Merge "SPMD: generate and add Secure Partition blobs into FIP" into integration
diff --git a/Makefile b/Makefile
index 547b584..11b0753 100644
--- a/Makefile
+++ b/Makefile
@@ -701,6 +701,7 @@
# Variables for use with sptool
SPTOOLPATH ?= tools/sptool
SPTOOL ?= ${SPTOOLPATH}/sptool${BIN_EXT}
+SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
# Variables for use with ROMLIB
ROMLIBPATH ?= lib/romlib
@@ -889,11 +890,22 @@
$(eval $(call add_define,USE_ARM_LINK))
endif
+# Generate and include sp_gen.mk if SPD is spmd and SP_LAYOUT_FILE is defined
+ifdef SP_LAYOUT_FILE
+ifeq (${SPD},spmd)
+ -include $(BUILD_PLAT)/sp_gen.mk
+ FIP_DEPS += sp
+ NEED_SP_PKG := yes
+else
+ $(error "SP_LAYOUT_FILE will be used only if SPD=spmd")
+endif
+endif
+
################################################################################
# Build targets
################################################################################
-.PHONY: all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool sptool fip fwu_fip certtool dtbs memmap doc
+.PHONY: all msg_start clean realclean distclean cscope locate-checkpatch checkcodebase checkpatch fiptool sptool fip sp fwu_fip certtool dtbs memmap doc
.SUFFIXES:
all: msg_start
@@ -971,6 +983,17 @@
$(eval $(call MAKE_DTBS,$(BUILD_PLAT)/fdts,$(FDT_SOURCES)))
endif
+# Add Secure Partition packages
+ifeq (${NEED_SP_PKG},yes)
+$(BUILD_PLAT)/sp_gen.mk: ${SP_MK_GEN} ${SP_LAYOUT_FILE} | ${BUILD_PLAT}
+ ${Q}${PYTHON} "$<" "$@" $(filter-out $<,$^) $(BUILD_PLAT)
+sp: $(SPTOOL) $(DTBS) $(BUILD_PLAT)/sp_gen.mk
+ ${Q}$(SPTOOL) $(SPTOOL_ARGS)
+ @${ECHO_BLANK_LINE}
+ @echo "Built SP Images successfully"
+ @${ECHO_BLANK_LINE}
+endif
+
locate-checkpatch:
ifndef CHECKPATCH
$(error "Please set CHECKPATCH to point to the Linux checkpatch.pl file, eg: CHECKPATCH=../linux/scripts/checkpatch.pl")
@@ -1132,6 +1155,7 @@
@echo " distclean Remove all build artifacts for all platforms"
@echo " certtool Build the Certificate generation tool"
@echo " fiptool Build the Firmware Image Package (FIP) creation tool"
+ @echo " sp Build the Secure Partition Packages"
@echo " sptool Build the Secure Partition Package creation tool"
@echo " dtbs Build the Device Tree Blobs (if required for the platform)"
@echo " memmap Print the memory map of the built binaries"
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 8854a79..7ee34c9 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -522,6 +522,11 @@
- ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
Partition Manager (SPM) implementation. The default value is ``0``.
+- ``SP_LAYOUT_FILE``: Platform provided path to JSON file containing the
+ description of secure partitions. Build system will parse this file and
+ package all secure partition blobs in FIP. This file not necessarily be
+ part of TF-A tree. Only avaialbe when ``SPD=spmd``.
+
- ``SP_MIN_WITH_SECURE_FIQ``: Boolean flag to indicate the SP_MIN handles
secure interrupts (caught through the FIQ line). Platforms can enable
this directive if they need to handle such interruption. When enabled,
diff --git a/tools/sptool/sp_mk_generator.py b/tools/sptool/sp_mk_generator.py
new file mode 100755
index 0000000..6b6fa19
--- /dev/null
+++ b/tools/sptool/sp_mk_generator.py
@@ -0,0 +1,100 @@
+#!/usr/bin/python3
+# Copyright (c) 2020, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+
+"""
+This script is invoked by Make system and generates secure partition makefile.
+It expects platform provided secure partition layout file which contains list
+of Secure Partition Images and Partition manifests(PM).
+Layout file can exist outside of TF-A tree and the paths of Image and PM files
+must be relative to it.
+
+This script parses the layout file and generates a make file which updates
+FDT_SOURCES, FIP_ARGS and SPTOOL_ARGS which are used in later build steps.
+This script also gets SP "uuid" from parsing its PM and converting it to a
+standard format.
+
+param1: Generated mk file "sp_gen.mk"
+param2: "SP_LAYOUT_FILE", json file containing platform provided information
+param3: plat out directory
+
+Generated "sp_gen.mk" file contains triplet of following information for each
+Secure Partition entry
+ FDT_SOURCES += sp1.dts
+ SPTOOL_ARGS += -i sp1.bin:sp1.dtb -o sp1.pkg
+ FIP_ARGS += --blob uuid=XXXXX-XXX...,file=sp1.pkg
+
+A typical SP_LAYOUT_FILE file will look like
+{
+ "SP1" : {
+ "image": "sp1.bin",
+ "pm": "test/sp1.dts"
+ },
+
+ "SP2" : {
+ "image": "sp2.bin",
+ "pm": "test/sp2.dts"
+ }
+
+ ...
+}
+
+"""
+
+import getopt
+import json
+import os
+import re
+import sys
+import uuid
+
+with open(sys.argv[2],'r') as in_file:
+ data = json.load(in_file)
+json_file = os.path.abspath(sys.argv[2])
+json_dir = os.path.dirname(json_file)
+gen_file = sys.argv[1]
+out_dir = sys.argv[3][2:]
+dtb_dir = out_dir + "/fdts/"
+print(dtb_dir)
+
+with open(gen_file, 'w') as out_file:
+ for key in data.keys():
+
+ """
+ Append FDT_SOURCES
+ """
+ dts = os.path.join(json_dir, data[key]['pm'])
+ dtb = dtb_dir + os.path.basename(data[key]['pm'][:-1] + "b")
+ out_file.write("FDT_SOURCES += " + dts + "\n")
+
+ """
+ Update SPTOOL_ARGS
+ """
+ dst = out_dir + "/" + key + ".pkg"
+ src = [ json_dir + "/" + data[key]['image'] , dtb ]
+ out_file.write("SPTOOL_ARGS += -i " + ":".join(src) + " -o " + dst + "\n")
+
+ """
+ Extract uuid from partition manifest
+ """
+ pm_file = open(dts)
+ key = "uuid"
+
+ for line in pm_file:
+ if key in line:
+ uuid_hex = re.findall(r'\<(.+?)\>', line)[0];
+
+ # PM has uuid in format 0xABC... 0x... 0x... 0x...
+ # Get rid of '0x' and spaces and convert to string of hex digits
+ uuid_hex = uuid_hex.replace('0x','').replace(' ','')
+ # make UUID from a string of hex digits
+ uuid_std = uuid.UUID(uuid_hex)
+ # convert UUID to a string of hex digits in standard form
+ uuid_std = str(uuid_std)
+
+ """
+ Append FIP_ARGS
+ """
+ out_file.write("FIP_ARGS += --blob uuid=" + uuid_std + ",file=" + dst + "\n")
+ out_file.write("\n")