1#
2# Copyright (c) 2020, Google, Inc. All rights reserved
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
17# Trusty TEE Userspace SDK
18#
19# This is a skeleton makefile that can be included in your build system to build
20# a trusty userspace app.
21#
22# Inputs:
23# BUILDDIR : Build directory, defaults to current directory
24# TRUSTY_APP_NAME : Simple name of app (without the path to the source
25# 		directory) (required)
26# TRUSTY_APP_OBJECTS : Object files or archives to include in the app
27# TRUSTY_APP_LIBRARIES : Trusty SDK libraries to statically link into the app
28# TRUSTY_APP_LDFLAGS : LDFLAGS for the app
29# TRUSTY_APP_ALIGNMENT : Alignment of app image (defaults to 1)
30# TRUSTY_APP_MEMBASE : App base address, if fixed
31# TRUSTY_APP_SIGN_KEY_ID : Key ID to use for a loadable app signature
32# TRUSTY_APP_SIGN_PRIVATE_KEY_FILE : Path to the private key for the specified
33#       key ID
34# TRUSTY_APP_SYMTAB_ENABLED : If true do not strip symbols from the resulting app
35# 		binary
36# MANIFEST : App manifest JSON file
37# MODULE_CONSTANTS : JSON files with constants used for both the manifest and C headers
38# CLANG_BINDIR : Location of the bin/ directory of the clang to use. (Must be the
39# 		same version used to compile the SDK.) Defaults to `toolchain/clang/bin`
40# 		inside the SDK.
41# PY3 : Path to the Python 3 interpreter to use. Defaults to the `python3` found
42#       in $PATH. If the installed `python3` is older than the one Trusty used to
43#       build the SDK, some scripts used in the build process may fail.
44
45
46# Provide an error message if this makefile is run directly instead of included
47# into another build.
48ifeq ($(words $(MAKEFILE_LIST)),1)
49$(warning This makefile should not be invoked directly, please include it in a larger build system.)
50endif
51
52BUILDDIR ?= .
53
54# Set up SDK paths
55LOCAL_DIR := $(patsubst %/,%,$(dir $(word $(words $(MAKEFILE_LIST)),$(MAKEFILE_LIST))))
56TRUSTY_APP_ARCH := $(notdir $(LOCAL_DIR))
57TRUSTY_APP_BUILDDIR := $(BUILDDIR)
58SDK_DIR := $(LOCAL_DIR)/../../
59SDK_SYSROOT_DIR := $(SDK_DIR)/sysroots/$(TRUSTY_APP_ARCH)/
60LOADABLE_APP_TOOL := $(SDK_SYSROOT_DIR)/tools/apploader_package_tool
61
62ifeq ($(CLANG_BINDIR),)
63CLANG_BINDIR := $(SDK_DIR)/toolchain/clang/bin/
64$(warning No $$CLANG_BINDIR provided; using the default: $(CLANG_BINDIR))
65endif
66
67ifeq ($(PY3),)
68PY3 := $(shell which python3)
69$(warning No $$PY3 provided; using python3 from $$PATH: $(PY3))
70endif
71
72ARCH_arm_TOOLCHAIN_PREFIX := $(CLANG_BINDIR)/llvm-
73ARCH_arm64_TOOLCHAIN_PREFIX := $(CLANG_BINDIR)/llvm-
74MANIFEST_COMPILER := $(SDK_SYSROOT_DIR)/tools/manifest_compiler.py
75
76# Use the Trusty toolchain compiler and linker
77CC := $(CLANG_BINDIR)/clang
78CXX := $(CLANG_BINDIR)/clang++
79LD := $(CLANG_BINDIR)/ld.lld
80
81CFLAGS += --sysroot=$(SDK_SYSROOT_DIR) -isystem $(SDK_SYSROOT_DIR)
82CXXFLAGS += --sysroot=$(SDK_SYSROOT_DIR) -isystem $(SDK_SYSROOT_DIR)
83ASMFLAGS += --sysroot=$(SDK_SYSROOT_DIR) -isystem $(SDK_SYSROOT_DIR)
84
85# We're building for the Trusty userspace, so indicate this for headers that
86# depend on this define.
87DEFINES += TRUSTY_USERSPACE=1
88
89# Link against Trusty libraries
90TRUSTY_APP_LDFLAGS += -L$(SDK_SYSROOT_DIR)/usr/lib/
91
92# Sign loadable apps with the included dev test key by default
93ifneq ($(strip $(TRUSTY_APP_SIGN_KEY_ID)),)
94APPLOADER_SIGN_KEY_ID := $(TRUSTY_APP_SIGN_KEY_ID)
95APPLOADER_SIGN_PRIVATE_KEY_$(TRUSTY_APP_SIGN_KEY_ID)_FILE := $(TRUSTY_APP_SIGN_PRIVATE_KEY_FILE)
96else
97APPLOADER_SIGN_KEY_ID := 0
98APPLOADER_SIGN_PRIVATE_KEY_0_FILE := $(SDK_SYSROOT_DIR)/tools/apploader_sign_test_private_key_0.der
99endif
100
101# Define macros from macros.mk needed by trusted_app.mk
102
103# makes sure the target dir exists
104MKDIR = if [ ! -d $(dir $@) ]; then mkdir -p $(dir $@); fi
105
106# converts specified variable to boolean value
107TOBOOL = $(if $(filter-out 0 false,$1),true,false)
108
109# Add flags for a Trusty userspace library
110# $(1): library name, e.g. libc-trusty
111define add-trusty-library
112$(eval include $(LOCAL_DIR)/$(1).mk)
113endef
114
115$(foreach lib,$(TRUSTY_APP_LIBRARIES),$(call add-trusty-library,$(lib)))
116
117# Add defines to {C,CXX,ASM}FLAGS since most makefiles will not pick up defines
118# from DEFINES
119CFLAGS := $(addprefix -D,$(DEFINES)) $(CFLAGS)
120CXXFLAGS := $(addprefix -D,$(DEFINES)) $(CXXFLAGS)
121ASMFLAGS := $(addprefix -D,$(DEFINES)) $(ASMFLAGS)
122
123# Set up variables for trusted_app.mk
124CLANGBUILD := true
125EXTRA_BUILDDEPS :=
126ALLMODULE_OBJS := $(TRUSTY_APP_OBJECTS)
127TRUSTY_USERSPACE := true
128