Merge changes from topic "jc/refact_Makefile" into integration
* changes:
refactor(build): move SVE_VECTOR_LEN flag to add_defines section
refactor(build): cleanup Makefile to handle build flags precisely
diff --git a/Makefile b/Makefile
index 3ac31a5..03f9320 100644
--- a/Makefile
+++ b/Makefile
@@ -74,37 +74,85 @@
${INC_DRV_DIRS_TO_CHECK} \
${INC_ARM_DIRS_TO_CHECK}
-
################################################################################
# Process build options
################################################################################
# Verbose flag
ifeq (${V},0)
- Q:=@
- ECHO:=@echo
- CHECKCODE_ARGS += --no-summary --terse
+ Q:=@
+ ECHO:=@echo
+ CHECKCODE_ARGS += --no-summary --terse
else
- Q:=
- ECHO:=$(ECHO_QUIET)
+ Q:=
+ ECHO:=$(ECHO_QUIET)
endif
ifneq ($(findstring s,$(filter-out --%,$(MAKEFLAGS))),)
- Q:=@
- ECHO:=$(ECHO_QUIET)
+ Q:=@
+ ECHO:=$(ECHO_QUIET)
endif
export Q ECHO
-# The cert_create tool cannot generate certificates individually, so we use the
-# target 'certificates' to create them all
-ifneq (${GENERATE_COT},0)
- FIP_DEPS += certificates
- FWU_FIP_DEPS += fwu_certificates
+################################################################################
+# Toolchain
+################################################################################
+
+HOSTCC := gcc
+export HOSTCC
+
+CC := ${CROSS_COMPILE}gcc
+CPP := ${CROSS_COMPILE}cpp
+AS := ${CROSS_COMPILE}gcc
+AR := ${CROSS_COMPILE}ar
+LINKER := ${CROSS_COMPILE}ld
+OC := ${CROSS_COMPILE}objcopy
+OD := ${CROSS_COMPILE}objdump
+NM := ${CROSS_COMPILE}nm
+PP := ${CROSS_COMPILE}gcc -E
+DTC := dtc
+
+# Use ${LD}.bfd instead if it exists (as absolute path or together with $PATH).
+ifneq ($(strip $(wildcard ${LD}.bfd) \
+ $(foreach dir,$(subst :, ,${PATH}),$(wildcard ${dir}/${LINKER}.bfd))),)
+LINKER := ${LINKER}.bfd
endif
+################################################################################
+# Auxiliary tools (fiptool, cert_create, etc)
+################################################################################
+
+# Variables for use with Certificate Generation Tool
+CRTTOOLPATH ?= tools/cert_create
+CRTTOOL ?= ${CRTTOOLPATH}/cert_create${BIN_EXT}
+
+# Variables for use with Firmware Encryption Tool
+ENCTOOLPATH ?= tools/encrypt_fw
+ENCTOOL ?= ${ENCTOOLPATH}/encrypt_fw${BIN_EXT}
+
+# Variables for use with Firmware Image Package
+FIPTOOLPATH ?= tools/fiptool
+FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
+
+# Variables for use with sptool
+SPTOOLPATH ?= tools/sptool
+SPTOOL ?= ${SPTOOLPATH}/sptool.py
+SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
+
+# Variables for use with ROMLIB
+ROMLIBPATH ?= lib/romlib
+
+# Variable for use with Python
+PYTHON ?= python3
+
+# Variables for use with documentation build using Sphinx tool
+DOCS_PATH ?= docs
+
+################################################################################
# Process BRANCH_PROTECTION value and set
# Pointer Authentication and Branch Target Identification flags
+################################################################################
ifeq (${BRANCH_PROTECTION},0)
# Default value turns off all types of branch protection
BP_OPTION := none
@@ -129,151 +177,111 @@
ENABLE_BTI := 1
else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
-endif
+endif #(BRANCH_PROTECTION)
+################################################################################
+# RME dependent flags configuration
+################################################################################
# FEAT_RME
ifeq (${ENABLE_RME},1)
-# RME doesn't support PIE
-ifneq (${ENABLE_PIE},0)
- $(error ENABLE_RME does not support PIE)
-endif
-# RME doesn't support BRBE
-ifneq (${ENABLE_BRBE_FOR_NS},0)
- $(error ENABLE_RME does not support BRBE.)
-endif
-# RME requires AARCH64
-ifneq (${ARCH},aarch64)
- $(error ENABLE_RME requires AArch64)
-endif
-# RME requires el2 context to be saved for now.
-CTX_INCLUDE_EL2_REGS := 1
-CTX_INCLUDE_AARCH32_REGS := 0
-ARM_ARCH_MAJOR := 8
-ARM_ARCH_MINOR := 5
-ENABLE_FEAT_ECV = 1
-ENABLE_FEAT_FGT = 1
-CTX_INCLUDE_PAUTH_REGS := 1
-# RME enables CSV2_2 extension by default.
-ENABLE_FEAT_CSV2_2 = 1
+ # RME doesn't support PIE
+ ifneq (${ENABLE_PIE},0)
+ $(error ENABLE_RME does not support PIE)
+ endif
-endif
+ # RME doesn't support BRBE
+ ifneq (${ENABLE_BRBE_FOR_NS},0)
+ $(error ENABLE_RME does not support BRBE.)
+ endif
-# USE_SPINLOCK_CAS requires AArch64 build
-ifeq (${USE_SPINLOCK_CAS},1)
-ifneq (${ARCH},aarch64)
- $(error USE_SPINLOCK_CAS requires AArch64)
-endif
-endif
+ # RME requires AARCH64
+ ifneq (${ARCH},aarch64)
+ $(error ENABLE_RME requires AArch64)
+ endif
-# USE_DEBUGFS experimental feature recommended only in debug builds
-ifeq (${USE_DEBUGFS},1)
-ifeq (${DEBUG},1)
- $(warning DEBUGFS experimental feature is enabled.)
-else
- $(warning DEBUGFS experimental, recommended in DEBUG builds ONLY)
-endif
-endif
+ # RME requires el2 context to be saved for now.
+ CTX_INCLUDE_EL2_REGS := 1
+ CTX_INCLUDE_AARCH32_REGS := 0
+ ARM_ARCH_MAJOR := 8
+ ARM_ARCH_MINOR := 5
+ ENABLE_FEAT_ECV = 1
+ ENABLE_FEAT_FGT = 1
+ CTX_INCLUDE_PAUTH_REGS := 1
-ifneq (${DECRYPTION_SUPPORT},none)
-ENC_ARGS += -f ${FW_ENC_STATUS}
-ENC_ARGS += -k ${ENC_KEY}
-ENC_ARGS += -n ${ENC_NONCE}
-FIP_DEPS += enctool
-FWU_FIP_DEPS += enctool
-endif
+ # RME enables CSV2_2 extension by default.
+ ENABLE_FEAT_CSV2_2 = 1
+endif #(FEAT_RME)
################################################################################
-# Toolchain
+# Compiler Configuration based on ARCH_MAJOR and ARCH_MINOR flags
################################################################################
-
-HOSTCC := gcc
-export HOSTCC
-
-CC := ${CROSS_COMPILE}gcc
-CPP := ${CROSS_COMPILE}cpp
-AS := ${CROSS_COMPILE}gcc
-AR := ${CROSS_COMPILE}ar
-LINKER := ${CROSS_COMPILE}ld
-OC := ${CROSS_COMPILE}objcopy
-OD := ${CROSS_COMPILE}objdump
-NM := ${CROSS_COMPILE}nm
-PP := ${CROSS_COMPILE}gcc -E
-DTC := dtc
-
-# Use ${LD}.bfd instead if it exists (as absolute path or together with $PATH).
-ifneq ($(strip $(wildcard ${LD}.bfd) \
- $(foreach dir,$(subst :, ,${PATH}),$(wildcard ${dir}/${LINKER}.bfd))),)
-LINKER := ${LINKER}.bfd
-endif
-
ifeq (${ARM_ARCH_MAJOR},7)
-target32-directive = -target arm-none-eabi
+ target32-directive = -target arm-none-eabi
# Will set march32-directive from platform configuration
else
-target32-directive = -target armv8a-none-eabi
+ target32-directive = -target armv8a-none-eabi
# Set the compiler's target architecture profile based on
# ARM_ARCH_MAJOR ARM_ARCH_MINOR options
-ifeq (${ARM_ARCH_MINOR},0)
-march32-directive = -march=armv${ARM_ARCH_MAJOR}-a
-march64-directive = -march=armv${ARM_ARCH_MAJOR}-a
-else
-march32-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
-march64-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
-endif
-endif
+ ifeq (${ARM_ARCH_MINOR},0)
+ march32-directive = -march=armv${ARM_ARCH_MAJOR}-a
+ march64-directive = -march=armv${ARM_ARCH_MAJOR}-a
+ else
+ march32-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
+ march64-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
+ endif #(ARM_ARCH_MINOR)
+endif #(ARM_ARCH_MAJOR)
+
+################################################################################
+# Get Architecture Feature Modifiers
+################################################################################
+arch-features = ${ARM_ARCH_FEATURE}
+
+####################################################
+# Enable required options for Memory Stack Tagging.
+####################################################
# Memory tagging is supported in architecture Armv8.5-A AArch64 and onwards
ifeq ($(ARCH), aarch64)
-# Check if revision is greater than or equal to 8.5
-ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-mem_tag_arch_support = yes
-endif
-endif
-
-# Get architecture feature modifiers
-arch-features = ${ARM_ARCH_FEATURE}
+ # Check if revision is greater than or equal to 8.5
+ ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ mem_tag_arch_support = yes
+ endif
+endif #(ARCH=aarch64)
-# Enable required options for memory stack tagging.
# Currently, these options are enabled only for clang and armclang compiler.
ifeq (${SUPPORT_STACK_MEMTAG},yes)
-ifdef mem_tag_arch_support
-# Check for armclang and clang compilers
-ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
-# Add "memtag" architecture feature modifier if not specified
-ifeq ( ,$(findstring memtag,$(arch-features)))
-arch-features := $(arch-features)+memtag
-endif # memtag
-ifeq ($(notdir $(CC)),armclang)
-TF_CFLAGS += -mmemtag-stack
-else ifeq ($(notdir $(CC)),clang)
-TF_CFLAGS += -fsanitize=memtag
-endif # armclang
-endif # armclang clang
-else
-$(error "Error: stack memory tagging is not supported for architecture \
- ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
-endif # mem_tag_arch_support
-endif # SUPPORT_STACK_MEMTAG
+ ifdef mem_tag_arch_support
+ # Check for armclang and clang compilers
+ ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
+ # Add "memtag" architecture feature modifier if not specified
+ ifeq ( ,$(findstring memtag,$(arch-features)))
+ arch-features := $(arch-features)+memtag
+ endif # memtag
+ ifeq ($(notdir $(CC)),armclang)
+ TF_CFLAGS += -mmemtag-stack
+ else ifeq ($(notdir $(CC)),clang)
+ TF_CFLAGS += -fsanitize=memtag
+ endif # armclang
+ endif
+ else
+ $(error "Error: stack memory tagging is not supported for \
+ architecture ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
+ endif #(mem_tag_arch_support)
+endif #(SUPPORT_STACK_MEMTAG)
# Set the compiler's architecture feature modifiers
ifneq ($(arch-features), none)
-# Strip "none+" from arch-features
-arch-features := $(subst none+,,$(arch-features))
-ifeq ($(ARCH), aarch32)
-march32-directive := $(march32-directive)+$(arch-features)
-else
-march64-directive := $(march64-directive)+$(arch-features)
-endif
+ # Strip "none+" from arch-features
+ arch-features := $(subst none+,,$(arch-features))
+ ifeq ($(ARCH), aarch32)
+ march32-directive := $(march32-directive)+$(arch-features)
+ else
+ march64-directive := $(march64-directive)+$(arch-features)
+ endif
# Print features
-$(info Arm Architecture Features specified: $(subst +, ,$(arch-features)))
-endif # arch-features
-
-# Determine if FEAT_RNG is supported
-ENABLE_FEAT_RNG = $(if $(findstring rng,${arch-features}),1,0)
-
-# Determine if FEAT_SB is supported
-ENABLE_FEAT_SB = $(if $(findstring sb,${arch-features}),1,0)
+ $(info Arm Architecture Features specified: $(subst +, ,$(arch-features)))
+endif #(arch-features)
ifneq ($(findstring clang,$(notdir $(CC))),)
ifneq ($(findstring armclang,$(notdir $(CC))),)
@@ -294,62 +302,65 @@
PP := $(CC) -E $(TF_CFLAGS_$(ARCH))
AS := $(CC) -c -x assembler-with-cpp $(TF_CFLAGS_$(ARCH))
else ifneq ($(findstring gcc,$(notdir $(CC))),)
-TF_CFLAGS_aarch32 = $(march32-directive)
-TF_CFLAGS_aarch64 = $(march64-directive)
-ifeq ($(ENABLE_LTO),1)
- # Enable LTO only for aarch64
- ifeq (${ARCH},aarch64)
- LTO_CFLAGS = -flto
- # Use gcc as a wrapper for the ld, recommended for LTO
- LINKER := ${CROSS_COMPILE}gcc
+ TF_CFLAGS_aarch32 = $(march32-directive)
+ TF_CFLAGS_aarch64 = $(march64-directive)
+ ifeq ($(ENABLE_LTO),1)
+ # Enable LTO only for aarch64
+ ifeq (${ARCH},aarch64)
+ LTO_CFLAGS = -flto
+ # Use gcc as a wrapper for the ld, recommended for LTO
+ LINKER := ${CROSS_COMPILE}gcc
+ endif
endif
-endif
-LD = $(LINKER)
+ LD = $(LINKER)
else
-TF_CFLAGS_aarch32 = $(march32-directive)
-TF_CFLAGS_aarch64 = $(march64-directive)
-LD = $(LINKER)
-endif
+ TF_CFLAGS_aarch32 = $(march32-directive)
+ TF_CFLAGS_aarch64 = $(march64-directive)
+ LD = $(LINKER)
+endif #(clang)
# Process Debug flag
$(eval $(call add_define,DEBUG))
ifneq (${DEBUG}, 0)
- BUILD_TYPE := debug
- TF_CFLAGS += -g -gdwarf-4
- ASFLAGS += -g -Wa,-gdwarf-4
+ BUILD_TYPE := debug
+ TF_CFLAGS += -g -gdwarf-4
+ ASFLAGS += -g -Wa,-gdwarf-4
- # Use LOG_LEVEL_INFO by default for debug builds
- LOG_LEVEL := 40
+ # Use LOG_LEVEL_INFO by default for debug builds
+ LOG_LEVEL := 40
else
- BUILD_TYPE := release
- # Use LOG_LEVEL_NOTICE by default for release builds
- LOG_LEVEL := 20
-endif
+ BUILD_TYPE := release
+ # Use LOG_LEVEL_NOTICE by default for release builds
+ LOG_LEVEL := 20
+endif #(Debug)
# Default build string (git branch and commit)
ifeq (${BUILD_STRING},)
- BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null)
+ BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null)
endif
VERSION_STRING := v${VERSION}(${BUILD_TYPE}):${BUILD_STRING}
ifeq (${AARCH32_INSTRUCTION_SET},A32)
-TF_CFLAGS_aarch32 += -marm
+ TF_CFLAGS_aarch32 += -marm
else ifeq (${AARCH32_INSTRUCTION_SET},T32)
-TF_CFLAGS_aarch32 += -mthumb
+ TF_CFLAGS_aarch32 += -mthumb
else
-$(error Error: Unknown AArch32 instruction set ${AARCH32_INSTRUCTION_SET})
-endif
+ $(error Error: Unknown AArch32 instruction set ${AARCH32_INSTRUCTION_SET})
+endif #(AARCH32_INSTRUCTION_SET)
TF_CFLAGS_aarch32 += -mno-unaligned-access
TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align
ifneq (${BP_OPTION},none)
-TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
-endif
+ TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
+endif #(BP_OPTION)
ASFLAGS_aarch32 = $(march32-directive)
ASFLAGS_aarch64 = $(march64-directive)
+##############################################################################
+# WARNINGS Configuration
+###############################################################################
# General warnings
WARNINGS := -Wall -Wmissing-include-dirs -Wunused \
-Wdisabled-optimization -Wvla -Wshadow \
@@ -395,18 +406,18 @@
# outside of the contributor's control. Don't fail the build on them so warnings
# can be seen and hopefully addressed
ifdef W
-ifneq (${W},0)
-E ?= 0
-endif
+ ifneq (${W},0)
+ E ?= 0
+ endif
endif
ifeq (${W},1)
-WARNINGS += $(WARNING1)
+ WARNINGS += $(WARNING1)
else ifeq (${W},2)
-WARNINGS += $(WARNING1) $(WARNING2)
+ WARNINGS += $(WARNING1) $(WARNING2)
else ifeq (${W},3)
-WARNINGS += $(WARNING1) $(WARNING2) $(WARNING3)
-endif
+ WARNINGS += $(WARNING1) $(WARNING2) $(WARNING3)
+endif #(W)
# Compiler specific warnings
ifeq ($(findstring clang,$(notdir $(CC))),)
@@ -422,12 +433,15 @@
# using clang
WARNINGS += -Wshift-overflow -Wshift-sign-overflow \
-Wlogical-op-parentheses
-endif
+endif #(Clang Warning)
ifneq (${E},0)
-ERRORS := -Werror
-endif
+ ERRORS := -Werror
+endif #(E)
+################################################################################
+# Compiler and Linker Directives
+################################################################################
CPPFLAGS = ${DEFINES} ${INCLUDES} ${MBEDTLS_INC} -nostdinc \
$(ERRORS) $(WARNINGS)
ASFLAGS += $(CPPFLAGS) $(ASFLAGS_$(ARCH)) \
@@ -437,15 +451,14 @@
-ffreestanding -fno-builtin -fno-common \
-Os -std=gnu99
-$(eval $(call add_define,SVE_VECTOR_LEN))
-
ifeq (${SANITIZE_UB},on)
-TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover
-endif
+ TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover
+endif #(${SANITIZE_UB},on)
+
ifeq (${SANITIZE_UB},trap)
-TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover \
+ TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover \
-fsanitize-undefined-trap-on-error
-endif
+endif #(${SANITIZE_UB},trap)
GCC_V_OUTPUT := $(shell $(CC) -v 2>&1)
@@ -453,51 +466,53 @@
# LD = armlink
ifneq ($(findstring armlink,$(notdir $(LD))),)
-TF_LDFLAGS += --diag_error=warning --lto_level=O1
-TF_LDFLAGS += --remove --info=unused,unusedsymbols
-TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
+ TF_LDFLAGS += --diag_error=warning --lto_level=O1
+ TF_LDFLAGS += --remove --info=unused,unusedsymbols
+ TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
# LD = gcc (used when GCC LTO is enabled)
else ifneq ($(findstring gcc,$(notdir $(LD))),)
-# Pass ld options with Wl or Xlinker switches
-TF_LDFLAGS += -Wl,--fatal-warnings -O1
-TF_LDFLAGS += -Wl,--gc-sections
+ # Pass ld options with Wl or Xlinker switches
+ TF_LDFLAGS += -Wl,--fatal-warnings -O1
+ TF_LDFLAGS += -Wl,--gc-sections
-TF_LDFLAGS += -Wl,-z,common-page-size=4096 # Configure page size constants
-TF_LDFLAGS += -Wl,-z,max-page-size=4096
+ TF_LDFLAGS += -Wl,-z,common-page-size=4096 #Configure page size constants
+ TF_LDFLAGS += -Wl,-z,max-page-size=4096
-ifeq ($(ENABLE_LTO),1)
- ifeq (${ARCH},aarch64)
- TF_LDFLAGS += -flto -fuse-linker-plugin
- endif
-endif
+ ifeq ($(ENABLE_LTO),1)
+ ifeq (${ARCH},aarch64)
+ TF_LDFLAGS += -flto -fuse-linker-plugin
+ endif
+ endif #(ENABLE_LTO)
+
# GCC automatically adds fix-cortex-a53-843419 flag when used to link
# which breaks some builds, so disable if errata fix is not explicitly enabled
-ifneq (${ERRATA_A53_843419},1)
- TF_LDFLAGS += -mno-fix-cortex-a53-843419
-endif
-TF_LDFLAGS += -nostdlib
-TF_LDFLAGS += $(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
+ ifneq (${ERRATA_A53_843419},1)
+ TF_LDFLAGS += -mno-fix-cortex-a53-843419
+ endif
+ TF_LDFLAGS += -nostdlib
+ TF_LDFLAGS += $(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
# LD = gcc-ld (ld) or llvm-ld (ld.lld) or other
else
# With ld.bfd version 2.39 and newer new warnings are added. Skip those since we
# are not loaded by a elf loader.
-TF_LDFLAGS += $(call ld_option, --no-warn-rwx-segments)
-TF_LDFLAGS += -O1
-TF_LDFLAGS += --gc-sections
+ TF_LDFLAGS += $(call ld_option, --no-warn-rwx-segments)
+ TF_LDFLAGS += -O1
+ TF_LDFLAGS += --gc-sections
-TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
-TF_LDFLAGS += -z max-page-size=4096
+ TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
+ TF_LDFLAGS += -z max-page-size=4096
# ld.lld doesn't recognize the errata flags,
# therefore don't add those in that case.
# ld.lld reports section type mismatch warnings,
# therefore don't add --fatal-warnings to it.
-ifeq ($(findstring ld.lld,$(notdir $(LD))),)
-TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH)) --fatal-warnings
-endif
-endif
+ ifeq ($(findstring ld.lld,$(notdir $(LD))),)
+ TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH)) --fatal-warnings
+ endif
+
+endif #(LD = armlink)
DTC_FLAGS += -I dts -O dtb
DTC_CPPFLAGS += -P -nostdinc -Iinclude -Ifdts -undef \
@@ -525,15 +540,15 @@
ifeq (${ENABLE_PAUTH}, 1)
# arm/common/aarch64/arm_pauth.c contains a sample platform hook to complete the
# Pauth support. As it's not secure, it must be reimplemented for real platforms
-BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
+ BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
endif
ifeq ($(notdir $(CC)),armclang)
-BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
+ BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
endif
ifeq (${SANITIZE_UB},on)
-BL_COMMON_SOURCES += plat/common/ubsan.c
+ BL_COMMON_SOURCES += plat/common/ubsan.c
endif
INCLUDES += -Iinclude \
@@ -548,7 +563,6 @@
################################################################################
# Generic definitions
################################################################################
-
include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk
ifeq (${BUILD_BASE},)
@@ -561,96 +575,97 @@
# Platforms providing their own TBB makefile may override this value
INCLUDE_TBBR_MK := 1
-
################################################################################
# Include SPD Makefile if one has been specified
################################################################################
ifneq (${SPD},none)
- ifeq (${ARCH},aarch32)
- $(error "Error: SPD is incompatible with AArch32.")
- endif
+ ifeq (${ARCH},aarch32)
+ $(error "Error: SPD is incompatible with AArch32.")
+ endif
- ifdef EL3_PAYLOAD_BASE
- $(warning "SPD and EL3_PAYLOAD_BASE are incompatible build options.")
- $(warning "The SPD and its BL32 companion will be present but ignored.")
- endif
+ ifdef EL3_PAYLOAD_BASE
+ $(warning "SPD and EL3_PAYLOAD_BASE are incompatible build options.")
+ $(warning "The SPD and its BL32 companion will be present but \
+ ignored.")
+ endif
- ifeq (${SPD},spmd)
- # SPMD is located in std_svc directory
- SPD_DIR := std_svc
+ ifeq (${SPD},spmd)
+ # SPMD is located in std_svc directory
+ SPD_DIR := std_svc
- ifeq ($(SPMD_SPM_AT_SEL2),1)
- CTX_INCLUDE_EL2_REGS := 1
- ifeq ($(SPMC_AT_EL3),1)
- $(error SPM cannot be enabled in both S-EL2 and EL3.)
- endif
- endif
+ ifeq ($(SPMD_SPM_AT_SEL2),1)
+ CTX_INCLUDE_EL2_REGS := 1
+ ifeq ($(SPMC_AT_EL3),1)
+ $(error SPM cannot be enabled in both S-EL2 and EL3.)
+ endif
+ endif
- ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp)
- DTC_CPPFLAGS += -DOPTEE_SP_FW_CONFIG
- endif
+ ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp)
+ DTC_CPPFLAGS += -DOPTEE_SP_FW_CONFIG
+ endif
- ifeq ($(TS_SP_FW_CONFIG),1)
- DTC_CPPFLAGS += -DTS_SP_FW_CONFIG
- endif
+ ifeq ($(TS_SP_FW_CONFIG),1)
+ DTC_CPPFLAGS += -DTS_SP_FW_CONFIG
+ endif
- ifneq ($(ARM_BL2_SP_LIST_DTS),)
- DTC_CPPFLAGS += -DARM_BL2_SP_LIST_DTS=$(ARM_BL2_SP_LIST_DTS)
- endif
+ ifneq ($(ARM_BL2_SP_LIST_DTS),)
+ DTC_CPPFLAGS += -DARM_BL2_SP_LIST_DTS=$(ARM_BL2_SP_LIST_DTS)
+ endif
- ifneq ($(SP_LAYOUT_FILE),)
- BL2_ENABLE_SP_LOAD := 1
- endif
- else
- # All other SPDs in spd directory
- SPD_DIR := spd
- endif
+ ifneq ($(SP_LAYOUT_FILE),)
+ BL2_ENABLE_SP_LOAD := 1
+ endif
+ else
+ # All other SPDs in spd directory
+ SPD_DIR := spd
+ endif #(SPD)
- # We expect to locate an spd.mk under the specified SPD directory
- SPD_MAKE := $(wildcard services/${SPD_DIR}/${SPD}/${SPD}.mk)
+ # We expect to locate an spd.mk under the specified SPD directory
+ SPD_MAKE := $(wildcard services/${SPD_DIR}/${SPD}/${SPD}.mk)
- ifeq (${SPD_MAKE},)
- $(error Error: No services/${SPD_DIR}/${SPD}/${SPD}.mk located)
- endif
- $(info Including ${SPD_MAKE})
- include ${SPD_MAKE}
+ ifeq (${SPD_MAKE},)
+ $(error Error: No services/${SPD_DIR}/${SPD}/${SPD}.mk located)
+ endif
+ $(info Including ${SPD_MAKE})
+ include ${SPD_MAKE}
- # If there's BL32 companion for the chosen SPD, we expect that the SPD's
- # Makefile would set NEED_BL32 to "yes". In this case, the build system
- # supports two mutually exclusive options:
- # * BL32 is built from source: then BL32_SOURCES must contain the list
- # of source files to build BL32
- # * BL32 is a prebuilt binary: then BL32 must point to the image file
- # that will be included in the FIP
- # If both BL32_SOURCES and BL32 are defined, the binary takes precedence
- # over the sources.
-endif
+ # If there's BL32 companion for the chosen SPD, we expect that the SPD's
+ # Makefile would set NEED_BL32 to "yes". In this case, the build system
+ # supports two mutually exclusive options:
+ # * BL32 is built from source: then BL32_SOURCES must contain the list
+ # of source files to build BL32
+ # * BL32 is a prebuilt binary: then BL32 must point to the image file
+ # that will be included in the FIP
+ # If both BL32_SOURCES and BL32 are defined, the binary takes precedence
+ # over the sources.
+endif #(SPD=none)
ifeq (${CTX_INCLUDE_EL2_REGS}, 1)
-ifeq (${SPD},none)
-ifeq (${ENABLE_RME},0)
- $(error CTX_INCLUDE_EL2_REGS is available only when SPD or RME is enabled)
-endif
-endif
+ ifeq (${SPD},none)
+ ifeq (${ENABLE_RME},0)
+ $(error CTX_INCLUDE_EL2_REGS is available only when SPD \
+ or RME is enabled)
+ endif
+ endif
endif
################################################################################
# Include rmmd Makefile if RME is enabled
################################################################################
-
ifneq (${ENABLE_RME},0)
-ifneq (${ARCH},aarch64)
- $(error ENABLE_RME requires AArch64)
-endif
-ifeq ($(SPMC_AT_EL3),1)
- $(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.)
-endif
-ifneq (${SPD}, none)
-ifneq (${SPD}, spmd)
- $(error ENABLE_RME is incompatible with SPD=${SPD}. Use SPD=spmd)
-endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error ENABLE_RME requires AArch64)
+ endif
+ ifeq ($(SPMC_AT_EL3),1)
+ $(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.)
+ endif
+
+ ifneq (${SPD}, none)
+ ifneq (${SPD}, spmd)
+ $(error ENABLE_RME is incompatible with SPD=${SPD}. Use SPD=spmd)
+ endif
+ endif
include services/std_svc/rmmd/rmmd.mk
$(warning "RME is an experimental feature")
endif
@@ -669,9 +684,10 @@
ifeq (${RESET_TO_BL2},1)
BL2_RUNS_AT_EL3 := 1
- ifeq (${ENABLE_RME},1)
- $(error RESET_TO_BL2=1 and ENABLE_RME=1 configuration is not supported at the moment.)
- endif
+ ifeq (${ENABLE_RME},1)
+ $(error RESET_TO_BL2=1 and ENABLE_RME=1 configuration is not \
+ supported at the moment.)
+ endif
else ifeq (${ENABLE_RME},1)
BL2_RUNS_AT_EL3 := 1
else
@@ -690,7 +706,7 @@
ifneq ($(findstring gcc,$(notdir $(LD))),)
TF_LDFLAGS += -no-pie
endif
-endif
+endif #(PIE_FOUND)
ifneq ($(findstring gcc,$(notdir $(LD))),)
PIE_LDFLAGS += -Wl,-pie -Wl,--no-dynamic-linker
@@ -699,13 +715,13 @@
endif
ifeq ($(ENABLE_PIE),1)
-ifeq ($(RESET_TO_BL2),1)
-ifneq ($(BL2_IN_XIP_MEM),1)
- BL2_CPPFLAGS += -fpie
- BL2_CFLAGS += -fpie
- BL2_LDFLAGS += $(PIE_LDFLAGS)
-endif
-endif
+ ifeq ($(RESET_TO_BL2),1)
+ ifneq ($(BL2_IN_XIP_MEM),1)
+ BL2_CPPFLAGS += -fpie
+ BL2_CFLAGS += -fpie
+ BL2_LDFLAGS += $(PIE_LDFLAGS)
+ endif #(BL2_IN_XIP_MEM)
+ endif #(RESET_TO_BL2)
BL31_CPPFLAGS += -fpie
BL31_CFLAGS += -fpie
BL31_LDFLAGS += $(PIE_LDFLAGS)
@@ -713,7 +729,7 @@
BL32_CPPFLAGS += -fpie
BL32_CFLAGS += -fpie
BL32_LDFLAGS += $(PIE_LDFLAGS)
-endif
+endif #(ENABLE_PIE)
BL1_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
BL31_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
@@ -721,17 +737,17 @@
BL1_CPPFLAGS += -DIMAGE_AT_EL3
ifeq ($(RESET_TO_BL2),1)
-BL2_CPPFLAGS += -DIMAGE_AT_EL3
+ BL2_CPPFLAGS += -DIMAGE_AT_EL3
else
-BL2_CPPFLAGS += -DIMAGE_AT_EL1
-endif
+ BL2_CPPFLAGS += -DIMAGE_AT_EL1
+endif #(RESET_TO_BL2)
ifeq (${ARCH},aarch64)
-BL2U_CPPFLAGS += -DIMAGE_AT_EL1
-BL31_CPPFLAGS += -DIMAGE_AT_EL3
-BL32_CPPFLAGS += -DIMAGE_AT_EL1
+ BL2U_CPPFLAGS += -DIMAGE_AT_EL1
+ BL31_CPPFLAGS += -DIMAGE_AT_EL3
+ BL32_CPPFLAGS += -DIMAGE_AT_EL1
else
-BL32_CPPFLAGS += -DIMAGE_AT_EL3
+ BL32_CPPFLAGS += -DIMAGE_AT_EL3
endif
# Include the CPU specific operations makefile, which provides default
@@ -739,25 +755,23 @@
# This can be overridden by the platform.
include lib/cpus/cpu-ops.mk
-ifeq (${ARCH},aarch32)
-NEED_BL32 := yes
-
################################################################################
# Build `AARCH32_SP` as BL32 image for AArch32
################################################################################
-ifneq (${AARCH32_SP},none)
-# We expect to locate an sp.mk under the specified AARCH32_SP directory
-AARCH32_SP_MAKE := $(wildcard bl32/${AARCH32_SP}/${AARCH32_SP}.mk)
-
-ifeq (${AARCH32_SP_MAKE},)
- $(error Error: No bl32/${AARCH32_SP}/${AARCH32_SP}.mk located)
-endif
+ifeq (${ARCH},aarch32)
+ NEED_BL32 := yes
-$(info Including ${AARCH32_SP_MAKE})
-include ${AARCH32_SP_MAKE}
-endif
+ ifneq (${AARCH32_SP},none)
+ # We expect to locate an sp.mk under the specified AARCH32_SP directory
+ AARCH32_SP_MAKE := $(wildcard bl32/${AARCH32_SP}/${AARCH32_SP}.mk)
-endif
+ ifeq (${AARCH32_SP_MAKE},)
+ $(error Error: No bl32/${AARCH32_SP}/${AARCH32_SP}.mk located)
+ endif
+ $(info Including ${AARCH32_SP_MAKE})
+ include ${AARCH32_SP_MAKE}
+ endif
+endif #(ARCH=aarch32)
################################################################################
# Include libc if not overridden
@@ -767,226 +781,272 @@
endif
################################################################################
-# Check incompatible options
+# Check incompatible options and dependencies
################################################################################
-ifdef EL3_PAYLOAD_BASE
- ifdef PRELOADED_BL33_BASE
- $(warning "PRELOADED_BL33_BASE and EL3_PAYLOAD_BASE are \
- incompatible build options. EL3_PAYLOAD_BASE has priority.")
- endif
- ifneq (${GENERATE_COT},0)
- $(error "GENERATE_COT and EL3_PAYLOAD_BASE are incompatible build options.")
+# USE_DEBUGFS experimental feature recommended only in debug builds
+ifeq (${USE_DEBUGFS},1)
+ ifeq (${DEBUG},1)
+ $(warning DEBUGFS experimental feature is enabled.)
+ else
+ $(warning DEBUGFS experimental, recommended in DEBUG builds ONLY)
endif
- ifneq (${TRUSTED_BOARD_BOOT},0)
- $(error "TRUSTED_BOARD_BOOT and EL3_PAYLOAD_BASE are incompatible build options.")
+endif #(USE_DEBUGFS)
+
+# USE_SPINLOCK_CAS requires AArch64 build
+ifeq (${USE_SPINLOCK_CAS},1)
+ ifneq (${ARCH},aarch64)
+ $(error USE_SPINLOCK_CAS requires AArch64)
endif
+endif #(USE_SPINLOCK_CAS)
+
+# The cert_create tool cannot generate certificates individually, so we use the
+# target 'certificates' to create them all
+ifneq (${GENERATE_COT},0)
+ FIP_DEPS += certificates
+ FWU_FIP_DEPS += fwu_certificates
endif
+ifneq (${DECRYPTION_SUPPORT},none)
+ ENC_ARGS += -f ${FW_ENC_STATUS}
+ ENC_ARGS += -k ${ENC_KEY}
+ ENC_ARGS += -n ${ENC_NONCE}
+ FIP_DEPS += enctool
+ FWU_FIP_DEPS += enctool
+endif #(DECRYPTION_SUPPORT)
+
+ifdef EL3_PAYLOAD_BASE
+ ifdef PRELOADED_BL33_BASE
+ $(warning "PRELOADED_BL33_BASE and EL3_PAYLOAD_BASE are \
+ incompatible build options. EL3_PAYLOAD_BASE has priority.")
+ endif
+ ifneq (${GENERATE_COT},0)
+ $(error "GENERATE_COT and EL3_PAYLOAD_BASE are incompatible \
+ build options.")
+ endif
+ ifneq (${TRUSTED_BOARD_BOOT},0)
+ $(error "TRUSTED_BOARD_BOOT and EL3_PAYLOAD_BASE are \
+ incompatible \ build options.")
+ endif
+endif #(EL3_PAYLOAD_BASE)
+
ifeq (${NEED_BL33},yes)
- ifdef EL3_PAYLOAD_BASE
+ ifdef EL3_PAYLOAD_BASE
$(warning "BL33 image is not needed when option \
BL33_PAYLOAD_BASE is used and won't be added to the FIP file.")
- endif
- ifdef PRELOADED_BL33_BASE
+ endif
+ ifdef PRELOADED_BL33_BASE
$(warning "BL33 image is not needed when option \
- PRELOADED_BL33_BASE is used and won't be added to the FIP \
- file.")
- endif
-endif
+ PRELOADED_BL33_BASE is used and won't be added to the FIP file.")
+ endif
+endif #(NEED_BL33)
# When building for systems with hardware-assisted coherency, there's no need to
# use USE_COHERENT_MEM. Require that USE_COHERENT_MEM must be set to 0 too.
ifeq ($(HW_ASSISTED_COHERENCY)-$(USE_COHERENT_MEM),1-1)
-$(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
+ $(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
endif
#For now, BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is 1.
ifeq ($(RESET_TO_BL2)-$(BL2_IN_XIP_MEM),0-1)
-$(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
+ $(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
endif
# RAS_EXTENSION is deprecated, provide alternate build options
ifeq ($(RAS_EXTENSION),1)
- $(error "RAS_EXTENSION is now deprecated, please use ENABLE_FEAT_RAS and RAS_FFH_SUPPORT instead")
+ $(error "RAS_EXTENSION is now deprecated, please use ENABLE_FEAT_RAS \
+ and RAS_FFH_SUPPORT instead")
endif
+
# RAS firmware first handling requires that EAs are handled in EL3 first
ifeq ($(RAS_FFH_SUPPORT),1)
- ifneq ($(ENABLE_FEAT_RAS),1)
- $(error For RAS_FFH_SUPPORT, ENABLE_FEAT_RAS must also be 1)
- endif
- ifneq ($(HANDLE_EA_EL3_FIRST_NS),1)
- $(error For RAS_FFH_SUPPORT, HANDLE_EA_EL3_FIRST_NS must also be 1)
- endif
-endif
+ ifneq ($(ENABLE_FEAT_RAS),1)
+ $(error For RAS_FFH_SUPPORT, ENABLE_FEAT_RAS must also be 1)
+ endif
+ ifneq ($(HANDLE_EA_EL3_FIRST_NS),1)
+ $(error For RAS_FFH_SUPPORT, HANDLE_EA_EL3_FIRST_NS must also be 1)
+ endif
+endif #(RAS_FFH_SUPPORT)
+
# When FAULT_INJECTION_SUPPORT is used, require that FEAT_RAS is enabled
ifeq ($(FAULT_INJECTION_SUPPORT),1)
- ifeq ($(ENABLE_FEAT_RAS),0)
- $(error For FAULT_INJECTION_SUPPORT, ENABLE_FEAT_RAS must not be 0)
- endif
-endif
+ ifeq ($(ENABLE_FEAT_RAS),0)
+ $(error For FAULT_INJECTION_SUPPORT, ENABLE_FEAT_RAS must not be 0)
+ endif
+endif #(FAULT_INJECTION_SUPPORT)
# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1
ifeq ($(DYN_DISABLE_AUTH), 1)
- ifeq (${TRUSTED_BOARD_BOOT}, 0)
- $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH to be set.")
- endif
-endif
+ ifeq (${TRUSTED_BOARD_BOOT}, 0)
+ $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH \
+ to be set.")
+ endif
+endif #(DYN_DISABLE_AUTH)
ifeq ($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT),1-1)
# Support authentication verification and hash calculation
- CRYPTO_SUPPORT := 3
+ CRYPTO_SUPPORT := 3
else ifeq ($(DRTM_SUPPORT)-$(TRUSTED_BOARD_BOOT),1-1)
# Support authentication verification and hash calculation
- CRYPTO_SUPPORT := 3
+ CRYPTO_SUPPORT := 3
else ifneq ($(filter 1,${MEASURED_BOOT} ${DRTM_SUPPORT}),)
# Support hash calculation only
- CRYPTO_SUPPORT := 2
+ CRYPTO_SUPPORT := 2
else ifeq (${TRUSTED_BOARD_BOOT},1)
# Support authentication verification only
- CRYPTO_SUPPORT := 1
+ CRYPTO_SUPPORT := 1
else
- CRYPTO_SUPPORT := 0
-endif
+ CRYPTO_SUPPORT := 0
+endif #($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT))
# SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled.
ifeq ($(SDEI_SUPPORT)-$(SDEI_IN_FCONF),0-1)
-$(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
+ $(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
endif
# If pointer authentication is used in the firmware, make sure that all the
# registers associated to it are also saved and restored.
# Not doing it would leak the value of the keys used by EL3 to EL1 and S-EL1.
ifeq ($(ENABLE_PAUTH),1)
- ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
- $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS=1)
- endif
-endif
+ ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
+ $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS=1)
+ endif
+endif #(ENABLE_PAUTH)
ifeq ($(CTX_INCLUDE_PAUTH_REGS),1)
- ifneq (${ARCH},aarch64)
- $(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
- endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
+ endif
+endif #(CTX_INCLUDE_PAUTH_REGS)
ifeq ($(CTX_INCLUDE_MTE_REGS),1)
- ifneq (${ARCH},aarch64)
- $(error CTX_INCLUDE_MTE_REGS requires AArch64)
- endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error CTX_INCLUDE_MTE_REGS requires AArch64)
+ endif
+endif #(CTX_INCLUDE_MTE_REGS)
ifeq ($(PSA_FWU_SUPPORT),1)
- $(info PSA_FWU_SUPPORT is an experimental feature)
-endif
+ $(info PSA_FWU_SUPPORT is an experimental feature)
+endif #(PSA_FWU_SUPPORT)
ifeq ($(FEATURE_DETECTION),1)
- $(info FEATURE_DETECTION is an experimental feature)
-endif
+ $(info FEATURE_DETECTION is an experimental feature)
+endif #(FEATURE_DETECTION)
ifneq ($(ENABLE_SME2_FOR_NS), 0)
- ifeq (${ENABLE_SME_FOR_NS}, 0)
- $(warning "ENABLE_SME2_FOR_NS requires ENABLE_SME_FOR_NS also to be set")
- $(warning "Forced ENABLE_SME_FOR_NS=1")
- override ENABLE_SME_FOR_NS := 1
- endif
-endif
+ ifeq (${ENABLE_SME_FOR_NS}, 0)
+ $(warning "ENABLE_SME2_FOR_NS requires ENABLE_SME_FOR_NS also \
+ to be set")
+ $(warning "Forced ENABLE_SME_FOR_NS=1")
+ override ENABLE_SME_FOR_NS := 1
+ endif
+endif #(ENABLE_SME2_FOR_NS)
ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1)
- ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
- $(error "ALLOW_RO_XLAT_TABLES requires translation tables library v2")
- endif
-endif
+ ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
+ $(error "ALLOW_RO_XLAT_TABLES requires translation tables \
+ library v2")
+ endif
+endif #(ARM_XLAT_TABLES_LIB_V1)
ifneq (${DECRYPTION_SUPPORT},none)
- ifeq (${TRUSTED_BOARD_BOOT}, 0)
- $(error TRUSTED_BOARD_BOOT must be enabled for DECRYPTION_SUPPORT to be set)
- endif
-endif
+ ifeq (${TRUSTED_BOARD_BOOT}, 0)
+ $(error TRUSTED_BOARD_BOOT must be enabled for DECRYPTION_SUPPORT \
+ to be set)
+ endif
+endif #(DECRYPTION_SUPPORT)
# Ensure that no Aarch64-only features are enabled in Aarch32 build
ifeq (${ARCH},aarch32)
- # SME/SVE only supported on AArch64
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ # SME/SVE only supported on AArch64
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- ifeq (${ENABLE_SVE_FOR_NS},1)
- # Warning instead of error due to CI dependency on this
- $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ ifeq (${ENABLE_SVE_FOR_NS},1)
+ # Warning instead of error due to CI dependency on this
+ $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- # BRBE is not supported in AArch32
- ifeq (${ENABLE_BRBE_FOR_NS},1)
- $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ # BRBE is not supported in AArch32
+ ifeq (${ENABLE_BRBE_FOR_NS},1)
+ $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- # FEAT_RNG_TRAP is not supported in AArch32
- ifeq (${ENABLE_FEAT_RNG_TRAP},1)
- $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
- endif
-endif
+ # FEAT_RNG_TRAP is not supported in AArch32
+ ifeq (${ENABLE_FEAT_RNG_TRAP},1)
+ $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
+ endif
+endif #(ARCH=aarch32)
# Ensure ENABLE_RME is not used with SME
ifeq (${ENABLE_RME},1)
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with ENABLE_RME")
- endif
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with ENABLE_RME")
+ endif
endif
ifneq (${ENABLE_SME_FOR_NS},0)
- ifeq (${ENABLE_SVE_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS requires ENABLE_SVE_FOR_NS")
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS requires ENABLE_SVE_FOR_NS")
+ endif
+endif #(ENABLE_SME_FOR_NS)
# Secure SME/SVE requires the non-secure component as well
ifeq (${ENABLE_SME_FOR_SWD},1)
- ifeq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_SWD requires ENABLE_SME_FOR_NS")
- endif
- ifeq (${ENABLE_SVE_FOR_SWD},0)
- $(error "ENABLE_SME_FOR_SWD requires ENABLE_SVE_FOR_SWD")
- endif
-endif
+ ifeq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_SWD requires ENABLE_SME_FOR_NS")
+ endif
+ ifeq (${ENABLE_SVE_FOR_SWD},0)
+ $(error "ENABLE_SME_FOR_SWD requires ENABLE_SVE_FOR_SWD")
+ endif
+endif #(ENABLE_SME_FOR_SWD)
+
ifeq (${ENABLE_SVE_FOR_SWD},1)
- ifeq (${ENABLE_SVE_FOR_NS},0)
- $(error "ENABLE_SVE_FOR_SWD requires ENABLE_SVE_FOR_NS")
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},0)
+ $(error "ENABLE_SVE_FOR_SWD requires ENABLE_SVE_FOR_NS")
+ endif
+endif #(ENABLE_SVE_FOR_SWD)
# SVE and SME cannot be used with CTX_INCLUDE_FPREGS since secure manager does
# its own context management including FPU registers.
ifeq (${CTX_INCLUDE_FPREGS},1)
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
- endif
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
+ endif
- ifeq (${ENABLE_SVE_FOR_NS},1)
- # Warning instead of error due to CI dependency on this
- $(warning "ENABLE_SVE_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
- $(warning "Forced ENABLE_SVE_FOR_NS=0")
- override ENABLE_SVE_FOR_NS := 0
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},1)
+ # Warning instead of error due to CI dependency on this
+ $(warning "ENABLE_SVE_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
+ $(warning "Forced ENABLE_SVE_FOR_NS=0")
+ override ENABLE_SVE_FOR_NS := 0
+ endif
+endif #(CTX_INCLUDE_FPREGS)
ifeq ($(DRTM_SUPPORT),1)
- $(info DRTM_SUPPORT is an experimental feature)
+ $(info DRTM_SUPPORT is an experimental feature)
endif
ifeq (${ENABLE_RME},1)
- ifneq (${SEPARATE_CODE_AND_RODATA},1)
- $(error `ENABLE_RME=1` requires `SEPARATE_CODE_AND_RODATA=1`)
- endif
+ ifneq (${SEPARATE_CODE_AND_RODATA},1)
+ $(error `ENABLE_RME=1` requires `SEPARATE_CODE_AND_RODATA=1`)
+ endif
endif
+# Determine if FEAT_RNG is supported
+ENABLE_FEAT_RNG = $(if $(findstring rng,${arch-features}),1,0)
+
+# Determine if FEAT_SB is supported
+ENABLE_FEAT_SB = $(if $(findstring sb,${arch-features}),1,0)
+
################################################################################
# Process platform overrideable behaviour
################################################################################
ifdef BL1_SOURCES
-NEED_BL1 := yes
-endif
+ NEED_BL1 := yes
+endif #(BL1_SOURCES)
ifdef BL2_SOURCES
NEED_BL2 := yes
@@ -994,64 +1054,64 @@
# Using BL2 implies that a BL33 image also needs to be supplied for the FIP and
# Certificate generation tools. This flag can be overridden by the platform.
ifdef EL3_PAYLOAD_BASE
- # If booting an EL3 payload there is no need for a BL33 image
- # in the FIP file.
- NEED_BL33 := no
- else
- ifdef PRELOADED_BL33_BASE
- # If booting a BL33 preloaded image there is no need of
- # another one in the FIP file.
- NEED_BL33 := no
- else
- NEED_BL33 ?= yes
- endif
- endif
-endif
+ # If booting an EL3 payload there is no need for a BL33 image
+ # in the FIP file.
+ NEED_BL33 := no
+ else
+ ifdef PRELOADED_BL33_BASE
+ # If booting a BL33 preloaded image there is no need of
+ # another one in the FIP file.
+ NEED_BL33 := no
+ else
+ NEED_BL33 ?= yes
+ endif
+ endif
+endif #(BL2_SOURCES)
ifdef BL2U_SOURCES
-NEED_BL2U := yes
-endif
+ NEED_BL2U := yes
+endif #(BL2U_SOURCES)
# If SCP_BL2 is given, we always want FIP to include it.
ifdef SCP_BL2
- NEED_SCP_BL2 := yes
-endif
+ NEED_SCP_BL2 := yes
+endif #(SCP_BL2)
# For AArch32, BL31 is not currently supported.
ifneq (${ARCH},aarch32)
- ifdef BL31_SOURCES
- # When booting an EL3 payload, there is no need to compile the BL31 image nor
- # put it in the FIP.
- ifndef EL3_PAYLOAD_BASE
- NEED_BL31 := yes
- endif
- endif
-endif
+ ifdef BL31_SOURCES
+ # When booting an EL3 payload, there is no need to compile the BL31
+ # image nor put it in the FIP.
+ ifndef EL3_PAYLOAD_BASE
+ NEED_BL31 := yes
+ endif
+ endif
+endif #(ARCH=aarch64)
# Process TBB related flags
ifneq (${GENERATE_COT},0)
- # Common cert_create options
- ifneq (${CREATE_KEYS},0)
+ # Common cert_create options
+ ifneq (${CREATE_KEYS},0)
$(eval CRT_ARGS += -n)
$(eval FWU_CRT_ARGS += -n)
- ifneq (${SAVE_KEYS},0)
+ ifneq (${SAVE_KEYS},0)
$(eval CRT_ARGS += -k)
$(eval FWU_CRT_ARGS += -k)
- endif
- endif
- # Include TBBR makefile (unless the platform indicates otherwise)
- ifeq (${INCLUDE_TBBR_MK},1)
+ endif
+ endif
+ # Include TBBR makefile (unless the platform indicates otherwise)
+ ifeq (${INCLUDE_TBBR_MK},1)
include make_helpers/tbbr/tbbr_tools.mk
- endif
-endif
+ endif
+endif #(GENERATE_COT)
ifneq (${FIP_ALIGN},0)
-FIP_ARGS += --align ${FIP_ALIGN}
-endif
+ FIP_ARGS += --align ${FIP_ALIGN}
+endif #(FIP_ALIGN)
ifdef FDT_SOURCES
-NEED_FDT := yes
-endif
+ NEED_FDT := yes
+endif #(FDT_SOURCES)
################################################################################
# Include libraries' Makefile that are used in all BL
@@ -1060,39 +1120,6 @@
include lib/stack_protector/stack_protector.mk
################################################################################
-# Auxiliary tools (fiptool, cert_create, etc)
-################################################################################
-
-# Variables for use with Certificate Generation Tool
-CRTTOOLPATH ?= tools/cert_create
-CRTTOOL ?= ${CRTTOOLPATH}/cert_create${BIN_EXT}
-
-# Variables for use with Firmware Encryption Tool
-ENCTOOLPATH ?= tools/encrypt_fw
-ENCTOOL ?= ${ENCTOOLPATH}/encrypt_fw${BIN_EXT}
-
-# Variables for use with Firmware Image Package
-FIPTOOLPATH ?= tools/fiptool
-FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
-
-# Variables for use with sptool
-SPTOOLPATH ?= tools/sptool
-SPTOOL ?= ${SPTOOLPATH}/sptool.py
-SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
-
-# Variables for use with ROMLIB
-ROMLIBPATH ?= lib/romlib
-
-# Variable for use with Python
-PYTHON ?= python3
-
-# Variables for use with documentation build using Sphinx tool
-DOCS_PATH ?= docs
-
-# Defination of SIMICS flag
-SIMICS_BUILD ?= 0
-
-################################################################################
# Include BL specific makefiles
################################################################################
@@ -1116,78 +1143,78 @@
# Build options checks
################################################################################
+# Boolean_Flags
$(eval $(call assert_booleans,\
$(sort \
- ALLOW_RO_XLAT_TABLES \
- BL2_ENABLE_SP_LOAD \
- COLD_BOOT_SINGLE_CPU \
- CREATE_KEYS \
- CTX_INCLUDE_AARCH32_REGS \
- CTX_INCLUDE_FPREGS \
- CTX_INCLUDE_EL2_REGS \
- DEBUG \
- DISABLE_MTPMU \
- DYN_DISABLE_AUTH \
- EL3_EXCEPTION_HANDLING \
- ENABLE_AMU_AUXILIARY_COUNTERS \
- ENABLE_AMU_FCONF \
- AMU_RESTRICT_COUNTERS \
- ENABLE_ASSERTIONS \
- ENABLE_FEAT_SB \
- ENABLE_PIE \
- ENABLE_PMF \
- ENABLE_PSCI_STAT \
- ENABLE_RUNTIME_INSTRUMENTATION \
- ENABLE_SME_FOR_SWD \
- ENABLE_SVE_FOR_SWD \
- ERROR_DEPRECATED \
- FAULT_INJECTION_SUPPORT \
- GENERATE_COT \
- GICV2_G0_FOR_EL3 \
- HANDLE_EA_EL3_FIRST_NS \
- HW_ASSISTED_COHERENCY \
- MEASURED_BOOT \
- DRTM_SUPPORT \
- NS_TIMER_SWITCH \
- OVERRIDE_LIBC \
- PL011_GENERIC_UART \
- PLAT_RSS_NOT_SUPPORTED \
- PROGRAMMABLE_RESET_ADDRESS \
- PSCI_EXTENDED_STATE_ID \
- PSCI_OS_INIT_MODE \
- RESET_TO_BL31 \
- SAVE_KEYS \
- SEPARATE_CODE_AND_RODATA \
- SEPARATE_BL2_NOLOAD_REGION \
- SEPARATE_NOBITS_REGION \
- SPIN_ON_BL1_EXIT \
- SPM_MM \
- SPMC_AT_EL3 \
- SPMD_SPM_AT_SEL2 \
- TRUSTED_BOARD_BOOT \
- USE_COHERENT_MEM \
- USE_DEBUGFS \
- ARM_IO_IN_DTB \
- SDEI_IN_FCONF \
- SEC_INT_DESC_IN_FCONF \
- USE_ROMLIB \
- USE_TBBR_DEFS \
- WARMBOOT_ENABLE_DCACHE_EARLY \
- RESET_TO_BL2 \
- BL2_IN_XIP_MEM \
- BL2_INV_DCACHE \
- USE_SPINLOCK_CAS \
- ENCRYPT_BL31 \
- ENCRYPT_BL32 \
- ERRATA_SPECULATIVE_AT \
- RAS_TRAP_NS_ERR_REC_ACCESS \
- COT_DESC_IN_DTB \
- USE_SP804_TIMER \
- PSA_FWU_SUPPORT \
- ENABLE_MPMM \
- ENABLE_MPMM_FCONF \
- SIMICS_BUILD \
- FEATURE_DETECTION \
+ ALLOW_RO_XLAT_TABLES \
+ BL2_ENABLE_SP_LOAD \
+ COLD_BOOT_SINGLE_CPU \
+ CREATE_KEYS \
+ CTX_INCLUDE_AARCH32_REGS \
+ CTX_INCLUDE_FPREGS \
+ CTX_INCLUDE_EL2_REGS \
+ DEBUG \
+ DISABLE_MTPMU \
+ DYN_DISABLE_AUTH \
+ EL3_EXCEPTION_HANDLING \
+ ENABLE_AMU_AUXILIARY_COUNTERS \
+ ENABLE_AMU_FCONF \
+ AMU_RESTRICT_COUNTERS \
+ ENABLE_ASSERTIONS \
+ ENABLE_FEAT_SB \
+ ENABLE_PIE \
+ ENABLE_PMF \
+ ENABLE_PSCI_STAT \
+ ENABLE_RUNTIME_INSTRUMENTATION \
+ ENABLE_SME_FOR_SWD \
+ ENABLE_SVE_FOR_SWD \
+ ERROR_DEPRECATED \
+ FAULT_INJECTION_SUPPORT \
+ GENERATE_COT \
+ GICV2_G0_FOR_EL3 \
+ HANDLE_EA_EL3_FIRST_NS \
+ HW_ASSISTED_COHERENCY \
+ MEASURED_BOOT \
+ DRTM_SUPPORT \
+ NS_TIMER_SWITCH \
+ OVERRIDE_LIBC \
+ PL011_GENERIC_UART \
+ PLAT_RSS_NOT_SUPPORTED \
+ PROGRAMMABLE_RESET_ADDRESS \
+ PSCI_EXTENDED_STATE_ID \
+ PSCI_OS_INIT_MODE \
+ RESET_TO_BL31 \
+ SAVE_KEYS \
+ SEPARATE_CODE_AND_RODATA \
+ SEPARATE_BL2_NOLOAD_REGION \
+ SEPARATE_NOBITS_REGION \
+ SPIN_ON_BL1_EXIT \
+ SPM_MM \
+ SPMC_AT_EL3 \
+ SPMD_SPM_AT_SEL2 \
+ TRUSTED_BOARD_BOOT \
+ USE_COHERENT_MEM \
+ USE_DEBUGFS \
+ ARM_IO_IN_DTB \
+ SDEI_IN_FCONF \
+ SEC_INT_DESC_IN_FCONF \
+ USE_ROMLIB \
+ USE_TBBR_DEFS \
+ WARMBOOT_ENABLE_DCACHE_EARLY \
+ RESET_TO_BL2 \
+ BL2_IN_XIP_MEM \
+ BL2_INV_DCACHE \
+ USE_SPINLOCK_CAS \
+ ENCRYPT_BL31 \
+ ENCRYPT_BL32 \
+ ERRATA_SPECULATIVE_AT \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
+ COT_DESC_IN_DTB \
+ USE_SP804_TIMER \
+ PSA_FWU_SUPPORT \
+ ENABLE_MPMM \
+ ENABLE_MPMM_FCONF \
+ FEATURE_DETECTION \
TRNG_SUPPORT \
ERRATA_ABI_SUPPORT \
ERRATA_NON_ARM_INTERCONNECT \
@@ -1195,52 +1222,53 @@
RAS_FFH_SUPPORT \
)))
+# Numeric_Flags
$(eval $(call assert_numerics,\
$(sort \
- ARM_ARCH_MAJOR \
- ARM_ARCH_MINOR \
- BRANCH_PROTECTION \
- CTX_INCLUDE_PAUTH_REGS \
- CTX_INCLUDE_MTE_REGS \
- CTX_INCLUDE_NEVE_REGS \
- CRYPTO_SUPPORT \
- ENABLE_BRBE_FOR_NS \
- ENABLE_TRBE_FOR_NS \
- ENABLE_BTI \
- ENABLE_PAUTH \
- ENABLE_FEAT_AMU \
- ENABLE_FEAT_AMUv1p1 \
- ENABLE_FEAT_CSV2_2 \
- ENABLE_FEAT_RAS \
- ENABLE_FEAT_DIT \
- ENABLE_FEAT_ECV \
- ENABLE_FEAT_FGT \
- ENABLE_FEAT_HCX \
- ENABLE_FEAT_PAN \
- ENABLE_FEAT_RNG \
- ENABLE_FEAT_RNG_TRAP \
- ENABLE_FEAT_SEL2 \
- ENABLE_FEAT_TCR2 \
- ENABLE_FEAT_S2PIE \
- ENABLE_FEAT_S1PIE \
- ENABLE_FEAT_S2POE \
- ENABLE_FEAT_S1POE \
- ENABLE_FEAT_GCS \
- ENABLE_FEAT_VHE \
- ENABLE_MPAM_FOR_LOWER_ELS \
- ENABLE_RME \
- ENABLE_SPE_FOR_NS \
- ENABLE_SYS_REG_TRACE_FOR_NS \
- ENABLE_SME_FOR_NS \
- ENABLE_SME2_FOR_NS \
- ENABLE_SVE_FOR_NS \
- ENABLE_TRF_FOR_NS \
- FW_ENC_STATUS \
- NR_OF_FW_BANKS \
- NR_OF_IMAGES_IN_FW_BANK \
- TWED_DELAY \
- ENABLE_FEAT_TWED \
- SVE_VECTOR_LEN \
+ ARM_ARCH_MAJOR \
+ ARM_ARCH_MINOR \
+ BRANCH_PROTECTION \
+ CTX_INCLUDE_PAUTH_REGS \
+ CTX_INCLUDE_MTE_REGS \
+ CTX_INCLUDE_NEVE_REGS \
+ CRYPTO_SUPPORT \
+ ENABLE_BRBE_FOR_NS \
+ ENABLE_TRBE_FOR_NS \
+ ENABLE_BTI \
+ ENABLE_PAUTH \
+ ENABLE_FEAT_AMU \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_RAS \
+ ENABLE_FEAT_DIT \
+ ENABLE_FEAT_ECV \
+ ENABLE_FEAT_FGT \
+ ENABLE_FEAT_HCX \
+ ENABLE_FEAT_PAN \
+ ENABLE_FEAT_RNG \
+ ENABLE_FEAT_RNG_TRAP \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
+ ENABLE_FEAT_GCS \
+ ENABLE_FEAT_VHE \
+ ENABLE_MPAM_FOR_LOWER_ELS \
+ ENABLE_RME \
+ ENABLE_SPE_FOR_NS \
+ ENABLE_SYS_REG_TRACE_FOR_NS \
+ ENABLE_SME_FOR_NS \
+ ENABLE_SME2_FOR_NS \
+ ENABLE_SVE_FOR_NS \
+ ENABLE_TRF_FOR_NS \
+ FW_ENC_STATUS \
+ NR_OF_FW_BANKS \
+ NR_OF_IMAGES_IN_FW_BANK \
+ TWED_DELAY \
+ ENABLE_FEAT_TWED \
+ SVE_VECTOR_LEN \
IMPDEF_SYSREG_TRAP \
)))
@@ -1260,162 +1288,162 @@
$(eval $(call add_defines,\
$(sort \
- ALLOW_RO_XLAT_TABLES \
- ARM_ARCH_MAJOR \
- ARM_ARCH_MINOR \
- BL2_ENABLE_SP_LOAD \
- COLD_BOOT_SINGLE_CPU \
- CTX_INCLUDE_AARCH32_REGS \
- CTX_INCLUDE_FPREGS \
- CTX_INCLUDE_PAUTH_REGS \
- EL3_EXCEPTION_HANDLING \
- CTX_INCLUDE_MTE_REGS \
- CTX_INCLUDE_EL2_REGS \
- CTX_INCLUDE_NEVE_REGS \
- DECRYPTION_SUPPORT_${DECRYPTION_SUPPORT} \
- DISABLE_MTPMU \
- ENABLE_FEAT_AMU \
- ENABLE_AMU_AUXILIARY_COUNTERS \
- ENABLE_AMU_FCONF \
- AMU_RESTRICT_COUNTERS \
- ENABLE_ASSERTIONS \
- ENABLE_BTI \
- ENABLE_MPAM_FOR_LOWER_ELS \
- ENABLE_PAUTH \
- ENABLE_PIE \
- ENABLE_PMF \
- ENABLE_PSCI_STAT \
- ENABLE_RME \
- ENABLE_RUNTIME_INSTRUMENTATION \
- ENABLE_SME_FOR_NS \
- ENABLE_SME2_FOR_NS \
- ENABLE_SME_FOR_SWD \
- ENABLE_SPE_FOR_NS \
- ENABLE_SVE_FOR_NS \
- ENABLE_SVE_FOR_SWD \
- ENCRYPT_BL31 \
- ENCRYPT_BL32 \
- ERROR_DEPRECATED \
- FAULT_INJECTION_SUPPORT \
- GICV2_G0_FOR_EL3 \
- HANDLE_EA_EL3_FIRST_NS \
- HW_ASSISTED_COHERENCY \
- LOG_LEVEL \
- MEASURED_BOOT \
- DRTM_SUPPORT \
- NS_TIMER_SWITCH \
- PL011_GENERIC_UART \
- PLAT_${PLAT} \
- PLAT_RSS_NOT_SUPPORTED \
- PROGRAMMABLE_RESET_ADDRESS \
- PSCI_EXTENDED_STATE_ID \
- PSCI_OS_INIT_MODE \
- ENABLE_FEAT_RAS \
- RAS_FFH_SUPPORT \
- RESET_TO_BL31 \
- SEPARATE_CODE_AND_RODATA \
- SEPARATE_BL2_NOLOAD_REGION \
- SEPARATE_NOBITS_REGION \
- RECLAIM_INIT_CODE \
- SPD_${SPD} \
- SPIN_ON_BL1_EXIT \
- SPM_MM \
- SPMC_AT_EL3 \
- SPMD_SPM_AT_SEL2 \
- TRUSTED_BOARD_BOOT \
- CRYPTO_SUPPORT \
- TRNG_SUPPORT \
- ERRATA_ABI_SUPPORT \
+ ALLOW_RO_XLAT_TABLES \
+ ARM_ARCH_MAJOR \
+ ARM_ARCH_MINOR \
+ BL2_ENABLE_SP_LOAD \
+ COLD_BOOT_SINGLE_CPU \
+ CTX_INCLUDE_AARCH32_REGS \
+ CTX_INCLUDE_FPREGS \
+ CTX_INCLUDE_PAUTH_REGS \
+ EL3_EXCEPTION_HANDLING \
+ CTX_INCLUDE_MTE_REGS \
+ CTX_INCLUDE_EL2_REGS \
+ CTX_INCLUDE_NEVE_REGS \
+ DECRYPTION_SUPPORT_${DECRYPTION_SUPPORT} \
+ DISABLE_MTPMU \
+ ENABLE_FEAT_AMU \
+ ENABLE_AMU_AUXILIARY_COUNTERS \
+ ENABLE_AMU_FCONF \
+ AMU_RESTRICT_COUNTERS \
+ ENABLE_ASSERTIONS \
+ ENABLE_BTI \
+ ENABLE_MPAM_FOR_LOWER_ELS \
+ ENABLE_PAUTH \
+ ENABLE_PIE \
+ ENABLE_PMF \
+ ENABLE_PSCI_STAT \
+ ENABLE_RME \
+ ENABLE_RUNTIME_INSTRUMENTATION \
+ ENABLE_SME_FOR_NS \
+ ENABLE_SME2_FOR_NS \
+ ENABLE_SME_FOR_SWD \
+ ENABLE_SPE_FOR_NS \
+ ENABLE_SVE_FOR_NS \
+ ENABLE_SVE_FOR_SWD \
+ ENCRYPT_BL31 \
+ ENCRYPT_BL32 \
+ ERROR_DEPRECATED \
+ FAULT_INJECTION_SUPPORT \
+ GICV2_G0_FOR_EL3 \
+ HANDLE_EA_EL3_FIRST_NS \
+ HW_ASSISTED_COHERENCY \
+ LOG_LEVEL \
+ MEASURED_BOOT \
+ DRTM_SUPPORT \
+ NS_TIMER_SWITCH \
+ PL011_GENERIC_UART \
+ PLAT_${PLAT} \
+ PLAT_RSS_NOT_SUPPORTED \
+ PROGRAMMABLE_RESET_ADDRESS \
+ PSCI_EXTENDED_STATE_ID \
+ PSCI_OS_INIT_MODE \
+ ENABLE_FEAT_RAS \
+ RAS_FFH_SUPPORT \
+ RESET_TO_BL31 \
+ SEPARATE_CODE_AND_RODATA \
+ SEPARATE_BL2_NOLOAD_REGION \
+ SEPARATE_NOBITS_REGION \
+ RECLAIM_INIT_CODE \
+ SPD_${SPD} \
+ SPIN_ON_BL1_EXIT \
+ SPM_MM \
+ SPMC_AT_EL3 \
+ SPMD_SPM_AT_SEL2 \
+ TRUSTED_BOARD_BOOT \
+ CRYPTO_SUPPORT \
+ TRNG_SUPPORT \
+ ERRATA_ABI_SUPPORT \
ERRATA_NON_ARM_INTERCONNECT \
- USE_COHERENT_MEM \
- USE_DEBUGFS \
- ARM_IO_IN_DTB \
- SDEI_IN_FCONF \
- SEC_INT_DESC_IN_FCONF \
- USE_ROMLIB \
- USE_TBBR_DEFS \
- WARMBOOT_ENABLE_DCACHE_EARLY \
- RESET_TO_BL2 \
- BL2_RUNS_AT_EL3 \
- BL2_IN_XIP_MEM \
- BL2_INV_DCACHE \
- USE_SPINLOCK_CAS \
- ERRATA_SPECULATIVE_AT \
- RAS_TRAP_NS_ERR_REC_ACCESS \
- COT_DESC_IN_DTB \
- USE_SP804_TIMER \
- ENABLE_FEAT_RNG \
- ENABLE_FEAT_RNG_TRAP \
- ENABLE_FEAT_SB \
- ENABLE_FEAT_DIT \
- NR_OF_FW_BANKS \
- NR_OF_IMAGES_IN_FW_BANK \
- PSA_FWU_SUPPORT \
- ENABLE_BRBE_FOR_NS \
- ENABLE_TRBE_FOR_NS \
- ENABLE_SYS_REG_TRACE_FOR_NS \
- ENABLE_TRF_FOR_NS \
- ENABLE_FEAT_HCX \
- ENABLE_MPMM \
- ENABLE_MPMM_FCONF \
- ENABLE_FEAT_FGT \
- ENABLE_FEAT_ECV \
- SIMICS_BUILD \
- ENABLE_FEAT_AMUv1p1 \
- ENABLE_FEAT_SEL2 \
- ENABLE_FEAT_VHE \
- ENABLE_FEAT_CSV2_2 \
- ENABLE_FEAT_PAN \
- ENABLE_FEAT_TCR2 \
- ENABLE_FEAT_S2PIE \
- ENABLE_FEAT_S1PIE \
- ENABLE_FEAT_S2POE \
- ENABLE_FEAT_S1POE \
- ENABLE_FEAT_GCS \
- FEATURE_DETECTION \
- TWED_DELAY \
- ENABLE_FEAT_TWED \
+ USE_COHERENT_MEM \
+ USE_DEBUGFS \
+ ARM_IO_IN_DTB \
+ SDEI_IN_FCONF \
+ SEC_INT_DESC_IN_FCONF \
+ USE_ROMLIB \
+ USE_TBBR_DEFS \
+ WARMBOOT_ENABLE_DCACHE_EARLY \
+ RESET_TO_BL2 \
+ BL2_RUNS_AT_EL3 \
+ BL2_IN_XIP_MEM \
+ BL2_INV_DCACHE \
+ USE_SPINLOCK_CAS \
+ ERRATA_SPECULATIVE_AT \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
+ COT_DESC_IN_DTB \
+ USE_SP804_TIMER \
+ ENABLE_FEAT_RNG \
+ ENABLE_FEAT_RNG_TRAP \
+ ENABLE_FEAT_SB \
+ ENABLE_FEAT_DIT \
+ NR_OF_FW_BANKS \
+ NR_OF_IMAGES_IN_FW_BANK \
+ PSA_FWU_SUPPORT \
+ ENABLE_BRBE_FOR_NS \
+ ENABLE_TRBE_FOR_NS \
+ ENABLE_SYS_REG_TRACE_FOR_NS \
+ ENABLE_TRF_FOR_NS \
+ ENABLE_FEAT_HCX \
+ ENABLE_MPMM \
+ ENABLE_MPMM_FCONF \
+ ENABLE_FEAT_FGT \
+ ENABLE_FEAT_ECV \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_VHE \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_PAN \
+ ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
+ ENABLE_FEAT_GCS \
+ FEATURE_DETECTION \
+ TWED_DELAY \
+ ENABLE_FEAT_TWED \
CONDITIONAL_CMO \
IMPDEF_SYSREG_TRAP \
+ SVE_VECTOR_LEN \
)))
ifeq (${SANITIZE_UB},trap)
$(eval $(call add_define,MONITOR_TRAPS))
-endif
+endif #(SANITIZE_UB)
# Define the EL3_PAYLOAD_BASE flag only if it is provided.
ifdef EL3_PAYLOAD_BASE
$(eval $(call add_define,EL3_PAYLOAD_BASE))
else
- # Define the PRELOADED_BL33_BASE flag only if it is provided and
- # EL3_PAYLOAD_BASE is not defined, as it has priority.
- ifdef PRELOADED_BL33_BASE
+# Define the PRELOADED_BL33_BASE flag only if it is provided and
+# EL3_PAYLOAD_BASE is not defined, as it has priority.
+ ifdef PRELOADED_BL33_BASE
$(eval $(call add_define,PRELOADED_BL33_BASE))
- endif
-endif
+ endif
+endif #(EL3_PAYLOAD_BASE)
# Define the DYN_DISABLE_AUTH flag only if set.
ifeq (${DYN_DISABLE_AUTH},1)
-$(eval $(call add_define,DYN_DISABLE_AUTH))
+ $(eval $(call add_define,DYN_DISABLE_AUTH))
endif
ifneq ($(findstring armlink,$(notdir $(LD))),)
-$(eval $(call add_define,USE_ARM_LINK))
+ $(eval $(call add_define,USE_ARM_LINK))
endif
# Generate and include sp_gen.mk if SPD is spmd and SP_LAYOUT_FILE is defined
ifeq (${SPD},spmd)
ifdef SP_LAYOUT_FILE
- -include $(BUILD_PLAT)/sp_gen.mk
- FIP_DEPS += sp
- CRT_DEPS += sp
- NEED_SP_PKG := yes
+ -include $(BUILD_PLAT)/sp_gen.mk
+ FIP_DEPS += sp
+ CRT_DEPS += sp
+ NEED_SP_PKG := yes
else
- ifeq (${SPMD_SPM_AT_SEL2},1)
- $(error "SPMD with SPM at S-EL2 require SP_LAYOUT_FILE")
- endif
-endif
-endif
+ ifeq (${SPMD_SPM_AT_SEL2},1)
+ $(error "SPMD with SPM at S-EL2 require SP_LAYOUT_FILE")
+ endif
+endif #(SP_LAYOUT_FILE)
+endif #(SPD)
################################################################################
# Build targets
@@ -1436,7 +1464,7 @@
else
CPPFLAGS += -Wno-error=deprecated-declarations -Wno-error=cpp
endif
-endif # !ERROR_DEPRECATED
+endif #(!ERROR_DEPRECATED)
$(eval $(call MAKE_LIB_DIRS))
$(eval $(call MAKE_LIB,c))
@@ -1444,11 +1472,11 @@
# Expand build macros for the different images
ifeq (${NEED_BL1},yes)
BL1_SOURCES := $(sort ${BL1_SOURCES})
-
$(eval $(call MAKE_BL,bl1))
-endif
+endif #(NEED_BL1)
ifeq (${NEED_BL2},yes)
+
ifeq (${RESET_TO_BL2}, 0)
FIP_BL2_ARGS := tb-fw
endif
@@ -1457,11 +1485,12 @@
$(if ${BL2}, $(eval $(call TOOL_ADD_IMG,bl2,--${FIP_BL2_ARGS})),\
$(eval $(call MAKE_BL,bl2,${FIP_BL2_ARGS})))
-endif
+
+endif #(NEED_BL2)
ifeq (${NEED_SCP_BL2},yes)
$(eval $(call TOOL_ADD_IMG,scp_bl2,--scp-fw))
-endif
+endif #(NEED_SCP_BL2)
ifeq (${NEED_BL31},yes)
BL31_SOURCES += ${SPD_SOURCES}
@@ -1473,8 +1502,8 @@
else
$(if ${BL31}, $(eval $(call TOOL_ADD_IMG,bl31,--soc-fw)),\
$(eval $(call MAKE_BL,bl31,soc-fw)))
-endif
-endif
+endif #(DECRYPTION_SUPPORT)
+endif #(NEED_BL31)
# If a BL32 image is needed but neither BL32 nor BL32_SOURCES is defined, the
# build system will call TOOL_ADD_IMG to print a warning message and abort the
@@ -1490,8 +1519,8 @@
else
$(if ${BUILD_BL32}, $(eval $(call MAKE_BL,bl32,tos-fw)),\
$(eval $(call TOOL_ADD_IMG,bl32,--tos-fw)))
-endif
-endif
+endif #(DECRYPTION_SUPPORT)
+endif #(NEED_BL32)
# If RMM image is needed but RMM is not defined, Test Realm Payload (TRP)
# needs to be built from RMM_SOURCES.
@@ -1501,23 +1530,23 @@
BUILD_RMM := $(if $(RMM),,$(if $(RMM_SOURCES),1))
$(if ${BUILD_RMM}, $(eval $(call MAKE_BL,rmm,rmm-fw)),\
- $(eval $(call TOOL_ADD_IMG,rmm,--rmm-fw)))
-endif
+ $(eval $(call TOOL_ADD_IMG,rmm,--rmm-fw)))
+endif #(NEED_RMM)
# Add the BL33 image if required by the platform
ifeq (${NEED_BL33},yes)
$(eval $(call TOOL_ADD_IMG,bl33,--nt-fw))
-endif
+endif #(NEED_BL33)
ifeq (${NEED_BL2U},yes)
$(if ${BL2U}, $(eval $(call TOOL_ADD_IMG,bl2u,--ap-fwu-cfg,FWU_)),\
$(eval $(call MAKE_BL,bl2u,ap-fwu-cfg,FWU_)))
-endif
+endif #(NEED_BL2U)
# Expand build macros for the different images
ifeq (${NEED_FDT},yes)
$(eval $(call MAKE_DTBS,$(BUILD_PLAT)/fdts,$(FDT_SOURCES)))
-endif
+endif #(NEED_FDT)
# Add Secure Partition packages
ifeq (${NEED_SP_PKG},yes)
@@ -1527,7 +1556,7 @@
@${ECHO_BLANK_LINE}
@echo "Built SP Images successfully"
@${ECHO_BLANK_LINE}
-endif
+endif #(NEED_SP_PKG)
locate-checkpatch:
ifndef CHECKPATCH
@@ -1536,7 +1565,7 @@
ifeq (,$(wildcard ${CHECKPATCH}))
$(error "The file CHECKPATCH points to cannot be found, use eg: CHECKPATCH=../linux/scripts/checkpatch.pl")
endif
-endif
+endif #(CHECKPATCH)
clean:
@echo " CLEAN"
@@ -1547,7 +1576,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) clean
-endif
+endif #(UNIX_MK)
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} clean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
@@ -1562,7 +1591,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) realclean
-endif
+endif #(UNIX_MK)
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} realclean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} realclean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
@@ -1616,7 +1645,7 @@
@echo "Built $@ successfully"
@echo "Certificates can be found in ${BUILD_PLAT}"
@${ECHO_BLANK_LINE}
-endif
+endif #(GENERATE_COT)
${BUILD_PLAT}/${FIP_NAME}: ${FIP_DEPS} ${FIPTOOL}
$(eval ${CHECK_FIP_CMD})
@@ -1633,7 +1662,7 @@
@echo "Built $@ successfully"
@echo "FWU certificates can be found in ${BUILD_PLAT}"
@${ECHO_BLANK_LINE}
-endif
+endif #(GENERATE_COT)
${BUILD_PLAT}/${FWU_FIP_NAME}: ${FWU_FIP_DEPS} ${FIPTOOL}
$(eval ${CHECK_FWU_FIP_CMD})
@@ -1654,7 +1683,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL))
-endif
+endif #(UNIX_MK)
romlib.bin: libraries FORCE
${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all