xref: /optee_os/core/arch/arm/arm.mk (revision f5a70e3efb80be4b9bff2c9c811ddc139058e05a) 
1CFG_LTC_OPTEE_THREAD ?= y
2# Size of emulated TrustZone protected SRAM, 448 kB.
3# Only applicable when paging is enabled.
4CFG_CORE_TZSRAM_EMUL_SIZE ?= 458752
5CFG_LPAE_ADDR_SPACE_SIZE ?= (1ull << 32)
6
7CFG_MMAP_REGIONS ?= 13
8CFG_RESERVED_VASPACE_SIZE ?= (1024 * 1024 * 10)
9
10ifeq ($(CFG_ARM64_core),y)
11CFG_KERN_LINKER_FORMAT ?= elf64-littleaarch64
12CFG_KERN_LINKER_ARCH ?= aarch64
13# TCR_EL1.IPS needs to be initialized according to the largest physical
14# address that we need to map.
15# Physical address size
16# 32 bits, 4GB.
17# 36 bits, 64GB.
18# (etc.)
19CFG_CORE_ARM64_PA_BITS ?= 32
20else
21ifeq ($(CFG_ARM32_core),y)
22CFG_KERN_LINKER_FORMAT ?= elf32-littlearm
23CFG_KERN_LINKER_ARCH ?= arm
24else
25$(error Error: CFG_ARM64_core or CFG_ARM32_core should be defined)
26endif
27endif
28
29ifeq ($(CFG_TA_FLOAT_SUPPORT),y)
30# Use hard-float for floating point support in user TAs instead of
31# soft-float
32CFG_WITH_VFP ?= y
33ifeq ($(CFG_ARM64_core),y)
34# AArch64 has no fallback to soft-float
35$(call force,CFG_WITH_VFP,y)
36endif
37ifeq ($(CFG_WITH_VFP),y)
38arm64-platform-hard-float-enabled := y
39ifneq ($(CFG_TA_ARM32_NO_HARD_FLOAT_SUPPORT),y)
40arm32-platform-hard-float-enabled := y
41endif
42endif
43endif
44
45# Adds protection against CVE-2017-5715 also know as Spectre
46# (https://spectreattack.com)
47# See also https://developer.arm.com/-/media/Files/pdf/Cache_Speculation_Side-channels.pdf
48# Variant 2
49CFG_CORE_WORKAROUND_SPECTRE_BP ?= y
50# Same as CFG_CORE_WORKAROUND_SPECTRE_BP but targeting exceptions from
51# secure EL0 instead of non-secure world.
52CFG_CORE_WORKAROUND_SPECTRE_BP_SEC ?= $(CFG_CORE_WORKAROUND_SPECTRE_BP)
53
54# Adds protection against a tool like Cachegrab
55# (https://github.com/nccgroup/cachegrab), which uses non-secure interrupts
56# to prime and later analyze the L1D, L1I and BTB caches to gain
57# information from secure world execution.
58CFG_CORE_WORKAROUND_NSITR_CACHE_PRIME ?= y
59ifeq ($(CFG_CORE_WORKAROUND_NSITR_CACHE_PRIME),y)
60$(call force,CFG_CORE_WORKAROUND_SPECTRE_BP,y,Required by CFG_CORE_WORKAROUND_NSITR_CACHE_PRIME)
61endif
62
63CFG_CORE_RWDATA_NOEXEC ?= y
64CFG_CORE_RODATA_NOEXEC ?= n
65ifeq ($(CFG_CORE_RODATA_NOEXEC),y)
66$(call force,CFG_CORE_RWDATA_NOEXEC,y)
67endif
68# 'y' to set the Alignment Check Enable bit in SCTLR/SCTLR_EL1, 'n' to clear it
69CFG_SCTLR_ALIGNMENT_CHECK ?= y
70
71ifeq ($(CFG_CORE_LARGE_PHYS_ADDR),y)
72$(call force,CFG_WITH_LPAE,y)
73endif
74
75# Unmaps all kernel mode code except the code needed to take exceptions
76# from user space and restore kernel mode mapping again. This gives more
77# strict control over what is accessible while in user mode.
78# Addresses CVE-2017-5715 (aka Meltdown) known to affect Arm Cortex-A75
79CFG_CORE_UNMAP_CORE_AT_EL0 ?= y
80
81# Initialize PMCR.DP to 1 to prohibit cycle counting in secure state, and
82# save/restore PMCR during world switch.
83CFG_SM_NO_CYCLE_COUNTING ?= y
84
85ifeq ($(CFG_ARM32_core),y)
86# Configration directive related to ARMv7 optee boot arguments.
87# CFG_PAGEABLE_ADDR: if defined, forces pageable data physical address.
88# CFG_NS_ENTRY_ADDR: if defined, forces NS World physical entry address.
89# CFG_DT_ADDR:       if defined, forces Device Tree data physical address.
90endif
91
92core-platform-cppflags	+= -I$(arch-dir)/include
93core-platform-subdirs += \
94	$(addprefix $(arch-dir)/, kernel crypto mm tee) $(platform-dir)
95
96ifneq ($(CFG_WITH_ARM_TRUSTED_FW),y)
97core-platform-subdirs += $(arch-dir)/sm
98endif
99
100arm64-platform-cppflags += -DARM64=1 -D__LP64__=1
101arm32-platform-cppflags += -DARM32=1 -D__ILP32__=1
102
103platform-cflags-generic ?= -ffunction-sections -fdata-sections -pipe
104platform-aflags-generic ?= -pipe
105
106arm32-platform-aflags += -marm
107
108arm32-platform-cflags-no-hard-float ?= -mfloat-abi=soft
109arm32-platform-cflags-hard-float ?= -mfloat-abi=hard -funsafe-math-optimizations
110arm32-platform-cflags-generic-thumb ?= -mthumb \
111			-fno-short-enums -fno-common -mno-unaligned-access
112arm32-platform-cflags-generic-arm ?= -marm -fno-omit-frame-pointer -mapcs \
113			-fno-short-enums -fno-common -mno-unaligned-access
114arm32-platform-aflags-no-hard-float ?=
115
116arm64-platform-cflags-no-hard-float ?= -mgeneral-regs-only
117arm64-platform-cflags-hard-float ?=
118arm64-platform-cflags-generic ?= -mstrict-align
119
120ifeq ($(DEBUG),1)
121# For backwards compatibility
122$(call force,CFG_CC_OPTIMIZE_FOR_SIZE,n)
123$(call force,CFG_DEBUG_INFO,y)
124endif
125
126CFG_CC_OPTIMIZE_FOR_SIZE ?= y
127ifeq ($(CFG_CC_OPTIMIZE_FOR_SIZE),y)
128platform-cflags-optimization ?= -Os
129else
130platform-cflags-optimization ?= -O0
131endif
132
133CFG_DEBUG_INFO ?= y
134ifeq ($(CFG_DEBUG_INFO),y)
135platform-cflags-debug-info ?= -g3
136platform-aflags-debug-info ?= -g
137endif
138
139core-platform-cflags += $(platform-cflags-optimization)
140core-platform-cflags += $(platform-cflags-generic)
141core-platform-cflags += $(platform-cflags-debug-info)
142
143core-platform-aflags += $(platform-aflags-generic)
144core-platform-aflags += $(platform-aflags-debug-info)
145
146ifeq ($(CFG_CORE_ASLR),y)
147core-platform-cflags += -fpie
148endif
149
150ifeq ($(CFG_ARM64_core),y)
151arch-bits-core := 64
152core-platform-cppflags += $(arm64-platform-cppflags)
153core-platform-cflags += $(arm64-platform-cflags)
154core-platform-cflags += $(arm64-platform-cflags-generic)
155core-platform-cflags += $(arm64-platform-cflags-no-hard-float)
156core-platform-aflags += $(arm64-platform-aflags)
157else
158arch-bits-core := 32
159core-platform-cppflags += $(arm32-platform-cppflags)
160core-platform-cflags += $(arm32-platform-cflags)
161core-platform-cflags += $(arm32-platform-cflags-no-hard-float)
162ifeq ($(CFG_UNWIND),y)
163core-platform-cflags += -funwind-tables
164endif
165ifeq ($(CFG_SYSCALL_FTRACE),y)
166core-platform-cflags += $(arm32-platform-cflags-generic-arm)
167else
168core-platform-cflags += $(arm32-platform-cflags-generic-thumb)
169endif
170core-platform-aflags += $(core_arm32-platform-aflags)
171core-platform-aflags += $(arm32-platform-aflags)
172endif
173
174# Provide default supported-ta-targets if not set by the platform config
175ifeq (,$(supported-ta-targets))
176supported-ta-targets = ta_arm32
177ifeq ($(CFG_ARM64_core),y)
178supported-ta-targets += ta_arm64
179endif
180endif
181
182ta-targets := $(if $(CFG_USER_TA_TARGETS),$(filter $(supported-ta-targets),$(CFG_USER_TA_TARGETS)),$(supported-ta-targets))
183unsup-targets := $(filter-out $(ta-targets),$(CFG_USER_TA_TARGETS))
184ifneq (,$(unsup-targets))
185$(error CFG_USER_TA_TARGETS contains unsupported value(s): $(unsup-targets). Valid values: $(supported-ta-targets))
186endif
187
188ifneq ($(filter ta_arm32,$(ta-targets)),)
189# Variables for ta-target/sm "ta_arm32"
190CFG_ARM32_ta_arm32 := y
191arch-bits-ta_arm32 := 32
192ta_arm32-platform-cppflags += $(arm32-platform-cppflags)
193ta_arm32-platform-cflags += $(arm32-platform-cflags)
194ta_arm32-platform-cflags += $(platform-cflags-optimization)
195ta_arm32-platform-cflags += $(platform-cflags-debug-info)
196ta_arm32-platform-cflags += -fpic
197
198# Thumb mode doesn't support function graph tracing due to missing
199# frame pointer support required to trace function call chain. So
200# rather compile in ARM mode if function tracing is enabled.
201ifeq ($(CFG_FTRACE_SUPPORT),y)
202ta_arm32-platform-cflags += $(arm32-platform-cflags-generic-arm)
203else
204ta_arm32-platform-cflags += $(arm32-platform-cflags-generic-thumb)
205endif
206
207ifeq ($(arm32-platform-hard-float-enabled),y)
208ta_arm32-platform-cflags += $(arm32-platform-cflags-hard-float)
209else
210ta_arm32-platform-cflags += $(arm32-platform-cflags-no-hard-float)
211endif
212ifeq ($(CFG_UNWIND),y)
213ta_arm32-platform-cflags += -funwind-tables
214endif
215ta_arm32-platform-aflags += $(platform-aflags-generic)
216ta_arm32-platform-aflags += $(platform-aflags-debug-info)
217ta_arm32-platform-aflags += $(arm32-platform-aflags)
218
219ta-mk-file-export-vars-ta_arm32 += CFG_ARM32_ta_arm32
220ta-mk-file-export-vars-ta_arm32 += ta_arm32-platform-cppflags
221ta-mk-file-export-vars-ta_arm32 += ta_arm32-platform-cflags
222ta-mk-file-export-vars-ta_arm32 += ta_arm32-platform-aflags
223
224ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE ?= arm-linux-gnueabihf-_nl_
225ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE32 ?= $$(CROSS_COMPILE)_nl_
226ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE_ta_arm32 ?= $$(CROSS_COMPILE32)_nl_
227ta-mk-file-export-add-ta_arm32 += COMPILER ?= gcc_nl_
228ta-mk-file-export-add-ta_arm32 += COMPILER_ta_arm32 ?= $$(COMPILER)_nl_
229endif
230
231ifneq ($(filter ta_arm64,$(ta-targets)),)
232# Variables for ta-target/sm "ta_arm64"
233CFG_ARM64_ta_arm64 := y
234arch-bits-ta_arm64 := 64
235ta_arm64-platform-cppflags += $(arm64-platform-cppflags)
236ta_arm64-platform-cflags += $(arm64-platform-cflags)
237ta_arm64-platform-cflags += $(platform-cflags-optimization)
238ta_arm64-platform-cflags += $(platform-cflags-debug-info)
239ta_arm64-platform-cflags += -fpic
240ta_arm64-platform-cflags += $(arm64-platform-cflags-generic)
241ifeq ($(arm64-platform-hard-float-enabled),y)
242ta_arm64-platform-cflags += $(arm64-platform-cflags-hard-float)
243else
244ta_arm64-platform-cflags += $(arm64-platform-cflags-no-hard-float)
245endif
246ta_arm64-platform-aflags += $(platform-aflags-generic)
247ta_arm64-platform-aflags += $(platform-aflags-debug-info)
248ta_arm64-platform-aflags += $(arm64-platform-aflags)
249
250ta-mk-file-export-vars-ta_arm64 += CFG_ARM64_ta_arm64
251ta-mk-file-export-vars-ta_arm64 += ta_arm64-platform-cppflags
252ta-mk-file-export-vars-ta_arm64 += ta_arm64-platform-cflags
253ta-mk-file-export-vars-ta_arm64 += ta_arm64-platform-aflags
254
255ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE64 ?= $$(CROSS_COMPILE)_nl_
256ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE_ta_arm64 ?= $$(CROSS_COMPILE64)_nl_
257ta-mk-file-export-add-ta_arm64 += COMPILER ?= gcc_nl_
258ta-mk-file-export-add-ta_arm64 += COMPILER_ta_arm64 ?= $$(COMPILER)_nl_
259endif
260
261# Set cross compiler prefix for each submodule
262$(foreach sm, core $(ta-targets), $(eval CROSS_COMPILE_$(sm) ?= $(CROSS_COMPILE$(arch-bits-$(sm)))))
263
264arm32-sysreg-txt = core/arch/arm/kernel/arm32_sysreg.txt
265arm32-sysregs-$(arm32-sysreg-txt)-h := arm32_sysreg.h
266arm32-sysregs-$(arm32-sysreg-txt)-s := arm32_sysreg.S
267arm32-sysregs += $(arm32-sysreg-txt)
268
269ifeq ($(CFG_ARM_GICV3),y)
270arm32-gicv3-sysreg-txt = core/arch/arm/kernel/arm32_gicv3_sysreg.txt
271arm32-sysregs-$(arm32-gicv3-sysreg-txt)-h := arm32_gicv3_sysreg.h
272arm32-sysregs-$(arm32-gicv3-sysreg-txt)-s := arm32_gicv3_sysreg.S
273arm32-sysregs += $(arm32-gicv3-sysreg-txt)
274endif
275
276arm32-sysregs-out := $(out-dir)/$(sm)/include/generated
277
278define process-arm32-sysreg
279FORCE-GENSRC$(sm): $$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-h)
280cleanfiles := $$(cleanfiles) $$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-h)
281
282$$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-h): $(1) scripts/arm32_sysreg.py
283	@$(cmd-echo-silent) '  GEN     $$@'
284	$(q)mkdir -p $$(dir $$@)
285	$(q)scripts/arm32_sysreg.py --guard __$$(arm32-sysregs-$(1)-h) \
286		< $$< > $$@
287
288FORCE-GENSRC$(sm): $$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-s)
289cleanfiles := $$(cleanfiles) $$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-s)
290
291$$(arm32-sysregs-out)/$$(arm32-sysregs-$(1)-s): $(1) scripts/arm32_sysreg.py
292	@$(cmd-echo-silent) '  GEN     $$@'
293	$(q)mkdir -p $$(dir $$@)
294	$(q)scripts/arm32_sysreg.py --s_file < $$< > $$@
295endef #process-arm32-sysreg
296
297$(foreach sr, $(arm32-sysregs), $(eval $(call process-arm32-sysreg,$(sr))))
298