sptool
SPTOOLPATH
?=
tools/sptool
SPTOOL
?=
${SPTOOLPATH}
/sptool
${BIN_EXT}
SPTOOL
?=
${SPTOOLPATH}
/sptool
${BIN_EXT}
SP_MK_GEN
?=
${SPTOOLPATH}
/sp_mk_generator.py
# Variables for use with ROMLIB
# Variables for use with ROMLIB
ROMLIBPATH
?=
lib/romlib
ROMLIBPATH
?=
lib/romlib
...
@@ -889,11 +890,22 @@ ifneq ($(findstring armlink,$(notdir $(LD))),)
...
@@ -889,11 +890,22 @@ ifneq ($(findstring armlink,$(notdir $(LD))),)
$(eval
$(call
add_define,USE_ARM_LINK))
$(eval
$(call
add_define,USE_ARM_LINK))
endif
endif
# Generate and include sp_gen.mk if SPD is spmd and SP_LAYOUT_FILE is defined
ifdef
SP_LAYOUT_FILE
ifeq
(${SPD},spmd)
-include
$(BUILD_PLAT)/sp_gen.mk
FIP_DEPS
+=
sp
NEED_SP_PKG
:=
yes
else
$(error
"SP_LAYOUT_FILE will be used only if SPD=spmd"
)
endif
endif
################################################################################
################################################################################
# Build targets
# Build targets
################################################################################
################################################################################
.PHONY
:
all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool sptool fip fwu_fip certtool dtbs memmap doc
.PHONY
:
all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool sptool fip
sp
fwu_fip certtool dtbs memmap doc
.SUFFIXES
:
.SUFFIXES
:
all
:
msg_start
all
:
msg_start
...
@@ -971,6 +983,17 @@ ifeq (${NEED_FDT},yes)
...
@@ -971,6 +983,17 @@ ifeq (${NEED_FDT},yes)
$(eval
$(call
MAKE_DTBS,$(BUILD_PLAT)/fdts,$(FDT_SOURCES)))
$(eval
$(call
MAKE_DTBS,$(BUILD_PLAT)/fdts,$(FDT_SOURCES)))
endif
endif
# Add Secure Partition packages
ifeq
(${NEED_SP_PKG},yes)
$(BUILD_PLAT)/sp_gen.mk
:
${SP_MK_GEN} ${SP_LAYOUT_FILE} | ${BUILD_PLAT}
${Q}${PYTHON}
"
$<
"
"
$@
"
$(
filter-out
$<
,
$^
)
$(BUILD_PLAT)
sp
:
$(SPTOOL) $(DTBS) $(BUILD_PLAT)/sp_gen.mk
${Q}$(SPTOOL)
$(SPTOOL_ARGS)
@
${ECHO_BLANK_LINE}
@
echo
"Built SP Images successfully"
@
${ECHO_BLANK_LINE}
endif
locate-checkpatch
:
locate-checkpatch
:
ifndef
CHECKPATCH
ifndef
CHECKPATCH
$(
error
"Please set CHECKPATCH to point to the Linux checkpatch.pl file, eg: CHECKPATCH=../linux/scripts/checkpatch.pl"
)
$(
error
"Please set CHECKPATCH to point to the Linux checkpatch.pl file, eg: CHECKPATCH=../linux/scripts/checkpatch.pl"
)
...
@@ -1132,6 +1155,7 @@ help:
...
@@ -1132,6 +1155,7 @@ help:
@
echo
" distclean Remove all build artifacts for all platforms"
@
echo
" distclean Remove all build artifacts for all platforms"
@
echo
" certtool Build the Certificate generation tool"
@
echo
" certtool Build the Certificate generation tool"
@
echo
" fiptool Build the Firmware Image Package (FIP) creation tool"
@
echo
" fiptool Build the Firmware Image Package (FIP) creation tool"
@
echo
" sp Build the Secure Partition Packages"
@
echo
" sptool Build the Secure Partition Package creation tool"
@
echo
" sptool Build the Secure Partition Package creation tool"
@
echo
" dtbs Build the Device Tree Blobs (if required for the platform)"
@
echo
" dtbs Build the Device Tree Blobs (if required for the platform)"
@
echo
" memmap Print the memory map of the built binaries"
@
echo
" memmap Print the memory map of the built binaries"
...
...
docs/getting_started/build-options.rst
View file @
7390559b
...
@@ -522,6 +522,11 @@ Common build options
...
@@ -522,6 +522,11 @@ Common build options
- ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
- ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
Partition Manager (SPM) implementation. The default value is ``0``.
Partition Manager (SPM) implementation. The default value is ``0``.
- ``SP_LAYOUT_FILE``: Platform provided path to JSON file containing the
description of secure partitions. Build system will parse this file and
package all secure partition blobs in FIP. This file not necessarily be
part of TF-A tree. Only avaialbe when ``SPD=spmd``.
- ``SP_MIN_WITH_SECURE_FIQ``: Boolean flag to indicate the SP_MIN handles
- ``SP_MIN_WITH_SECURE_FIQ``: Boolean flag to indicate the SP_MIN handles
secure interrupts (caught through the FIQ line). Platforms can enable
secure interrupts (caught through the FIQ line). Platforms can enable
this directive if they need to handle such interruption. When enabled,
this directive if they need to handle such interruption. When enabled,
...
...
tools/sptool/sp_mk_generator.py
0 → 100755
View file @
7390559b
#!/usr/bin/python3
# Copyright (c) 2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
"""
This script is invoked by Make system and generates secure partition makefile.
It expects platform provided secure partition layout file which contains list
of Secure Partition Images and Partition manifests(PM).
Layout file can exist outside of TF-A tree and the paths of Image and PM files
must be relative to it.
This script parses the layout file and generates a make file which updates
FDT_SOURCES, FIP_ARGS and SPTOOL_ARGS which are used in later build steps.
This script also gets SP "uuid" from parsing its PM and converting it to a
standard format.
param1: Generated mk file "sp_gen.mk"
param2: "SP_LAYOUT_FILE", json file containing platform provided information
param3: plat out directory
Generated "sp_gen.mk" file contains triplet of following information for each
Secure Partition entry
FDT_SOURCES += sp1.dts
SPTOOL_ARGS += -i sp1.bin:sp1.dtb -o sp1.pkg
FIP_ARGS += --blob uuid=XXXXX-XXX...,file=sp1.pkg
A typical SP_LAYOUT_FILE file will look like
{
"SP1" : {
"image": "sp1.bin",
"pm": "test/sp1.dts"
},
"SP2" : {
"image": "sp2.bin",
"pm": "test/sp2.dts"
}
...
}
"""
import
getopt
import
json
import
os
import
re
import
sys
import
uuid
with
open
(
sys
.
argv
[
2
],
'r'
)
as
in_file
:
data
=
json
.
load
(
in_file
)
json_file
=
os
.
path
.
abspath
(
sys
.
argv
[
2
])
json_dir
=
os
.
path
.
dirname
(
json_file
)
gen_file
=
sys
.
argv
[
1
]
out_dir
=
sys
.
argv
[
3
][
2
:]
dtb_dir
=
out_dir
+
"/fdts/"
print
(
dtb_dir
)
with
open
(
gen_file
,
'w'
)
as
out_file
:
for
key
in
data
.
keys
():
"""
Append FDT_SOURCES
"""
dts
=
os
.
path
.
join
(
json_dir
,
data
[
key
][
'pm'
])
dtb
=
dtb_dir
+
os
.
path
.
basename
(
data
[
key
][
'pm'
][:
-
1
]
+
"b"
)
out_file
.
write
(
"FDT_SOURCES += "
+
dts
+
"
\n
"
)
"""
Update SPTOOL_ARGS
"""
dst
=
out_dir
+
"/"
+
key
+
".pkg"
src
=
[
json_dir
+
"/"
+
data
[
key
][
'image'
]
,
dtb
]
out_file
.
write
(
"SPTOOL_ARGS += -i "
+
":"
.
join
(
src
)
+
" -o "
+
dst
+
"
\n
"
)
"""
Extract uuid from partition manifest
"""
pm_file
=
open
(
dts
)
key
=
"uuid"
for
line
in
pm_file
:
if
key
in
line
:
uuid_hex
=
re
.
findall
(
r
'\<(.+?)\>'
,
line
)[
0
];
# PM has uuid in format 0xABC... 0x... 0x... 0x...
# Get rid of '0x' and spaces and convert to string of hex digits
uuid_hex
=
uuid_hex
.
replace
(
'0x'
,
''
).
replace
(
' '
,
''
)
# make UUID from a string of hex digits
uuid_std
=
uuid
.
UUID
(
uuid_hex
)
# convert UUID to a string of hex digits in standard form
uuid_std
=
str
(
uuid_std
)
"""
Append FIP_ARGS
"""
out_file
.
write
(
"FIP_ARGS += --blob uuid="
+
uuid_std
+
",file="
+
dst
+
"
\n
"
)
out_file
.
write
(
"
\n
"
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment