131b31015Sliushiweilink-script$(sm) = $(ta-dev-kit-dir$(sm))/src/ta.ld.S 231b31015Sliushiweilink-script-pp$(sm) = $(link-out-dir$(sm))/ta.lds 331b31015Sliushiweilink-script-dep$(sm) = $(link-out-dir$(sm))/.ta.ld.d 431b31015Sliushiwei 531b31015SliushiweiSIGN_ENC ?= $(PYTHON3) $(ta-dev-kit-dir$(sm))/scripts/sign_encrypt.py 631b31015SliushiweiTA_SIGN_KEY ?= $(ta-dev-kit-dir$(sm))/keys/default_ta.pem 731b31015Sliushiwei 831b31015Sliushiweiifeq ($(CFG_ENCRYPT_TA),y) 931b31015Sliushiwei# Default TA encryption key is a dummy key derived from default 1031b31015Sliushiwei# hardware unique key (an array of 16 zero bytes) to demonstrate 11*f03a2acaSJerome Forissier# usage of REE-FS TAs encryption feature. It should match the key 12*f03a2acaSJerome Forissier# returned by tee_otp_get_ta_enc_key(). 1331b31015Sliushiwei# 1431b31015Sliushiwei# Note that a user of this TA encryption feature needs to provide 1531b31015Sliushiwei# encryption key and its handling corresponding to their security 1631b31015Sliushiwei# requirements. 17*f03a2acaSJerome ForissierTA_ENC_KEY ?= 'e3ff381eb7859bb961c52f9b78b693f725c261e75eb488ef5893d6de5d097e6a' 1831b31015Sliushiweiendif 1931b31015Sliushiwei 2031b31015Sliushiweiall: $(link-out-dir$(sm))/$(user-ta-uuid).dmp \ 2131b31015Sliushiwei $(link-out-dir$(sm))/$(user-ta-uuid).stripped.elf \ 2231b31015Sliushiwei $(link-out-dir$(sm))/$(user-ta-uuid).ta 2331b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/$(user-ta-uuid).elf 2431b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/$(user-ta-uuid).dmp 2531b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/$(user-ta-uuid).map 2631b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/$(user-ta-uuid).stripped.elf 2731b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/$(user-ta-uuid).ta 2831b31015Sliushiweicleanfiles += $(link-script-pp$(sm)) $(link-script-dep$(sm)) 2931b31015Sliushiwei 3031b31015Sliushiweilink-ldflags = -e__ta_entry -pie 3131b31015Sliushiweilink-ldflags += -T $(link-script-pp$(sm)) 3231b31015Sliushiweilink-ldflags += -Map=$(link-out-dir$(sm))/$(user-ta-uuid).map 3331b31015Sliushiweilink-ldflags += --sort-section=alignment 3431b31015Sliushiweilink-ldflags += -z max-page-size=4096 # OP-TEE always uses 4K alignment 3531b31015Sliushiweiifeq ($(sm)-$(CFG_TA_BTI),ta_arm64-y) 3631b31015Sliushiweilink-ldflags += $(call ld-option,-z force-bti) --fatal-warnings 3731b31015Sliushiweiendif 3831b31015Sliushiweilink-ldflags += --as-needed # Do not add dependency on unused shlib 3931b31015Sliushiweilink-ldflags += $(link-ldflags$(sm)) 4031b31015Sliushiwei 417f2daddfSJens Wiklander$(link-out-dir$(sm))/dyn_list: FORCE 4231b31015Sliushiwei @$(cmd-echo-silent) ' GEN $@' 4331b31015Sliushiwei $(q)mkdir -p $(dir $@) 447f2daddfSJens Wiklander $(q)echo "{" >$@.tmp 457f2daddfSJens Wiklander $(q)echo "__elf_phdr_info;" >>$@.tmp 4631b31015Sliushiweiifeq ($(CFG_FTRACE_SUPPORT),y) 477f2daddfSJens Wiklander $(q)echo "__ftrace_info;" >>$@.tmp 4831b31015Sliushiweiendif 497f2daddfSJens Wiklander $(q)echo "trace_ext_prefix;" >>$@.tmp 507f2daddfSJens Wiklander $(q)echo "trace_level;" >>$@.tmp 514bdddf20SJens Wiklander $(q)echo "ta_head;" >>$@.tmp 527f2daddfSJens Wiklander $(q)echo "};" >>$@.tmp 537f2daddfSJens Wiklander $(q)$(call mv-if-changed,$@.tmp,$@) 5431b31015Sliushiweilink-ldflags += --dynamic-list $(link-out-dir$(sm))/dyn_list 5531b31015Sliushiweidynlistdep = $(link-out-dir$(sm))/dyn_list 5631b31015Sliushiweicleanfiles += $(link-out-dir$(sm))/dyn_list 5731b31015Sliushiwei 5831b31015Sliushiweilink-ldadd = $(user-ta-ldadd) $(addprefix -L,$(libdirs)) 5931b31015Sliushiweilink-ldadd += --start-group 6031b31015Sliushiweilink-ldadd += $(addprefix -l,$(libnames)) 6131b31015Sliushiweiifneq (,$(filter %.cpp,$(srcs))) 626b1c1858SJens Wiklanderifneq ($(CFG_TA_LIBGCC),y) 636b1c1858SJens Wiklander$(error C++ code depends on CFG_TA_LIBGCC=y) 646b1c1858SJens Wiklanderendif 6531b31015Sliushiweilink-ldflags += --eh-frame-hdr 6631b31015Sliushiweilink-ldadd += $(libstdc++$(sm)) $(libgcc_eh$(sm)) 6731b31015Sliushiweiendif 6831b31015Sliushiweilink-ldadd += --end-group 696b1c1858SJens Wiklanderifeq ($(CFG_TA_LIBGCC),y) 706b1c1858SJens Wiklanderlink-ldadd += $(libgcc$(sm)) 716b1c1858SJens Wiklanderendif 7231b31015Sliushiwei 7331b31015Sliushiweilink-ldadd-after-libgcc += $(addprefix -l,$(libnames-after-libgcc)) 7431b31015Sliushiwei 7531b31015Sliushiweildargs-$(user-ta-uuid).elf := $(link-ldflags) $(objs) $(link-ldadd) \ 766b1c1858SJens Wiklander $(link-ldadd-after-libgcc) 7731b31015Sliushiwei 7831b31015Sliushiweilink-script-cppflags-$(sm) := \ 7931b31015Sliushiwei $(filter-out $(CPPFLAGS_REMOVE) $(cppflags-remove), \ 8031b31015Sliushiwei $(nostdinc$(sm)) $(CPPFLAGS) \ 8131b31015Sliushiwei $(addprefix -I,$(incdirs$(sm)) $(link-out-dir$(sm))) \ 8231b31015Sliushiwei $(cppflags$(sm))) 8331b31015Sliushiwei 8431b31015Sliushiwei-include $(link-script-dep$(sm)) 8531b31015Sliushiwei 8631b31015Sliushiweilink-script-pp-makefiles$(sm) = $(filter-out %.d %.cmd,$(MAKEFILE_LIST)) 8731b31015Sliushiwei 8831b31015Sliushiweidefine gen-link-t 8931b31015Sliushiwei$(link-script-pp$(sm)): $(link-script$(sm)) $(conf-file) $(link-script-pp-makefiles$(sm)) 9031b31015Sliushiwei @$(cmd-echo-silent) ' CPP $$@' 9131b31015Sliushiwei $(q)mkdir -p $$(dir $$@) 920ae5ef34SThomas Bourgoin $(q)$(CPP$(sm)) -P -MT $$@ -MD -MP -MF $(link-script-dep$(sm)) \ 9331b31015Sliushiwei $(link-script-cppflags-$(sm)) $$< -o $$@ 9431b31015Sliushiwei 9531b31015Sliushiwei$(link-out-dir$(sm))/$(user-ta-uuid).elf: $(objs) $(libdeps) \ 9631b31015Sliushiwei $(libdeps-after-libgcc) \ 9731b31015Sliushiwei $(link-script-pp$(sm)) \ 9831b31015Sliushiwei $(dynlistdep) \ 9931b31015Sliushiwei $(additional-link-deps) 10031b31015Sliushiwei @$(cmd-echo-silent) ' LD $$@' 10131b31015Sliushiwei $(q)$(LD$(sm)) $(ldargs-$(user-ta-uuid).elf) -o $$@ 10231b31015Sliushiwei 10331b31015Sliushiwei$(link-out-dir$(sm))/$(user-ta-uuid).dmp: \ 10431b31015Sliushiwei $(link-out-dir$(sm))/$(user-ta-uuid).elf 10531b31015Sliushiwei @$(cmd-echo-silent) ' OBJDUMP $$@' 10631b31015Sliushiwei $(q)$(OBJDUMP$(sm)) -l -x -d $$< > $$@ 10731b31015Sliushiwei 10831b31015Sliushiwei$(link-out-dir$(sm))/$(user-ta-uuid).stripped.elf: \ 10931b31015Sliushiwei $(link-out-dir$(sm))/$(user-ta-uuid).elf 11031b31015Sliushiwei @$(cmd-echo-silent) ' OBJCOPY $$@' 11131b31015Sliushiwei $(q)$(OBJCOPY$(sm)) --strip-unneeded $$< $$@ 11231b31015Sliushiwei 11331b31015Sliushiweicmd-echo$(user-ta-uuid) := SIGN # 11431b31015Sliushiweiifeq ($(CFG_ENCRYPT_TA),y) 11531b31015Sliushiweicrypt-args$(user-ta-uuid) := --enc-key $(TA_ENC_KEY) 11631b31015Sliushiweicmd-echo$(user-ta-uuid) := SIGNENC 11731b31015Sliushiweiendif 11831b31015Sliushiwei$(link-out-dir$(sm))/$(user-ta-uuid).ta: \ 11931b31015Sliushiwei $(link-out-dir$(sm))/$(user-ta-uuid).stripped.elf \ 12031b31015Sliushiwei $(TA_SIGN_KEY) $(TA_SUBKEY_DEPS) \ 12131b31015Sliushiwei $(lastword $(SIGN_ENC)) 12231b31015Sliushiwei @$(cmd-echo-silent) ' $$(cmd-echo$(user-ta-uuid)) $$@' 12331b31015Sliushiwei $(q)$(SIGN_ENC) --key $(TA_SIGN_KEY) $(TA_SUBKEY_ARGS) \ 12431b31015Sliushiwei $$(crypt-args$(user-ta-uuid)) \ 12531b31015Sliushiwei --uuid $(user-ta-uuid) --ta-version $(user-ta-version) \ 12631b31015Sliushiwei --in $$< --out $$@ 12731b31015Sliushiweiendef 12831b31015Sliushiwei 12931b31015Sliushiwei$(eval $(call gen-link-t)) 13031b31015Sliushiwei 13131b31015Sliushiweiadditional-link-deps := 132