xref: /rk3399_ARM-atf/docs/getting_started/build-options.rst (revision d9e984cc30cdedafe39b4730152581c88abff724) 
1Build Options
2=============
3
4The TF-A build system supports the following build options. Unless mentioned
5otherwise, these options are expected to be specified at the build command
6line and are not to be modified in any component makefiles. Note that the
7build system doesn't track dependency for build options. Therefore, if any of
8the build options are changed from a previous build, a clean build must be
9performed.
10
11.. _build_options_common:
12
13Common build options
14--------------------
15
16-  ``AARCH32_INSTRUCTION_SET``: Choose the AArch32 instruction set that the
17   compiler should use. Valid values are T32 and A32. It defaults to T32 due to
18   code having a smaller resulting size.
19
20-  ``AARCH32_SP`` : Choose the AArch32 Secure Payload component to be built as
21   as the BL32 image when ``ARCH=aarch32``. The value should be the path to the
22   directory containing the SP source, relative to the ``bl32/``; the directory
23   is expected to contain a makefile called ``<aarch32_sp-value>.mk``.
24
25-  ``AMU_RESTRICT_COUNTERS``: Register reads to the group 1 counters will return
26   zero at all but the highest implemented exception level.  Reads from the
27   memory mapped view are unaffected by this control.
28
29-  ``ARCH`` : Choose the target build architecture for TF-A. It can take either
30   ``aarch64`` or ``aarch32`` as values. By default, it is defined to
31   ``aarch64``.
32
33-  ``ARM_ARCH_FEATURE``: Optional Arm Architecture build option which specifies
34   one or more feature modifiers. This option has the form ``[no]feature+...``
35   and defaults to ``none``. It translates into compiler option
36   ``-march=armvX[.Y]-a+[no]feature+...``. See compiler's documentation for the
37   list of supported feature modifiers.
38
39-  ``ARM_ARCH_MAJOR``: The major version of Arm Architecture to target when
40   compiling TF-A. Its value must be numeric, and defaults to 8 . See also,
41   *Armv8 Architecture Extensions* and *Armv7 Architecture Extensions* in
42   :ref:`Firmware Design`.
43
44-  ``ARM_ARCH_MINOR``: The minor version of Arm Architecture to target when
45   compiling TF-A. Its value must be a numeric, and defaults to 0. See also,
46   *Armv8 Architecture Extensions* in :ref:`Firmware Design`.
47
48-  ``BL2``: This is an optional build option which specifies the path to BL2
49   image for the ``fip`` target. In this case, the BL2 in the TF-A will not be
50   built.
51
52-  ``BL2U``: This is an optional build option which specifies the path to
53   BL2U image. In this case, the BL2U in TF-A will not be built.
54
55-  ``BL2_AT_EL3``: This is an optional build option that enables the use of
56   BL2 at EL3 execution level.
57
58-  ``BL2_ENABLE_SP_LOAD``: Boolean option to enable loading SP packages from the
59   FIP. Automatically enabled if ``SP_LAYOUT_FILE`` is provided.
60
61-  ``BL2_IN_XIP_MEM``: In some use-cases BL2 will be stored in eXecute In Place
62   (XIP) memory, like BL1. In these use-cases, it is necessary to initialize
63   the RW sections in RAM, while leaving the RO sections in place. This option
64   enable this use-case. For now, this option is only supported when BL2_AT_EL3
65   is set to '1'.
66
67-  ``BL31``: This is an optional build option which specifies the path to
68   BL31 image for the ``fip`` target. In this case, the BL31 in TF-A will not
69   be built.
70
71-  ``BL31_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
72   file that contains the BL31 private key in PEM format. If ``SAVE_KEYS=1``,
73   this file name will be used to save the key.
74
75-  ``BL32``: This is an optional build option which specifies the path to
76   BL32 image for the ``fip`` target. In this case, the BL32 in TF-A will not
77   be built.
78
79-  ``BL32_EXTRA1``: This is an optional build option which specifies the path to
80   Trusted OS Extra1 image for the  ``fip`` target.
81
82-  ``BL32_EXTRA2``: This is an optional build option which specifies the path to
83   Trusted OS Extra2 image for the ``fip`` target.
84
85-  ``BL32_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
86   file that contains the BL32 private key in PEM format. If ``SAVE_KEYS=1``,
87   this file name will be used to save the key.
88
89-  ``BL33``: Path to BL33 image in the host file system. This is mandatory for
90   ``fip`` target in case TF-A BL2 is used.
91
92-  ``BL33_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
93   file that contains the BL33 private key in PEM format. If ``SAVE_KEYS=1``,
94   this file name will be used to save the key.
95
96-  ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication
97   and ARMv8.5 Branch Target Identification support for TF-A BL images themselves.
98   If enabled, it is needed to use a compiler that supports the option
99   ``-mbranch-protection``. Selects the branch protection features to use:
100-  0: Default value turns off all types of branch protection
101-  1: Enables all types of branch protection features
102-  2: Return address signing to its standard level
103-  3: Extend the signing to include leaf functions
104-  4: Turn on branch target identification mechanism
105
106   The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options
107   and resulting PAuth/BTI features.
108
109   +-------+--------------+-------+-----+
110   | Value |  GCC option  | PAuth | BTI |
111   +=======+==============+=======+=====+
112   |   0   |     none     |   N   |  N  |
113   +-------+--------------+-------+-----+
114   |   1   |   standard   |   Y   |  Y  |
115   +-------+--------------+-------+-----+
116   |   2   |   pac-ret    |   Y   |  N  |
117   +-------+--------------+-------+-----+
118   |   3   | pac-ret+leaf |   Y   |  N  |
119   +-------+--------------+-------+-----+
120   |   4   |     bti      |   N   |  Y  |
121   +-------+--------------+-------+-----+
122
123   This option defaults to 0.
124   Note that Pointer Authentication is enabled for Non-secure world
125   irrespective of the value of this option if the CPU supports it.
126
127-  ``BUILD_MESSAGE_TIMESTAMP``: String used to identify the time and date of the
128   compilation of each build. It must be set to a C string (including quotes
129   where applicable). Defaults to a string that contains the time and date of
130   the compilation.
131
132-  ``BUILD_STRING``: Input string for VERSION_STRING, which allows the TF-A
133   build to be uniquely identified. Defaults to the current git commit id.
134
135-  ``BUILD_BASE``: Output directory for the build. Defaults to ``./build``
136
137-  ``CFLAGS``: Extra user options appended on the compiler's command line in
138   addition to the options set by the build system.
139
140-  ``COLD_BOOT_SINGLE_CPU``: This option indicates whether the platform may
141   release several CPUs out of reset. It can take either 0 (several CPUs may be
142   brought up) or 1 (only one CPU will ever be brought up during cold reset).
143   Default is 0. If the platform always brings up a single CPU, there is no
144   need to distinguish between primary and secondary CPUs and the boot path can
145   be optimised. The ``plat_is_my_cpu_primary()`` and
146   ``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
147   to be implemented in this case.
148
149-  ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
150   Defaults to ``tbbr``.
151
152-  ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
153   register state when an unexpected exception occurs during execution of
154   BL31. This option defaults to the value of ``DEBUG`` - i.e. by default
155   this is only enabled for a debug build of the firmware.
156
157-  ``CREATE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
158   certificate generation tool to create new keys in case no valid keys are
159   present or specified. Allowed options are '0' or '1'. Default is '1'.
160
161-  ``CTX_INCLUDE_AARCH32_REGS`` : Boolean option that, when set to 1, will cause
162   the AArch32 system registers to be included when saving and restoring the
163   CPU context. The option must be set to 0 for AArch64-only platforms (that
164   is on hardware that does not implement AArch32, or at least not at EL1 and
165   higher ELs). Default value is 1.
166
167-  ``CTX_INCLUDE_EL2_REGS`` : This boolean option provides context save/restore
168   operations when entering/exiting an EL2 execution context. This is of primary
169   interest when Armv8.4-SecEL2 extension is implemented. Default is 0 (disabled).
170   This option must be equal to 1 (enabled) when ``SPD=spmd`` and
171   ``SPMD_SPM_AT_SEL2`` is set.
172
173-  ``CTX_INCLUDE_FPREGS``: Boolean option that, when set to 1, will cause the FP
174   registers to be included when saving and restoring the CPU context. Default
175   is 0.
176
177-  ``CTX_INCLUDE_MTE_REGS``: Numeric value to include Memory Tagging Extension
178   registers in cpu context. This must be enabled, if the platform wants to use
179   this feature in the Secure world and MTE is enabled at ELX. This flag can
180   take values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
181   Default value is 0.
182
183-  ``CTX_INCLUDE_NEVE_REGS``: Numeric value, when set will cause the Armv8.4-NV
184   registers to be saved/restored when entering/exiting an EL2 execution
185   context. This flag can take values 0 to 2, to align with the
186   ``FEATURE_DETECTION`` mechanism. Default value is 0.
187
188-  ``CTX_INCLUDE_PAUTH_REGS``: Numeric value to enable the Pointer
189   Authentication for Secure world. This will cause the ARMv8.3-PAuth registers
190   to be included when saving and restoring the CPU context as part of world
191   switch. This flag can take values 0 to 2, to align with ``FEATURE_DETECTION``
192   mechanism. Default value is 0.
193
194   Note that Pointer Authentication is enabled for Non-secure world irrespective
195   of the value of this flag if the CPU supports it.
196
197-  ``DEBUG``: Chooses between a debug and release build. It can take either 0
198   (release) or 1 (debug) as values. 0 is the default.
199
200-  ``DECRYPTION_SUPPORT``: This build flag enables the user to select the
201   authenticated decryption algorithm to be used to decrypt firmware/s during
202   boot. It accepts 2 values: ``aes_gcm`` and ``none``. The default value of
203   this flag is ``none`` to disable firmware decryption which is an optional
204   feature as per TBBR.
205
206-  ``DISABLE_BIN_GENERATION``: Boolean option to disable the generation
207   of the binary image. If set to 1, then only the ELF image is built.
208   0 is the default.
209
210-  ``DISABLE_MTPMU``: Boolean option to disable FEAT_MTPMU if implemented
211   (Armv8.6 onwards). Its default value is 0 to keep consistency with platforms
212   that do not implement FEAT_MTPMU. For more information on FEAT_MTPMU,
213   check the latest Arm ARM.
214
215-  ``DYN_DISABLE_AUTH``: Provides the capability to dynamically disable Trusted
216   Board Boot authentication at runtime. This option is meant to be enabled only
217   for development platforms. ``TRUSTED_BOARD_BOOT`` flag must be set if this
218   flag has to be enabled. 0 is the default.
219
220-  ``E``: Boolean option to make warnings into errors. Default is 1.
221
222-  ``EL3_PAYLOAD_BASE``: This option enables booting an EL3 payload instead of
223   the normal boot flow. It must specify the entry point address of the EL3
224   payload. Please refer to the "Booting an EL3 payload" section for more
225   details.
226
227-  ``ENABLE_AMU``: Boolean option to enable Activity Monitor Unit extensions.
228   This is an optional architectural feature available on v8.4 onwards. Some
229   v8.2 implementations also implement an AMU and this option can be used to
230   enable this feature on those systems as well. Default is 0.
231
232-  ``ENABLE_AMU_AUXILIARY_COUNTERS``: Enables support for AMU auxiliary counters
233   (also known as group 1 counters). These are implementation-defined counters,
234   and as such require additional platform configuration. Default is 0.
235
236-  ``ENABLE_AMU_FCONF``: Enables configuration of the AMU through FCONF, which
237   allows platforms with auxiliary counters to describe them via the
238   ``HW_CONFIG`` device tree blob. Default is 0.
239
240-  ``ENABLE_ASSERTIONS``: This option controls whether or not calls to ``assert()``
241   are compiled out. For debug builds, this option defaults to 1, and calls to
242   ``assert()`` are left in place. For release builds, this option defaults to 0
243   and calls to ``assert()`` function are compiled out. This option can be set
244   independently of ``DEBUG``. It can also be used to hide any auxiliary code
245   that is only required for the assertion and does not fit in the assertion
246   itself.
247
248-  ``ENABLE_BACKTRACE``: This option controls whether to enable backtrace
249   dumps or not. It is supported in both AArch64 and AArch32. However, in
250   AArch32 the format of the frame records are not defined in the AAPCS and they
251   are defined by the implementation. This implementation of backtrace only
252   supports the format used by GCC when T32 interworking is disabled. For this
253   reason enabling this option in AArch32 will force the compiler to only
254   generate A32 code. This option is enabled by default only in AArch64 debug
255   builds, but this behaviour can be overridden in each platform's Makefile or
256   in the build command line.
257
258-  ``ENABLE_FEAT_AMUv1``: Numeric value to enable access to the HAFGRTR_EL2
259   (Hypervisor Activity Monitors Fine-Grained Read Trap Register) during EL2
260   to EL3 context save/restore operations. This flag can take the values 0 to 2,
261   to align with the ``FEATURE_DETECTION`` mechanism. It is an optional feature
262   available on v8.4 and onwards and must be set to either 1 or 2 alongside
263   ``ENABLE_FEAT_FGT``, to access the HAFGRTR_EL2 register.
264   Default value is ``0``.
265
266-  ``ENABLE_FEAT_AMUv1p1``: Numeric value to enable the ``FEAT_AMUv1p1``
267   extension. ``FEAT_AMUv1p1`` is an optional feature available on Arm v8.6
268   onwards. This flag can take the values 0 to 2, to align with the
269   ``FEATURE_DETECTION`` mechanism. Default value is ``0``.
270
271-  ``ENABLE_FEAT_CSV2_2``: Numeric value to enable the ``FEAT_CSV2_2``
272   extension. It allows access to the SCXTNUM_EL2 (Software Context Number)
273   register during EL2 context save/restore operations. ``FEAT_CSV2_2`` is an
274   optional feature available on Arm v8.0 onwards. This flag can take values
275   0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
276   Default value is ``0``.
277
278-  ``ENABLE_FEAT_DIT``: Numeric value to enable ``FEAT_DIT`` (Data Independent
279   Timing) extension. It allows setting the ``DIT`` bit of PSTATE in EL3.
280   ``FEAT_DIT`` is a mandatory  architectural feature and is enabled from v8.4
281   and upwards. This flag can take the values 0 to 2, to align  with the
282   ``FEATURE_DETECTION`` mechanism. Default value is ``0``.
283
284-  ``ENABLE_FEAT_ECV``: Numeric value to enable support for the Enhanced Counter
285   Virtualization feature, allowing for access to the CNTPOFF_EL2 (Counter-timer
286   Physical Offset register) during EL2 to EL3 context save/restore operations.
287   Its a mandatory architectural feature and is enabled from v8.6 and upwards.
288   This flag can take the values 0 to 2, to align  with the ``FEATURE_DETECTION``
289   mechanism. Default value is ``0``.
290
291-  ``ENABLE_FEAT_FGT``: Numeric value to enable support for FGT (Fine Grain Traps)
292   feature allowing for access to the HDFGRTR_EL2 (Hypervisor Debug Fine-Grained
293   Read Trap Register) during EL2 to EL3 context save/restore operations.
294   Its a mandatory architectural feature and is enabled from v8.6 and upwards.
295   This flag can take the values 0 to 2, to align  with the ``FEATURE_DETECTION``
296   mechanism. Default value is ``0``.
297
298-  ``ENABLE_FEAT_HCX``: Numeric value to set the bit SCR_EL3.HXEn in EL3 to
299   allow access to HCRX_EL2 (extended hypervisor control register) from EL2 as
300   well as adding HCRX_EL2 to the EL2 context save/restore operations. Its a
301   mandatory architectural feature and is enabled from v8.7 and upwards. This
302   flag can take the values 0 to 2, to align  with the ``FEATURE_DETECTION``
303   mechanism. Default value is ``0``.
304
305-  ``ENABLE_FEAT_PAN``: Numeric value to enable the ``FEAT_PAN`` (Privileged
306   Access Never) extension. ``FEAT_PAN`` adds a bit to PSTATE, generating a
307   permission fault for any privileged data access from EL1/EL2 to virtual
308   memory address, accessible at EL0, provided (HCR_EL2.E2H=1). It is a
309   mandatory architectural feature and is enabled from v8.1 and upwards. This
310   flag can take values 0 to 2, to align  with the ``FEATURE_DETECTION``
311   mechanism. Default value is ``0``.
312
313-  ``ENABLE_FEAT_RNG``: Numeric value to enable the ``FEAT_RNG`` extension.
314   ``FEAT_RNG`` is an optional feature available on Arm v8.5 onwards. This
315   flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
316   mechanism. Default is ``0``.
317
318-  ``ENABLE_FEAT_SB``: Numeric value to enable the ``FEAT_SB`` (Speculation
319   Barrier) extension allowing access to ``sb`` instruction. ``FEAT_SB`` is an
320   optional feature and defaults to ``0`` for pre-Armv8.5 CPUs but are mandatory
321   for Armv8.5 or later CPUs. This flag can take values 0 to 2, to align with
322   ``FEATURE_DETECTION`` mechanism. It is enabled from v8.5 and upwards and if
323   needed could be overidden from platforms explicitly. Default value is ``0``.
324
325-  ``ENABLE_FEAT_SEL2``: Numeric value to enable the ``FEAT_SEL2`` (Secure EL2)
326   extension. ``FEAT_SEL2`` is a mandatory feature available on Arm v8.4.
327   This flag can take values 0 to 2, to align with the ``FEATURE_DETECTION``
328   mechanism. Default is ``0``.
329
330-  ``ENABLE_FEAT_VHE``: Numeric value to enable the ``FEAT_VHE`` (Virtualization
331   Host Extensions) extension. It allows access to CONTEXTIDR_EL2 register
332   during EL2 context save/restore operations.``FEAT_VHE`` is a mandatory
333   architectural feature and is enabled from v8.1 and upwards. It can take
334   values 0 to 2, to align  with the ``FEATURE_DETECTION`` mechanism.
335   Default value is ``0``.
336
337-  ``ENABLE_LTO``: Boolean option to enable Link Time Optimization (LTO)
338   support in GCC for TF-A. This option is currently only supported for
339   AArch64. Default is 0.
340
341-  ``ENABLE_MPAM_FOR_LOWER_ELS``: Numeric value to enable lower ELs to use MPAM
342   feature. MPAM is an optional Armv8.4 extension that enables various memory
343   system components and resources to define partitions; software running at
344   various ELs can assign themselves to desired partition to control their
345   performance aspects.
346
347   This flag can take values 0 to 2, to align  with the ``FEATURE_DETECTION``
348   mechanism. When this option is set to ``1`` or ``2``, EL3 allows lower ELs to
349   access their own MPAM registers without trapping into EL3. This option
350   doesn't make use of partitioning in EL3, however. Platform initialisation
351   code should configure and use partitions in EL3 as required. This option
352   defaults to ``0``.
353
354-  ``ENABLE_MPMM``: Boolean option to enable support for the Maximum Power
355   Mitigation Mechanism supported by certain Arm cores, which allows the SoC
356   firmware to detect and limit high activity events to assist in SoC processor
357   power domain dynamic power budgeting and limit the triggering of whole-rail
358   (i.e. clock chopping) responses to overcurrent conditions. Defaults to ``0``.
359
360-  ``ENABLE_MPMM_FCONF``: Enables configuration of MPMM through FCONF, which
361   allows platforms with cores supporting MPMM to describe them via the
362   ``HW_CONFIG`` device tree blob. Default is 0.
363
364-  ``ENABLE_PIE``: Boolean option to enable Position Independent Executable(PIE)
365   support within generic code in TF-A. This option is currently only supported
366   in BL2_AT_EL3, BL31, and BL32 (TSP) for AARCH64 binaries, and in BL32
367   (SP_min) for AARCH32. Default is 0.
368
369-  ``ENABLE_PMF``: Boolean option to enable support for optional Performance
370   Measurement Framework(PMF). Default is 0.
371
372-  ``ENABLE_PSCI_STAT``: Boolean option to enable support for optional PSCI
373   functions ``PSCI_STAT_RESIDENCY`` and ``PSCI_STAT_COUNT``. Default is 0.
374   In the absence of an alternate stat collection backend, ``ENABLE_PMF`` must
375   be enabled. If ``ENABLE_PMF`` is set, the residency statistics are tracked in
376   software.
377
378- ``ENABLE_RME``: Numeric value to enable support for the ARMv9 Realm
379   Management Extension. This flag can take the values 0 to 2, to align with
380   the ``FEATURE_DETECTION`` mechanism. Default value is 0. This is currently
381   an experimental feature.
382
383-  ``ENABLE_RUNTIME_INSTRUMENTATION``: Boolean option to enable runtime
384   instrumentation which injects timestamp collection points into TF-A to
385   allow runtime performance to be measured. Currently, only PSCI is
386   instrumented. Enabling this option enables the ``ENABLE_PMF`` build option
387   as well. Default is 0.
388
389-  ``ENABLE_SME_FOR_NS``: Boolean option to enable Scalable Matrix Extension
390   (SME), SVE, and FPU/SIMD for the non-secure world only. These features share
391   registers so are enabled together. Using this option without
392   ENABLE_SME_FOR_SWD=1 will cause SME, SVE, and FPU/SIMD instructions in secure
393   world to trap to EL3. SME is an optional architectural feature for AArch64
394   and TF-A support is experimental. At this time, this build option cannot be
395   used on systems that have SPD=spmd/SPM_MM or ENABLE_RME, and attempting to
396   build with these options will fail. Default is 0.
397
398-  ``ENABLE_SME_FOR_SWD``: Boolean option to enable the Scalable Matrix
399   Extension for secure world use along with SVE and FPU/SIMD, ENABLE_SME_FOR_NS
400   must also be set to use this. If enabling this, the secure world MUST
401   handle context switching for SME, SVE, and FPU/SIMD registers to ensure that
402   no data is leaked to non-secure world. This is experimental. Default is 0.
403
404-  ``ENABLE_SPE_FOR_LOWER_ELS`` : Boolean option to enable Statistical Profiling
405   extensions. This is an optional architectural feature for AArch64.
406   The default is 1 but is automatically disabled when the target architecture
407   is AArch32.
408
409-  ``ENABLE_SVE_FOR_NS``: Boolean option to enable Scalable Vector Extension
410   (SVE) for the Non-secure world only. SVE is an optional architectural feature
411   for AArch64. Note that when SVE is enabled for the Non-secure world, access
412   to SIMD and floating-point functionality from the Secure world is disabled by
413   default and controlled with ENABLE_SVE_FOR_SWD.
414   This is to avoid corruption of the Non-secure world data in the Z-registers
415   which are aliased by the SIMD and FP registers. The build option is not
416   compatible with the ``CTX_INCLUDE_FPREGS`` build option, and will raise an
417   assert on platforms where SVE is implemented and ``ENABLE_SVE_FOR_NS`` set to
418   1. The default is 1 but is automatically disabled when ENABLE_SME_FOR_NS=1
419   since SME encompasses SVE. At this time, this build option cannot be used on
420   systems that have SPM_MM enabled.
421
422-  ``ENABLE_SVE_FOR_SWD``: Boolean option to enable SVE for the Secure world.
423   SVE is an optional architectural feature for AArch64. Note that this option
424   requires ENABLE_SVE_FOR_NS to be enabled. The default is 0 and it
425   is automatically disabled when the target architecture is AArch32.
426
427-  ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
428   checks in GCC. Allowed values are "all", "strong", "default" and "none". The
429   default value is set to "none". "strong" is the recommended stack protection
430   level if this feature is desired. "none" disables the stack protection. For
431   all values other than "none", the ``plat_get_stack_protector_canary()``
432   platform hook needs to be implemented. The value is passed as the last
433   component of the option ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
434
435-  ``ENCRYPT_BL31``: Binary flag to enable encryption of BL31 firmware. This
436   flag depends on ``DECRYPTION_SUPPORT`` build flag.
437
438-  ``ENCRYPT_BL32``: Binary flag to enable encryption of Secure BL32 payload.
439   This flag depends on ``DECRYPTION_SUPPORT`` build flag.
440
441-  ``ENC_KEY``: A 32-byte (256-bit) symmetric key in hex string format. It could
442   either be SSK or BSSK depending on ``FW_ENC_STATUS`` flag. This value depends
443   on ``DECRYPTION_SUPPORT`` build flag.
444
445-  ``ENC_NONCE``: A 12-byte (96-bit) encryption nonce or Initialization Vector
446   (IV) in hex string format. This value depends on ``DECRYPTION_SUPPORT``
447   build flag.
448
449-  ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
450   deprecated platform APIs, helper functions or drivers within Trusted
451   Firmware as error. It can take the value 1 (flag the use of deprecated
452   APIs as error) or 0. The default is 0.
453
454-  ``EL3_EXCEPTION_HANDLING``: When set to ``1``, enable handling of exceptions
455   targeted at EL3. When set ``0`` (default), no exceptions are expected or
456   handled at EL3, and a panic will result. This is supported only for AArch64
457   builds.
458
459-  ``EVENT_LOG_LEVEL``: Chooses the log level to use for Measured Boot when
460   ``MEASURED_BOOT`` is enabled. For a list of valid values, see ``LOG_LEVEL``.
461   Default value is 40 (LOG_LEVEL_INFO).
462
463-  ``FAULT_INJECTION_SUPPORT``: ARMv8.4 extensions introduced support for fault
464   injection from lower ELs, and this build option enables lower ELs to use
465   Error Records accessed via System Registers to inject faults. This is
466   applicable only to AArch64 builds.
467
468   This feature is intended for testing purposes only, and is advisable to keep
469   disabled for production images.
470
471-  ``FEATURE_DETECTION``: Boolean option to enable the architectural features
472   detection mechanism. It detects whether the Architectural features enabled
473   through feature specific build flags are supported by the PE or not by
474   validating them either at boot phase or at runtime based on the value
475   possessed by the feature flag (0 to 2) and report error messages at an early
476   stage.
477
478   This prevents and benefits us from EL3 runtime exceptions during context save
479   and restore routines guarded by these build flags. Henceforth validating them
480   before their usage provides more control on the actions taken under them.
481
482   The mechanism permits the build flags to take values 0, 1 or 2 and
483   evaluates them accordingly.
484
485   Lets consider ``ENABLE_FEAT_HCX``, build flag for ``FEAT_HCX`` as an example:
486
487   ::
488
489     ENABLE_FEAT_HCX = 0: Feature disabled statically at compile time.
490     ENABLE_FEAT_HCX = 1: Feature Enabled and the flag is validated at boottime.
491     ENABLE_FEAT_HCX = 2: Feature Enabled and the flag is validated at runtime.
492
493   In the above example, if the feature build flag, ``ENABLE_FEAT_HCX`` set to
494   0, feature is disabled statically during compilation. If it is defined as 1,
495   feature is validated, wherein FEAT_HCX is detected at boot time. In case not
496   implemented by the PE, a hard panic is generated. Finally, if the flag is set
497   to 2, feature is validated at runtime.
498
499   Note that the entire implementation is divided into two phases, wherein as
500   as part of phase-1 we are supporting the values 0,1. Value 2 is currently not
501   supported and is planned to be handled explicilty in phase-2 implementation.
502
503   FEATURE_DETECTION macro is disabled by default, and is currently an
504   experimental procedure. Platforms can explicitly make use of this by
505   mechanism, by enabling it to validate whether they have set their build flags
506   properly at an early phase.
507
508-  ``FIP_NAME``: This is an optional build option which specifies the FIP
509   filename for the ``fip`` target. Default is ``fip.bin``.
510
511-  ``FWU_FIP_NAME``: This is an optional build option which specifies the FWU
512   FIP filename for the ``fwu_fip`` target. Default is ``fwu_fip.bin``.
513
514-  ``FW_ENC_STATUS``: Top level firmware's encryption numeric flag, values:
515
516   ::
517
518     0: Encryption is done with Secret Symmetric Key (SSK) which is common
519        for a class of devices.
520     1: Encryption is done with Binding Secret Symmetric Key (BSSK) which is
521        unique per device.
522
523   This flag depends on ``DECRYPTION_SUPPORT`` build flag.
524
525-  ``GENERATE_COT``: Boolean flag used to build and execute the ``cert_create``
526   tool to create certificates as per the Chain of Trust described in
527   :ref:`Trusted Board Boot`. The build system then calls ``fiptool`` to
528   include the certificates in the FIP and FWU_FIP. Default value is '0'.
529
530   Specify both ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=1`` to include support
531   for the Trusted Board Boot feature in the BL1 and BL2 images, to generate
532   the corresponding certificates, and to include those certificates in the
533   FIP and FWU_FIP.
534
535   Note that if ``TRUSTED_BOARD_BOOT=0`` and ``GENERATE_COT=1``, the BL1 and BL2
536   images will not include support for Trusted Board Boot. The FIP will still
537   include the corresponding certificates. This FIP can be used to verify the
538   Chain of Trust on the host machine through other mechanisms.
539
540   Note that if ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=0``, the BL1 and BL2
541   images will include support for Trusted Board Boot, but the FIP and FWU_FIP
542   will not include the corresponding certificates, causing a boot failure.
543
544-  ``GICV2_G0_FOR_EL3``: Unlike GICv3, the GICv2 architecture doesn't have
545   inherent support for specific EL3 type interrupts. Setting this build option
546   to ``1`` assumes GICv2 *Group 0* interrupts are expected to target EL3, both
547   by :ref:`platform abstraction layer<platform Interrupt Controller API>` and
548   :ref:`Interrupt Management Framework<Interrupt Management Framework>`.
549   This allows GICv2 platforms to enable features requiring EL3 interrupt type.
550   This also means that all GICv2 Group 0 interrupts are delivered to EL3, and
551   the Secure Payload interrupts needs to be synchronously handed over to Secure
552   EL1 for handling. The default value of this option is ``0``, which means the
553   Group 0 interrupts are assumed to be handled by Secure EL1.
554
555-  ``HANDLE_EA_EL3_FIRST``: When set to ``1``, External Aborts and SError
556   Interrupts will be always trapped in EL3 i.e. in BL31 at runtime. When set to
557   ``0`` (default), these exceptions will be trapped in the current exception
558   level (or in EL1 if the current exception level is EL0).
559
560-  ``HW_ASSISTED_COHERENCY``: On most Arm systems to-date, platform-specific
561   software operations are required for CPUs to enter and exit coherency.
562   However, newer systems exist where CPUs' entry to and exit from coherency
563   is managed in hardware. Such systems require software to only initiate these
564   operations, and the rest is managed in hardware, minimizing active software
565   management. In such systems, this boolean option enables TF-A to carry out
566   build and run-time optimizations during boot and power management operations.
567   This option defaults to 0 and if it is enabled, then it implies
568   ``WARMBOOT_ENABLE_DCACHE_EARLY`` is also enabled.
569
570   If this flag is disabled while the platform which TF-A is compiled for
571   includes cores that manage coherency in hardware, then a compilation error is
572   generated. This is based on the fact that a system cannot have, at the same
573   time, cores that manage coherency in hardware and cores that don't. In other
574   words, a platform cannot have, at the same time, cores that require
575   ``HW_ASSISTED_COHERENCY=1`` and cores that require
576   ``HW_ASSISTED_COHERENCY=0``.
577
578   Note that, when ``HW_ASSISTED_COHERENCY`` is enabled, version 2 of
579   translation library (xlat tables v2) must be used; version 1 of translation
580   library is not supported.
581
582-  ``INVERTED_MEMMAP``: memmap tool print by default lower addresses at the
583   bottom, higher addresses at the top. This build flag can be set to '1' to
584   invert this behavior. Lower addresses will be printed at the top and higher
585   addresses at the bottom.
586
587-  ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
588   runtime software in AArch32 mode, which is required to run AArch32 on Juno.
589   By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
590   AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
591   images.
592
593-  ``KEY_ALG``: This build flag enables the user to select the algorithm to be
594   used for generating the PKCS keys and subsequent signing of the certificate.
595   It accepts 3 values: ``rsa``, ``rsa_1_5`` and ``ecdsa``. The option
596   ``rsa_1_5`` is the legacy PKCS#1 RSA 1.5 algorithm which is not TBBR
597   compliant and is retained only for compatibility. The default value of this
598   flag is ``rsa`` which is the TBBR compliant PKCS#1 RSA 2.1 scheme.
599
600-  ``KEY_SIZE``: This build flag enables the user to select the key size for
601   the algorithm specified by ``KEY_ALG``. The valid values for ``KEY_SIZE``
602   depend on the chosen algorithm and the cryptographic module.
603
604   +-----------+------------------------------------+
605   |  KEY_ALG  |        Possible key sizes          |
606   +===========+====================================+
607   |    rsa    | 1024 , 2048 (default), 3072, 4096* |
608   +-----------+------------------------------------+
609   |   ecdsa   |            unavailable             |
610   +-----------+------------------------------------+
611
612   * Only 2048 bits size is available with CryptoCell 712 SBROM release 1.
613     Only 3072 bits size is available with CryptoCell 712 SBROM release 2.
614
615-  ``HASH_ALG``: This build flag enables the user to select the secure hash
616   algorithm. It accepts 3 values: ``sha256``, ``sha384`` and ``sha512``.
617   The default value of this flag is ``sha256``.
618
619-  ``LDFLAGS``: Extra user options appended to the linkers' command line in
620   addition to the one set by the build system.
621
622-  ``LOG_LEVEL``: Chooses the log level, which controls the amount of console log
623   output compiled into the build. This should be one of the following:
624
625   ::
626
627       0  (LOG_LEVEL_NONE)
628       10 (LOG_LEVEL_ERROR)
629       20 (LOG_LEVEL_NOTICE)
630       30 (LOG_LEVEL_WARNING)
631       40 (LOG_LEVEL_INFO)
632       50 (LOG_LEVEL_VERBOSE)
633
634   All log output up to and including the selected log level is compiled into
635   the build. The default value is 40 in debug builds and 20 in release builds.
636
637-  ``MEASURED_BOOT``: Boolean flag to include support for the Measured Boot
638   feature. This flag can be enabled with ``TRUSTED_BOARD_BOOT`` in order to
639   provide trust that the code taking the measurements and recording them has
640   not been tampered with.
641
642   This option defaults to 0.
643
644-  ``NON_TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
645   specifies the file that contains the Non-Trusted World private key in PEM
646   format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
647
648-  ``NS_BL2U``: Path to NS_BL2U image in the host file system. This image is
649   optional. It is only needed if the platform makefile specifies that it
650   is required in order to build the ``fwu_fip`` target.
651
652-  ``NS_TIMER_SWITCH``: Enable save and restore for non-secure timer register
653   contents upon world switch. It can take either 0 (don't save and restore) or
654   1 (do save and restore). 0 is the default. An SPD may set this to 1 if it
655   wants the timer registers to be saved and restored.
656
657-  ``OVERRIDE_LIBC``: This option allows platforms to override the default libc
658   for the BL image. It can be either 0 (include) or 1 (remove). The default
659   value is 0.
660
661-  ``PL011_GENERIC_UART``: Boolean option to indicate the PL011 driver that
662   the underlying hardware is not a full PL011 UART but a minimally compliant
663   generic UART, which is a subset of the PL011. The driver will not access
664   any register that is not part of the SBSA generic UART specification.
665   Default value is 0 (a full PL011 compliant UART is present).
666
667-  ``PLAT``: Choose a platform to build TF-A for. The chosen platform name
668   must be subdirectory of any depth under ``plat/``, and must contain a
669   platform makefile named ``platform.mk``. For example, to build TF-A for the
670   Arm Juno board, select PLAT=juno.
671
672-  ``PRELOADED_BL33_BASE``: This option enables booting a preloaded BL33 image
673   instead of the normal boot flow. When defined, it must specify the entry
674   point address for the preloaded BL33 image. This option is incompatible with
675   ``EL3_PAYLOAD_BASE``. If both are defined, ``EL3_PAYLOAD_BASE`` has priority
676   over ``PRELOADED_BL33_BASE``.
677
678-  ``PROGRAMMABLE_RESET_ADDRESS``: This option indicates whether the reset
679   vector address can be programmed or is fixed on the platform. It can take
680   either 0 (fixed) or 1 (programmable). Default is 0. If the platform has a
681   programmable reset address, it is expected that a CPU will start executing
682   code directly at the right address, both on a cold and warm reset. In this
683   case, there is no need to identify the entrypoint on boot and the boot path
684   can be optimised. The ``plat_get_my_entrypoint()`` platform porting interface
685   does not need to be implemented in this case.
686
687-  ``PSCI_EXTENDED_STATE_ID``: As per PSCI1.0 Specification, there are 2 formats
688   possible for the PSCI power-state parameter: original and extended State-ID
689   formats. This flag if set to 1, configures the generic PSCI layer to use the
690   extended format. The default value of this flag is 0, which means by default
691   the original power-state format is used by the PSCI implementation. This flag
692   should be specified by the platform makefile and it governs the return value
693   of PSCI_FEATURES API for CPU_SUSPEND smc function id. When this option is
694   enabled on Arm platforms, the option ``ARM_RECOM_STATE_ID_ENC`` needs to be
695   set to 1 as well.
696
697-  ``RAS_EXTENSION``: Numeric value to enable Armv8.2 RAS features. RAS features
698   are an optional extension for pre-Armv8.2 CPUs, but are mandatory for Armv8.2
699   or later CPUs. This flag can take the values 0 to 2, to align with the
700   ``FEATURE_DETECTION`` mechanism.
701
702   When ``RAS_EXTENSION`` is set to ``1``, ``HANDLE_EA_EL3_FIRST`` must also be
703   set to ``1``.
704
705   This option is disabled by default.
706
707-  ``RESET_TO_BL31``: Enable BL31 entrypoint as the CPU reset vector instead
708   of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
709   entrypoint) or 1 (CPU reset to BL31 entrypoint).
710   The default value is 0.
711
712-  ``RESET_TO_SP_MIN``: SP_MIN is the minimal AArch32 Secure Payload provided
713   in TF-A. This flag configures SP_MIN entrypoint as the CPU reset vector
714   instead of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
715   entrypoint) or 1 (CPU reset to SP_MIN entrypoint). The default value is 0.
716
717-  ``ROT_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
718   file that contains the ROT private key in PEM format and enforces public key
719   hash generation. If ``SAVE_KEYS=1``, this
720   file name will be used to save the key.
721
722-  ``SAVE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
723   certificate generation tool to save the keys used to establish the Chain of
724   Trust. Allowed options are '0' or '1'. Default is '0' (do not save).
725
726-  ``SCP_BL2``: Path to SCP_BL2 image in the host file system. This image is optional.
727   If a SCP_BL2 image is present then this option must be passed for the ``fip``
728   target.
729
730-  ``SCP_BL2_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
731   file that contains the SCP_BL2 private key in PEM format. If ``SAVE_KEYS=1``,
732   this file name will be used to save the key.
733
734-  ``SCP_BL2U``: Path to SCP_BL2U image in the host file system. This image is
735   optional. It is only needed if the platform makefile specifies that it
736   is required in order to build the ``fwu_fip`` target.
737
738-  ``SDEI_SUPPORT``: Setting this to ``1`` enables support for Software
739   Delegated Exception Interface to BL31 image. This defaults to ``0``.
740
741   When set to ``1``, the build option ``EL3_EXCEPTION_HANDLING`` must also be
742   set to ``1``.
743
744-  ``SEPARATE_CODE_AND_RODATA``: Whether code and read-only data should be
745   isolated on separate memory pages. This is a trade-off between security and
746   memory usage. See "Isolating code and read-only data on separate memory
747   pages" section in :ref:`Firmware Design`. This flag is disabled by default
748   and affects all BL images.
749
750-  ``SEPARATE_NOBITS_REGION``: Setting this option to ``1`` allows the NOBITS
751   sections of BL31 (.bss, stacks, page tables, and coherent memory) to be
752   allocated in RAM discontiguous from the loaded firmware image. When set, the
753   platform is expected to provide definitions for ``BL31_NOBITS_BASE`` and
754   ``BL31_NOBITS_LIMIT``. When the option is ``0`` (the default), NOBITS
755   sections are placed in RAM immediately following the loaded firmware image.
756
757-  ``SEPARATE_BL2_NOLOAD_REGION``: Setting this option to ``1`` allows the
758   NOLOAD sections of BL2 (.bss, stacks, page tables) to be allocated in RAM
759   discontiguous from loaded firmware images. When set, the platform need to
760   provide definitions of ``BL2_NOLOAD_START`` and ``BL2_NOLOAD_LIMIT``. This
761   flag is disabled by default and NOLOAD sections are placed in RAM immediately
762   following the loaded firmware image.
763
764-  ``SMC_PCI_SUPPORT``: This option allows platforms to handle PCI configuration
765   access requests via a standard SMCCC defined in `DEN0115`_. When combined with
766   UEFI+ACPI this can provide a certain amount of OS forward compatibility
767   with newer platforms that aren't ECAM compliant.
768
769-  ``SPD``: Choose a Secure Payload Dispatcher component to be built into TF-A.
770   This build option is only valid if ``ARCH=aarch64``. The value should be
771   the path to the directory containing the SPD source, relative to
772   ``services/spd/``; the directory is expected to contain a makefile called
773   ``<spd-value>.mk``. The SPM Dispatcher standard service is located in
774   services/std_svc/spmd and enabled by ``SPD=spmd``. The SPM Dispatcher
775   cannot be enabled when the ``SPM_MM`` option is enabled.
776
777-  ``SPIN_ON_BL1_EXIT``: This option introduces an infinite loop in BL1. It can
778   take either 0 (no loop) or 1 (add a loop). 0 is the default. This loop stops
779   execution in BL1 just before handing over to BL31. At this point, all
780   firmware images have been loaded in memory, and the MMU and caches are
781   turned off. Refer to the "Debugging options" section for more details.
782
783-  ``SPMD_SPM_AT_SEL2`` : This boolean option is used jointly with the SPM
784   Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC
785   component runs at the S-EL2 execution state provided by the Armv8.4-SecEL2
786   extension. This is the default when enabling the SPM Dispatcher. When
787   disabled (0) it indicates the SPMC component runs at the S-EL1 execution
788   state. This latter configuration supports pre-Armv8.4 platforms (aka not
789   implementing the Armv8.4-SecEL2 extension).
790
791-  ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
792   Partition Manager (SPM) implementation. The default value is ``0``
793   (disabled). This option cannot be enabled (``1``) when SPM Dispatcher is
794   enabled (``SPD=spmd``).
795
796-  ``SP_LAYOUT_FILE``: Platform provided path to JSON file containing the
797   description of secure partitions. The build system will parse this file and
798   package all secure partition blobs into the FIP. This file is not
799   necessarily part of TF-A tree. Only available when ``SPD=spmd``.
800
801-  ``SP_MIN_WITH_SECURE_FIQ``: Boolean flag to indicate the SP_MIN handles
802   secure interrupts (caught through the FIQ line). Platforms can enable
803   this directive if they need to handle such interruption. When enabled,
804   the FIQ are handled in monitor mode and non secure world is not allowed
805   to mask these events. Platforms that enable FIQ handling in SP_MIN shall
806   implement the api ``sp_min_plat_fiq_handler()``. The default value is 0.
807
808-  ``TRUSTED_BOARD_BOOT``: Boolean flag to include support for the Trusted Board
809   Boot feature. When set to '1', BL1 and BL2 images include support to load
810   and verify the certificates and images in a FIP, and BL1 includes support
811   for the Firmware Update. The default value is '0'. Generation and inclusion
812   of certificates in the FIP and FWU_FIP depends upon the value of the
813   ``GENERATE_COT`` option.
814
815   .. warning::
816      This option depends on ``CREATE_KEYS`` to be enabled. If the keys
817      already exist in disk, they will be overwritten without further notice.
818
819-  ``TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
820   specifies the file that contains the Trusted World private key in PEM
821   format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
822
823-  ``TSP_INIT_ASYNC``: Choose BL32 initialization method as asynchronous or
824   synchronous, (see "Initializing a BL32 Image" section in
825   :ref:`Firmware Design`). It can take the value 0 (BL32 is initialized using
826   synchronous method) or 1 (BL32 is initialized using asynchronous method).
827   Default is 0.
828
829-  ``TSP_NS_INTR_ASYNC_PREEMPT``: A non zero value enables the interrupt
830   routing model which routes non-secure interrupts asynchronously from TSP
831   to EL3 causing immediate preemption of TSP. The EL3 is responsible
832   for saving and restoring the TSP context in this routing model. The
833   default routing model (when the value is 0) is to route non-secure
834   interrupts to TSP allowing it to save its context and hand over
835   synchronously to EL3 via an SMC.
836
837   .. note::
838      When ``EL3_EXCEPTION_HANDLING`` is ``1``, ``TSP_NS_INTR_ASYNC_PREEMPT``
839      must also be set to ``1``.
840
841-  ``USE_ARM_LINK``: This flag determines whether to enable support for ARM
842   linker. When the ``LINKER`` build variable points to the armlink linker,
843   this flag is enabled automatically. To enable support for armlink, platforms
844   will have to provide a scatter file for the BL image. Currently, Tegra
845   platforms use the armlink support to compile BL3-1 images.
846
847-  ``USE_COHERENT_MEM``: This flag determines whether to include the coherent
848   memory region in the BL memory map or not (see "Use of Coherent memory in
849   TF-A" section in :ref:`Firmware Design`). It can take the value 1
850   (Coherent memory region is included) or 0 (Coherent memory region is
851   excluded). Default is 1.
852
853-  ``USE_DEBUGFS``: When set to 1 this option activates an EXPERIMENTAL feature
854   exposing a virtual filesystem interface through BL31 as a SiP SMC function.
855   Default is 0.
856
857-  ``ARM_IO_IN_DTB``: This flag determines whether to use IO based on the
858   firmware configuration framework. This will move the io_policies into a
859   configuration device tree, instead of static structure in the code base.
860
861-  ``COT_DESC_IN_DTB``: This flag determines whether to create COT descriptors
862   at runtime using fconf. If this flag is enabled, COT descriptors are
863   statically captured in tb_fw_config file in the form of device tree nodes
864   and properties. Currently, COT descriptors used by BL2 are moved to the
865   device tree and COT descriptors used by BL1 are retained in the code
866   base statically.
867
868-  ``SDEI_IN_FCONF``: This flag determines whether to configure SDEI setup in
869   runtime using firmware configuration framework. The platform specific SDEI
870   shared and private events configuration is retrieved from device tree rather
871   than static C structures at compile time. This is only supported if
872   SDEI_SUPPORT build flag is enabled.
873
874-  ``SEC_INT_DESC_IN_FCONF``: This flag determines whether to configure Group 0
875   and Group1 secure interrupts using the firmware configuration framework. The
876   platform specific secure interrupt property descriptor is retrieved from
877   device tree in runtime rather than depending on static C structure at compile
878   time.
879
880-  ``USE_ROMLIB``: This flag determines whether library at ROM will be used.
881   This feature creates a library of functions to be placed in ROM and thus
882   reduces SRAM usage. Refer to :ref:`Library at ROM` for further details. Default
883   is 0.
884
885-  ``V``: Verbose build. If assigned anything other than 0, the build commands
886   are printed. Default is 0.
887
888-  ``VERSION_STRING``: String used in the log output for each TF-A image.
889   Defaults to a string formed by concatenating the version number, build type
890   and build string.
891
892-  ``W``: Warning level. Some compiler warning options of interest have been
893   regrouped and put in the root Makefile. This flag can take the values 0 to 3,
894   each level enabling more warning options. Default is 0.
895
896-  ``WARMBOOT_ENABLE_DCACHE_EARLY`` : Boolean option to enable D-cache early on
897   the CPU after warm boot. This is applicable for platforms which do not
898   require interconnect programming to enable cache coherency (eg: single
899   cluster platforms). If this option is enabled, then warm boot path
900   enables D-caches immediately after enabling MMU. This option defaults to 0.
901
902-  ``SUPPORT_STACK_MEMTAG``: This flag determines whether to enable memory
903   tagging for stack or not. It accepts 2 values: ``yes`` and ``no``. The
904   default value of this flag is ``no``. Note this option must be enabled only
905   for ARM architecture greater than Armv8.5-A.
906
907-  ``ERRATA_SPECULATIVE_AT``: This flag determines whether to enable ``AT``
908   speculative errata workaround or not. It accepts 2 values: ``1`` and ``0``.
909   The default value of this flag is ``0``.
910
911   ``AT`` speculative errata workaround disables stage1 page table walk for
912   lower ELs (EL1 and EL0) in EL3 so that ``AT`` speculative fetch at any point
913   produces either the correct result or failure without TLB allocation.
914
915   This boolean option enables errata for all below CPUs.
916
917   +---------+--------------+-------------------------+
918   | Errata  |      CPU     |     Workaround Define   |
919   +=========+==============+=========================+
920   | 1165522 |  Cortex-A76  |  ``ERRATA_A76_1165522`` |
921   +---------+--------------+-------------------------+
922   | 1319367 |  Cortex-A72  |  ``ERRATA_A72_1319367`` |
923   +---------+--------------+-------------------------+
924   | 1319537 |  Cortex-A57  |  ``ERRATA_A57_1319537`` |
925   +---------+--------------+-------------------------+
926   | 1530923 |  Cortex-A55  |  ``ERRATA_A55_1530923`` |
927   +---------+--------------+-------------------------+
928   | 1530924 |  Cortex-A53  |  ``ERRATA_A53_1530924`` |
929   +---------+--------------+-------------------------+
930
931   .. note::
932      This option is enabled by build only if platform sets any of above defines
933      mentioned in ’Workaround Define' column in the table.
934      If this option is enabled for the EL3 software then EL2 software also must
935      implement this workaround due to the behaviour of the errata mentioned
936      in new SDEN document which will get published soon.
937
938- ``RAS_TRAP_LOWER_EL_ERR_ACCESS``: This flag enables/disables the SCR_EL3.TERR
939  bit, to trap access to the RAS ERR and RAS ERX registers from lower ELs.
940  This flag is disabled by default.
941
942- ``OPENSSL_DIR``: This flag is used to provide the installed openssl directory
943  path on the host machine which is used to build certificate generation and
944  firmware encryption tool.
945
946- ``USE_SP804_TIMER``: Use the SP804 timer instead of the Generic Timer for
947  functions that wait for an arbitrary time length (udelay and mdelay). The
948  default value is 0.
949
950- ``ENABLE_TRBE_FOR_NS``: This flag is used to enable access of trace buffer
951  control registers from NS ELs, NS-EL2 or NS-EL1(when NS-EL2 is implemented
952  but unused) when FEAT_TRBE is implemented. TRBE is an optional architectural
953  feature for AArch64. The default is 0 and it is automatically disabled when
954  the target architecture is AArch32.
955
956- ``ENABLE_SYS_REG_TRACE_FOR_NS``: Boolean option to enable trace system
957  registers access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented
958  but unused). This feature is available if trace unit such as ETMv4.x, and
959  ETE(extending ETM feature) is implemented. This flag is disabled by default.
960
961- ``ENABLE_TRF_FOR_NS``: Numeric value to enable trace filter control registers
962  access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented but unused),
963  if FEAT_TRF is implemented. This flag can take the values 0 to 2, to align
964  with the ``FEATURE_DETECTION`` mechanism. This flag is disabled by default.
965
966GICv3 driver options
967--------------------
968
969GICv3 driver files are included using directive:
970
971``include drivers/arm/gic/v3/gicv3.mk``
972
973The driver can be configured with the following options set in the platform
974makefile:
975
976-  ``GICV3_SUPPORT_GIC600``: Add support for the GIC-600 variants of GICv3.
977   Enabling this option will add runtime detection support for the
978   GIC-600, so is safe to select even for a GIC500 implementation.
979   This option defaults to 0.
980
981- ``GICV3_SUPPORT_GIC600AE_FMU``: Add support for the Fault Management Unit
982   for GIC-600 AE. Enabling this option will introduce support to initialize
983   the FMU. Platforms should call the init function during boot to enable the
984   FMU and its safety mechanisms. This option defaults to 0.
985
986-  ``GICV3_IMPL_GIC600_MULTICHIP``: Selects GIC-600 variant with multichip
987   functionality. This option defaults to 0
988
989-  ``GICV3_OVERRIDE_DISTIF_PWR_OPS``: Allows override of default implementation
990   of ``arm_gicv3_distif_pre_save`` and ``arm_gicv3_distif_post_restore``
991   functions. This is required for FVP platform which need to simulate GIC save
992   and restore during SYSTEM_SUSPEND without powering down GIC. Default is 0.
993
994-  ``GIC_ENABLE_V4_EXTN`` : Enables GICv4 related changes in GICv3 driver.
995   This option defaults to 0.
996
997-  ``GIC_EXT_INTID``: When set to ``1``, GICv3 driver will support extended
998   PPI (1056-1119) and SPI (4096-5119) range. This option defaults to 0.
999
1000Debugging options
1001-----------------
1002
1003To compile a debug version and make the build more verbose use
1004
1005.. code:: shell
1006
1007    make PLAT=<platform> DEBUG=1 V=1 all
1008
1009AArch64 GCC uses DWARF version 4 debugging symbols by default. Some tools (for
1010example DS-5) might not support this and may need an older version of DWARF
1011symbols to be emitted by GCC. This can be achieved by using the
1012``-gdwarf-<version>`` flag, with the version being set to 2 or 3. Setting the
1013version to 2 is recommended for DS-5 versions older than 5.16.
1014
1015When debugging logic problems it might also be useful to disable all compiler
1016optimizations by using ``-O0``.
1017
1018.. warning::
1019   Using ``-O0`` could cause output images to be larger and base addresses
1020   might need to be recalculated (see the **Memory layout on Arm development
1021   platforms** section in the :ref:`Firmware Design`).
1022
1023Extra debug options can be passed to the build system by setting ``CFLAGS`` or
1024``LDFLAGS``:
1025
1026.. code:: shell
1027
1028    CFLAGS='-O0 -gdwarf-2'                                     \
1029    make PLAT=<platform> DEBUG=1 V=1 all
1030
1031Note that using ``-Wl,`` style compilation driver options in ``CFLAGS`` will be
1032ignored as the linker is called directly.
1033
1034It is also possible to introduce an infinite loop to help in debugging the
1035post-BL2 phase of TF-A. This can be done by rebuilding BL1 with the
1036``SPIN_ON_BL1_EXIT=1`` build flag. Refer to the :ref:`build_options_common`
1037section. In this case, the developer may take control of the target using a
1038debugger when indicated by the console output. When using DS-5, the following
1039commands can be used:
1040
1041::
1042
1043    # Stop target execution
1044    interrupt
1045
1046    #
1047    # Prepare your debugging environment, e.g. set breakpoints
1048    #
1049
1050    # Jump over the debug loop
1051    set var $AARCH64::$Core::$PC = $AARCH64::$Core::$PC + 4
1052
1053    # Resume execution
1054    continue
1055
1056Firmware update options
1057-----------------------
1058
1059-  ``NR_OF_FW_BANKS``: Define the number of firmware banks. This flag is used
1060   in defining the firmware update metadata structure. This flag is by default
1061   set to '2'.
1062
1063-  ``NR_OF_IMAGES_IN_FW_BANK``: Define the number of firmware images in each
1064   firmware bank. Each firmware bank must have the same number of images as per
1065   the `PSA FW update specification`_.
1066   This flag is used in defining the firmware update metadata structure. This
1067   flag is by default set to '1'.
1068
1069-  ``PSA_FWU_SUPPORT``: Enable the firmware update mechanism as per the
1070   `PSA FW update specification`_. The default value is 0, and this is an
1071   experimental feature.
1072   PSA firmware update implementation has some limitations, such as BL2 is
1073   not part of the protocol-updatable images, if BL2 needs to be updated, then
1074   it should be done through another platform-defined mechanism, and it assumes
1075   that the platform's hardware supports CRC32 instructions.
1076
1077--------------
1078
1079*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
1080
1081.. _DEN0115: https://developer.arm.com/docs/den0115/latest
1082.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/a/
1083