Permit non-TrustZone ARMv8 build

kjbracey · kjbracey · commit 4b856de212fd · 2019-05-02T14:26:08.000+03:00
Change the heuristic for selection of CMSE in the tools python, so that
a non-TrustZone ARMv8 build can happen.

Ideally we would have more direct flagging in the targets, but this
refines the heuristic so the necessary behaviour can be easily
achieved.

* DOMAIN_NS=1 is based purely on the `-NS` suffix on the core name.

* Enabling CMSE in the compiler and outputting a secure import library
  is now enabled by the target label `TFM` being present when the core
  doesn't have an `-NS` suffix. (Rather than simply being ARMv8 without
  an `-NS` suffix).
diff --git a/tools/build_api.py b/tools/build_api.py
@@ -600,10 +600,7 @@ def build_project(src_paths, build_path, target, toolchain_name,
         if into_dir:
             copy_when_different(res[0], into_dir)
             if not extra_artifacts:
-                if (
-                    CORE_ARCH[toolchain.target.core] == 8 and
-                    not toolchain.target.core.endswith("NS")
-                ):
+                if toolchain.target.is_TrustZone_secure_target:
                     cmse_lib = join(dirname(res[0]), "cmse_lib.o")
                     copy_when_different(cmse_lib, into_dir)
             else:
diff --git a/tools/targets/__init__.py b/tools/targets/__init__.py
@@ -379,6 +379,21 @@ def labels(self):
         labels = (names + CORE_LABELS[self.core] + self.extra_labels)
         return labels
 
+    @property
+    def core_without_NS(self):
+        if self.core.endswith('-NS'):
+            return self.core[:-3]
+        else:
+            return self.core
+
+    @property
+    def is_TrustZone_secure_target(self):
+        return 'TFM' in self.labels and not self.core.endswith('-NS')
+
+    @property
+    def is_TrustZone_non_secure_target(self):
+        return self.core.endswith('-NS')
+
     @property
     def is_PSA_secure_target(self):
         return 'SPE_Target' in self.labels
diff --git a/tools/toolchains/arm.py b/tools/toolchains/arm.py
@@ -521,25 +521,25 @@ def __init__(self, target, *args, **kwargs):
             if "--library_type=microlib" not in self.flags['asm']:
                 self.flags['asm'].append("--library_type=microlib")
 
-        core = target.core
-        if CORE_ARCH[target.core] == 8:
-            if ((not target.core.endswith("-NS")) and
-                    kwargs.get('build_dir', False)):
-                # Create Secure library
+        if target.is_TrustZone_secure_target:
+            if kwargs.get('build_dir', False):
+                # Output secure import library
                 build_dir = kwargs['build_dir']
                 secure_file = join(build_dir, "cmse_lib.o")
                 self.flags["ld"] += ["--import_cmse_lib_out=%s" % secure_file]
 
+            # Enable compiler security extensions
+            self.flags['cxx'].append("-mcmse")
+            self.flags['c'].append("-mcmse")
+
+        if target.is_TrustZone_non_secure_target:
             # Add linking time preprocessor macro DOMAIN_NS
-            if target.core.endswith("-NS"):
-                define_string = self.make_ld_define("DOMAIN_NS", "0x1")
-                self.flags["ld"].append(define_string)
-                core = target.core[:-3]
-            else:
-                # Add secure build flag
-                self.flags['cxx'].append("-mcmse")
-                self.flags['c'].append("-mcmse")
+            # (DOMAIN_NS is passed to compiler and assembler via CORTEX_SYMBOLS
+            # in mbedToolchain.get_symbols)
+            define_string = self.make_ld_define("DOMAIN_NS", "0x1")
+            self.flags["ld"].append(define_string)
 
+        core = target.core_without_NS
         cpu = {
             "Cortex-M0+": "cortex-m0plus",
             "Cortex-M4F": "cortex-m4",
diff --git a/tools/toolchains/gcc.py b/tools/toolchains/gcc.py
@@ -59,20 +59,23 @@ def __init__(self, target,  notify=None, macros=None, build_profile=None,
             self.flags["common"].append("-DMBED_RTOS_SINGLE_THREAD")
             self.flags["ld"].append("--specs=nano.specs")
 
-        core = target.core
         self.cpu = []
-        if CORE_ARCH[target.core] == 8:
+        if target.is_TrustZone_secure_target:
+            # Enable compiler security extensions
+            self.cpu.append("-mcmse")
+            # Output secure import library
+            self.flags["ld"].extend([
+                "-Wl,--cmse-implib",
+                "-Wl,--out-implib=%s" % join(build_dir, "cmse_lib.o")
+            ])
+
+        if target.is_TrustZone_non_secure_target:
             # Add linking time preprocessor macro DOMAIN_NS
-            if target.core.endswith("-NS"):
-                self.flags["ld"].append("-DDOMAIN_NS=1")
-                core = target.core[:-3]
-            else:
-                self.cpu.append("-mcmse")
-                self.flags["ld"].extend([
-                    "-Wl,--cmse-implib",
-                    "-Wl,--out-implib=%s" % join(build_dir, "cmse_lib.o")
-                ])
+            # (DOMAIN_NS is passed to compiler and assembler via CORTEX_SYMBOLS
+            # in mbedToolchain.get_symbols)
+            self.flags["ld"].append("-DDOMAIN_NS=1")
 
+        core = target.core_without_NS
         cpu = {
             "Cortex-M0+": "cortex-m0plus",
             "Cortex-M4F": "cortex-m4",
diff --git a/tools/toolchains/iar.py b/tools/toolchains/iar.py
@@ -54,20 +54,23 @@ def __init__(self, target, notify=None, macros=None, build_profile=None,
             build_dir=build_dir,
             build_profile=build_profile
         )
-        core = target.core
-        if CORE_ARCH[target.core] == 8:
+
+        if target.is_TrustZone_secure_target:
+            # Enable compiler security extensions
+            self.flags["asm"] += ["--cmse"]
+            self.flags["common"] += ["--cmse"]
+            # Output secure import library
+            secure_file = join(build_dir, "cmse_lib.o")
+            self.flags["ld"] += ["--import_cmse_lib_out=%s" % secure_file]
+
+        if target.is_TrustZone_non_secure_target:
             # Add linking time preprocessor macro DOMAIN_NS
-            if target.core.endswith("-NS"):
-                define_string = self.make_ld_define("DOMAIN_NS", "0x1")
-                self.flags["ld"].append(define_string)
-                core = target.core[:-3]
-            else:
-                # Create Secure library
-                self.flags["asm"] += ["--cmse"]
-                self.flags["common"] += ["--cmse"]
-                secure_file = join(build_dir, "cmse_lib.o")
-                self.flags["ld"] += ["--import_cmse_lib_out=%s" % secure_file]
+            # (DOMAIN_NS is passed to compiler and assembler via CORTEX_SYMBOLS
+            # in mbedToolchain.get_symbols)
+            define_string = self.make_ld_define("DOMAIN_NS", "0x1")
+            self.flags["ld"].append(define_string)
 
+        core = target.core_without_NS
         cpu = {
             "Cortex-M7F": "Cortex-M7.fp.sp",
             "Cortex-M7FD": "Cortex-M7.fp.dp",
