2023-01-23 15:41:49 +01:00
|
|
|
# Copyright (c) 2019 - 2023 Linaro
|
|
|
|
|
# Copyright (c) 2020 - 2023 Nordic Semiconductor ASA
|
2020-12-18 21:33:40 +01:00
|
|
|
#
|
|
|
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
2021-01-15 12:49:19 +01:00
|
|
|
# List of all partitions supported by TF-M
|
2023-01-23 15:41:49 +01:00
|
|
|
# Name must match name in 'trusted-firmware-m/tools/tfm_manifest_list.yaml'
|
2021-01-15 12:49:19 +01:00
|
|
|
set(TFM_VALID_PARTITIONS
|
2023-01-23 15:41:49 +01:00
|
|
|
TFM_PARTITION_NS_AGENT_MAILBOX
|
2021-01-15 12:49:19 +01:00
|
|
|
TFM_PARTITION_PROTECTED_STORAGE
|
|
|
|
|
TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
|
|
|
|
|
TFM_PARTITION_CRYPTO
|
|
|
|
|
TFM_PARTITION_PLATFORM
|
2023-01-23 15:41:49 +01:00
|
|
|
TFM_PARTITION_INITIAL_ATTESTATION
|
2021-04-20 01:06:01 +02:00
|
|
|
TFM_PARTITION_FIRMWARE_UPDATE
|
2021-01-15 12:49:19 +01:00
|
|
|
)
|
|
|
|
|
|
2021-05-26 08:56:21 +02:00
|
|
|
# List of all crypto modules that can be enabled/disabled
|
2023-01-23 15:41:49 +01:00
|
|
|
# Corresponds to the *_MODULE_DISABLED configs in 'trusted-firmware-m/secure_fw/partitions/crypto/Kconfig'
|
2021-05-26 08:56:21 +02:00
|
|
|
set(TFM_CRYPTO_MODULES
|
2021-06-14 13:32:50 +02:00
|
|
|
CRYPTO_RNG_MODULE
|
2021-05-26 08:56:21 +02:00
|
|
|
CRYPTO_KEY_MODULE
|
|
|
|
|
CRYPTO_AEAD_MODULE
|
|
|
|
|
CRYPTO_MAC_MODULE
|
|
|
|
|
CRYPTO_HASH_MODULE
|
|
|
|
|
CRYPTO_CIPHER_MODULE
|
2021-11-10 16:43:53 +01:00
|
|
|
CRYPTO_ASYM_SIGN_MODULE
|
2023-01-23 15:41:49 +01:00
|
|
|
CRYPTO_ASYM_ENCRYPT_MODULE
|
2021-05-26 08:56:21 +02:00
|
|
|
CRYPTO_KEY_DERIVATION_MODULE
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_BUILD_WITH_TFM)
|
2023-01-19 13:34:59 +01:00
|
|
|
# PSA API awareness for the Non-Secure application
|
|
|
|
|
target_compile_definitions(app PRIVATE "TFM_PSA_API")
|
|
|
|
|
if (CONFIG_TFM_SFN)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_SPM_BACKEND="SFN")
|
|
|
|
|
else() # CONFIG_TFM_IPC
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_SPM_BACKEND="IPC")
|
2020-12-18 21:33:40 +01:00
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_REGRESSION_S)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTEST_S=ON)
|
2023-12-14 13:13:50 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_S_REG_TEST:BOOL=ON)
|
2020-12-18 21:33:40 +01:00
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_REGRESSION_NS)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTEST_NS=ON)
|
2023-12-14 13:13:50 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_NS_REG_TEST:BOOL=ON)
|
2020-12-18 21:33:40 +01:00
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_BL2)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DBL2=TRUE)
|
2023-01-23 15:41:49 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_IMAGE_VERSION_S=${CONFIG_TFM_IMAGE_VERSION_S})
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_IMAGE_VERSION_NS=${CONFIG_TFM_IMAGE_VERSION_NS})
|
2020-12-18 21:33:40 +01:00
|
|
|
else()
|
2021-06-07 18:58:26 +02:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DBL2=FALSE)
|
2020-12-18 21:33:40 +01:00
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_ISOLATION_LEVEL)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_ISOLATION_LEVEL=${CONFIG_TFM_ISOLATION_LEVEL})
|
2020-12-18 21:33:40 +01:00
|
|
|
endif()
|
2021-12-13 17:13:10 +01:00
|
|
|
if (CONFIG_TFM_ITS_NUM_ASSETS_OVERRIDE)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DITS_NUM_ASSETS=${CONFIG_TFM_ITS_NUM_ASSETS})
|
|
|
|
|
endif()
|
|
|
|
|
if (CONFIG_TFM_ITS_MAX_ASSET_SIZE_OVERRIDE)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DITS_MAX_ASSET_SIZE=${CONFIG_TFM_ITS_MAX_ASSET_SIZE})
|
|
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_PROFILE)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_PROFILE=${CONFIG_TFM_PROFILE})
|
2021-01-29 12:59:38 +01:00
|
|
|
endif()
|
2021-06-07 18:58:26 +02:00
|
|
|
if (CONFIG_TFM_CMAKE_BUILD_TYPE_RELEASE)
|
|
|
|
|
set(TFM_CMAKE_BUILD_TYPE "Release")
|
|
|
|
|
elseif (CONFIG_TFM_CMAKE_BUILD_TYPE_MINSIZEREL)
|
|
|
|
|
set(TFM_CMAKE_BUILD_TYPE "MinSizeRel")
|
|
|
|
|
elseif (CONFIG_TFM_CMAKE_BUILD_TYPE_DEBUG)
|
|
|
|
|
set(TFM_CMAKE_BUILD_TYPE "Debug")
|
|
|
|
|
else ()
|
|
|
|
|
set(TFM_CMAKE_BUILD_TYPE "RelWithDebInfo")
|
|
|
|
|
endif()
|
|
|
|
|
if (DEFINED CONFIG_TFM_MCUBOOT_IMAGE_NUMBER)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_IMAGE_NUMBER=${CONFIG_TFM_MCUBOOT_IMAGE_NUMBER})
|
2021-01-11 15:38:00 +01:00
|
|
|
endif()
|
|
|
|
|
|
2023-08-25 13:44:29 +02:00
|
|
|
if (CONFIG_TFM_DUMMY_PROVISIONING)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_DUMMY_PROVISIONING=ON)
|
|
|
|
|
else()
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_DUMMY_PROVISIONING=OFF)
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-10-12 17:17:01 +02:00
|
|
|
if (CONFIG_TFM_EXCEPTION_INFO_DUMP)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_EXCEPTION_INFO_DUMP=ON)
|
|
|
|
|
else()
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_EXCEPTION_INFO_DUMP=OFF)
|
|
|
|
|
endif()
|
|
|
|
|
|
2023-10-26 10:57:30 +02:00
|
|
|
if (CONFIG_TFM_BL2)
|
|
|
|
|
if (CONFIG_TFM_BL2_LOG_LEVEL_DEBUG)
|
|
|
|
|
set(TFM_BL2_LOG_LEVEL "DEBUG")
|
|
|
|
|
elseif (CONFIG_TFM_BL2_LOG_LEVEL_INFO)
|
|
|
|
|
set(TFM_BL2_LOG_LEVEL "INFO")
|
|
|
|
|
elseif (CONFIG_TFM_BL2_LOG_LEVEL_WARNING)
|
|
|
|
|
set(TFM_BL2_LOG_LEVEL "WARNING")
|
|
|
|
|
elseif (CONFIG_TFM_BL2_LOG_LEVEL_ERROR)
|
|
|
|
|
set(TFM_BL2_LOG_LEVEL "ERROR")
|
|
|
|
|
elseif (CONFIG_TFM_BL2_LOG_LEVEL_OFF OR CONFIG_TFM_LOG_LEVEL_SILENCE)
|
|
|
|
|
set(TFM_BL2_LOG_LEVEL "OFF")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
if (DEFINED TFM_BL2_LOG_LEVEL)
|
|
|
|
|
# BL2 uses MCUBOOT_LOG_LEVEL configuration
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_LOG_LEVEL=${TFM_BL2_LOG_LEVEL})
|
|
|
|
|
endif()
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-10-12 17:17:01 +02:00
|
|
|
if (CONFIG_TFM_PARTITION_LOG_LEVEL_DEBUG)
|
|
|
|
|
set(TFM_PARTITION_LOG_LEVEL "TFM_PARTITION_LOG_LEVEL_DEBUG")
|
|
|
|
|
elseif (CONFIG_TFM_PARTITION_LOG_LEVEL_INFO)
|
|
|
|
|
set(TFM_PARTITION_LOG_LEVEL "TFM_PARTITION_LOG_LEVEL_INFO")
|
|
|
|
|
elseif (CONFIG_TFM_PARTITION_LOG_LEVEL_ERROR)
|
|
|
|
|
set(TFM_PARTITION_LOG_LEVEL "TFM_PARTITION_LOG_LEVEL_ERROR")
|
2022-02-03 10:49:25 +01:00
|
|
|
elseif (CONFIG_TFM_PARTITION_LOG_LEVEL_SILENCE OR CONFIG_TFM_LOG_LEVEL_SILENCE)
|
2021-10-12 17:17:01 +02:00
|
|
|
set(TFM_PARTITION_LOG_LEVEL "TFM_PARTITION_LOG_LEVEL_SILENCE")
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-10-26 16:57:53 +02:00
|
|
|
if (DEFINED TFM_PARTITION_LOG_LEVEL)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_PARTITION_LOG_LEVEL=${TFM_PARTITION_LOG_LEVEL})
|
|
|
|
|
endif()
|
2021-10-12 17:17:01 +02:00
|
|
|
|
|
|
|
|
if (CONFIG_TFM_SPM_LOG_LEVEL_DEBUG)
|
|
|
|
|
set(TFM_SPM_LOG_LEVEL "TFM_SPM_LOG_LEVEL_DEBUG")
|
|
|
|
|
elseif (CONFIG_TFM_SPM_LOG_LEVEL_INFO)
|
|
|
|
|
set(TFM_SPM_LOG_LEVEL "TFM_SPM_LOG_LEVEL_INFO")
|
|
|
|
|
elseif (CONFIG_TFM_SPM_LOG_LEVEL_ERROR)
|
|
|
|
|
set(TFM_SPM_LOG_LEVEL "TFM_SPM_LOG_LEVEL_ERROR")
|
2022-02-03 10:49:25 +01:00
|
|
|
elseif (CONFIG_TFM_SPM_LOG_LEVEL_SILENCE OR CONFIG_TFM_LOG_LEVEL_SILENCE)
|
2021-12-13 12:50:26 +01:00
|
|
|
set(TFM_SPM_LOG_LEVEL "TFM_SPM_LOG_LEVEL_SILENCE")
|
2021-10-12 17:17:01 +02:00
|
|
|
endif()
|
|
|
|
|
|
2021-10-26 16:57:53 +02:00
|
|
|
if (DEFINED TFM_SPM_LOG_LEVEL)
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_SPM_LOG_LEVEL=${TFM_SPM_LOG_LEVEL})
|
|
|
|
|
endif()
|
2021-10-12 17:17:01 +02:00
|
|
|
|
2021-06-07 18:58:26 +02:00
|
|
|
# Enable TFM partitions as specified in Kconfig
|
|
|
|
|
foreach(partition ${TFM_VALID_PARTITIONS})
|
|
|
|
|
if (CONFIG_${partition})
|
|
|
|
|
# list(APPEND TFM_ENABLED_PARTITIONS_ARG ${partition})
|
|
|
|
|
set(val "ON")
|
|
|
|
|
else()
|
|
|
|
|
set(val "OFF")
|
|
|
|
|
endif()
|
|
|
|
|
list(APPEND TFM_CMAKE_ARGS -D${partition}=${val})
|
|
|
|
|
endforeach()
|
|
|
|
|
|
|
|
|
|
# Enable TFM crypto modules as specified in Kconfig
|
|
|
|
|
foreach(module ${TFM_CRYPTO_MODULES})
|
|
|
|
|
if (CONFIG_TFM_${module}_ENABLED)
|
|
|
|
|
# list(APPEND TFM_ENABLED_CRYPTO_MODULES_ARG ${module})
|
2024-01-22 14:05:52 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -D${module}_ENABLED=True)
|
2021-06-07 18:58:26 +02:00
|
|
|
endif()
|
|
|
|
|
endforeach()
|
|
|
|
|
|
|
|
|
|
set(TFM_BINARY_DIR ${CMAKE_BINARY_DIR}/tfm)
|
|
|
|
|
|
2023-01-24 15:19:31 +01:00
|
|
|
set(PSA_ARCH_TESTS_PATH ${ZEPHYR_CURRENT_MODULE_DIR}/../psa-arch-tests)
|
|
|
|
|
|
2023-12-08 15:16:35 +01:00
|
|
|
set(TFM_INTERFACE_SOURCE_DIR ${TFM_BINARY_DIR}/api_ns/interface/src)
|
|
|
|
|
set(TFM_INTERFACE_INCLUDE_DIR ${TFM_BINARY_DIR}/api_ns/interface/include)
|
|
|
|
|
set(TFM_INTERFACE_LIB_DIR ${TFM_BINARY_DIR}/api_ns/interface/lib)
|
|
|
|
|
|
2021-06-07 18:58:26 +02:00
|
|
|
if(CONFIG_TFM_BL2)
|
2022-03-03 13:25:13 +01:00
|
|
|
set(BL2_ELF_FILE ${TFM_BINARY_DIR}/bin/bl2.elf)
|
2020-12-18 21:33:40 +01:00
|
|
|
set(BL2_BIN_FILE ${TFM_BINARY_DIR}/bin/bl2.bin)
|
|
|
|
|
set(BL2_HEX_FILE ${TFM_BINARY_DIR}/bin/bl2.hex)
|
|
|
|
|
endif()
|
2022-03-03 13:25:13 +01:00
|
|
|
set(TFM_S_ELF_FILE ${TFM_BINARY_DIR}/bin/tfm_s.elf)
|
2020-12-18 21:33:40 +01:00
|
|
|
set(TFM_S_BIN_FILE ${TFM_BINARY_DIR}/bin/tfm_s.bin)
|
|
|
|
|
set(TFM_S_HEX_FILE ${TFM_BINARY_DIR}/bin/tfm_s.hex)
|
|
|
|
|
set(TFM_NS_BIN_FILE ${TFM_BINARY_DIR}/bin/tfm_ns.bin)
|
2023-12-14 11:05:49 +01:00
|
|
|
set(TFM_NS_HEX_FILE ${CMAKE_BINARY_DIR}/tfm_ns/bin/tfm_ns.hex)
|
2020-12-18 21:33:40 +01:00
|
|
|
set(TFM_S_SIGNED_BIN_FILE ${TFM_BINARY_DIR}/bin/tfm_s_signed.bin)
|
|
|
|
|
set(TFM_NS_SIGNED_BIN_FILE ${TFM_BINARY_DIR}/bin/tfm_ns_signed.bin)
|
|
|
|
|
set(TFM_S_NS_SIGNED_BIN_FILE ${TFM_BINARY_DIR}/bin/tfm_s_ns_signed.bin)
|
|
|
|
|
|
|
|
|
|
set(BUILD_BYPRODUCTS
|
2021-01-11 15:38:00 +01:00
|
|
|
${PSA_TEST_VAL_FILE}
|
|
|
|
|
${PSA_TEST_PAL_FILE}
|
|
|
|
|
${PSA_TEST_COMBINE_FILE}
|
2022-03-03 13:25:13 +01:00
|
|
|
${BL2_ELF_FILE}
|
2020-12-18 21:33:40 +01:00
|
|
|
${BL2_BIN_FILE}
|
|
|
|
|
${BL2_HEX_FILE}
|
2022-03-03 13:25:13 +01:00
|
|
|
${TFM_S_ELF_FILE}
|
2020-12-18 21:33:40 +01:00
|
|
|
${TFM_S_BIN_FILE}
|
|
|
|
|
${TFM_S_HEX_FILE}
|
|
|
|
|
${TFM_S_SIGNED_BIN_FILE}
|
|
|
|
|
${TFM_S_NS_SIGNED_BIN_FILE}
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2023-12-08 15:16:35 +01:00
|
|
|
${TFM_INTERFACE_LIB_DIR}/s_veneers.o
|
|
|
|
|
|
2023-01-23 15:41:49 +01:00
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_attest_api.c
|
|
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_crypto_api.c
|
2023-06-05 11:45:17 +02:00
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_fwu_api.c
|
2023-01-23 15:41:49 +01:00
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_its_api.c
|
|
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_platform_api.c
|
|
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_ps_api.c
|
2023-12-08 15:16:35 +01:00
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_tz_psa_ns_api.c
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2022-09-14 22:23:15 +02:00
|
|
|
# Specific to nordic platform
|
2022-03-09 10:43:34 +01:00
|
|
|
${TFM_INTERFACE_SOURCE_DIR}/tfm_ioctl_core_ns_api.c
|
2020-12-18 21:33:40 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Get the toolchain variant
|
|
|
|
|
# TODO: Add support for cross-compile toolchain variant
|
|
|
|
|
# TODO: Enforce GCC version check against TF-M compiler requirements
|
|
|
|
|
if(${ZEPHYR_TOOLCHAIN_VARIANT} STREQUAL "zephyr")
|
2021-10-19 17:57:44 +02:00
|
|
|
set(TFM_TOOLCHAIN_FILE "toolchain_GNUARM.cmake")
|
2020-12-18 21:33:40 +01:00
|
|
|
set(TFM_TOOLCHAIN_PREFIX "arm-zephyr-eabi")
|
|
|
|
|
set(TFM_TOOLCHAIN_PATH ${ZEPHYR_SDK_INSTALL_DIR}/arm-zephyr-eabi/bin)
|
|
|
|
|
elseif(${ZEPHYR_TOOLCHAIN_VARIANT} STREQUAL "gnuarmemb")
|
2021-10-19 17:57:44 +02:00
|
|
|
set(TFM_TOOLCHAIN_FILE "toolchain_GNUARM.cmake")
|
2020-12-18 21:33:40 +01:00
|
|
|
set(TFM_TOOLCHAIN_PREFIX "arm-none-eabi")
|
|
|
|
|
set(TFM_TOOLCHAIN_PATH ${GNUARMEMB_TOOLCHAIN_PATH}/bin)
|
2021-05-13 18:38:32 +02:00
|
|
|
elseif(${ZEPHYR_TOOLCHAIN_VARIANT} STREQUAL "xtools")
|
2021-10-19 17:57:44 +02:00
|
|
|
set(TFM_TOOLCHAIN_FILE "toolchain_GNUARM.cmake")
|
2021-05-13 18:38:32 +02:00
|
|
|
set(TFM_TOOLCHAIN_PREFIX "arm-zephyr-eabi")
|
|
|
|
|
set(TFM_TOOLCHAIN_PATH ${XTOOLS_TOOLCHAIN_PATH}/arm-zephyr-eabi/bin)
|
2020-12-18 21:33:40 +01:00
|
|
|
else()
|
|
|
|
|
message(FATAL_ERROR "Unsupported ZEPHYR_TOOLCHAIN_VARIANT: ${ZEPHYR_TOOLCHAIN_VARIANT}")
|
|
|
|
|
endif()
|
|
|
|
|
|
2023-12-15 10:33:50 +01:00
|
|
|
string(REPLACE "toolchain" "toolchain_ns" TFM_TOOLCHAIN_NS_FILE ${TFM_TOOLCHAIN_FILE})
|
|
|
|
|
|
2024-03-14 11:44:01 +01:00
|
|
|
if(CONFIG_BOARD_LPCXPRESSO55S69_LPC55S69_CPU0_NS)
|
2021-07-14 14:18:14 +02:00
|
|
|
# Supply path to NXP HAL sources used for TF-M build
|
2021-10-19 17:57:44 +02:00
|
|
|
set(TFM_PLATFORM_NXP_HAL_FILE_PATH ${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/platform/ext/target/nxp/)
|
2021-07-14 14:18:14 +02:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DTFM_PLATFORM_NXP_HAL_FILE_PATH=${TFM_PLATFORM_NXP_HAL_FILE_PATH})
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-07-27 13:33:58 +02:00
|
|
|
if(CONFIG_TFM_BL2 AND CONFIG_TFM_MCUBOOT_PATH_LOCAL)
|
|
|
|
|
# Supply path to MCUboot for TF-M build
|
2021-10-11 15:53:43 +02:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_PATH=${ZEPHYR_MCUBOOT_MODULE_DIR})
|
2021-07-27 13:33:58 +02:00
|
|
|
endif()
|
|
|
|
|
|
2022-03-25 13:44:26 +01:00
|
|
|
if(CONFIG_TFM_MCUBOOT_DATA_SHARING)
|
2021-04-20 01:06:01 +02:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DMCUBOOT_DATA_SHARING=ON)
|
|
|
|
|
endif()
|
|
|
|
|
|
2022-03-30 12:12:31 +02:00
|
|
|
if(CONFIG_FPU AND CONFIG_FP_HARDABI)
|
2023-02-02 17:50:45 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_ENABLE_FP=ON)
|
|
|
|
|
# Note: This is not a cmake option in TF-M.
|
|
|
|
|
# This should be specified by the platform in preload.cmake
|
|
|
|
|
# This works as a workaround for the platforms that do not have this.
|
2022-03-30 12:12:31 +02:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_FP_ARCH=${FPU_FOR_${GCC_M_CPU}})
|
|
|
|
|
else()
|
2023-02-02 17:50:45 +01:00
|
|
|
list(APPEND TFM_CMAKE_ARGS -DCONFIG_TFM_ENABLE_FP=OFF)
|
2022-03-30 12:12:31 +02:00
|
|
|
endif()
|
|
|
|
|
|
2021-03-03 14:28:51 +01:00
|
|
|
file(MAKE_DIRECTORY ${TFM_BINARY_DIR})
|
|
|
|
|
add_custom_target(tfm_cmake
|
2021-06-11 21:40:54 +02:00
|
|
|
DEPENDS ${TFM_BINARY_DIR}/CMakeCache.txt
|
|
|
|
|
)
|
|
|
|
|
add_custom_command(
|
|
|
|
|
OUTPUT ${TFM_BINARY_DIR}/CMakeCache.txt
|
2021-03-03 14:28:51 +01:00
|
|
|
COMMAND ${CMAKE_COMMAND}
|
|
|
|
|
-G${CMAKE_GENERATOR}
|
|
|
|
|
-DTFM_TOOLCHAIN_FILE=${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/${TFM_TOOLCHAIN_FILE}
|
|
|
|
|
-DCROSS_COMPILE=${TFM_TOOLCHAIN_PATH}/${TFM_TOOLCHAIN_PREFIX}
|
2021-06-07 18:58:26 +02:00
|
|
|
-DCMAKE_BUILD_TYPE=${TFM_CMAKE_BUILD_TYPE}
|
|
|
|
|
-DTFM_PLATFORM=${CONFIG_TFM_BOARD}
|
2022-04-07 20:34:26 +02:00
|
|
|
-DCONFIG_TFM_BUILD_LOG_QUIET=ON
|
2024-03-01 15:17:50 +01:00
|
|
|
-DSILENCE_TFM_VERSION_WARNING=ON
|
2023-05-02 16:49:53 +02:00
|
|
|
-DCONFIG_TFM_MEMORY_USAGE_QUIET=OFF
|
2023-12-06 11:51:36 +01:00
|
|
|
-DPython3_EXECUTABLE=${Python3_EXECUTABLE}
|
2021-03-03 14:28:51 +01:00
|
|
|
${TFM_CMAKE_ARGS}
|
2021-06-07 18:58:26 +02:00
|
|
|
$<GENEX_EVAL:$<TARGET_PROPERTY:zephyr_property_target,TFM_CMAKE_OPTIONS>>
|
2021-10-14 21:59:12 +02:00
|
|
|
-DMBEDCRYPTO_PATH=$<IF:$<BOOL:$<TARGET_PROPERTY:zephyr_property_target,TFM_MBEDCRYPTO_PATH>>,$<TARGET_PROPERTY:zephyr_property_target,TFM_MBEDCRYPTO_PATH>,${ZEPHYR_MBEDTLS_MODULE_DIR}>
|
2023-01-24 15:19:31 +01:00
|
|
|
-DPSA_ARCH_TESTS_PATH=${PSA_ARCH_TESTS_PATH}
|
2021-10-19 17:57:44 +02:00
|
|
|
${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}
|
2021-03-03 14:28:51 +01:00
|
|
|
WORKING_DIRECTORY ${TFM_BINARY_DIR}
|
|
|
|
|
COMMAND_EXPAND_LISTS
|
|
|
|
|
)
|
|
|
|
|
|
2020-12-18 21:33:40 +01:00
|
|
|
include(ExternalProject)
|
|
|
|
|
|
2021-10-12 11:36:45 +02:00
|
|
|
if(${CMAKE_HOST_SYSTEM_NAME} STREQUAL Windows)
|
|
|
|
|
# Set number of parallel jobs for TF-M build to 1.
|
|
|
|
|
# In some circumstances it has been experienced that building TF-M with
|
|
|
|
|
# multiple parallel jobs then `permission denied` may occur. Root cause on
|
|
|
|
|
# Windows has not been identified but current suspicion is around folder /
|
|
|
|
|
# file lock mechanism. To ensure correct behaviour in all cases, limit
|
|
|
|
|
# number of parallel jobs to 1.
|
|
|
|
|
set(PARALLEL_JOBS -j 1)
|
|
|
|
|
else()
|
|
|
|
|
# Leave PARALLEL_JOBS unset and use the default number of
|
|
|
|
|
# threads. Which is num_cores+2 on Ninja and MAKEFLAGS with Make.
|
|
|
|
|
endif()
|
|
|
|
|
|
2020-12-18 21:33:40 +01:00
|
|
|
ExternalProject_Add(
|
|
|
|
|
tfm
|
2021-10-19 17:57:44 +02:00
|
|
|
SOURCE_DIR ${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}
|
2020-12-18 21:33:40 +01:00
|
|
|
BINARY_DIR ${TFM_BINARY_DIR}
|
2021-03-03 14:28:51 +01:00
|
|
|
CONFIGURE_COMMAND ""
|
2021-10-12 11:36:45 +02:00
|
|
|
BUILD_COMMAND ${CMAKE_COMMAND} --build . ${PARALLEL_JOBS}
|
2021-03-03 14:28:51 +01:00
|
|
|
INSTALL_COMMAND ${CMAKE_COMMAND} --install .
|
2020-12-18 21:33:40 +01:00
|
|
|
BUILD_ALWAYS True
|
|
|
|
|
USES_TERMINAL_BUILD True
|
2021-03-03 14:28:51 +01:00
|
|
|
DEPENDS tfm_cmake
|
2020-12-18 21:33:40 +01:00
|
|
|
BUILD_BYPRODUCTS ${BUILD_BYPRODUCTS}
|
|
|
|
|
)
|
|
|
|
|
|
2021-11-12 18:10:52 +01:00
|
|
|
# Set TFM binary directory as target property on 'tfm'
|
|
|
|
|
# This is the root of all TFM build artifacts.
|
|
|
|
|
set_target_properties(tfm PROPERTIES TFM_BINARY_DIR ${TFM_BINARY_DIR})
|
|
|
|
|
|
2023-12-15 10:33:50 +01:00
|
|
|
# Set TFM toolchain properties on 'tfm'
|
|
|
|
|
set_target_properties(tfm PROPERTIES TFM_TOOLCHAIN_NS_FILE ${TFM_TOOLCHAIN_NS_FILE})
|
|
|
|
|
set_target_properties(tfm PROPERTIES TFM_TOOLCHAIN_PREFIX ${TFM_TOOLCHAIN_PREFIX})
|
|
|
|
|
set_target_properties(tfm PROPERTIES TFM_TOOLCHAIN_PATH ${TFM_TOOLCHAIN_PATH})
|
|
|
|
|
|
2020-12-18 21:33:40 +01:00
|
|
|
# Set BL2 (MCUboot) executable file paths as target properties on 'tfm'
|
|
|
|
|
# These files are produced by the TFM build system.
|
2021-06-07 18:58:26 +02:00
|
|
|
if(CONFIG_TFM_BL2)
|
2020-12-18 21:33:40 +01:00
|
|
|
set_target_properties(tfm PROPERTIES
|
2022-03-03 13:25:13 +01:00
|
|
|
BL2_ELF_FILE ${BL2_ELF_FILE}
|
2020-12-18 21:33:40 +01:00
|
|
|
BL2_BIN_FILE ${BL2_BIN_FILE}
|
|
|
|
|
BL2_HEX_FILE ${BL2_HEX_FILE}
|
|
|
|
|
)
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
# Set TFM S/NS executable file paths as target properties on 'tfm'
|
|
|
|
|
# These files are produced by the TFM build system.
|
|
|
|
|
# Note that the Nonsecure FW is replaced by the Zephyr app in regular Zephyr
|
|
|
|
|
# builds.
|
|
|
|
|
set_target_properties(tfm PROPERTIES
|
2022-03-03 13:25:13 +01:00
|
|
|
TFM_S_ELF_FILE ${TFM_S_ELF_FILE}
|
2020-12-18 21:33:40 +01:00
|
|
|
TFM_S_BIN_FILE ${TFM_S_BIN_FILE} # TFM Secure FW (unsigned)
|
|
|
|
|
TFM_S_HEX_FILE ${TFM_S_HEX_FILE} # TFM Secure FW (unsigned)
|
|
|
|
|
TFM_NS_BIN_FILE ${TFM_NS_BIN_FILE} # TFM Nonsecure FW (unsigned)
|
|
|
|
|
TFM_NS_HEX_FILE ${TFM_NS_HEX_FILE} # TFM Nonsecure FW (unsigned)
|
|
|
|
|
TFM_S_SIGNED_BIN_FILE ${TFM_S_SIGNED_BIN_FILE} # TFM Secure FW (signed)
|
|
|
|
|
TFM_NS_SIGNED_BIN_FILE ${TFM_NS_SIGNED_BIN_FILE} # TFM Nonsecure FW (signed)
|
|
|
|
|
TFM_S_NS_SIGNED_BIN_FILE ${TFM_S_NS_SIGNED_BIN_FILE} # Merged TFM Secure/Nonsecure FW (signed)
|
|
|
|
|
)
|
|
|
|
|
|
2021-04-19 12:52:54 +02:00
|
|
|
zephyr_library_named(tfm_api)
|
|
|
|
|
|
|
|
|
|
zephyr_library_sources(
|
|
|
|
|
src/zephyr_tfm_log.c
|
|
|
|
|
interface/interface.c
|
|
|
|
|
)
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2021-04-19 12:52:54 +02:00
|
|
|
# Non-Secure interface to request system reboot
|
2022-05-31 12:59:45 +02:00
|
|
|
if (CONFIG_TFM_PARTITION_PLATFORM AND NOT CONFIG_TFM_PARTITION_PLATFORM_CUSTOM_REBOOT)
|
|
|
|
|
zephyr_library_sources(src/reboot.c)
|
|
|
|
|
endif()
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2023-12-14 11:05:49 +01:00
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_PLATFORM ${TFM_INTERFACE_SOURCE_DIR}/tfm_platform_api.c)
|
|
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_PROTECTED_STORAGE ${TFM_INTERFACE_SOURCE_DIR}/tfm_ps_api.c)
|
|
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_INTERNAL_TRUSTED_STORAGE ${TFM_INTERFACE_SOURCE_DIR}/tfm_its_api.c)
|
|
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_CRYPTO ${TFM_INTERFACE_SOURCE_DIR}/tfm_crypto_api.c)
|
|
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_INITIAL_ATTESTATION ${TFM_INTERFACE_SOURCE_DIR}/tfm_attest_api.c)
|
|
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_FIRMWARE_UPDATE ${TFM_INTERFACE_SOURCE_DIR}/tfm_fwu_api.c)
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2023-12-14 11:05:49 +01:00
|
|
|
zephyr_library_sources(${TFM_INTERFACE_SOURCE_DIR}/tfm_tz_psa_ns_api.c)
|
2022-03-09 10:43:34 +01:00
|
|
|
|
2022-09-14 22:23:15 +02:00
|
|
|
if(CONFIG_SOC_FAMILY_NORDIC_NRF)
|
2023-12-14 11:05:49 +01:00
|
|
|
zephyr_library_sources_ifdef(CONFIG_TFM_PARTITION_PLATFORM ${TFM_INTERFACE_SOURCE_DIR}/tfm_ioctl_core_ns_api.c)
|
2022-03-09 10:43:34 +01:00
|
|
|
endif()
|
|
|
|
|
|
2021-05-08 23:40:07 +02:00
|
|
|
target_include_directories(tfm_api PRIVATE
|
2023-12-08 15:16:35 +01:00
|
|
|
${TFM_INTERFACE_INCLUDE_DIR}
|
|
|
|
|
${TFM_INTERFACE_INCLUDE_DIR}/crypto_keys
|
2021-05-08 23:40:07 +02:00
|
|
|
)
|
|
|
|
|
|
2021-04-19 12:52:54 +02:00
|
|
|
zephyr_library_link_libraries(
|
2023-12-08 15:16:35 +01:00
|
|
|
${TFM_INTERFACE_LIB_DIR}/s_veneers.o
|
2021-04-19 12:52:54 +02:00
|
|
|
)
|
2020-12-18 21:33:40 +01:00
|
|
|
|
2021-04-19 12:52:54 +02:00
|
|
|
# To ensure that generated include files are created before they are used.
|
|
|
|
|
add_dependencies(zephyr_interface tfm)
|
2020-12-18 21:33:40 +01:00
|
|
|
|
2021-02-05 11:53:03 +01:00
|
|
|
if (CONFIG_TFM_BL2)
|
2021-11-12 18:10:52 +01:00
|
|
|
set(PREPROCESSED_FILE_S "${TFM_BINARY_DIR}/bl2/ext/mcuboot/CMakeFiles/signing_layout_s.dir/signing_layout_s.o")
|
|
|
|
|
set(PREPROCESSED_FILE_NS "${TFM_BINARY_DIR}/bl2/ext/mcuboot/CMakeFiles/signing_layout_ns.dir/signing_layout_ns.o")
|
2021-10-19 17:57:44 +02:00
|
|
|
set(TFM_MCUBOOT_DIR "${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/bl2/ext/mcuboot")
|
2021-02-05 11:53:03 +01:00
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
# Configure which format (full or hash) to include the public key in
|
|
|
|
|
# the image manifest
|
|
|
|
|
if(NOT DEFINED TFM_PUBLIC_KEY_FORMAT)
|
|
|
|
|
set(TFM_PUBLIC_KEY_FORMAT "full")
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-02-27 00:29:37 +01:00
|
|
|
if(DEFINED TFM_HEX_BASE_ADDRESS_S)
|
|
|
|
|
set(HEX_ADDR_ARGS_S "--hex-addr=${TFM_HEX_BASE_ADDRESS_S}")
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
if(DEFINED TFM_HEX_BASE_ADDRESS_NS)
|
|
|
|
|
set(HEX_ADDR_ARGS_NS "--hex-addr=${TFM_HEX_BASE_ADDRESS_NS}")
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-02-05 11:53:03 +01:00
|
|
|
function(tfm_sign OUT_ARG SUFFIX PAD INPUT_FILE OUTPUT_FILE)
|
|
|
|
|
if(PAD)
|
|
|
|
|
set(pad_args --pad --pad-header)
|
|
|
|
|
endif()
|
|
|
|
|
set (${OUT_ARG}
|
2021-11-19 14:43:13 +01:00
|
|
|
# Add the MCUBoot script to the path so that if there is a version of imgtool in there then
|
|
|
|
|
# it gets used over the system imgtool. Used so that imgtool from upstream
|
|
|
|
|
# mcuboot is preferred over system imgtool
|
|
|
|
|
${CMAKE_COMMAND} -E env PYTHONPATH=${ZEPHYR_MCUBOOT_MODULE_DIR}/scripts
|
2021-02-05 11:53:03 +01:00
|
|
|
${PYTHON_EXECUTABLE} ${TFM_MCUBOOT_DIR}/scripts/wrapper/wrapper.py
|
|
|
|
|
--layout ${PREPROCESSED_FILE_${SUFFIX}}
|
|
|
|
|
-k ${CONFIG_TFM_KEY_FILE_${SUFFIX}}
|
|
|
|
|
--public-key-format ${TFM_PUBLIC_KEY_FORMAT}
|
|
|
|
|
--align 1
|
2022-03-10 22:19:45 +01:00
|
|
|
-v ${CONFIG_TFM_IMAGE_VERSION_${SUFFIX}}
|
2021-02-05 11:53:03 +01:00
|
|
|
${pad_args}
|
2021-02-27 00:29:37 +01:00
|
|
|
${HEX_ADDR_ARGS_${SUFFIX}}
|
2021-02-05 11:53:03 +01:00
|
|
|
${ADD_${SUFFIX}_IMAGE_MIN_VER}
|
|
|
|
|
-s auto
|
2023-01-23 15:41:49 +01:00
|
|
|
--measured-boot-record
|
2021-02-05 11:53:03 +01:00
|
|
|
-H ${CONFIG_ROM_START_OFFSET}
|
|
|
|
|
${INPUT_FILE}
|
|
|
|
|
${OUTPUT_FILE}
|
|
|
|
|
PARENT_SCOPE)
|
|
|
|
|
endfunction()
|
|
|
|
|
|
2023-03-23 18:58:28 +01:00
|
|
|
set(MERGED_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_merged.hex)
|
|
|
|
|
set(S_NS_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_zephyr_ns.hex)
|
|
|
|
|
set(S_NS_SIGNED_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_zephyr_ns_signed.hex)
|
|
|
|
|
set(NS_SIGNED_FILE ${CMAKE_BINARY_DIR}/zephyr/zephyr_ns_signed.hex)
|
|
|
|
|
set(S_SIGNED_FILE ${CMAKE_BINARY_DIR}/zephyr/tfm_s_signed.hex)
|
2021-02-05 11:53:03 +01:00
|
|
|
|
2022-03-09 10:43:34 +01:00
|
|
|
if (CONFIG_TFM_USE_NS_APP)
|
2021-06-03 16:53:36 +02:00
|
|
|
# Use the TF-M NS binary as the Non-Secure application firmware image
|
|
|
|
|
set(NS_APP_FILE $<TARGET_PROPERTY:tfm,TFM_NS_HEX_FILE>)
|
|
|
|
|
else()
|
|
|
|
|
# Use the Zephyr binary as the Non-Secure application firmware image
|
|
|
|
|
set(NS_APP_FILE ${CMAKE_BINARY_DIR}/zephyr/${KERNEL_HEX_NAME})
|
|
|
|
|
endif()
|
|
|
|
|
|
2021-02-05 11:53:03 +01:00
|
|
|
if (NOT CONFIG_TFM_BL2)
|
|
|
|
|
# Merge tfm_s and zephyr (NS) image to a single binary.
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
|
2022-07-11 16:55:37 +02:00
|
|
|
COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
|
2021-02-05 11:53:03 +01:00
|
|
|
-o ${MERGED_FILE}
|
|
|
|
|
$<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE>
|
2021-06-03 16:53:36 +02:00
|
|
|
${NS_APP_FILE}
|
2021-02-05 11:53:03 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_byproducts
|
|
|
|
|
${MERGED_FILE}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
elseif(CONFIG_TFM_MCUBOOT_IMAGE_NUMBER STREQUAL "1")
|
|
|
|
|
tfm_sign(sign_cmd NS TRUE ${S_NS_FILE} ${S_NS_SIGNED_FILE})
|
|
|
|
|
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
|
2022-07-11 16:55:37 +02:00
|
|
|
COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
|
2021-02-05 11:53:03 +01:00
|
|
|
-o ${S_NS_FILE}
|
|
|
|
|
$<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE>
|
2021-04-20 15:21:02 +02:00
|
|
|
${NS_APP_FILE}
|
2021-02-05 11:53:03 +01:00
|
|
|
|
|
|
|
|
COMMAND ${sign_cmd}
|
|
|
|
|
|
2022-07-11 16:55:37 +02:00
|
|
|
COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
|
2021-02-05 11:53:03 +01:00
|
|
|
-o ${MERGED_FILE}
|
|
|
|
|
$<TARGET_PROPERTY:tfm,BL2_HEX_FILE>
|
|
|
|
|
${S_NS_SIGNED_FILE}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_byproducts
|
|
|
|
|
${S_NS_FILE}
|
|
|
|
|
${S_NS_SIGNED_FILE}
|
|
|
|
|
${MERGED_FILE}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
else()
|
2022-03-09 10:43:34 +01:00
|
|
|
if (CONFIG_TFM_USE_NS_APP)
|
2021-06-03 16:53:36 +02:00
|
|
|
tfm_sign(sign_cmd_ns NS TRUE ${NS_APP_FILE} ${NS_SIGNED_FILE})
|
2021-04-20 15:21:02 +02:00
|
|
|
else()
|
2021-06-03 16:53:36 +02:00
|
|
|
tfm_sign(sign_cmd_ns NS FALSE ${NS_APP_FILE} ${NS_SIGNED_FILE})
|
2021-04-20 15:21:02 +02:00
|
|
|
endif()
|
|
|
|
|
|
2021-02-05 11:53:03 +01:00
|
|
|
tfm_sign(sign_cmd_s S TRUE $<TARGET_PROPERTY:tfm,TFM_S_HEX_FILE> ${S_SIGNED_FILE})
|
|
|
|
|
|
|
|
|
|
#Create and sign for concatenated binary image, should align with the TF-M BL2
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_commands
|
|
|
|
|
COMMAND ${sign_cmd_ns}
|
|
|
|
|
COMMAND ${sign_cmd_s}
|
|
|
|
|
|
2022-07-11 16:55:37 +02:00
|
|
|
COMMAND ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/build/mergehex.py
|
2021-02-05 11:53:03 +01:00
|
|
|
-o ${MERGED_FILE}
|
|
|
|
|
$<TARGET_PROPERTY:tfm,BL2_HEX_FILE>
|
|
|
|
|
${S_SIGNED_FILE}
|
|
|
|
|
${NS_SIGNED_FILE}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
set_property(GLOBAL APPEND PROPERTY extra_post_build_byproducts
|
|
|
|
|
${S_SIGNED_FILE}
|
|
|
|
|
${NS_SIGNED_FILE}
|
|
|
|
|
${MERGED_FILE}
|
|
|
|
|
)
|
|
|
|
|
endif()
|
2023-08-25 13:44:29 +02:00
|
|
|
|
|
|
|
|
if(CONFIG_TFM_DUMMY_PROVISIONING)
|
|
|
|
|
message(WARNING
|
|
|
|
|
"TFM_DUMMY_PROVISIONING is enabled:
|
|
|
|
|
The device will be provisioned using dummy keys and is NOT secure!
|
|
|
|
|
This is not suitable for production"
|
|
|
|
|
)
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
endif() # CONFIG_BUILD_WITH_TFM
|
