This patch adds SPM_BIN to suport prebuilt secure partition image. For the moment, it assumes that secure partition image is STANDALONESMM image. The path is relative to $EDK2_DIR/Build/StandaloneSmmPkg/$BUILD_PROFILE/FV/.
Also, this patch adds commandline "SPM=1" implicitly to build flags, when SPM_BIN is defined.
SPM_BIN prebuilt image is passed in as a bl32 image to arm trusted firmware.
Signed-off-by: Supreeth Venkatesh supreeth.venkatesh@arm.com
--- Changes since v1: (*) Reword Commit Message. (*) Avoid references to SPD or TOS, though it still needs to evolve, since the final SPM code in arm-tf is not merged to master branch. --- atf-build.sh | 23 +++++++++++------------ platforms.config | 8 +++++--- 2 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/atf-build.sh b/atf-build.sh index 5c45708..b72cfbb 100755 --- a/atf-build.sh +++ b/atf-build.sh @@ -118,21 +118,20 @@ function build_platform fi else # - # BL32 could be the secure partition. - # If TOS_DIR is not set and the SPD is none then include BL32 as a - # prebuilt secure partition. + # Since TOS_DIR is not set, user does not want a Trusted OS + # even if the source directory and/or binary for it exists. + # Next, Check whether user wants secure partition image. + # If SPM_BIN is set then include pre-built secure partition image as a + # BL32 Image and implicitly set SPM=1. # - SPD="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o atf_spd`" - TOS_BIN="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o tos_bin`" + SPM_BIN="`$TOOLS_DIR/parse-platforms.py $PLATFORM_CONFIG -p $1 get -o spm_bin`"
- if [ X"$SPD" == X"none" ] && [ X"$TOS_BIN" != X"" ]; then - BL32=$EDK2_DIR/$TOS_BIN - SPD_OPTION="BL32=$BL32" - else - echo "WARNING: Proceeding without Secure Partition!" - echo " Please specify both ATF_SPD=none and TOS_BIN" - echo " if you wish to use a Secure Partition!" + if [ X"$SPM_BIN" != X"" ]; then + BL32=$EDK2_DIR/Build/StandaloneSmmPkg/$BUILD_PROFILE/FV/$SPM_BIN + PLATFORM_BUILDFLAGS="$PLATFORM_BUILDFLAGS SPM=1" fi + # We assume that user does not want secure partition either. + # Todo: Revisit if either one of Trusted OS or Secure Partition Image is Mandatory. fi
diff --git a/platforms.config b/platforms.config index 0639583..6db1340 100644 --- a/platforms.config +++ b/platforms.config @@ -46,6 +46,9 @@ # - ATF_SPD Name of Secure Payload Dispatcher # To actually build the Trusted OS, you must also set # TOS_BIN. +# - SPM_BIN Prebuilt Secure Partition image to pass to ARM Trusted Firmware. +# The path is relative to +# $EDK2_DIR/Build/StandaloneSmmPkg/$BUILD_PROFILE/FV/. # # Optional options: # - BUILDFLAGS Any special flags you want to pass to the build command. @@ -107,9 +110,8 @@ BUILD_ATF=debug UEFI_BIN=FVP_AARCH64_EFI.fd UEFI_IMAGE_DIR=ArmVExpress-FVP-AArch64-MM-Normal ATF_PLATFORM=fvp -TOS_BIN=Build/StandaloneSmmPkg/DEBUG_GCC49/FV/STANDALONESMM.fd -ATF_SPD=none -ATF_BUILDFLAGS=ARM_BL31_IN_DRAM=1 SPM=1 +SPM_BIN=STANDALONESMM.fd +ATF_BUILDFLAGS=ARM_BL31_IN_DRAM=1
[tc2] LONGNAME=Versatile Express TC2