1# 2# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved. 3# 4# SPDX-License-Identifier: BSD-3-Clause 5# 6 7PLAT_QEMU_PATH := plat/qemu/qemu 8PLAT_QEMU_COMMON_PATH := plat/qemu/common 9 10SEPARATE_CODE_AND_RODATA := 1 11ENABLE_STACK_PROTECTOR := 0 12 13include plat/qemu/common/common.mk 14 15# Use the GICv2 driver on QEMU by default 16QEMU_USE_GIC_DRIVER := QEMU_GICV2 17 18ifeq (${ARM_ARCH_MAJOR},7) 19# ARMv7 Qemu support in trusted firmware expects the Cortex-A15 model. 20# Qemu Cortex-A15 model does not implement the virtualization extension. 21# For this reason, we cannot set ARM_CORTEX_A15=yes and must define all 22# the ARMv7 build directives. 23MARCH_DIRECTIVE := -mcpu=cortex-a15 24$(eval $(call add_define,ARMV7_SUPPORTS_LARGE_PAGE_ADDRESSING)) 25$(eval $(call add_define,ARMV7_SUPPORTS_GENERIC_TIMER)) 26$(eval $(call add_define,ARMV7_SUPPORTS_VFP)) 27# Qemu expects a BL32 boot stage. 28NEED_BL32 := yes 29endif # ARMv7 30 31ifeq (${SPD},opteed) 32add-lib-optee := yes 33endif 34ifeq ($(AARCH32_SP),optee) 35add-lib-optee := yes 36endif 37ifeq ($(SPMC_OPTEE),1) 38$(eval $(call add_define,SPMC_OPTEE)) 39add-lib-optee := yes 40endif 41 42ifeq (${TRANSFER_LIST},1) 43include lib/transfer_list/transfer_list.mk 44endif 45 46ifeq ($(NEED_BL32),yes) 47$(eval $(call add_define,QEMU_LOAD_BL32)) 48endif 49 50ifneq (${TRUSTED_BOARD_BOOT},0) 51 52 AUTH_SOURCES := drivers/auth/auth_mod.c \ 53 drivers/auth/img_parser_mod.c \ 54 drivers/auth/tbbr/tbbr_cot_common.c 55 56 BL1_SOURCES += ${AUTH_SOURCES} \ 57 bl1/tbbr/tbbr_img_desc.c \ 58 plat/common/tbbr/plat_tbbr.c \ 59 ${PLAT_QEMU_COMMON_PATH}/qemu_trusted_boot.c \ 60 $(PLAT_QEMU_COMMON_PATH)/qemu_rotpk.S \ 61 drivers/auth/tbbr/tbbr_cot_bl1.c 62 63 BL2_SOURCES += ${AUTH_SOURCES} \ 64 plat/common/tbbr/plat_tbbr.c \ 65 ${PLAT_QEMU_COMMON_PATH}/qemu_trusted_boot.c \ 66 $(PLAT_QEMU_COMMON_PATH)/qemu_rotpk.S \ 67 drivers/auth/tbbr/tbbr_cot_bl2.c 68 69 include drivers/auth/mbedtls/mbedtls_x509.mk 70 71 ROT_KEY = $(BUILD_PLAT)/rot_key.pem 72 ROTPK_HASH = $(BUILD_PLAT)/rotpk_sha256.bin 73 74 $(eval $(call add_define_val,ROTPK_HASH,'"$(ROTPK_HASH)"')) 75 76 $(BUILD_PLAT)/bl1/qemu_rotpk.o: $(ROTPK_HASH) 77 $(BUILD_PLAT)/bl2/qemu_rotpk.o: $(ROTPK_HASH) 78 79 certificates: $(ROT_KEY) 80 81 $(ROT_KEY): | $(BUILD_PLAT) 82 @echo " OPENSSL $@" 83 $(Q)${OPENSSL_BIN_PATH}/openssl genrsa 2048 > $@ 2>/dev/null 84 85 $(ROTPK_HASH): $(ROT_KEY) 86 @echo " OPENSSL $@" 87 $(Q)${OPENSSL_BIN_PATH}/openssl rsa -in $< -pubout -outform DER 2>/dev/null |\ 88 ${OPENSSL_BIN_PATH}/openssl dgst -sha256 -binary > $@ 2>/dev/null 89endif 90 91# Include Measured Boot makefile before any Crypto library makefile. 92# Crypto library makefile may need default definitions of Measured Boot build 93# flags present in Measured Boot makefile. 94ifeq (${MEASURED_BOOT},1) 95 MEASURED_BOOT_MK := drivers/measured_boot/event_log/event_log.mk 96 $(info Including ${MEASURED_BOOT_MK}) 97 include ${MEASURED_BOOT_MK} 98 99 ifneq (${MBOOT_EL_HASH_ALG}, sha256) 100 $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512)) 101 endif 102 103 BL2_SOURCES += plat/qemu/qemu/qemu_measured_boot.c \ 104 plat/qemu/qemu/qemu_helpers.c \ 105 ${EVENT_LOG_SOURCES} 106 107 BL1_SOURCES += plat/qemu/qemu/qemu_bl1_measured_boot.c 108 109endif 110 111ifneq ($(filter 1,${MEASURED_BOOT} ${TRUSTED_BOARD_BOOT}),) 112 CRYPTO_SOURCES := drivers/auth/crypto_mod.c 113 114 BL1_SOURCES += ${CRYPTO_SOURCES} 115 BL2_SOURCES += ${CRYPTO_SOURCES} 116 117 # We expect to locate the *.mk files under the directories specified below 118 # 119 include drivers/auth/mbedtls/mbedtls_crypto.mk 120endif 121 122BL2_SOURCES += ${FDT_WRAPPERS_SOURCES} \ 123 common/uuid.c 124 125ifeq ($(add-lib-optee),yes) 126BL2_SOURCES += lib/optee/optee_utils.c 127endif 128 129ifneq (${DECRYPTION_SUPPORT},none) 130BL1_SOURCES += drivers/io/io_encrypted.c 131BL2_SOURCES += drivers/io/io_encrypted.c 132endif 133 134# Include GICv2 driver files 135include drivers/arm/gic/v2/gicv2.mk 136QEMU_GICV2_SOURCES := ${GICV2_SOURCES} \ 137 plat/common/plat_gicv2.c \ 138 ${PLAT_QEMU_COMMON_PATH}/qemu_gicv2.c 139 140# Include GICv3 driver files 141include drivers/arm/gic/v3/gicv3.mk 142 143QEMU_GICV3_SOURCES := ${GICV3_SOURCES} \ 144 plat/common/plat_gicv3.c \ 145 ${PLAT_QEMU_COMMON_PATH}/qemu_gicv3.c 146 147ifeq (${QEMU_USE_GIC_DRIVER}, QEMU_GICV2) 148QEMU_GIC_SOURCES := ${QEMU_GICV2_SOURCES} 149else ifeq (${QEMU_USE_GIC_DRIVER}, QEMU_GICV3) 150QEMU_GIC_SOURCES := ${QEMU_GICV3_SOURCES} 151else 152$(error "Incorrect GIC driver chosen for QEMU platform") 153endif 154 155ifeq (${ARCH},aarch64) 156BL31_SOURCES += drivers/arm/pl061/pl061_gpio.c \ 157 drivers/gpio/gpio.c \ 158 ${PLAT_QEMU_COMMON_PATH}/qemu_pm.c \ 159 ${PLAT_QEMU_COMMON_PATH}/topology.c 160 161ifeq (${SDEI_SUPPORT}, 1) 162BL31_SOURCES += plat/qemu/common/qemu_sdei.c 163endif 164 165ifeq (${SPD},spmd) 166BL31_SOURCES += plat/common/plat_spmd_manifest.c \ 167 common/uuid.c \ 168 ${LIBFDT_SRCS} \ 169 ${FDT_WRAPPERS_SOURCES} 170endif 171endif 172 173# Add the build options to pack Trusted OS Extra1 and Trusted OS Extra2 images 174# in the FIP if the platform requires. 175ifneq ($(BL32_EXTRA1),) 176ifneq (${DECRYPTION_SUPPORT},none) 177$(eval $(call TOOL_ADD_IMG,bl32_extra1,--tos-fw-extra1,,$(ENCRYPT_BL32))) 178else 179$(eval $(call TOOL_ADD_IMG,bl32_extra1,--tos-fw-extra1)) 180endif 181endif 182ifneq ($(BL32_EXTRA2),) 183ifneq (${DECRYPTION_SUPPORT},none) 184$(eval $(call TOOL_ADD_IMG,bl32_extra2,--tos-fw-extra2,,$(ENCRYPT_BL32))) 185else 186$(eval $(call TOOL_ADD_IMG,bl32_extra2,--tos-fw-extra2)) 187endif 188endif 189 190ifneq ($(QEMU_TB_FW_CONFIG_DTS),) 191FDT_SOURCES += ${QEMU_TB_FW_CONFIG_DTS} 192QEMU_TB_FW_CONFIG := ${BUILD_PLAT}/fdts/$(notdir $(basename ${QEMU_TB_FW_CONFIG_DTS})).dtb 193# Add the TB_FW_CONFIG to FIP 194$(eval $(call TOOL_ADD_PAYLOAD,${QEMU_TB_FW_CONFIG},--tb-fw-config,${QEMU_TB_FW_CONFIG})) 195endif 196 197ifneq ($(QEMU_TOS_FW_CONFIG_DTS),) 198FDT_SOURCES += ${QEMU_TOS_FW_CONFIG_DTS} 199QEMU_TOS_FW_CONFIG := ${BUILD_PLAT}/fdts/$(notdir $(basename ${QEMU_TOS_FW_CONFIG_DTS})).dtb 200# Add the TOS_FW_CONFIG to FIP 201$(eval $(call TOOL_ADD_PAYLOAD,${QEMU_TOS_FW_CONFIG},--tos-fw-config,${QEMU_TOS_FW_CONFIG})) 202endif 203 204BL32_RAM_LOCATION := tdram 205ifeq (${BL32_RAM_LOCATION}, tsram) 206 BL32_RAM_LOCATION_ID = SEC_SRAM_ID 207 ifeq (${ENABLE_RME},1) 208 # Avoid overlap between BL2 and BL32 to ease GPT partition 209 $(error "With RME, BL32 must use secure DRAM") 210 endif 211else ifeq (${BL32_RAM_LOCATION}, tdram) 212 BL32_RAM_LOCATION_ID = SEC_DRAM_ID 213else 214 $(error "Unsupported BL32_RAM_LOCATION value") 215endif 216 217# Process flags 218$(eval $(call add_define,BL32_RAM_LOCATION_ID)) 219 220# Don't have the Linux kernel as a BL33 image by default 221ARM_LINUX_KERNEL_AS_BL33 := 0 222$(eval $(call assert_boolean,ARM_LINUX_KERNEL_AS_BL33)) 223$(eval $(call add_define,ARM_LINUX_KERNEL_AS_BL33)) 224 225ARM_PRELOADED_DTB_BASE := PLAT_QEMU_DT_BASE 226$(eval $(call add_define,ARM_PRELOADED_DTB_BASE)) 227 228qemu_fw.bios: bl1 fip 229 $(ECHO) " DD $@" 230 $(Q)cp ${BUILD_PLAT}/bl1.bin ${BUILD_PLAT}/$@ 231 $(Q)dd if=${BUILD_PLAT}/fip.bin of=${BUILD_PLAT}/$@ bs=64k seek=4 status=none 232 233qemu_fw.rom: qemu_fw.bios 234 $(ECHO) " DD $@" 235 $(Q)cp ${BUILD_PLAT}/$^ ${BUILD_PLAT}/$@ 236 $(Q)dd if=/dev/zero of=${BUILD_PLAT}/$@ bs=1M seek=64 count=0 status=none 237 238ifneq (${BL33},) 239all: qemu_fw.bios qemu_fw.rom 240endif 241 242ifeq (${EL3_EXCEPTION_HANDLING},1) 243BL31_SOURCES += plat/common/aarch64/plat_ehf.c 244endif 245