From 0a5ba9885d5cd28f5659e374d048940259e31789 Mon Sep 17 00:00:00 2001
From: Bertrand Marquis <bertrand.marquis@arm.com>
Date: Tue, 8 Oct 2019 14:20:38 +0100
Subject: [PATCH] Add a Trusted Firmware A recipe

Add a generic Trusted Firmware A recipe using TF-A version 2.1

Change-Id: I873509970bd44c6cfdaa0456516197a4eebf6ebd
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
---
 .../trusted-firmware-a/trusted-firmware-a.inc | 109 ++++++++++++++++++
 .../trusted-firmware-a_2.1.bb                 |  45 ++++++++
 2 files changed, 154 insertions(+)
 create mode 100644 meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
 create mode 100644 meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.1.bb

diff --git a/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc b/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
new file mode 100644
index 00000000..1d0f476e
--- /dev/null
+++ b/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
@@ -0,0 +1,109 @@
+DESCRIPTION = "Trusted Firmware-A"
+LICENSE = "BSD & Apache-2.0"
+
+PROVIDES = "virtual/trusted-firmware-a"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+inherit deploy
+
+COMPATIBLE_MACHINE ?= "invalid"
+
+# Platform must be set for each machine
+TFA_PLATFORM ?= "invalid"
+
+# Build for debug (set TFA_DEBUG to 1 to activate)
+TFA_DEBUG ?= "0"
+TFA_BUILD_DIR ?= "${@bb.utils.contains('TFA_DEBUG', '1', 'build/${TFA_PLATFORM}/debug', 'build/${TFA_PLATFORM}/release', d)}"
+
+# mbed TLS support (set TFA_MBEDTLS to 1 to activate)
+TFA_MBEDTLS ?= "0"
+TFA_MBEDTLS_DIR ?= "mbedtls"
+
+# U-boot support (set TFA_UBOOT to 1 to activate)
+# When U-Boot support is activated BL33 is activated with u-boot.bin file
+TFA_UBOOT ?= "0"
+
+# What to build
+# By default we only build bl1, do_deploy will install
+# everything listed in this variable (by default bl1.bin)
+TFA_BUILD_TARGET ?= "bl1"
+
+# What to install
+# do_deploy will install everything listed in this
+# variable. It is set by default to TFA_BUILD_TARGET
+TFA_INSTALL_TARGET ?= "${TFA_BUILD_TARGET}"
+
+# Requires CROSS_COMPILE set by hand as there is no configure script
+export CROSS_COMPILE="${TARGET_PREFIX}"
+
+# Let the Makefile handle setting up the CFLAGS and LDFLAGS as it is a standalone application
+CFLAGS[unexport] = "1"
+LDFLAGS[unexport] = "1"
+AS[unexport] = "1"
+LD[unexport] = "1"
+
+# No configure or install
+do_configure[noexec] = "1"
+do_install[noexec] = "1"
+
+# We need dtc for dtbs compilation
+# We need openssl for fiptool
+DEPENDS_append = " dtc-native openssl-native"
+
+# Add platform parameter
+EXTRA_OEMAKE_append = " PLAT=${TFA_PLATFORM}"
+
+# Handle TFA_DEBUG parameter
+EXTRA_OEMAKE_append = " ${@bb.utils.contains('TFA_DEBUG', '1', ' DEBUG=${TFA_DEBUG}', '', d)}"
+
+# Handle MBEDTLS
+EXTRA_OEMAKE_append = " ${@bb.utils.contains('TFA_MBEDTLS', '1', ' MBEDTLS_DIR=${TFA_MBEDTLS_DIR}', '', d)}"
+
+# Uboot support
+DEPENDS += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot', '', d)}"
+do_compile[depends] += " ${@bb.utils.contains('TFA_UBOOT', '1', 'u-boot:do_deploy', '', d)}"
+EXTRA_OEMAKE_append = " ${@bb.utils.contains('TFA_UBOOT', '1', ' BL33=${DEPLOY_DIR_IMAGE}/u-boot.bin', '',d)}"
+
+do_clean() {
+    if [ -f ${S}/Makefile ]; then
+        oe_runmake -C ${S} distclean
+    fi
+}
+
+do_compile() {
+    oe_runmake ${TFA_BUILD_TARGET}
+}
+
+do_deploy() {
+    install -d -m 755 ${DEPLOYDIR}
+    for atfbin in ${TFA_INSTALL_TARGET}; do
+        if [ "$atfbin" = "all" ]; then
+            # Target all is not handled by default
+            bberror "all as TFA_INSTALL_TARGET is not handled by do_deploy"
+            bberror "Please specify valid targets in TFA_INSTALL_TARGET or"
+            bberror "rewrite or turn off do_deploy"
+            exit 1
+        elif [ -f ${S}/${TFA_BUILD_DIR}/$atfbin.bin ]; then
+            echo "Install $atfbin.bin"
+            install -m 0644 ${S}/${TFA_BUILD_DIR}/$atfbin.bin \
+                ${DEPLOYDIR}/$atfbin-${TFA_PLATFORM}.bin
+        elif [ -f ${S}/${TFA_BUILD_DIR}/$atfbin.elf ]; then
+            echo "Install $atfbin.elf"
+            install -m 0644 ${S}/${TFA_BUILD_DIR}/$atfbin.elf \
+                ${DEPLOYDIR}/$atfbin-${TFA_PLATFORM}.elf
+        elif [ -f ${S}/${TFA_BUILD_DIR}/$atfbin ]; then
+            echo "Install $atfbin"
+            install -m 0644 ${S}/${TFA_BUILD_DIR}/$atfbin \
+                ${DEPLOYDIR}/$atfbin-${TFA_PLATFORM}
+        elif [ "$atfbin" = "dtbs" ]; then
+            echo "dtbs install, skipped"
+        elif [ -f ${S}/tools/$atfbin/$atfbin ]; then
+            echo "Tools $atfbin install, skipped"
+        else
+            bberror "Unsupported TFA_INSTALL_TARGET target $atfbin"
+            exit 1
+        fi
+    done
+}
+addtask deploy before do_build after do_compile
diff --git a/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.1.bb b/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.1.bb
new file mode 100644
index 00000000..55b17e0d
--- /dev/null
+++ b/meta-arm-integration/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.1.bb
@@ -0,0 +1,45 @@
+#
+# Trusted firmware-A 2.1
+#
+SRC_URI = " \
+    git://git.trustedfirmware.org/TF-A/trusted-firmware-a.git;protocol=https;name=tfa \
+    git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls \
+    "
+
+SRCREV_FORMAT = "tfa_mbedtls"
+
+# TF-A v2.1
+SRCREV_tfa = "e1286bdb968ee74fc52f96cf303a4218e1ae2950"
+# mbed TLS v2.16.2
+SRCREV_mbedtls = "d81c11b8ab61fd5b2da8133aa73c5fe33a0633eb"
+
+
+S = "${WORKDIR}/git"
+
+LIC_FILES_CHKSUM = " \
+    file://license.rst;md5=c709b197e22b81ede21109dbffd5f363 \
+    file://mbedtls/apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 \
+    file://mbedtls/LICENSE;md5=302d50a6369f5f22efdb674db908167a \
+    "
+
+SRC_URI[tfa.md5sum] = "75c8f4958fb493d9bd7a8e5a9636ec18"
+SRC_URI[tfa.sha256sum] = "7c4c00a4f28d3cfbb235fd1a1fb28c4d2fc1d657c9301686e7d8824ef575d059"
+SRC_URI[mbedtls.md5sum] = "37cdec398ae9ebdd4640df74af893c95"
+SRC_URI[mbedtls.sha256sum] = "a6834fcd7b7e64b83dfaaa6ee695198cb5019a929b2806cb0162e049f98206a4"
+
+require trusted-firmware-a.inc
+
+# The following hack is needed to fit properly in yocto build environment
+# TFA is forcing the host compiler and its flags in the Makefile using :=
+# assignment for GCC and CFLAGS.
+# To properly use the native toolchain of yocto and the right libraries we need
+# to pass the proper flags to gcc. This is achieved here by creating a gcc
+# script to force passing to gcc the right CFLAGS and LDFLAGS
+do_compile_prepend() {
+    #Create an host gcc build parser to ensure the proper include path is used
+    mkdir -p bin
+    echo "#!/usr/bin/env bash" > bin/gcc
+    echo "$(which ${BUILD_CC}) ${BUILD_CFLAGS} ${BUILD_LDFLAGS} \$@" >> bin/gcc
+    chmod a+x bin/gcc
+    export PATH="$PWD/bin:$PATH"
+}