From 5f807f3ad740e0ed55f4dbf9b8cf03369f60a849 Mon Sep 17 00:00:00 2001 From: Jack Styles Date: Fri, 18 Aug 2023 10:29:25 +0100 Subject: [PATCH 1/2] trusted-firmware-m: Simplify configuration options Many variables that are used by TF-M can be set together within the `TFM_CMAKE_ARGS` variable. This simplifies the configuration options with them all being located in one place. Signed-off-by: Jack Styles --- Middleware/ARM/TF-M/cmake/TF-M-build.cmake | 9 +------- Projects/aws-iot-example/CMakeLists.txt | 6 +++++ Projects/blinky/CMakeLists.txt | 27 ++++++++++++++++++---- 3 files changed, 29 insertions(+), 13 deletions(-) diff --git a/Middleware/ARM/TF-M/cmake/TF-M-build.cmake b/Middleware/ARM/TF-M/cmake/TF-M-build.cmake index 94efdf34..1ef6c9d6 100644 --- a/Middleware/ARM/TF-M/cmake/TF-M-build.cmake +++ b/Middleware/ARM/TF-M/cmake/TF-M-build.cmake @@ -16,7 +16,7 @@ set(tfm_ns_interface_generated /install/interface/src/tfm_platform_api.c /install/interface/src/os_wrapper/tfm_ns_interface_rtos.c ) -if(TFM_PSA_FIRMWARE_UPDATE) +if(TFM_CMAKE_ARGS MATCHES "TFM_PARTITION_FIRMWARE_UPDATE=ON") list(APPEND tfm_ns_interface_generated /install/interface/src/tfm_fwu_api.c) endif() @@ -50,13 +50,6 @@ ExternalProject_Add( CMAKE_ARGS -D TFM_TOOLCHAIN_FILE=/${tfm_toolchain_file} - -D TFM_PLATFORM=${TFM_PLATFORM} - -D TFM_PARTITION_FIRMWARE_UPDATE=${TFM_PSA_FIRMWARE_UPDATE} - -D PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT=${TFM_PSA_FIRMWARE_UPDATE} - -D MCUBOOT_UPGRADE_STRATEGY=${TFM_PLATFORM_UPGRADE_STRATEGY} - -D MCUBOOT_CONFIRM_IMAGE=${TFM_PLATFORM_CONFIRM_IMAGE} - -D MCUBOOT_DATA_SHARING=${TFM_PSA_FIRMWARE_UPDATE} - -D MCUBOOT_IMAGE_VERSION_NS=${MCUBOOT_IMAGE_VERSION_NS} -D CMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} ${TFM_CMAKE_ARGS} diff --git a/Projects/aws-iot-example/CMakeLists.txt b/Projects/aws-iot-example/CMakeLists.txt index e7e15bbb..f196d27b 100644 --- a/Projects/aws-iot-example/CMakeLists.txt +++ b/Projects/aws-iot-example/CMakeLists.txt @@ -54,6 +54,12 @@ set(TFM_CMAKE_ARGS -DTFM_PARTITION_INTERNAL_TRUSTED_STORAGE=ON -DTFM_PARTITION_PLATFORM=ON -DTFM_PARTITION_PROTECTED_STORAGE=ON + -DTFM_PLATFORM=${TFM_PLATFORM_LOCAL_PATH} + -DPLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT=ON + -DMCUBOOT_DATA_SHARING=ON + -DMCUBOOT_CONFIRM_IMAGE=${TFM_PLATFORM_CONFIRM_IMAGE} + -DMCUBOOT_UPGRADE_STRATEGY=${TFM_PLATFORM_UPGRADE_STRATEGY} + -DMCUBOOT_IMAGE_VERSION_NS=${MCUBOOT_IMAGE_VERSION_NS} ) # Configuration of executable diff --git a/Projects/blinky/CMakeLists.txt b/Projects/blinky/CMakeLists.txt index 8edbcbe2..0c66b9de 100644 --- a/Projects/blinky/CMakeLists.txt +++ b/Projects/blinky/CMakeLists.txt @@ -19,14 +19,31 @@ else() message(FATAL_ERROR "Invalid ARM_CORSTONE_BSP_TARGET_PLATFORM (${ARM_CORSTONE_BSP_TARGET_PLATFORM}) set. It should be corstone300") endif() -set(TFM_PLATFORM "${TFM_PLATFORM_LOCAL_PATH}") -set(TFM_PARTITION_FIRMWARE_UPDATE ON) -set(TFM_PSA_FIRMWARE_UPDATE ON) -set(CONFIG_TFM_ENABLE_CP10CP11 ON) set(MCUBOOT_IMAGE_VERSION_NS "0.0.0" ) # Extra arguments for TF-M and ML -set(TFM_CMAKE_ARGS "-DPROJECT_CONFIG_HEADER_FILE=${PRJ_DIR}/Config/tfm-config/project_config.h;-DCONFIG_TFM_ENABLE_CP10CP11=ON;-DTFM_EXCEPTION_INFO_DUMP=ON;-DNS=ON;-DPLATFORM_DEFAULT_UART_STDOUT=ON;-DMCUBOOT_SIGNATURE_KEY_LEN=2048;-DMCUBOOT_LOG_LEVEL=INFO;-DTFM_SPM_LOG_LEVEL=TFM_SPM_LOG_LEVEL_INFO;-DTFM_PARTITION_CRYPTO=ON;-DTFM_PARTITION_FIRMWARE_UPDATE=ON;-DTFM_PARTITION_INITIAL_ATTESTATION=ON;-DTFM_PARTITION_INTERNAL_TRUSTED_STORAGE=ON;-DTFM_PARTITION_PLATFORM=ON;-DTFM_PARTITION_PROTECTED_STORAGE=ON") +set(TFM_CMAKE_ARGS + -DPROJECT_CONFIG_HEADER_FILE=${PRJ_DIR}/Config/tfm-config/project_config.h + -DCONFIG_TFM_ENABLE_CP10CP11=ON + -DTFM_EXCEPTION_INFO_DUMP=ON + -DNS=ON; + -DPLATFORM_DEFAULT_UART_STDOUT=ON; + -DMCUBOOT_SIGNATURE_KEY_LEN=2048 + -DMCUBOOT_LOG_LEVEL=INFO + -DTFM_SPM_LOG_LEVEL=TFM_SPM_LOG_LEVEL_INFO + -DTFM_PARTITION_CRYPTO=ON + -DTFM_PARTITION_FIRMWARE_UPDATE=ON + -DTFM_PARTITION_INITIAL_ATTESTATION=ON + -DTFM_PARTITION_INTERNAL_TRUSTED_STORAGE=ON + -DTFM_PARTITION_PLATFORM=ON + -DTFM_PARTITION_PROTECTED_STORAGE=ON + -DTFM_PLATFORM=${TFM_PLATFORM_LOCAL_PATH} + -DPLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT=ON + -DMCUBOOT_DATA_SHARING=ON + -DMCUBOOT_CONFIRM_IMAGE=${TFM_PLATFORM_CONFIRM_IMAGE} + -DMCUBOOT_UPGRADE_STRATEGY=${TFM_PLATFORM_UPGRADE_STRATEGY} + -DMCUBOOT_IMAGE_VERSION_NS=${MCUBOOT_IMAGE_VERSION_NS} +) # Configuration of executable set(EXE_SUFFIX ".axf") From 7d935c4a899bb6a4c82d93430d305bd984b4f4e5 Mon Sep 17 00:00:00 2001 From: Devaraj Ranganna Date: Tue, 22 Aug 2023 09:57:48 +0000 Subject: [PATCH 2/2] blinky: Remove TF-M update partition Since blinky example doesn't suppport firmware update, disable the firmware update partition and other relevant config options. Signed-off-by: Devaraj Ranganna --- Projects/blinky/CMakeLists.txt | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/Projects/blinky/CMakeLists.txt b/Projects/blinky/CMakeLists.txt index 0c66b9de..f02ac04f 100644 --- a/Projects/blinky/CMakeLists.txt +++ b/Projects/blinky/CMakeLists.txt @@ -13,14 +13,10 @@ set(ARM_CORSTONE_BSP_TARGET_PLATFORM "corstone300" CACHE STRING "Featured Refere # Configure target if (${ARM_CORSTONE_BSP_TARGET_PLATFORM} STREQUAL "corstone300") set(TFM_PLATFORM_LOCAL_PATH "arm/mps3/an552") - set(TFM_PLATFORM_UPGRADE_STRATEGY "SWAP_USING_SCRATCH") - set(TFM_PLATFORM_CONFIRM_IMAGE ON) else() message(FATAL_ERROR "Invalid ARM_CORSTONE_BSP_TARGET_PLATFORM (${ARM_CORSTONE_BSP_TARGET_PLATFORM}) set. It should be corstone300") endif() -set(MCUBOOT_IMAGE_VERSION_NS "0.0.0" ) - # Extra arguments for TF-M and ML set(TFM_CMAKE_ARGS -DPROJECT_CONFIG_HEADER_FILE=${PRJ_DIR}/Config/tfm-config/project_config.h @@ -32,17 +28,11 @@ set(TFM_CMAKE_ARGS -DMCUBOOT_LOG_LEVEL=INFO -DTFM_SPM_LOG_LEVEL=TFM_SPM_LOG_LEVEL_INFO -DTFM_PARTITION_CRYPTO=ON - -DTFM_PARTITION_FIRMWARE_UPDATE=ON -DTFM_PARTITION_INITIAL_ATTESTATION=ON -DTFM_PARTITION_INTERNAL_TRUSTED_STORAGE=ON -DTFM_PARTITION_PLATFORM=ON -DTFM_PARTITION_PROTECTED_STORAGE=ON -DTFM_PLATFORM=${TFM_PLATFORM_LOCAL_PATH} - -DPLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT=ON - -DMCUBOOT_DATA_SHARING=ON - -DMCUBOOT_CONFIRM_IMAGE=${TFM_PLATFORM_CONFIRM_IMAGE} - -DMCUBOOT_UPGRADE_STRATEGY=${TFM_PLATFORM_UPGRADE_STRATEGY} - -DMCUBOOT_IMAGE_VERSION_NS=${MCUBOOT_IMAGE_VERSION_NS} ) # Configuration of executable