[ATTENTION REQUIRED] Manifest Tool being aware of Secure Partition enabled status when building
Hi,
I worked out a patchhttps://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/12025 to make the Manifest Tool (tfm_parse_manifest_list.py) aware of the Secure Partition status when building. Currently, the tool generates everything and then the Build System picks up the files needed. With the development of FF-M 1.1 feature, we need the tool to be aware of the Secure Partition enabled status to generate SPM configurations.
The patch make use of the feature of CMake command configure_file which substitutes variable values referenced as @VAR@ or ${VAR}. It requires the "conditional" attributes in manifest lists to be surrounded by "@" for "${}". Then when you disable some Partition for building, the tool will not generate anything for that Partition such as PID/SID and TF-M Partition load info.
So please out of tree Secure Partition manifest lists do the corresponding change to make the tool aware of that any Partitions are DISABLED. The tool currently only takes conditional value "OFF" or "FALSE" as Partitions being disabled, all other values are treated as enabled. This means if you do not make the change in the manifest list, the tool treats all the partitions as enabled always.
Best Regards, Kevin
I'm glad to tell you that this feature has been merged. Now the "conditional" attributes in manifest lists must be:
* Omitted - the Partition is always built * Set as "@PARTITION_CMAKE_CONFIG@", the Partition is built depends on PARTITION_CMAKE_CONFIG * PARTITION_CMAKE_CONFIG must be a CMake variable with default values explicitly set * The value of PARTITION_CMAKE_CONFIG must be one of ['on', 'true', 'enabled'] or ['off', 'false', 'disabled'], case insensitive * Set as one of ['on', 'true', 'enabled'] or ['off', 'false', 'disabled'], case insensitive
The manifest tool does not generate anything such as PID/SID and TF-M Partition load info for partitions that are disabled by "conditional".
Best Regards, Kevin
From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Kevin Peng via TF-M Sent: Thursday, October 21, 2021 10:55 AM To: tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: [TF-M] [ATTENTION REQUIRED] Manifest Tool being aware of Secure Partition enabled status when building
Hi,
I worked out a patchhttps://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/12025 to make the Manifest Tool (tfm_parse_manifest_list.py) aware of the Secure Partition status when building. Currently, the tool generates everything and then the Build System picks up the files needed. With the development of FF-M 1.1 feature, we need the tool to be aware of the Secure Partition enabled status to generate SPM configurations.
The patch make use of the feature of CMake command configure_file which substitutes variable values referenced as @VAR@ or ${VAR}. It requires the "conditional" attributes in manifest lists to be surrounded by "@" for "${}". Then when you disable some Partition for building, the tool will not generate anything for that Partition such as PID/SID and TF-M Partition load info.
So please out of tree Secure Partition manifest lists do the corresponding change to make the tool aware of that any Partitions are DISABLED. The tool currently only takes conditional value "OFF" or "FALSE" as Partitions being disabled, all other values are treated as enabled. This means if you do not make the change in the manifest list, the tool treats all the partitions as enabled always.
Best Regards, Kevin
tf-m@lists.trustedfirmware.org
-
Kevin Peng